South Korea has(or had, they may have changed it in the last few months) a law that enforces the usage of ActiveX for everything which needs security (e. g. online banking, online shopping)
It made some sense at the time the law was conceived. SSL was crippled to uselessness by US export restrictions. IE 6 had a monopoly. So they built their own much more secure encryption (using ActiveX to plug into IE) and mandated its use for everything that matters.
The incompetence was in mandating a certain implementation instead of writing a technology-neutral law requiring a certain security level.