4 July 2023 – Ben Foat and Martin Ferlinc
Hide video Show video
(10.00 am)
Mr Beer: Just so everyone knows, we’re waiting for the Chair to come online.
Sir Wyn Williams: I should be online, actually. I have started – oh.
Mr Beer: Perfect, we can now see and hear you, sir. Can you see and hear us?
Sir Wyn Williams: I can indeed. Yes.
Mr Beer: Good morning to you. Can I call Mr Ben Foat, please?
Sir Wyn Williams: Well, just before you do that, there’s just one or two things I’d like to say, if I may, Mr Beer. The first thing I’d like to do is to thank all those who were kind enough to send messages of support to me via the Inquiry during my recent illness. That was very kind and I much appreciated it.
The second thing I’d like to say is that this four-week session will, I hope, continue uninterrupted by any ill health on my part but I have been advised that I should conduct the hearings remotely, so that, unfortunately, I won’t be able to pay visits from time to time to the Inquiry. I believe the assessors are present this morning and they will continue to attend from time to time.
I’m sorry I won’t be able to do that but obviously I will review that once we get into the autumn and hopefully I will be fully recovered.
Just two minor points about the timetable. Tomorrow, if we may, could we start at 10.15, Mr Beer. That’s simply to facilitate an early morning medical appointment of mine. Then on 26 July could we finish by 2.00 pm, again to facilitate a medical appointment for me.
Then one other announcement, in a sense unrelated, but related to the fact that I held a hearing on the 23rd – or was it the 27th – anyway, in late April, about compensation. Obviously, in the normal course of events, I would have produced either an interim report or a progress update, as I promised I would at the end of the hearing. The current position is that I fully intend to produce an interim report before Parliament rises on 20 July and I can’t, at the moment, see any reason why I shouldn’t be able to do that.
With those announcements, can I turn to this morning’s hearing. My understanding, Mr Beer, is that you are going to question Mr Foat. It is only you who will be questioning him and then, at the end of that session, I’ll simply decide what should happen next and, thereafter, we shall commence Phase 4 with, I think, Mr Ferlinc to give evidence; is that correct?
Mr Beer: Yes, it is, sir, save that Mr Ferlinc pronounces his surname – it is pronounced in that way, we found out this morning.
Sir Wyn Williams: Well, I’m very sorry for mispronouncing on the first attempt but I shall remember in the future how to pronounce his name. Thank you.
Mr Beer: Thank you very much, sir. So Mr Foat, please.
Ben Foat
BEN FOAT (affirmed).
Questioned by Mr Beer
Mr Beer: Good morning, Mr Foat, as you know, my name is Jason Beer and I ask questions on behalf of the Inquiry. Can you give us your full name, please?
Ben Foat: Benjamin Andrew Foat.
Mr Beer: Thank you for coming to the Inquiry today to assist us in our work and thank you for the witness statement that you have previously provided. You should have in front of you a hard copy of that witness statement in your name, dated 21 June 2023. If you turn to the last page of it, page 19, is that your signature?
Ben Foat: The version that I have in my notes says GRO but that would be where my signature was placed.
Mr Beer: Thank you. Yesterday, Herbert Smith Freehills, the Post Office solicitors, kindly wrote us to pointing out a correction that you wish to make to paragraph 14(a) of the witness statement. If you turn that up, please. That’s at the top of page 5.
Ben Foat: Correct.
Mr Beer: In the fourth line, a date is given as 22 August 2022. Would you like to amend that to 12 August 2022?
Ben Foat: That is correct.
Mr Beer: Then something that I’d spotted, if you look at page 1, paragraph 3, second line, a request “pursuant to Rule 9 of the Inquiry Rules 2006, dated 5 June 2022”. Should that be 2023?
Ben Foat: Correct.
Mr Beer: Save for those two directions, are the contents of that witness statement true to the best of your knowledge and belief?
Ben Foat: Yes.
Mr Beer: For the purpose of the transcript, and it’s already being displayed, the URN is POL0011816 4ds. That can come down from the screen, thank you.
I’m only going to ask you questions today about a limited range of disclosure issues arising from the disclosure to the Inquiry, on 30 May this year, of an appendix to a prosecution policy had contained racist and offensive identity codes. In particular, I’m not going to ask you about the substance of the issues arising from that disclosure. They will be addressed with other Post Office witnesses when the opportunity arises in Phases 4, 5 and 6 of the Inquiry and we’re going to ask you to return at a later stage of the Inquiry to ask you questions about your role in other events that the Inquiry is examining, principally Phases 5 and 6.
