« Clause 31 Tampering with the Register etc. remains unamended after the Lords Report Stage of the Identity Cards Bill 2005 | Main | "Identity Fraud" figures due to be published by the Home Office later today »

Home Office accounting system scandal - the legacy of Sir John Gieve and David Blunkett ?

The National Audit Office have published a report on 31st January 2006:

Report of the Comptroller and Auditor General on the Home Office
Resource Accounts 2004-05
(.pdf)

which, despite the obviously toned down language, and the usual claims that "it is all being sorted out now", cannot conceal the utter chaos and mismanagement which the introduction of a new Adelphi computer system, planned for and introduced under the notorious former Home Secretary David Blunkett and Sir John Gieve.

Sir John Bourn, the Comptroller and Auditor General wrote

To inform Parliament that the Home Office has not met the statutory reporting timetable in respect of its 2004-05 resource accounts;

[...]

I cannot form an opinion on the truth and fairness of the Home Office financial statements for 2004-05

[...]

That is as strong a condemnation of incompetent financial management as any auditor is likely to utter.

It is as astonishing as it is unacceptable, that a major Central Government Department like the Home Office cannot be trusted to account for the money it spends on our behalf.

If a private sector organisation had mismanged its financial affairs as badly as this, then the people in charge would be outt of a job forthwith.

Will the Home Secretary Charles Clarke, whom in theory bears resposibility for this David Blunkett legacy, have the honour to resign ?

What about the "Sir Humphrey" , the Permanent Secretary and therfore the Accounting Officer of the Home Department at the time. i.e. SIr John Gieve.

Sir John is now the Deputy Governor of the Bank of England, with a vote on the level of the Bankk of England's official Interest Rates, which affect the entire UK economy !

Naturally, as with any largescale cockup these days, the "new computer system" is blamed.

However, this is not a new, bleeding edge technology system such as the proposed centralised biometric database National Identity Register, it is simply:

13. Adelphi is the Home Office’s new, Oracle based, integrated finance, human resource and procurement system. In May 2004, the Home Office implemented the accounting module which was designed to automate manual processes, bring greater efficiency and control and improve the timeliness and quality of information.

It is not as if the Home Office had not been warned of the risks:

14. In my report on the 2002-03 Home Office Resource Accounts I highlighted some of the key risks to the Department which could damage successful implementation of the new accounting system. Not all of these risks were adequately addressed and various problems arose during implementation.

IBM appears to the the "Home Office contractor" who is responsible for supplying the Home Office Adelphi Shared Services Programme"

There are plenty of organisations around the world which handle a similar amount of money and employ a similar number of people, who manage their financial affairs properly with the aid of a computerised system.

The blame obviously does not lie with the technology, but rather with the attitudes of the senior manegers and civil servants at the Home Office.

Th NAO reports that the Home Office:

  • Could not reconcile their cash bank balances, to the tune of £ 3 million or so, but they "do not suspect any fraud" - how, exactly can they tell for sure ?

  • The Adelphi system appeared to be unable to deal properly with failed Bank Automated Clearing System payements i.e. a bog standard function of a large accounting system.

  • There were lax financial controls and insufficient audit trails.

  • Subsequent investigations showd that £946 million of "adjustments" had to be made to the accounts.

    "To illustrate the scale of the movements: the amount owed to the Exchequer by the Home Office of £68 million in the September draft accounts became an amount owed by the Exchequer to the Home Office of £112 million in the December draft accounts".

    If the only aspects of the criticism in the NAO report were to do with a few accounting errors, then that would be bad enough, but there appear to be serious potentiaql security problems as well:

    15. Additionally, reviews carried out by the Home Office's Audit and Assurance Unit (the internal audit function) and by my staff revealed significant control weaknesses within the main accounting systems. The reviews found control weaknesses within key Information Technology applications including access to the system, inadequate segregation of duties, the creation of standing data and the ability to interrogate and monitor changes made. These weaknesses made access to the database by unauthorised staff possible, representing a risk to the integrity of Adelphi data and exposing the Home Office to a greater risk of fraud and error. The Home Office has now taken significant steps to address these weaknesses.

    [....]

    21. As noted earlier, controls over the accounting system during 2004-05 were weak and the Home Office is taking action to address the:

  • Poor controls and weaknesses in the audit trails maintained over the assignment of access rights;

  • Absence of checks made against Human Resources records to ensure that new users are authorised, and leavers are removed promptly; and

  • Absence of controls to detect unauthorised access to the database.

    22. In addition, in my opinion, there are weaknesses in the contractual arrangements over the new accounting system in respect of:

    • Over reliance on the Home Office contractor to undertake security checks, and a lack of effective processes to address the risks this exposes the Department to; and

    • Unmonitored access to the database by the Home Office’s contractor, and over reliance on the contractor’s expertise, for example in report production.

      [...]

      Purchase order levels and overall contract amounts can be exceeded without being challenged;

    • Contract letting and extension procedures were not always followed properly. On one significant contract a contract extension was granted at short notice, which was not allowed in the original contract, and serious deficiencies in this contract were not addressed;

    • Key reconciliations such as those between the register of fixed assets and the general ledger, between the payroll system and the general ledger, and headcount had not been performed routinely; and

    • Management did not routinely review key reconciliations and take action where appropriate.

  • None of this gives us any confidence that the Home Office is institutionally capable of implementing or running their proposed National Identity Register / ID Card scheme, without similar project disaters, but on a far larger scale.

  • Post a comment