denisismagilov - Fotolia
IT infrastructure and cyber security ‘critical’ for Student Loans Company future
Upgrades to key systems and cyber defence capability will be required so the non-departmental public body can continue to perform key functions, according to a major review
The Student Loans Company (SLC) will need to
A tailored review by the Department for Education into the
“It is widely
With about 3,500 employees and a student loan book totalling more than £135bn under management, the SLC’s operation is comparable to a medium-sized bank and services 8.5 million customers and two million applications per year, of which 93.5% are made online.
However, the report noted that a lack of alignment and
“Millions of pounds worth of repayment collections are lost or ‘leaked’ every year due to SLC system inefficiencies, legal loopholes, error or fraud,” the review added.
A number of the SLC’s core systems are under-supported and/or out of date, the report stated, adding that the inflexibility of the technology architecture was an issue compounded by the niche nature of the skillsets required to manage and modify it.
The SLC also suffers from high levels of staff attrition – salaries are significantly lower than public sector roles elsewhere or similar roles in banks – with outsourcing providers hired to plug the gaps, the report noted.
Department for Education review
As the SLC loan book grows, “the pressure and complexity of [the IT function] will increase significantly” and a number of high-level recommendations were outlined in the report as the body’s technology was deemed “not
The IT estate at the company was built in the 1990s for a “much simpler, lower-volume service”, the report stated. A transformation
SLC’s strategy to transform its IT includes disaggregating and layering major system elements so new product deployment can be contained within modules, to enable change at a faster, lower risk and cheaper way.
However, the review
Cyber security is another area where
In data released under Freedom of Information (FoI) legislation earlier in 2019, the SLC revealed it was targeted in 965,639 attempts to infiltrate its systems in the 2017/18 financial year. The number
Within cyber, the review also stated that the SLC will need to continue to work on a cross-government basis to evolve its preparedness and cited work with the National Cyber Security Council with simulations to test reactions to a
Making better use of analytics, big data and artificial intelligence is another area outlined in the report where the urgency level was set as “important”. It noted that the SLC had been working to get a better understanding of its approach to data, but argued that SLC’s
“The necessity to
Other data-related areas where the urgency level was also important
The document noted that despite progress made around data sharing initiatives so far – for example, the body shares data with HM Revenue & Customs to detect fraud by locating benefits claimants based overseas – there is more to be done around working with departments to support decision-making and boost risk assessments.
IT-related areas outlined in the report where the level of urgency was also set as important included compliance to the General Data Protection Regulation (GDPR), so SLR needs to move from the current basic level of compliance to include
When it comes to digital improvements made around customer experience over the past 12 months, the report noted that the SLC was one of the first public sector bodies to introduce full customer service via social networks, with
But there is more to be done in digital service delivery, the report pointed out, as specialist product offerings are still predominantly made using paper-based methods.
Progress around digital has improved steadily as the SLC’s relationship with the Government Digital Service (GDS) improved over the past year, with more collaborative work between teams towards using digital platform Gov.uk.
Read more about IT in the public sector
- UK government pushes data-driven agenda.
- How tech leads local government innovation in Vienna, Helsinki
- Danish government injects €200m into artificial intelligence R&D.
Read more on IT for government and public sector
Loan charge: MPs call on financial secretary for new independent review into HMRC policy
Loan Charge Group MPs demand IR35 shake-up to stop contractors becoming ‘zero-rights employees’
Using Software to Improve the Performance and Endurance of High-Capacity SSDs
HMRC criticised over continued ‘shortcomings’ in loan charge policy response