Can I make two points clear before I ask the substance of my questions. It’s right, isn’t it, that you’re giving evidence today following the service of a Rule 9 Request, so a request for evidence addressed to the Post Office pursuant to Rule 9 of the Inquiry Rules 2006 and, therefore, you’re giving evidence on behalf of the Post Office in a representative capacity not a personal capacity; is that right?
Ben Foat: That is correct.
Mr Beer: Does it follow that you are, in part, reliant on information given to you by others in order to write your witness statement and in order to answer my questions today?
Ben Foat: Significantly so, yes.
Mr Beer: The second point of clarity that I’d like to make clear before we get to the substance of the questions: none of my questions are designed to obtain from you any information which the Post Office continues to assert a claim to legal professional privilege over; do you understand?
Ben Foat: Understood.
Mr Beer: So please bear that in mind when I’m asking the questions. Can I start with your background, please. You’re a lawyer by profession; is that right?
Ben Foat: That is correct.
Mr Beer: You have legal qualifications?
Ben Foat: Correct.
Mr Beer: You’re the general counsel to Post Office Limited –
Ben Foat: That is correct.
Mr Beer: – and you’re a member of the executive team of Post Office Limited?
Ben Foat: Correct.
Mr Beer: Is that sometimes called the Group Executive?
Ben Foat: The General Executive.
Mr Beer: General Executive, thank you.
Is that the most senior leadership team within the Post Office that’s accountable to the board?
Ben Foat: Correct.
Mr Beer: How long have you been group general counsel?
Ben Foat: Approximately four years, since 1 May 2019.
Mr Beer: In short order, what does your role as general counsel involve?
Ben Foat: Ultimately, I’m responsible for instructing the legal department and the law firms and, therefore, managing legal services to the company. In addition to that, there are other areas of responsibility as well, such as compliance, and I’m the chairman of a subsidiary company with the Post Office.
Mr Beer: What role did you perform in the Post Office before becoming group general counsel?
Ben Foat: Legal director.
Mr Beer: For how long were you legal director?
Ben Foat: I was appointed in August 2016.
Mr Beer: Before that, did you work outside the Post Office or within the Post Office?
Ben Foat: Prior to that, I commenced employment at the Post Office on – in August 2015 in the capacity of Head of Legal for Financial Services. So I was dedicated to the Financial Services team at Post Office.
Mr Beer: So August 2015 to date, the role as a lawyer within the Post Office, being promoted to legal director and then promoted to general counsel in May 2019?
Ben Foat: That’s correct.
Mr Beer: As group general counsel, what role specifically do you perform, insofar as the Post Office’s engagement with the Inquiry is concerned?
Ben Foat: So ultimately, obviously, there is a board that makes decisions and certain decisions are delegated to the General Executive and, in this particular case, there is a General Executive subcommittee that makes the decisions. Part of my responsibility is making sure that the provision of legal advice and services is given to the company.
Mr Beer: You’ve previously made four interim disclosure statements to this Inquiry and previously a witness statement. This is your second witness statement; is that right?
Ben Foat: That is correct.
Mr Beer: Do you consider that the Post Office acts under a duty to be candid with and to assist the Inquiry?
Ben Foat: Absolutely.
Mr Beer: That, amongst other things, fulfils a commitment which a series of very senior Post Office executives have made publicly and to the Inquiry?
Ben Foat: Correct.
Mr Beer: You’ve been general counsel since May 2019. That was just after a huge disclosure exercise had been completed in the Group Litigation; is that right?
Ben Foat: I recall that the – what was referred to as the “Common Issues judgment” had been handed down I think approximately March 2019. The Horizon Issues trial was halfway through at that point. There were basically a series of trials that were to occur in respect of the GLO, which is the name that – was the programme that was managing that matter.
Mr Beer: Did you play any part in the disclosure exercise for the purpose of the Group Litigation?
Ben Foat: No.
Mr Beer: Did you play any part in the disclosure exercise that occurred in the run-up to what I’m going to call the Hamilton appeals?
Ben Foat: The Court of Appeal – correct, at that stage I had become the general counsel. But previously, the GLO, as we refer to it, was managed in a separate programme and that didn’t come through my line of responsibility as legal director. Obviously, when I became general counsel, that changed, and initially HSF were appointed in or about, I think, April 2019.
