In major public procurement contracts, risk transfer is one of the most important issues to consider. It is easy to assume that transferring delivery risk to the supplier is the right thing to do, and indeed it often is. However, the Scottish Police i6 project is an illustration of the limitations of this approach, as the very clear and concise report issued last week by Audit Scotland into the failed project shows.
A little background. In June 2013, the Scottish Police Authority awarded Accenture a contract – after a lengthy procurement process, using the “competitive dialogue” procedure – to develop a national IT system known as i6 for Police Scotland. Accenture was to provide software development and implementation services, as well as user training, ongoing system maintenance and support. The contract was awarded on a 10-year, fixed price arrangement worth £46.1 million. The audit report suggests there was nothing wrong with the procurement process itself.
This was a strategically important contract and system. As the report says, the system “was a central element of longer-term police reform. It was intended to improve how Police Scotland records, manages and analyses information. It was also intended to provide operational and financial benefits to Police Scotland, the SPA and their partners in the justice system and beyond. i6 would replace around 130 IT and paper-based systems used by the predecessor police forces in Scotland”.
But almost immediately, the two parties fell out, with disagreements about what was included in the scope of the system. As time went on, it also became clear that Accenture has made the wrong assumptions about the effort needed to build the system. In particular, the firm had assumed that the system could be based on another system they had developed for the police in Spain. That proved not to be the case.
After a bumpy development period, during which time Accenture did reassure the buyer that everything would eventually be OK, the “finished” system was passed to Police Scotland for testing in August 2015. But there were “fundamental flaws and errors”. Accenture estimated that it would take a further 30 months to put those right, while Police Scotland reckoned that the effort needed from Accenture to complete the system would be eight times greater than they had estimated in the original contract!
Negotiations followed, and the contract “enabled the SPA to secure a settlement agreement of £24.65 million. This meant that Accenture agreed to refund the £11.09 million that the SPA had paid, and to make an additional payment of £13.56 million. This reflects estimated staff costs and capital costs such as hardware maintenance and software licenses associated with i6”. So at least the contracting authority recovered a significant amount of money.
In summary, and again the audit report is very clear; “Police Scotland concluded that Accenture had underestimated the complexity of the system and had, at contract stage, overstated its own ability to deliver i6 within the timescales and fixed price agreed. The belief that the majority of the system could be based on the system that Accenture had provided to the Guardia Civil was incorrect. It had become clear a virtually fully bespoke system was required”.
So what can we learn from this sorry case? We draw four immediate points.
Accenture aren’t infallible. Even the giant and hugely successful IT firms screw up occasionally in the public sector – Accenture aren’t the only ones of course (IBM with Southwest One; BT in Cornwall … etc.)
Fixed price contracts require the deliverables to be very clearly specified. Despite an 18-month competitive dialogue process here, within weeks the parties were arguing over the scope of the system! Fixed price is often a good solution but while it might in theory minimise ongoing discussions about costs, it can transfer that tension to argument about scope and specification.
Optimism bias can come from both buyer and provider. Accenture continued to provide assurance that the system was deliverable, whist Police Scotland was under political pressure and desperately wanted this to succeed.
You can’t fully transfer risk in these public sector contracts – officials and politicians should always remember this. Although Accenture has paid £4.65 million, the public sector has not got the system it so badly wanted and still needs. And who knows what the total overall financial and business impact has been because of this failure. Non-delivery might hit the supplier financially, so that risk can be transferred. But the public body retains the risk of not getting what it wants, with the consequent damage to operations, finances, and reputation.