You're six months into your design system rollout. Things are going okay — components are documented, tokens are being used, teams seem happy. Then the first exception request lands. A product manager needs a variant that doesn't exist. A developer argues for a different spacing scale. A designer wants a custom color for a campaign. You approve it — just this once. Then another. And another. Pretty soon, your governance process is less about enforcing standards and more about processing exceptions. The system that was supposed to bring consistency is now a collection of special cases.
This isn't unusual. It happens to almost every design system at some point. The question is: how do you reset before the exceptions become the new normal?
Where the Exception Spiral Starts
The pressure to deliver fast vs. the need for consistency
It starts with a simple story. Your team ships a button component that works—mostly. The label is 14px, but the design spec says 16px. No one flags it because the sprint deadline is tomorrow and the demo is in the morning. You merge. The button looks fine. That’s the shot. The chase follows three weeks later when another team copies that 14px button, builds a whole form around it, and now your design system contains two buttons that look nearly identical but behave differently. Quick reality check—nobody planned that divergence. It just happened because velocity beat consistency in a single decision. The catch is that one exception never stays alone. It breeds.
How early wins hide accumulating exceptions
Every team I have watched fall into this spiral started with good intentions. They made one pragmatic shortcut—maybe a custom variant for a critical product launch—and celebrated the speed. The exception felt like a smart trade-off. And it was, for that one week. But the real cost shows up later, when the same exception pattern repeats across four teams, each one justifying their deviation with the exact same argument: “We needed to ship fast.” Wrong order. You needed a governance model that accounted for speed from day one. Most teams skip that step. They design governance as a gate, not a guide. Gates get rammed. Guides get followed.
“An exception is just a rule you didn’t have time to argue against—until it becomes someone else’s default.”
— Staff engineer, fintech product team
The role of team autonomy in governance drift
Autonomy and consistency are not enemies. They're roommates who never cleaned the kitchen. Product teams want freedom to move fast; platform teams want a single source of truth. That tension is normal. The problem appears when autonomy becomes a blank check. I have seen a team build a completely separate design token layer because they “disliked the naming convention” of the central system. That sounds fine until you realize that token layer now requires a dedicated maintenance person. A small team. A big cost. The exception spiral accelerates every time a team chooses isolation over alignment—not because they're lazy, but because the governance process was too slow or too rigid to absorb their real need. So they fork. And forks are expensive to merge back.
What usually breaks first is the review workflow. Teams start skipping the design review because it takes three days to get a response. Then they skip the accessibility check because “we’ll fix it in the next sprint.” That next sprint never comes. The pattern snowballs: one missing review feels harmless, ten missing reviews create a system where nobody trusts the components anymore. That hurts. You end up with a design system that everyone cites but nobody actually uses. The governance becomes a museum of rules—well documented, perfectly organized, completely ignored.
One rhetorical question worth sitting with: if your governance model requires a lawyer to interpret, have you built a system for compliance or for shipping? The answer determines whether you're managing exceptions or creating them.
What People Get Wrong About Governance
Governance is not just about saying no
Most teams treat governance like airport security — a checklist of banned items. They write rules to block rogue colors, non-compliant spacing, or custom buttons. And then they wonder why exceptions explode. The catch is that governance built on refusal creates a vacuum: when you only say no, you never build an escape hatch that actually works. Designers find a way around the barrier — they hardcode a one-off variant, fork the component, or quietly slip something into production after hours. I have watched teams spend six weeks perfecting a "no custom CSS" policy, only to discover seventeen inline styles in a single pull request. That hurts. Governance isn't a wall; it's a decision-making framework. If your process lacks clear off-ramps — situations where an exception is legitimate — then every deviation becomes a fight, and fights exhaust people faster than bad design ever does.
The myth of universal components
A component that works for every team in every context doesn't exist. Not yet. Not ever. Yet governance documents often start with the assumption that one button, one card layout, one modal pattern can serve marketing, checkout, dashboards, and admin panels equally. Wrong order. The moment you mandate a "universal" solution, you force product teams to stretch it until it breaks — or to request exceptions for the inevitable gaps. What usually breaks first is the data table. I have seen a single universal table component spawn fourteen exceptions because nobody accounted for inline editing, multi-select, or nested drill-downs. The fix is not to build a bigger table; the fix is to acknowledge tiered governance: core components that tolerate zero drift, and extended components that leave room for team-specific wrapping. That flexibility doesn't always mean better outcomes — it means fewer hidden workarounds.
