Xero didn't offer a credit. They offered a form! What your vendor’s outage tells you.

A few weeks ago, Xero had a service outage. The kind of thing that, in 2026, qualifies as a real problem - small businesses across Australia, New Zealand and the UK couldn’t reliably log in, raise invoices, process bank feeds, manage payroll, or file returns. The disruption ran from Thursday May 7 through Monday May 11. Five days, in a busy tax-filing week.

Not catastrophic. Not unusual. Software services go down. Servers fail. Third-party integrations break. Anyone who’s run a business through a cloud platform knows the drill. I mean, if the bigwigs at Amazon, Google and Microsoft can have an outage every now and then, what hope have the rest of us got at a clean slate.

What’s interesting isn’t the outage. It’s what happened next.

On Monday May 11, Xero CEO Sukhinder Singh Cassidy sent a personal email to customers. Her language was genuinely strong:

“I want to reach out to you personally, and on behalf of the entire Xero leadership team, to sincerely apologise for the disruptions you have experienced on our platform over the last five days.”

She didn’t hide behind PR-speak. She used the word “unacceptable.” She acknowledged that some of the problems were Xero’s fault and some were third-party fault, then said: “Either way, for all of you that have deadlines to meet and the pressure of hitting those deadlines, where you rely on Xero to help you get your work done, this is unacceptable.”

She named the actual cost to actual customers. She acknowledged Xero had contacted the ATO and IRD on behalf of impacted businesses. She closed with: “The trust you place in Xero to run your business is something we do not take for granted.”

If you stopped reading there, you’d think this was a vendor that took the moment seriously. The apology was personal. The language was direct. The follow-through with tax agencies was practical. By the standards of corporate crisis comms in 2026, as determined by One Benjamin Lenzo, the email was a B+ at minimum.

Then they offered a credit. Oooh, that’s nice!

And the credit was opt-in. Annnd there it is…

Xero posted record revenue of $2.75B for FY26.

(As an aside, I’m reminded of Seinfeld “You can take the reservation, you just can’t hold the reservation.” They can charge for the service, but not provide the service - for 5 days! Anyhoo…)

The choice every vendor makes

When a SaaS platform causes its customers operational damage, the vendor has a choice. It’s a choice they usually don’t realise they’re making, which is part of why so many of them choose badly.

Option A: protect the process. Make customers apply for the credit. Require supporting documentation. Put it behind a “submit a request” form. The process is defensible. The lawyers are happy. The credit is technically available to anyone who asks for it. And they get to pretend they’re ‘doing the right thing.’

Option B: protect the customer. Apply the credit automatically. Tell people what you’ve done after you’ve done it. Wear the operational pain of an automated credit-back so your customers don’t have to. Take accountability for the mistake you are responsible for in the manner that puts as little obligation onto your customer as possible.

Xero chose Option A.

Affected subscription owners received an email with a link to apply for a credit. The application required supporting documentation. The promised five-hour response time elapsed for at least one Brisbane business owner without reply. Customers were, according to business owner Hilke Giles, “directed to a generic online support page that did not include a clear option to request a credit.”

Giles asked the question that sits at the heart of this whole thing:

“Why couldn’t they provide a simple solution, like crediting customers for the subscription fees during the disruptions, instead of making them jump through time-consuming hoops?”

The answer to that question is the entire story.

Why the opt-in design exists

Xero knew exactly which customers were affected. They have the access logs. They have the API call records. They know which subscriptions tried to authenticate and failed during the outage windows.

The technology to apply credits automatically existed. It’s the same billing system Xero uses to charge those customers every month. Reversing a few days of subscription fees on a known list of affected accounts is a one-line database operation. Or extending the renewal date for those accounts impacted.

They chose not to do that.

They chose, instead, a process that puts the burden on the customer. The customer has to notice the credit offer email. Open it. Click through. Find the right form. Fill it in. Provide documentation. Submit. Wait. Follow up if there’s no response.

Each of those steps loses people. Some customers don’t open the email. Some open it but don’t click. Some click but get confused. Some get confused and give up. Some submit but get no response and forget. Some get a response that asks for more documentation and stop there.

By the time you reach the end of that funnel, the number of customers receiving the credit is a small fraction of the number who were actually affected. The dollar value of credits actually paid out is a small fraction of what would have been paid out if the credits had been automatic.

That is not an accident. It’s the design.

The opt-in process is a planned move to reduce the amount Xero pays out by putting the administrative onus on the party that was not at fault. The customer didn’t cause the outage. The customer suffered the operational damage. But the customer has to do the work to claim what they’re owed.

This is what makes the design choice tell you something about the company. Not the outage itself - outages happen. Not even the apology - apologies are easy. The design of the remediation process is where the company’s actual priorities are at.

A vendor that wanted to protect the customer would have credited automatically. A vendor that wanted to protect the payout chose an opt-in for their clients to claim a credit instead.

The teaching moment

Here’s why this matters for your business, and not just Xero’s.

You’re a customer of platform vendors right now. Probably a lot of them. Accounting software, CRM, project management, email, file storage, scheduling, payroll, payment processing. Every one of them will, likely, have an outage. Or a price rise. Or a feature deprecation. Or a billing error. Or a privacy incident.

When that moment comes, you will learn something about the vendor that no product demo, no testimonial, no Gartner Magic Quadrant could ever tell you. You will learn what the vendor protects when something goes wrong.

If the vendor protects the process - if the credit requires opt-in, if the remediation is structured around their administrative convenience, if the recovery path forces you to prove you deserve what you were already owed - you have learned what they think of you.

If the vendor protects the customer - the holy grail of their business - if the credit applies automatically, if the apology names the actual cost to actual customers, if the remediation creates extra work for them rather than for you - you have also learned what they think of you.

Both are apparently legitimate ways to run a software business. They produce very different relationships with the customers who depend on them.

The trick is to find out which kind of vendor you have before you need to know.

To simplify: it’s just bad customer service. A further erosion of the business/customer relationship. A further example of an organisation taking a customer for granted.

Such a disappointment.

This Week’s One Thing

Pick the three platforms your business most depends on. The ones that, if they went down for a day, would actually disrupt your operations.

For each one, find out how they handled their last significant outage or service failure. Search their status page. Read their post-mortem. Look up the customer forum discussion. Find the LinkedIn thread.

Note what they protected. The process, or the customer.

This is information you already have access to. You just haven’t gone looking for it because the platforms are working today. The interesting time to ask the question is now, before you need the answer.

Annnd, go!

#BeAVillager\

• Ben