Faulty Hardware & System Failure – Who Is Liable? (UK Guide)

Introduction

When a server dies, a payment terminal crashes, or a security system fails at the worst possible time, the first question is often the same: who is liable? In the UK, the answer depends on what failed, why it failed, what was promised in writing, and what losses followed. Liability can sit with a manufacturer, supplier, installer, IT provider, maintenance contractor, or even the business using the equipment.

This guide explains the main liability routes in plain English, the evidence that matters, and how to protect your business before and after a failure.

What counts as “faulty hardware” or “system failure”?

Hardware failures range from obvious defects (a component that burns out early) to intermittent issues (random reboots, corrupted storage, overheating) that only show up under load. “System failure” is broader and can include:

• Hardware breakdown (servers, routers, firewalls, CCTV, access control, EPOS, industrial machinery controls)
• Firmware/driver issues that make hardware unstable
• Misconfiguration during install or upgrade
• Power, cooling, or environmental problems
• Network failures and dependency failures (ISP outage, DNS issues, cloud platform downtime)

Because multiple factors can combine, disputes often turn on causation: what actually caused the failure, and whether it was foreseeable.

The main parties who could be liable

Liability often sits with one or more of the following:

• Manufacturer (made the product)
• Retailer/reseller (sold it to you)
• Distributor/wholesaler (supplied the reseller)
• Installer/contractor (installed, integrated, or commissioned it)
• Managed service provider (MSP)/IT support (maintained, monitored, patched)
• Maintenance contractor (serviced it under a maintenance agreement)
• Your own business (if you misused, modified, or failed to maintain)

The key is the contract chain. You usually have a direct contract with the seller and/or service provider, not the manufacturer.

Contract law: the first place liability is decided

1) What did the contract say would be delivered?

Most commercial disputes come down to:

• Scope of supply (exact model/spec, compatibility)
• Performance promises (uptime, throughput, response times)
• Service levels (SLA, support hours, time to fix)
• Acceptance testing (how you confirm it works)
• Warranties (what is covered, for how long)
• Exclusions (what is not covered)
• Liability caps (limits on damages)

If a supplier promised a “fit for purpose” solution, that can be powerful. If the contract only promised “best efforts” support, liability may be narrower.

2) Was there a breach of contract?

Common breach scenarios include:

• Supplying equipment that doesn’t meet the agreed specification
• Installing incorrectly (poor cabling, wrong configuration, inadequate cooling)
• Failing to follow manufacturer guidance or industry standards
• Missing patching/maintenance obligations
• Failing to warn you about known risks (end-of-life kit, unsupported firmware)

3) Liability caps and “consequential loss” clauses

Many B2B contracts limit liability to a fixed amount (often fees paid in the last 12 months) and exclude “indirect or consequential losses”. That matters because the biggest losses from system failure are often:

• Lost revenue and lost profit
• Business interruption and downtime costs
• Reputational damage
• Data recovery and incident response

Even if you can prove fault, you may only recover up to the cap. That’s why negotiating liability terms and having the right insurance is so important.

Product liability and negligence: when it’s not just about the contract

Product liability (defective products)

If a product is defective and causes damage, liability may arise under product liability principles. In practice, businesses often pursue the seller first (because that’s who they contracted with), but manufacturer liability can come into play, especially where a defect causes physical damage or injury.

Negligence (duty of care)

Negligence claims can arise where a party owed a duty of care and fell below a reasonable standard, causing loss. In IT and engineering contexts, negligence arguments often focus on:

• Poor workmanship during installation
• Failure to follow professional standards
• Failure to warn about foreseeable risks

However, pure financial loss can be harder to recover in negligence than contract, and the contract terms may still shape what’s realistic.

Consumer vs business: why B2B rules are different

This article is aimed at businesses. Consumer protections are stronger and more prescriptive. In B2B, you have more freedom to agree terms—and suppliers often use that freedom to limit liability.

If you are a sole trader or microbusiness, you may still be treated as a business customer in many contracts, so don’t assume consumer-style protections apply.

Common scenarios: who is usually liable?

Scenario A: A brand-new server fails within weeks

• Likely route: warranty/contract claim against the seller
• Also possible: manufacturer warranty claim (depending on terms)
• Key evidence: purchase order, warranty terms, error logs, RMA reports

Scenario B: Hardware is fine, but the system was installed wrong

• Likely liable: installer/contractor or MSP (breach of contract and/or negligence)
• Key evidence: statement of work, commissioning checklist, change records, photos, test results

Scenario C: Failure caused by overheating or power issues

• Possible liable parties: facilities contractor, installer (if they specified cooling/power), your business (if you ignored requirements)
• Key evidence: environmental logs, UPS records, site survey, manufacturer requirements

Scenario D: Firmware update bricks devices

• Possible liable parties: MSP (if they applied it without testing), manufacturer (if update was defective), or shared liability
• Key evidence: patch notes, change approvals, rollback plan, lab testing records

Scenario E: Cloud-linked system fails due to third-party outage

• Likely route: check cloud provider terms and SLA credits
• Reality: many cloud contracts limit remedies to service credits
• Key evidence: provider status pages, incident reports, SLA terms

What losses can you claim for after a system failure?