'We banned custom dropdowns. Three months later, we found five hidden dropdowns in a legacy micro-frontend. Nobody had asked for an exception — they just didn't trust the process.'
— Design operations lead, B2B SaaS platform
Why flexibility doesn't always mean better outcomes
There is a seductive idea floating through design systems: let teams choose what they need, and governance becomes frictionless. Sounds good on a slide deck. Real life is messier. Unstructured flexibility turns a design system into a buffet — teams grab the components that look close enough, adapt the rest, and call it compliant. The result? Visual seams everywhere. One team uses the primary button for destructive actions because it "felt right." Another swaps the font-size token on a card because the PM wanted more text above the fold. Each decision makes sense in isolation. Together they produce an interface that feels like three different products glued together. The trade-off is plain: radical flexibility trades consistency for speed in the short term, and you pay for that speed later with exception creep. A better approach — and one I have seen succeed — is bounded flexibility: give teams two or three approved variations for each pattern, not an infinite matrix. Fewer choices, fewer exceptions, fewer late-night fixes.
Flag this for design: shortcuts cost a day.
Patterns That Actually Reduce Exceptions
Principle-based governance over rule-based
Rules feel safe. You write ‘Button must use 8px padding’ and assume the problem is solved. That works until a product manager shows up with a legal requirement that needs 10px—and now you either deny the request or write an exception. One exception becomes ten. I have seen teams build exception logs that are longer than the original rulebook. Swap the approach: publish principles instead. ‘Buttons should feel spacious and meet accessibility contrast’ allows the same team to adjust padding without breaking trust. The catch—principles demand judgment. Not every designer is comfortable making that call alone. You need a lightweight decision tree, not a courtroom.
Wrong order kills this pattern. Teams often write principles after the rules fail. By then, exceptions have already hardened into local standards. Start with three to five principles, test them against a real pull request, and cross out any rule that contradicts them. That hurts—letting go of control feels like losing safety. But the trade-off is real: fewer escalations, faster shipping, and designers who actually remember the guideline.
“Principles let you say yes to the right kind of difference. Rules only know how to say no.”
— UX director, fintech platform with 200+ designers
Involving teams early in component decisions
Most exceptions happen because a team discovers a component’s limitation mid-sprint. The deadline is Friday, the design system team is in another time zone—so they fork it. That fork becomes a permanent island. We fixed this by rotating one system designer into product planning meetings. Not to gatekeep—to hear the edge case before it becomes an emergency. One conversation avoided three exceptions in a single quarter. The pattern is boring but true: earlier involvement, fewer patches.
What usually breaks first is the invite list. System teams invite front-end engineers but skip content designers or accessibility specialists. Then the component ships, a writer realizes the label truncates awkwardly in German, and—another exception. Invite three roles minimum: designer, engineer, and a rotating stakeholder from the requesting team. That sounds like overhead. It pays off the first time someone says ‘we can adjust the prop contract now, before the API locks.’ No forks. No legacy exceptions.
Building a clear exception review process
Exceptions are not the enemy—ad hoc exceptions are. When every team can approve its own divergence, the system fractures. A clear review process doesn't mean a committee. It means a single reviewer who asks three questions: Is this exception time-boxed? Does it expose an API gap we should fix? Can we merge back after the deadline? That's it. One person, three filters, two-day turnaround. Teams that adopt this cut exception volume by roughly half inside six months.
The pitfall: making the process too heavy. I have seen review boards with five approvers and a weekly meeting. That just drives teams to hide exceptions. Keep the bar low to enter review, high to stay. If an exception survives three months without a merge-back plan, force a sunset. You will get pushback—usually from the team that treats the exception as a permanent crutch. Stay firm: a time-box that keeps slipping is not governance, it's avoidance.
Anti-Patterns and Why Teams Revert
Over-engineering the governance process
I watched a team build a 47-page governance document once. Every component had a flowchart. Every exception required approval from three roles. The system collapsed in six weeks—not because the rules were wrong, but because nobody could move without a spreadsheet. That sounds noble until you realize designers started making ad-hoc components in Figma drafts, bypassing the system entirely. The process became the enemy of the product.
