Daniel - stock.adobe.com

DBS modernisation programme is a ‘masterclass in incompetence’, say MPs

The costly, four-years-delayed Disclosure and Barring Service modernisation programme is an example of yet another poorly managed major government project, according to the Public Accounts Committee

MPs on the Public Accounts Committee (PAC) have slammed the Home Office for failing to properly manage its Disclosure and Barring Service (DBS) modernisation programme.

The modernisation of DBS is running around four years behind schedule and is so far failing to deliver value for money, with costs expected to increase by £229m more than expected over the course of the project, a PAC report has found.

The DBS was created in 2012 through the merging of the Criminal Records Bureau and the Independent Safeguarding Authority. The Home Office signed a contract with Tata Consultancy Services (TCS) in 2012 for the build and transition of a modernised IT system for the disclosure certificates and “general IT application management and development”.

The original plan was for DBS to have moved to a modernised IT system by March 2014, with further upgrades planned and completed by June 2014. However, the PAC said that as of April 2018, “not all modernisation is complete, a delay of over four years”. 

Where the fault lies

As Computer Weekly has previously reported, the contract expires in March 2019, but there is no agreed date for when any further update to the system will be delivered, and it may not even be completed by the time the TCS contract expires.

The two parties have so far not been able to agree whose fault the delays are, and are currently in negotiations.

“Both DBS and TCS claim that modernisation can be delivered before the TCS contract ends in March 2019 but, at the time of our evidence session, neither could offer any details of how or when this might happen,” the PAC report said.

“Once negotiations are complete, we expect the Home Office and DBS to agree with TCS a timetable for the completion of the modernisation of the DBS which is realistic and achievable, whilst also protecting the risk to taxpayers’ monies.”

One of the key issues has been the “flawed contractual approach” by the Home Office. It has previously been criticised by the National Audit Office (NAO) for the way it dealt with the procurement.

When the Home Office ran the procurement exercise, it was on the “assumption that any modernised IT would be hosted on physical servers provided by an existing Home Office contract,” the NAO report said.

Read more about Home Office IT programmes

However, the Cabinet Office rejected the plans because it would be too expensive, and told the Home Office to use cloud-based servers.

It accepted the change proposed by the Cabinet Office, but didn’t discuss the implications of this with TCS, or change the contract before signing it.

The PAC report said that both parties now accept that when the contract was signed “no-one had a good enough understanding of what it would take to make the programme successful”.

“The contract as agreed specifies 450 requirements for business processes and 1,350 requirements for the IT system, but only an outline timetable which has proved over-ambitious with insufficient consideration of the risk involved,” the report said.

“However, TCS told us that when bidding it did not properly understand the complexity of the contract yet accepted the requirements as defined by the Home Office. Despite the delays, TCS has never advised the Home Office to pause the programme and the approach adopted was an old-fashioned ‘big-bang’ approach rather than splitting the task into smaller, manageable, pieces from the outset.”

Update service

This has not been the only problem. As part of the original modernisation programme, DBS originally signed a contract with Capita to deliver a new “update service”, allowing employers to run quick background checks on employees.

The “update service”, envisioned as a portal that would “allow an existing or new employer to check whether new information had become available since an existing certificate was produced”, was launched in June 2013 by Capita, which ran the old criminal records disclosure service.

As part of the Home Office contract with TCS, the new supplier took over the responsibility for the service in mid-2014.

The “update service” aimed to reduce the volume of disclosure certificates needed to be produced, creating a cheaper service and ensuring employers wouldn’t need to pay for the more expensive disclosures as often.

However, it hasn’t delivered what it was supposed to, with uptake considerably lower than what the Home Office envisioned.

“The Home Office introduced the update service without a sound idea of demand or whether customers would use it, and the DBS is only now starting to look at why it is not popular,” the PAC report said.

“DBS is running the update service at a loss despite charging people £13 instead of the £10 expected in 2012. It loses £9 for every application to the update service. The losses on the update service are offset by the profits DBS makes from issuing conventional paper disclosure certificates.”

Low demand for the service

One of the key problems is that because the demand for the service is lower than expected, it means that fixed costs are spread over a smaller number of sales, the report said.  

However, despite making a loss on the update service, DBS is actually projecting a a surplus of £114m by the project end-date in march 2019.

“The loss on the update service is more than covered by profit from DBS’s disclosure certificates. For example, DBS charges people £44 for an enhanced disclosure certificate and in 2016–17 DBS’s accounts show this cost it £37 to process,” the report said.

“DBS has failed to understand its cost base and fee structure, and it is astonishing that DBS has not been proactive enough to either reduce its fees for issuing certificates or return the surplus it has accumulated to the Treasury.”

PAC Chair Meg Hillier said the government has “a crucial role to play in safeguarding children and vulnerable adults but the handling of this project has been a masterclass in incompetence”.

“None of the cost-saving and service benefits set out in the original business case have been achieved. At the same time, DBS has built up a projected surplus of £114m,” she said.

“Negotiations affecting the future of DBS are under way and government must monitor these carefully. It then needs to be straight with Parliament and the public about what, if any, benefits it expects to materialise by the time DBS’s contract with TCS ends.”

Similar to other Home Office projects

The MPs on the PAC added that the failures of the DBS project “reminded us of what has gone wrong on the Home Office’s attempts to upgrade the Emergency Services Network (ESN)”.

The committee has previously criticised the ESN programme for delays and poor risk management.

“We asked the Home Office how well it was managing these large IT contracts,” the PAC report said. “The Home Office told us that only the DBS and ESN programmes were in trouble and acknowledged that both programmes exhibited an underestimation of complexity, a lack of understanding of risk, poor planning and a need to better manage the needs and expectations of different stakeholders and customers.”

“The Home Office told us it has tried to improve its project management skills and that it has strengthened and simplified governance of major projects. But we are concerned to see the same issues occurring and do not have confidence that there are no other Home Office programmes suffering from the same problems.”

PAC chair Meg Hillier said the Home Office is facing huge challenges with Brexit, and that on both DBS and ESN, it appears “either to have ignored or fully understood the needs of the user”.

“It does not fill us with confidence that all is rosy on the department’s other major projects. Although we received verbal assurances they are running smoothly, these are not enough,” she said.

Read more on IT services and outsourcing

Data Center
Data Management