[miki123211]

Another side of this coin is that the expected payoff from a project depends on how many unrelated projects your organization is engaging in, which is deeply counterintuitive to most people.

Every project carries with it three possibilities: that of success, where the company makes money, that of failure, where the company does not, and that of a "critical failure", where the project goes so wrong that it results in a major lawsuit, regulatory fine or PR disaster that costs the company more than the project was ever expected to make.

If you're a startup, the worst that can happen to your company is the value going to 0. From an investor's perspective, there's not much of a difference between burning all the money ($10m) and not finding product-market-fit (normal failure), or your company getting sued for $3b and going bankrupt (critical failure). The result is the same, the investment is lost. For a large corporation, a $3b lawsuit is far more costly than sinking $10m into a failed project.

You can trade off these three possibilities against each other. Maybe forcing each release through an arduous checklist of legal review or internationalization and accessibility testing decreases success rates by 10%, but moves the "critical failure rate" from 1% to 0.5%. From a startup's perspective, this is a bad tradeoff, but if you're a barely-profitable R&D project at big co, the checklist is the right call to make.

This problem is independent from all the other causes to which bureaucracy is usually attributed, like the number of layers of management, internal culture, or "organizational scar tissue." Just from a legal and brand safety perspective, the bigger your org, the more bureaucracy makes sense, no matter how efficient you can get your org to be.

[mncharity]

"Nothing breeds conservatism like having something to conserve" was a recurring line from a founder-type, complaining individuals had become less dramatically innovative as the "startup" succeeded and prospered. Though they had colleagues who thought the line misapplied. IIRC, fuzzily.

[pfannkuchen]

This is really insightful, I hadn’t considered this dynamic before.

I wonder if a related intensifier is that as a company grows larger it tends to follow the letter of the law rather than the spirit of the law, which results in less buffer space between the behavior and the law (and hence higher lawsuit risk).

[YZF]

I like the ideas here but I think the actual chance of getting sued for $3b is so small as to be negligible in the context of costs. It's also questionable how much the additional process/overhead moves the needle on that chance. Larger companies also have various "shields" against these sorts of lawsuits. E.g. they lobby politicians, they employ lawyers, they have legal and IP protection.

Just like anything else in life you want to look at the present value and then get insurance for huge risks.

That said agree that a startup can take more risk but I don't think that is the major factor explaining why larger companies tend to be process heavy and slower.

[miki123211]

This explanation wasn't just about lawsuits.

Other things in a similar category are:

- negative media attention (media scrutiny increases proportionally to organization size)

- doing something that upsets an influential group and may have consequences for the rest of your business (think how big the outrage would have been if Apple, Google or Microsoft tried making an "Uber" app before Uber existed)

- bringing down the service which is being worked on, potentially breaking SLAs

- failing to meet customer / legal commitments, particularly in regards to internationalization, accessibility etc.

- security incidents, which are presumably a bigger deal, as your project is connected to the rest of your infrastructure

- getting cancelled online, which causes employees (unrelated to the project) to quit

- natural, random and serious consequences that result from the fact that your project needs the company to hire additional employees. E.g. there's a certain number of people willing to commit sexual assault or financial fraud in the population, and the more people you hire, the more likely it is that you get one of them.

[YZF]

I work for "big tech" and have worked for others. Other than some CYA training there really isn't a lot of cross talk between engineering productivity and this sort of risk aversion.

Process, complexity, inefficiency is just something that happens for big companies and big software. Things slow down and then there's a negative feedback loop and things just go down hill. Innovators dilemma sort of stuff.

[pfannkuchen]

Getting sued for $3B maybe, but what about getting fined $3B? Such as by the EU.

[kridsdale3]

This is an excellent explanation of the culture of BigTech.