The trap is seductive: more rules feel safer. But governance isn't a fortress—it's a filter. When every color tweak requires a committee vote, teams learn to lie. They label exceptions as "exploratory work." They duplicate components in private libraries. The governance machine hums along, empty, while real decisions happen in the dark. The anti-pattern is control without throughput. You don't need a review board for a button radius change—you need a clear boundary and a two-hour window.
Ignoring context and forcing uniformity
The second anti-pattern is easier to spot but harder to kill: treating every team's work as interchangeable. Marketing needs a landing page that screams; the dashboard team needs quiet consistency. When governance flattens those differences into one rigid palette, exceptions multiply like weeds. Why? Because reality is messy—and a system that pretends otherwise forces people to break it. Quick reality check—forcing a checkout flow and a promotional splash page through identical component rules creates more friction than it removes. The pattern that works? Let teams define a "permitted drift" zone. Let marketing override spacing if they can prove conversion impact. Otherwise, you're governing a fiction.
The irony hits when teams revert to old habits. I have seen a team abandon a year-long governance rebuild in three days—they copied a legacy template from a forgotten repo and never looked back. The root cause? The new system demanded a single header component for both a crisis alert banner and a seasonal sale. The sales team needed urgency; the alert needed sobriety. Forced uniformity broke trust. That trust—once gone—pulls people back to the safety of "whatever worked before."
Treating exceptions as failures instead of signals
Here is where most governance models choke: they see an exception request as a bug. A designer asks for a one-off modal layout—red flag, right? Wrong. That request might reveal your modal system only handles text, not interactive forms. The anti-pattern is closing the exception gate instead of studying what passes through it. "The first ten exceptions are noise. The next ten are a pattern wearing a disguise."
Reality check: name the tools owner or stop.
— design systems lead, internal retrospective
I have seen a team catalog every exception for six months. They found that 70% stemmed from a single data table component that couldn't resize columns. The fix? Two lines of CSS and a new prop. That's not a governance failure—it's a design signal. When you punish exception requests, you silence the feedback loop that actually improves the system. The cost is subtle: teams stop asking. They forge their own paths. The governance model becomes a museum of rules nobody follows.
The shift is simple but rare: treat exceptions as data. How many came in? From which team? For which component? If you see a spike for the same component four weeks in a row, stop reviewing. Fix the component. The governance process should shrink, not grow, as it matures. If your exception log expands faster than your component library, you're not governing—you're gatekeeping. And gatekeeping never scaled.
The Long-Term Cost of Exception Creep
Technical Debt from One-Off Components
Every exception you approve is a bet you will never need another one like it. That bet rarely pays off. I have watched teams approve a single custom modal for one campaign — a harmless deviation, they thought — and within six months that team had seven more bespoke modals, each with slightly different padding, animation timing, and close-button behavior. The original component library now coexists with eight variants, none of which share code. The maintenance burden doubles every quarter. What breaks first? Accessibility audits, because nobody remembered to patch all eight when the screen-reader spec changed. Then performance budgets blow up — each custom modal loads its own CSS footprint. That sounds like a marginal cost until you multiply it across twenty teams. One fintech team I worked with spent forty percent of their sprint fixing bugs in one-off components that directly contradicted the system they were supposed to be using. That's not governance; that's arson disguised as pragmatism.
Loss of Trust in the Design System
The real killer is invisible. When exceptions pile up, designers stop checking the component library first. Why bother, when the last three searches returned nothing useful? They build from scratch, file the new work as an exception, and the cycle tightens. Trust erodes fastest in the middle — among senior contributors who remember when the system actually worked. They start whispering: Just do your own thing; the governance board will approve it anyway. That's the moment the design system stops being a source of truth and becomes a suggestion box. I have seen this pattern kill two internal design systems within eighteen months. Not because the code was bad — the code was fine — but because nobody believed the rules applied to them anymore. The governance model collapses not from rebellion but from quiet indifference.
The catch is that distrust compounds silently. You don't see the problem in a dashboard; you see it when a new designer asks why there are three different button styles for the same action and nobody can agree which one is canonical. That ambiguity costs ten minutes of explanation per onboarding session. Across fifty hires a year, that's eight hours of lost productivity on button styles alone. The numbers are small until you add them up.
