Has that ever happened? It's incredibly hard to prosecute directors in the UK for obvious malfeasance. I have never heard of a software engineer being sanctioned for crap code.

for engineers[1] it is relatively new, having only been introduced in the last couple of years

[1]: technically those performing a Certified Function

unless the engineer was provably malicious wouldn't it be responsibility of the product owner? Ownership usually entails accountability, they could order proper QA?

It would be nearly impossible to prosecute for just bad code. It would require more and is limited very small scope of people.

>is there no individual accountability regime in the US?

Here in the US, programmers like to call themselves Engineers, forcing everyone else to use the term "Professional Engineer" or "Licensed Engineer" or some other modifier before their title. I hate it, I wish they would stop, but it's not going to happen.

Software here is a wild, wild, West. The motto most live by is "move fast and break things"... even when those things are people's lives.

There’s a few more professionals that are called engineers.

Railroad locomotive operators, ship engine operators.

The name precedes the creation of licensed tertiary education level engineers.

A lot of people seems to ignore the fact that licensed professions that require an accredited diploma in a tertiary level education program is a relatively recent feature of our societies.

The original meaning of engineer was an idle British aristocrat who liked to tinker with things that went whiz and bang in the garden shed. Just a guy who really liked to mess around with engines.

The PE thing is more than 100 years old in the US. By 1947 every state had a PE licensure program. It has nothing to do with programmers.

In fact it was lobbied in order to disinclude software engineering from it's purview in most states.

I leave you with the 2008 financial crisis as exhibit A on exactly how nobody gets in trouble for lack of financial accountability

Not entirely accurate. Exactly one bank (a small Asian American community bank, the 2651st largest in the U.S.) was prosecuted after the subprime mortgage crisis.

https://en.wikipedia.org/wiki/Abacus:_Small_Enough_to_Jail

The secret is to have everyone in on it. Everyone is guilty but nobody is quite culpable enough to punish.

The low level guys were just doing their jobs, and each individual transaction was mostly legal. A few weren't but it's hard to sort out which ones. Maybe the management should be responsible for ensuring that nobody ever did anything illegal, but they can't really supervise everything all the time, can they?

Poof. Guilt is just a rounding error that all rounds down to zero. The government passes some new regulations to prevent that particular scenario from happening again, and the same people set about finding a new scam.

This kind of still works for things that aren't real like money or law because they are societal constructs, but for the cases involving the real world, there's no escape from consequences (only dumping them onto someone else to deal with).

It's also the thing for bigTech to do as well. They break all of the societal norms to make the world they want, then "work" with regulators to make it okay for them to exist yet make it extremely difficult for anyone to follow as they will have to deal with the regulations.

Once you get to the top, the act of pulling up the ladders behind you is "just" self preservation.

they thought about this

there's a separate certification function for managing certification function employees, and they're jointly liable for anything they do

Not for software that I'm aware of.

For certain regulated professions there is, if a building falls down due to a bad design the professional engineer (PE) that signed and sealed the plans can be held personally liable.

I don't see how a rank and file programmer would ever be personally responsible for their code. You can blame management for forcing untested or known flawed logic, but not some shmoe that pushes an "off by 1" bug while working weekends and late nights with no testing and hard deadlines.

Programmers should ensure they understand the requirements of what they are being asked to build, and not just blindly build things. If I was asked to build an accounting system, I would insist on speaking with an accountant to understand the requirements. If I was asked to work on a medical imagining system, I would want to be working with a qualified radiologist and probably a PhD holder in a relevant field too.

Overconfidence can quite literally be fatal.

Pushing a bug, yeah that happens.

Deliberately implementing a financial system that ignores established (and probably legally required) accounting practices? That's kind of like a structural engineer willfully disregarding the building code because that's what management asked for.

Can you please provide a reference to the regulators coming after an engineer in the UK.

Also you say regulations in the UK have been changed recently.

I'm not aware of regulations that apply to software engineers.

Depends if the particular activity is regulated or not.

a stock trading platform, as described in the article?

In North America, “engineer” doesn’t necessarily mean a software engineer with a professional certification. Software developers have taken to calling themselves engineers. Whether engineering professional bodies should start going after people for this or not is a different topic.

But it’s entirely possible for someone who calls themselves an engineer to not actually be a certified engineer. So the activity wouldn’t be regulated because the person isn’t part of a professional body that regulates members.

In that case, lack of competence would be a civil issue unless it resulted in something criminal.

There isn't even a way to get certified as a professional engineer for software in the US.

There was but no one did it, so they stopped: https://ncees.org/ncees-discontinuing-pe-software-engineerin...

It is still possible in the UK and I assume EU (chartered engineer and the EU-alternative).

So the reason it isn’t a PE-discipline is uptake, not the work itself.

it's what you're doing (your "function") that's regulated

not your job title, or piece of paper that you have that says you're X, Y or Z

"Professional Engineer" is a protected title that requires licensing to be used for a discipline. That licensing process does not exist for software in the US right now.

Could well be the entity actually selling the services.

Are you a professionally qualified engineer?