Mr Beer: What about the Hamilton appeals to the Court of Appeal Criminal Division? Did you participate in any way in the disclosure exercises for the purpose of those appeals?
Ben Foat: Yes, I was general counsel at that time. Peters & Peters and HSF, the two law firms, were involved in that process.
Mr Beer: What about you? Did you superintend, in any way, those exercises?
Ben Foat: I didn’t actually do the disclosure exercises myself. Obviously, that is undertaken by the relevant lawyers in the external law firms. As part of the Hamilton judgment, it’s obviously a very complex criminal process and so it was necessary to appoint external criminal lawyers to advise the board. It’s not part of the role of the general counsel to make decisions in respect of that but certainly to support the board receiving advice in respect of what is required for disclosure.
Mr Beer: Do you understand that one of the very things that this Inquiry is investigating is how it came about that, in very many criminal prosecutions brought by the Post Office, there was what was described by the Court of Appeal as “pervasive failures in disclosure for over a decade”?
Ben Foat: Correct.
Mr Beer: And that we are investigating what the Court of Appeal described as POL’s, the Post Office’s, “approach to investigation and disclosure being driven by what the Post Office considered to be in its best interests rather than that which the law required”?
Ben Foat: Correct. That’s a reference to the historical practices and I think specifically in – the judgment referred to the investigation practices that were conducted at that time.
Mr Beer: Well, and the disclosure practices?
Ben Foat: Indeed.
Mr Beer: And that we’re investigating the underlying facts which the Court of Appeal described in relation to disclosure as being “failures that were so egregious that a prosecution in any of the Horizon cases was an affront to the conscience of the court”?
Ben Foat: That is correct.
Mr Beer: So, against that background, where the Inquiry is investigating the Post Office’s past disclosure failings, which led to wrongful convictions and to imprisonments, do you agree on behalf of the Post Office that disclosure in this Inquiry must be punctilious, it must be prompt and it must be complete?
Ben Foat: Correct. Post Office is absolutely committed to making sure that there is full disclosure. If I could just say, you know, genuinely, everyone in the teams, in the different law firms, are working incredibly hard. I recognise that there are a number of areas where we have fallen short and I do apologise to the Inquiry and especially to the Core Participants. But, genuinely, the team are working incredibly hard to make sure that we do the full disclosure that we must do, and remediate any issues that do come to light.
Mr Beer: How many people within the internal Post Office Legal Support division, if I can call it that, are working on Inquiry disclosure?
Ben Foat: So within the Post Office internal team, it has varied over the years, depending – as the Inquiry has evolved. It will have varied from anywhere, I think, between four to what I understand is now eight lawyers. Of course, there are many issues that the Inquiry lawyers must attend to in addition to disclosure.
Mr Beer: You’re assisted, I think, by Herbert Smith Freehills, HSF as you referred to them already. They’re the Post Office’s recognised legal representatives in the Inquiry presently?
Ben Foat: That is correct.
Mr Beer: Can you give us a similar figure, please, of how many were working or have been working – I imagine that waxes and wanes as well – on the Inquiry?
Ben Foat: Indeed, my understanding is that 46 lawyers are working specifically on these disclosure and remediation issues. I’m happy to come back and give an exact figure but that is my understanding based on what I’ve been told.
Mr Beer: Same question, please, in relation to Peters & Peters?
Ben Foat: I think it is much smaller. Again, I’d want to come back but my understanding is that there are at least five.
Mr Beer: Can you explain briefly, please, the role that Peters & Peters presently perform?
Ben Foat: Sure. As part of the disclosure process, what Peters & Peters, and indeed Post Office, sought to do was to make sure we could collate all relevant materials so that, when Rule 9 requests came through, the organisation would be in a position to be able to respond to those. So back in 2020, Peters & Peters were looking at what was called the post-conviction disclosure exercise and, as part of that exercise, they were searching through repositories of information, and that was part of a disclosure exercise that you’ve referred to previously in relation to the Hamilton judgment.
Subsequently to that, in January 2022, Peters & Peters also undertook in advance of the Rule 11 and 14 requests, again looking through the data repositories of Post Office, which I should say is complex and vast, and they were trying to ascertain and get as many of the relevant documents, or rather responsive documents, so that when the Rule 11 and Rule 14 requests came in, Post Office was able to search them.
Mr Beer: Are you satisfied that everyone within each of the teams that you’ve just mentioned understands that this Inquiry is itself investigating pervasive disclosure failures that lasted over a decade, that sent people to prison?
