The Horizon Software Fiasco
Affecting British post offices, proved the adverse impact of poorly designed programs
We sail along on the belief that a software program can be navigated with a single mantra-the GIGO or the ‘Garbage In, Garbage Out’ principle. Once accurate data is fed into a computer, the results will always be reliable. We never worry about what is happening inside the black box, because we trust that it will produce the right outputs.
The Horizon software fiasco affecting British post offices, which has recently hit the headlines, has destroyed such illusions. It has shown how countless innocent lives can be wrecked by poorly designed programs, particularly when those who run and use an automated system are ignorant about what the computer does and turn a deaf ear to complaints.
This is a scary cautionary story for every country-certainly for a rapidly modernising land like India, where corporates and the government generally keep clients at a distance and respond to feedback in a slapdash manner.
Here is how the latest British cause celebre developed. Proprietary Horizon software from the reputed Japanese company Fujitsu, which was installed in post offices all over the United Kingdom, disclosed accounting shortfalls, which were then blamed on those who ran the outlets. Prosecutors from the Royal Mail (an erstwhile government department, spun off as a private company when David Cameron was Prime Minister), took action against almost a thousand such persons, without proof of any theft or even inadvertent transfer of money.
Yet, those accused of crimes lost their livelihoods and reputations. They pulled out savings and sold possessions to meet the shortfalls, a few subpostmasters killed themselves, while some were bullied into making confessions and served jail time. Their denials were ignored within the office hierarchy and in Parliament, except for an exceptional MP or two, who continued to talk about the issue.
It was the journal ‘Computer Weekly’ that fired the first salvo in defence of the affected persons. One of them, Alan Bates, then organised the victims and led the fight for justice. When the Royal Mail refused to accept the findings of an independent enquiry, which cast doubt on the evidence used in the cases, the postmasters’ collective turned to the courts with proof that the accounting discrepancies were caused by software glitches.
Even more damning was the finding that post office administrators and Fujitsu itself had been aware of the defects and had deliberately chosen to manipulate, deny and conceal them. Up until now, though, the wronged postal employees have not yet been rehabilitated, nor has compensation been awarded for what they had endured.
The travails of these innocent sufferers over almost two decades stirred the public conscience just last month, when ITV produced a series about the scandal called “Mr. Bates vs. the Post Office”. Britain is now agog with cries for justice, with demands for wholesale exoneration of the prosecuted postal staff and punishment for their heedless managers.
Fujitsu and Royal Mail administrators are under the lens before a public enquiry. Ministers, past and present, who ignored the matter, are being called to account. The Prime Minister has bemoaned the “great miscarriage of justice” and is looking for ways to quickly clear the names of wrongly accused persons and repair the damage.
Most of the din on social media and in political fora is naturally focused on acquitting innocent people and punishing their tormentors. Justice requires that each prosecuted person should be independently exonerated, since a quick wholesale pardon through a special law, as proposed by the government, would set a wrong precedent and be slightly dodgy from the strictly legal point of view.
The clamour for heads to roll in Royal Mail has already had its effect. Paula Vennells, its former CEO, has been forced to return the OBE awarded in 2019. The scandal has even claimed the chair of the current CEO, although he had assumed office well after the event.
Other senior personnel are being shamed daily in the public enquiry. Fujitsu officials are also on the mat and have apologised profusely for their failures.
Not much political capital is on the line, as all major parties had been associated over the years with Royal Mail decisions in some way or the other. A great deal of ire is, however, being directed at the Liberal Democrat leader, Ed Davey, who, as Minister of the department in Cameron's coalition government, had ignored the cries of the subpostmasters.
This being the UK not the United States, compensation amounts are not likely to be massive. Neither the post office nor Fujitsu can defend their behaviour. Prosecuted subpostmasters are clearly entitled to remuneration for the years of work foregone as well as litigation costs.
They also deserve compensation for the distress suffered and for reputational damage. Such demands could bankrupt Royal Mail, which has already lost face badly, but public opinion is staunchly with the subpostmasters.
As for Fujitsu, the bill will be large, apart from the impact that the debacle will have on contracts in the pipeline in Britain or any other country. The consequences will fall not so much on Japan as on the UK, from where most of Fujitsu’s British employees hail.
In all this, however, there is one item that is not getting much attention. The most relevant question for the rest of us is what must be done to prevent similar situations when dealing with software companies. The answers are not simple, since contracts are difficult to evaluate within the intensely competitive environment in which they are usually awarded and monitored.
Theoretically, of course, companies which pick up such orders, must demonstrate their competence through prior experience and professional history and quote competitive prices. But, those of us who have faced the dilemma of choosing software contractors know that competitive bidding is largely mythical in this sector.
Companies cannot be asked to share proprietary products and will only demonstrate how they function using sample inputs. Glitches and defects can be identified before a program is used in a large network only if pilot projects are run and tested well.
Ideally speaking, they should be certified by an independent third party, who must validate outputs obtained from real data by comparing them with traditional non-automated calculations. This kind of meticulous evaluation never happens, both because bidders for contracts game the system and also because the clock is always ticking on computerisation deadlines. Unless the rollout of a pilot project is taken far more seriously than it is done today, future fiascos are inevitable.
The most horrible finding of the Horizon debacle is the ease with which user complaints were ignored. Post office staff seem to have repeatedly passed on their worries to top management, but helpline operators are now confessing that they were discouraged from raising such matters with supervisors. This is a shocking state of affairs, underlining the need for repeated revalidation of even long-running software programs.
Which means that triggers must be fixed to identify problem areas, well before computer outputs are used for criminal prosecutions. With the benefit of hindsight, it seems that the post office debacle could have been avoided if Royal Mail management had a schedule of revalidation for existing programs or was obliged to start an enquiry if the number of complaints reached a certain level.
This should also have been done through an independent third party, who would not routinely concur with the software contractor or company management to cover up shortcomings.
Responsibility for running an accurate system should also have been squarely fixed on the Chief Technical Officer, whose job and reputation should have been on the line when situations like Horizon occur.
For those of us who believe that the British experience is a one-off occurrence which cannot happen back home, here are some timely reminders. Now that income tax returns and banking transactions are routinely managed through remote computers, front office employees are losing touch with basic accounting computations.
We rarely meet income tax officers who check tax, penalty or interest demands raised by computers. Or bank managers who understand and explain why the FD maturity amount on the official website changes every quarter and is never in sync with the figure entered on the deposit certificate.
Persons manning financial desks are losing the skill to calculate even simple accounting outputs. We are already in a world in which customer queries are mindlessly referred to a computer godhead.
Renuka Viswanathan retired from the Indian Administrative Service. Views expressed here are the writer’s own.