In principle, you may seek:

• Cost of repair or replacement
• Cost of emergency support and remediation
• Cost of data recovery (where applicable)
• Wasted spend (e.g., unusable kit)
• Business interruption losses (subject to contract terms)

In practice, recovery depends on:

• Whether the losses were foreseeable
• Whether the contract excludes certain heads of loss
• Whether you mitigated your losses (acted reasonably to reduce impact)
• Whether you can evidence the losses with records

Evidence checklist: what to gather immediately

If you suspect you may need to claim (or defend a claim), start collecting evidence early:

• Contracts: MSA, SOW, purchase orders, SLAs, warranty terms
• Change history: tickets, approvals, deployment notes
• Logs: system logs, monitoring alerts, firewall logs, event viewer, syslog
• Photos: cabling, rack layout, environmental conditions
• Third-party reports: RMA findings, engineer reports, incident reports
• Timeline: when symptoms started, who was notified, what actions were taken
• Loss records: downtime duration, lost orders, overtime costs, invoices

Good evidence reduces arguments about what happened and speeds up resolution.

How insurance fits in (and where it doesn’t)

Even with a strong claim, legal recovery can be slow. Insurance can keep you trading.

Business interruption (BI)

BI can help cover lost gross profit and increased cost of working after an insured event. The key question is whether the trigger is covered (for example, property damage vs non-damage denial of access vs cyber-related interruption). Many BI policies are tied to physical damage, so check wording carefully.

Cyber insurance

Cyber policies may respond where system failure is linked to a cyber event (ransomware, malicious access, data breach) and can cover incident response, forensic work, notification costs, and business interruption.

Professional indemnity (PI)

PI is relevant for IT consultants, MSPs, installers, and engineers. If a client alleges your advice, design, or services caused a failure and financial loss, PI may respond (subject to terms, exclusions, and notification requirements).

Public liability and product liability

If faulty hardware causes injury or property damage to third parties, public/product liability may be relevant.

Engineering and equipment breakdown

Some businesses buy equipment breakdown cover for critical machinery and plant. This can help with sudden and unforeseen breakdowns, but again the wording matters.

Practical steps to reduce liability disputes

Before you buy or sign

• Specify requirements in writing (capacity, uptime, compatibility)
• Ask for acceptance testing and commissioning criteria
• Negotiate realistic liability caps for critical systems
• Clarify who is responsible for backups, patching, monitoring, and security
• Ensure warranties and support terms match your operating hours

During installation and change work

• Use change control (even a simple approval email)
• Keep configuration baselines and backups
• Document handover: admin access, diagrams, credentials management
• Run load tests and failover tests where appropriate

After a failure

• Stabilise first, then investigate (avoid destroying evidence)
• Notify suppliers promptly and follow contract notice rules
• Keep a clear incident timeline
• Mitigate losses (temporary workarounds, alternative suppliers)

When to get legal or technical help

If the failure is high impact, involve specialist support early:

• A technical expert can help identify root cause and preserve evidence
• A solicitor can advise on contract notices, liability limits, and recovery strategy

Delays can weaken your position—especially if the contract has strict notification windows.

Quick FAQs

Who is liable if a part fails under warranty?

Usually the seller or manufacturer (depending on warranty terms). In B2B, the contract will set the process and remedies.

Can I claim for lost profit due to downtime?

Sometimes, but many contracts exclude indirect losses or cap damages. Insurance may be a faster route.

What if multiple suppliers were involved?

Shared responsibility is common. Your claim may focus on the party you contracted with, who may then pursue others in the supply chain.

Does “act of God” cover hardware failure?

Not usually. Force majeure clauses tend to cover events outside control (flood, fire, major outages). Hardware defects and poor workmanship are different.

Conclusion and next steps

Liability for faulty hardware and system failure is rarely a simple yes/no answer. In the UK, it usually comes down to the contract terms, evidence of what caused the failure, and the type of loss that followed. The best protection is a mix of clear contracts, good documentation, sensible testing, and insurance that matches how your business actually operates.

If you rely on critical systems, it’s worth reviewing your supplier contracts and insurance now—before the next outage forces a rushed decision.

Call to action

If you want to reduce downtime risk and protect your business from expensive disputes, speak to a specialist about the right mix of cover—especially cyber insurance, business interruption options, and professional indemnity where you provide IT services.