Ben Foat: Yes. I do believe everyone that is working at HSF, at Peters & Peters and Post Office, we recognise that this is an extremely serious issue.
Mr Beer: And that, therefore, the Post Office’s disclosure obligations in this Inquiry are heightened because we’re investigating the issue of non-disclosure?
Ben Foat: Quite.
Mr Beer: You mention in your witness statement a unit within the Post Office called the Central Investigations Unit. What function or functions does the Central Investigations Unit perform, so far as concerns this Inquiry?
Ben Foat: So the Central Investigations Unit was a unit that was relatively recently established. Following the criticisms that were contained in the Hamilton judgment, which referred to investigations and disclosure not being satisfactory. The Central Investigations Unit was established to make sure that good investigation practices occur across the organisation.
So it’s what I call a second line of defence function, in that when issues arise within the organisation that require an investigation, the Central Investigations Unit make sure that those issues are investigated appropriately, according to industry standards.
Mr Beer: A line of defence against who?
Ben Foat: Sorry, I used the expression “the second line of defence”. It’s a compliance concept: three lines of defence. So, in summary, the first line of defence is usually the business that does the activity; the second line of defence is an assurance function, so that can commonly include a legal department, compliance function, an assurance function; and then the third line of defence is an audit function.
Mr Beer: What function do they perform specifically in relation to the disclosure exercise being undertaken for the purposes of this Inquiry?
Ben Foat: In what respect?
Mr Beer: That’s my question. Do they perform any function in relation to the disclosure exercise that’s being undertaken for the purposes of this Inquiry?
Ben Foat: Not specifically, unless there is a particular issue that is raised and referred to them, and so, in this context, given appendix 6 and the failure to disclose, they are involved, together with Jeremy Scott-Joynt KC.
Mr Beer: I’m not sure he’s a KC.
Ben Foat: Oh, apologies.
Mr Beer: I think he’s only 2018 call. So I’m not sure that he will have quite achieved the status of King’s Counsel yet.
Ben Foat: Apologies. In any event, he’s of counsel that is providing oversight to that investigation team, together with an organisation, ETICA, to investigate.
Mr Beer: With that background, can we turn to the issues, then, please. Can we start by looking at POL00115668 – sorry POL00115669. Right, that’s going to be difficult. Have you got in your bundle in front of you – sir, I think it’s in your tab B11, in volume 1 – a colour document called “Security Operations Team, Case Compliance”. If you haven’t, please do borrow mine. I wonder if it could be walked down to you.
Ah, yes. We’ve now got it on the screen.
Ben Foat: Sorry, is the document A3? POL00038452?
Mr Beer: No. It’s on the screen now.
Ben Foat: Okay.
Mr Beer: Is it right that that for a period of time, the length of which has yet to be established and is presently being investigated by the Project May investigation team that you have just mentioned, that the Post Office maintained and operated a suite of documents, there are eight of them, that gave guidance to members of its security team as to the construction and completion of files of investigation in the case of those suspected of criminal offences? So there’s a suite of documents, of which there are eight in number?
Ben Foat: Correct. It’s not the Central Investigations team but it was the Security –
Mr Beer: Yes, I said security team?
Ben Foat: My apologies. Security Investigations Team.
Mr Beer: The document we’re currently looking at on the screen, is this the first in the series of eight documents?
Ben Foat: I understand that to be the case.
Mr Beer: Thank you. I’m not going to delve into the substance of the issues, as I’ve said already, but, in order to provide some understanding of the documents we’re about to look at, can you assist us with what your understanding is of what this document is, the front of the suite of eight.
Ben Foat: So my understanding is that this document was used previously when Post Office conducted prosecutions. It was used in two ways. One was a working document and, in the second respect, it was to act as a compliance check. So when I referred to a second line of defence before, my understanding is that the document was to be used both in terms of undertaking the prosecution work but also as a quality check.
Mr Beer: So it’s how to structure case files, offender reports and other documents within the case file, and then there’s a score on the right-hand column, which, if we just scroll down we can see, adds up to 100. If we scroll back up again, presumably these were marked – so look under “File Construction”, to take an uncontentious one, fourth row. The author of the document must use the correct font for all reports, namely Chevin light 12, which is a font, and if they do that, they score 0.5 per cent, yes?
Ben Foat: Correct.
