In my previous blog on the need for the Chancellor to give serious priority to tackling on-line fraud in his budget, I should also have made the point that the software and hardware to identity probably fraudulent claims and transactions and the likely culprits are worthless without the people processes to use the intelligence created.
The scepticism of Francis Maude with regard to spending more on ICT to help cut fraud can be explained in part by the lack of return on the £387 million that HMRC has spend over the recent years trying to reduce £5 billion a year of lost taxes. The recent Guardian Article summarising the relevant NAO report shows that the prime reason for that lack of return is, yet again, a focus on ICT for its own sake as opposed to using IT to support people processes.
The OJEU notice for the framework contract for the new Government ID regime to be run from DWP indicates an intention to avoid this problem by contracting out the problem to those interested in sharing the £30 million of so of public money available for those running systems that fit the Cabinet Office electronic identity model. The big question is whether that will attract serious interest from credible commercial services – such as those used and underpinned by the credit reference agencies (Experian, Equifax and Call Credit), the payment services (from Barclaycard, MBNA and Paypal to Swift, VISA and Vocalink), the Telcos and ISPs (from BT and Vodafone to Google and Microsoft) and by their Banking and Insurance customers. One can also envisage serious responses from operations like Citizencard and the Post Office Card Account . Then there are the many consortia and start-ups who see trusted ID systems as a crock of gold rather than a can of worms.
The process of aligning the identities used by the private sector with the NINO and other DWP files will make the data matching problems found during the recent Electoral Commission pilots look trivial. The report on that exercise politely indicates some of the many problems.
Given that the entries in the Electoral Register, the NINO, the DVLA database and the Postal Address databases are integral to the creation and farming of most fraudulent UK identities the time has come for a serious exercise to progress actions 11 and 12 in the Fighting Fraud Together Action Plan. These were “to limit the risk” of “government issued” credentials, (they used the words “identity documents”), “being exploited for criminal puproses” and to “strengthen issurance (sic) processes for main government documents used to establish ID and facilitate online identity verification checks against government databases to support online service delivery”
If the Chancellor is serious about bringing public sector finances under control, then effective action in this area is more likely to produce savings and place fewer votes at risk than some of the other mesures he is being urged to take. But it will require a focus on the objectives and the people processes necessary to achieve those objectives – not just the technology used to support the people processes – important though it is to get the ICT right as well.