Mostly cases where businesses rely on individuals instead of process.
As a simple example, it's very easy, when starting a company, to issue personalized email addresses to early employees and then people communicate using those email addresses. It's perfectly fine to email the CTO at first-name@example.com, because everyone knows everyone else and it works.
As you grow large, it becomes important for people to address roles rather than individuals. This way, if people leave their role, they can (semi-transparently) be replaced by someone else taking that role who will then continue to receive all of the same emails, be able to respond to them, etc. So then it becomes important to have e.g. a cto@example.com address. When the CTO takes a vacation, their email gets routed to someone taking over their duties, you don't need to communicate to everyone to start emailing somebody-else@example.com instead.
This isn't how any of my workplaces have worked. When someone leaves, they or their boss sends an email announcing the role changes. Which companies practice the role@ method?
As JulianMorrison notes, this is common in finance. The FDIC strongly recommends that banks enforce this[1] – you can't cook the books when you have no access to the systems.
But sometimes it's not just about cooking the books: the last "SSL cert expiration" fire I lived through happened because the person who had credentials to Digicert had to take sick leave. It was never a documented/defined process because "just flip Tim an email" was always sufficient, Tim didn't mind doing the work, and Tim didn't like going on vacation.
Two week lockouts mean there's no chance of shadow IT/back channel work happening, and forces you to document your processes.
IIRC, over here, banks are required to give employees at least one two-week contiguous block of leave, during which they can't get into the office, use work systems, or log in remotely. The idea being that oh-so-clever scams generally require the operator to be there keeping all the balls in the air, and locking them out will reveal their tricks.
As a simple example, it's very easy, when starting a company, to issue personalized email addresses to early employees and then people communicate using those email addresses. It's perfectly fine to email the CTO at first-name@example.com, because everyone knows everyone else and it works.
As you grow large, it becomes important for people to address roles rather than individuals. This way, if people leave their role, they can (semi-transparently) be replaced by someone else taking that role who will then continue to receive all of the same emails, be able to respond to them, etc. So then it becomes important to have e.g. a cto@example.com address. When the CTO takes a vacation, their email gets routed to someone taking over their duties, you don't need to communicate to everyone to start emailing somebody-else@example.com instead.