'Exception creep doesn't announce itself. It just waits until your system is heavy enough to sink itself.'
— senior design operations lead, after their third governance reset in two years
Increased Onboarding Time for New Team Members
New hires suffer worst. They inherit a landscape where the official design kit contains sixty components but the real codebase uses over two hundred patterns — most undocumented, many abandoned mid-migration. Onboarding slides say use the system, but the senior developer whispers use the legacy widget because the new one has a known bug. Which one do you trust? A recent hire spends the first month learning which exceptions are safe to use and which are landmines. That's not onboarding; that's archeology. The average ramp time for a mid-level product designer in an organization with unchecked exception creep is three weeks longer than in a tightly governed one. Over a fifteen-person design team, that delay costs roughly one full-time salary in lost capacity per quarter. The trade-off is brutal: approving an exception saves one hour today but costs three days six months later when someone has to untangle the inconsistency. Most teams skip this math. They should not.
What usually breaks first is the component documentation itself. Teams stop updating it because nobody trusts it — and then nobody uses it, so nobody bothers to fix it. The doc becomes a monument to what could have been. Resetting means accepting that the current state is not fixable with one more meeting or one more rule. It means deleting the exceptions that have no future and admitting which custom components should have been built into the system from the start. That's hard. It's also the only way the trust comes back.
When You Should NOT Tighten Governance
When speed is the only thing that matters
Early-stage products burn through UI decisions like a wildfire. The catch? Governance any tighter than a single style token file becomes dead weight. I have watched teams spend three weeks debating button-radius rules while their competitor shipped two features. That hurts. If your entire design team fits in one room—and I mean literally one room—you don't need approval workflows. You need momentum. The trick is to document exceptions as you make them, not to block them. A shared doc titled 'known deviations' beats a locked Figma library every time when you're still hunting product-market fit.
Before the system has legs
A design system with fewer than twenty components lacks what I call 'pattern gravity'—the magnetic pull that makes teams want to conform. Enforcing rules on a system nobody trusts yet? Wrong order. Most teams skip this: they write governance docs first, then wonder why nobody reads them. The better bet is to let exceptions happen, but tag every single one with a date stamp and a reason code. Six months later, when you see the same exception repeated forty times, you have your case for a new component. Not before.
'We stopped enforcing spacing rules for eight weeks. By week six, the team had voluntarily aligned on three gap values nobody asked for.'
— lead designer, mid-stage saas product
That quote lands because it reveals something uncomfortable: premature governance creates resistance where none existed. The system needs enough adopters first. Shoot for critical mass—roughly sixty percent of active projects using your core tokens—before you even mention exception policies. Until then, your job is to make the default path so frictionless that bending it feels stupid.
Reality check: name the tools owner or stop.
Creative contexts where constraints kill
Marketing landing pages. Campaign microsites. Interactive storytelling experiments. These places live on visual surprise—and a rigid governance model suffocates them fast. One agency client I worked with had a 'no custom typography' rule that forced their brand team to Photoshop headlines as images. That's not governance; that's technical debt disguised as discipline. The fix was surgical: carve out a 'creative corridor'—a small set of projects explicitly exempt from pattern-library rules, but with a mandatory review after launch. Results get messy sometimes. That's fine. What breaks is the assumption that one rule set fits every context. It doesn't. Ever.
So when should you not tighten governance? When the cost of enforcement exceeds the cost of chaos. When your engineers are spending more time filing exception tickets than writing code. When the system itself is still a hypothesis. Loosen the grip, label the outliers, and wait for the real patterns to surface. They will—just not on your schedule.
Frequently Asked Questions About Exceptions
How many exceptions are too many?
One exception is too many if you can't explain why it exists without referencing a deadline panic. I have watched teams rack up fourteen exceptions in six weeks—each one justified as 'just this once.' The real threshold is institutional memory: when a designer hired three months ago can't tell which exceptions are intentional versus which ones just never got cleaned up, you have already lost. Our rule of thumb: if exceptions outnumber the rules they bypass in any single component category, freeze all new feature work for one sprint. Aggressive? Yes. But the alternative is a system where the 'rule' becomes a suggestion people ignore.
