Skip to main content
CFCX Work
← Back to Insights

Your System Isn't Broken. It Was Built That Way

Your System Isn't Broken. It Was Built That Way

The question is why so many teams end up saying, “the system can’t do that,” when the software clearly has the capability. What’s at stake isn’t just whether a platform feature exists. It’s whether the organization can still see, understand, and safely change the decisions that shaped the process.

From first principles, an operating system (people, tools, handoffs, controls) is the accumulation of choices. Most choices are reasonable in the moment: a partner can’t accept your standard file, an integration is delayed, a compliance deadline arrives before the training does. The workaround is a rational detour.

The failure comes later. The detour doesn’t disappear. It becomes infrastructure. The original constraint fades, but the exception remains. The “can’t” is usually a forgotten “didn’t,” and it turns into operational debt that constrains every future improvement.

Operational debt is different from technical debt

Technical debt is often visible in code repositories, backlogs, and system performance. Operational debt is quieter. It lives in checklists, saved searches, spreadsheet bridges, and “someone on the team knows how.” It shows up as fragility: if one person is out, month-end slips; if one vendor changes a template, revenue ops scrambles.

In NetSuite and similar ERPs, operational debt often takes a familiar form:

  • A custom saved search created because a stakeholder couldn’t use a native report.
  • A manual approval step inserted because role permissions weren’t designed yet.
  • A CSV import “process” that exists because an integration wasn’t ready.
  • A parallel spreadsheet ledger because one field mapping was unclear during go-live.

None of these are inherently wrong. They’re wrong when they become permanent by default.

How forgotten compromises fossilize in ERP workflows

Workarounds persist for two predictable reasons: they work “well enough,” and nobody is explicitly accountable for removing them. Over time, three things happen.

1) The context disappears

The team that made the decision moves on. The audit is over. The partner upgrades. But the saved search is still bookmarked, and the SOP still references it. The next operator learns the steps without learning the reason.

2) The exception becomes a dependency

Other steps start relying on the workaround. A downstream spreadsheet expects a column order from the custom search. A script reads a memo field that was only meant as a temporary surrogate. Removing the exception now feels risky.

3) The system becomes illegible

You can’t tell which parts are deliberate design and which parts are historical accidents. That makes improvement expensive, because every change requires archaeology. Teams avoid change, and the system ossifies.

The method: pair every workaround with a deprecation trigger

Therefore, every manual override must be paired with its own expiration date. Not necessarily a calendar date, but a condition that tells you when to revisit and remove the exception. The goal is to convert “tribal memory” into an explicit operational control.

A deprecation trigger has three elements:

  • Reason: the constraint the workaround is compensating for.
  • Owner: who is responsible for reviewing it.
  • Trigger: the event that forces review (vendor change, release, audit rotation, training completion, integration go-live).

This is not extra documentation for its own sake. It’s a way to keep the system legible over time, so the organization can confidently retire exceptions instead of accumulating them.

Where to embed the history so it survives handoffs

The common mistake is putting the rationale in a project plan or an implementation Slack thread. Those are not operational surfaces. The information needs to live where operators and maintainers will actually encounter it.

In NetSuite artifacts

  • Saved searches: include the rationale and trigger in the description (and, if helpful, a prefix like “TEMP –”).
  • Custom fields: document why the field exists, and what should replace it.
  • Scripts/workflows: include a header comment with the business reason and retirement condition.
  • Roles/permissions: note when a broad permission is a temporary measure and what control replaces it.

In operating instructions

  • SOPs: every workaround step should include a “Why this exists” line and a “Review when” line.
  • Runbooks: month-end and audit runbooks should flag temporary steps and point to the owner.

The principle is simple: if someone can execute the workaround, they should also be able to see that it is a workaround.

Example: a custom report built for an auditor

Imagine an external auditor can’t process the system’s native XML export. The team builds a custom saved search to provide the necessary data in a different format. This is a reasonable decision under time pressure, but it becomes a trap if it’s treated as permanent.

A managed exception would look like this:

  • Saved search description: “TEMP: Created because auditor cannot process native XML export. Owner: Controller Ops. Review upon auditor change or when auditor supports XML export.”
  • SOP step: “Use ‘TEMP – Audit Export Search’ only for current auditor package. Review trigger: auditor rotation or upgrade.”
  • Review mechanism: a quarterly controls meeting includes a standing agenda item: “Workarounds due for review.”

Now, the next person doesn’t just inherit a strange report. They inherit the intent, the constraint, and a clear path to retirement.

Make deprecation a routine, not a heroic cleanup

The work is not in writing better notes. It’s in treating exceptions like inventory: count them, label them, and remove them on schedule. In practice, teams can do this with lightweight governance.

A simple operational pattern

  • Create a workaround register: a short list of temporary exceptions with owner and trigger.
  • Schedule review: monthly or quarterly, depending on change volume.
  • Require a trigger for approval: if someone proposes a manual step, it must include the retirement condition.

This avoids the common cycle where a “cleanup project” is launched every 18 months, morale drops, and only half the exceptions are removed before the next emergency arrives.

What executives should listen for

When leaders hear “the system can’t,” it’s tempting to interpret it as a software limitation and approve new tools. Often the better question is: what constraint are we still honoring that no longer exists?

Two practical indicators that operational debt is high:

  • Process knowledge is concentrated: a few people act as translators between the ERP and the business.
  • Change feels unsafe: teams avoid improving workflows because they can’t predict downstream impact.

In both cases, embedding intent and deprecation triggers reduces risk more effectively than adding another system.

Ultimately, your systems are a reflection of your decisions, especially the ones you forgot you made. What this means is that the path to a more resilient ERP environment is not perfection at go-live; it’s continuous refinement with explicit retirement of exceptions. The takeaway is straightforward: if a workaround is necessary today, make its end condition part of the work itself, so tomorrow doesn’t inherit a mystery.