Issue: We have a content type hub that publishes custom content types. Some sites were getting the updates and some sites were not.
Resolution: After reviewing the ULS logs carefully we discovered some errors pointing to the security token service on one of the SharePoint servers in the farm. The Security Token Service application pool would not stay started. We set the password for the application pool to ensure that was not the issue but it continued to stop when the Content Type Hub timer service was run. After much research we discovered that the account running the Security Token Service application pool needs to be in the local administration group.