Should we codify exceptions as new components?
Most teams rush to do exactly this—and most teams regret it. Codifying a one-off exception into a new component sounds clean but often creates a sibling component that differs from the original by a single property. Now you maintain two things that could have been one configuration. The catch: a variant with documented constraints is almost always cheaper than a standalone component. We fixed this by enforcing a 'two-recurrence rule'—if the same exception pattern appears three times in different projects, then we discuss a new component. Before that third occurrence, the answer is 'no.'
'Every exception you codify becomes a child that demands feeding. Feed only the ones that earn their keep.'
— Design lead, fintech team rebuilding after 18 months of exception creep
How do we handle one-time exceptions?
Hard truth: most one-time exceptions are two-time exceptions in disguise. The pattern repeats because the original constraint was poorly communicated or the business case for the rule was weak. That sounds fine until the 'one-time' button style appears in three different products under three different names. What usually breaks first is the QA process—testers stop knowing what the 'real' component looks like.
Handle the true singleton by making it visible and temporary. We use a 'scaffold folder' in the design tool: every one-off lives there with an expiry date stamped on the file. If the date passes and nobody opens the file, we archive it. If someone opens it and requests a second use, it graduates to a proper governance review. Simple. And it forces the conversation that most teams skip: 'Is this actually one-time, or is this the first sign of a missing rule?'
Resetting a governance model doesn't start with a grand redesign. Start by answering these three questions honestly, then cut the exceptions that don't survive the scrutiny. The rest will sort themselves out—or reveal that your rules were the problem all along.
Resetting Your Governance Model
Audit Your Exceptions Before You Touch the Rules
Most teams skip this step—they rewrite governance documents while the real problem sits in a backlog of approved deviations. I have seen this pattern at three companies now: a designer files an exception because the button style doesn’t fit a dark hero section. Approved. Next sprint, another team cites that exception as precedent. Six months later, the rulebook has forty-seven carve-outs and nobody remembers why the first one was granted. Reset starts with a cold audit. Pull every exception logged in the past six months. Sort them by component, by team, by reason. You will spot clusters—maybe all image‑caption exceptions come from the marketing team, or all spacing overrides happen on mobile product pages. That cluster tells you where the rule itself is wrong, not where the team is misbehaving.
Rewrite Principles, Not Policies
The second mistake is tightening the policy when the principle is broken. A policy says “buttons must use the primary blue.” A principle says “buttons must signal clickability without guessing.” If your blue button blends into a blue background, the principle demands a fix—not another exception. So redefine governance around three or four decision‑making anchors, not a hundred rigid specs. Example: “Reuse before extend; extend before create; create only when reuse breaks the experience.” That’s six words. It replaces half your exception board. The catch is that principles require judgment, and judgment scares process‑minded leaders. But a team that learns to apply a principle rarely needs a formal override. A team that follows a policy without context will request twenty exceptions by lunch.
Run a Six‑Week Pilot on a Single Component
Don’t reset the whole governance model at once—you’ll burn political capital and get nothing back. Pick one high‑friction component. The button, always the button. Announce that for six weeks, no button exceptions will be approved without a written “principle violation” note from the requesting team. That means the team must explain which governing principle the current button rule breaks, not just why they prefer a different color. Then watch what happens. Teams either stop asking (because the formality reveals they wanted preference, not necessity) or they surface a genuine gap in the component library—a missing secondary button, a missing dark‑mode variant. Either outcome is pure gold. You learn where the governance actually failed. I ran this pilot at a fintech startup; in week three the marketing team filed a principle‑valid exception for a green “profit confirmed” button. We built the variant. Exception creep dropped by seventy percent in that component within two months. Not because we got stricter—because we got specific about why rules existed in the first place.
“Every exception is a signal that your rule is wrong, not that your team is lazy.”
— overheard at a design systems meetup, Portland 2023
Reset your governance model by trusting that signal. Audit, rewrite principles, pilot one component. That’s the next step. Do it this week, not after the next sprint review. Your team will thank you—or at least file fewer passive‑aggressive Slack messages.
Comments (0)
Please sign in to post a comment.
Don't have an account? Create one
No comments yet. Be the first to comment!