"So if the supervision was so bad, how are these problems being noticed?"
Expensively, and late, in general. But obviously it's better these problems are noticed before entry into service, or during service.
"Have you heard of the GDA process? Ever looked at the HSE Nuclear website?"
Yes, both, thank you, and I'm fully aware that the HSE has inherited the nuclear responsibilities of the late Nuclear Installations Inspectorate. I'm quite happy with the ALARP concept, less happy with the way it is often (in my personal experience) implemented in some industries (or not i.e. neglected). Same goes for some regulatory authorities (I've observed a few). Occasionally, there are some that are happy to analyse the detail, but frightened to admit there is an elephant in the room.
"Our nuclear regulators have the power to stop any and all operations at a nuclear site if the operations are not safe"
How often do they use it?
How often do contractors even bother with long-standing perfectly justifiable rules?
Somewhere on that HSE site used to be the long-standing pan-European regulatory policy to be considered before approving a proposal. I've read it (at least the pieces that relate to control+safety systems, which are my area of interest). I can't find my copy right now or remember the exact name (it's been a few years) but it is very very clear that at the time Olkiluoto was being built the rules for control systems required logically and physically separate systems for normal operation and for safety shutdown. Resilience by redundancy, same as you'd get on oil rig shut down systems, same as you'd get on critical aircraft systems, and lots of other places.
So what did Areva propose for Olkiluoto? An single fully integrated system in contradiction of the stated regulatory policy. Which is why the Finnish authorities got upset. And who can blame them.
So, what's being proposed for the UK? Single system? Independent dual-redundant systems? Does the difference matter?
The nuclear bit of the HSE had similar concerns to the Finns on the control and instrumentation system architecture, and also the lack of safety documentation on the subject. They were also concerned that the proposed system was based on Siemens S5 PLCs which are pretty much end of life.
Readers who care about stuff like this can read lots more (including the HSE's proposals to resolve these deficiencies), and perhaps draw their own conclusions as to why the contractors didn't address some very obvious stuff up front, at:
http://www.hse.gov.uk/newreactors/2011-gda-issues-epr.htm
Enjoy.