Mr Beer: Is it your understanding that sitting behind this first document, for a period of time which is yet to be established, was a series of other documents that fed into or assisted the completion exercise contemplated by this document?
Ben Foat: I understand that is the case.
Mr Beer: Thank you.
Ben Foat: There are connected documents.
Mr Beer: Yes, so there are some documents that are connected to, that help you to do the things that this requires?
Ben Foat: That’s my understanding.
Mr Beer: Thank you. Now, amongst the documents that sit behind or sat behind that first document, can we look at them, please. POL00115670, thank you. You’ll see this is entitled:
“Post Office Limited
“Security Operations Team
“Compliance.
“Guide to the Preparation and Layout of Investigation Red Label Case Files
“File Construction and Appendices A, B & C.”
So it’s a document of the Post Office and, in particular, its Security and Operations Team, yes?
Ben Foat: Yes.
Mr Beer: Then we can see the purpose of the document by reading at the foot of the page the introduction:
“The aim of this document is to give guidance to Security Operations Managers and Team Leaders on the current compliance standards for the preparation of red label case files and appendices A, B and C.”
Yes?
Ben Foat: Correct.
Mr Beer: Then another document that’s sat behind that first coloured Excel document we looked at, can we look at POL00094200.
Again, a Post Office document headed up “Security Operations Team”, with the subject of “Summarising of Tape Recorded Interviews”:
“The purpose of the document is to advise Security Managers to changes in the requirements for summarising tape recorded interviews.”
Yes?
Ben Foat: Correct. I recognise that as appendix 7.
Mr Beer: So we’re looking at a series of documents that sat behind that first Excel document. Can we turn to POL00115672.
Ben Foat: I should just add, when I say I recognise that as appendix 7, I recognise that now, obviously, not at the time.
Mr Beer: Yes. POL00115672. Again, another document in the suite that sits behind the Excel. If we just scroll down to look at the document as a whole, what do you understand this document to be, or the purpose of this document to be?
Ben Foat: So starting on the first page, it’s an investigation template that the Security Investigations Team would have used in the course of their work when they were investigating and considering prosecution.
Mr Beer: So if we go back to the first page, please. Thank you. We can see that it’s in the style of a template – this one is blank – and it requires data to be entered in when a person is being considered for prosecution, essentially, yes?
Ben Foat: Correct.
Mr Beer: You see in the top right, underneath the heading, it says, “Identification Code”. Do you understand that to be a reference to a series of numerical codes that correlate to an assessment of a person’s racial or ethnic identification?
Ben Foat: Correct.
Mr Beer: So the author of the document, the person filling out this template, had to enter an ID code –
Ben Foat: Correct.
Mr Beer: – for the suspect?
Ben Foat: That’s correct.
Mr Beer: Can we look at another of the series of documents, please. POL00115674. This was another of the series of documents that sat behind or was related to the first document that we saw, yes, the Excel document? It’s part of the suite and it contains a description of seven identification codes, correct?
Ben Foat: Correct.
Mr Beer: I should say I’m going to read out some of the identification codes on the document as they are printed. They are racist and offensive but I’m going to read them out.
Identification code 1: the document says that you are a “white skinned European type” if you’re British, French, German, Swedish, Polish or Russian, yes?
Ben Foat: Correct.
Mr Beer: You are a “dark skinned European type” if you are Greek, Cypriot, Turkish, Spanish, Italian, Sicilian or Sardinian, yes?
Ben Foat: Correct.
Mr Beer: You are a “Negroid type” if you are West Indian, Nigerian, African or Caribbean?
You are “Indian/Pakistani type” if you’re Asian.
You’re “Chinese/Japanese type” if you’re Malayan, Japanese, “Philippino” (sic), Burmese, Siamese, or from Mongolia or Mongolian, perhaps.
You’re “Arabian/Egyptian type” if you are Algerian, Tunisian, Moroccan or North African.
Or you’re not known, ID code 7.
Ben Foat: That is correct.
Mr Beer: So there was a correction of eight documents sitting behind the first one that we saw, the guide; the guidance summarising the completion of tape recorded interviews; the ID code template which required you to enter an ID code in; and then this identification code or ID codes document.
That can come down, thank you.
Can I turn to the question of disclosure of that material to this Inquiry?
Can we begin, please, by looking at a request made by the Inquiry to the Post Office for the disclosure of documents dated 28 February 2012 (sic), INQ00002007.
Sir Wyn Williams: Could you give me the date of that document again, please, Mr Beer?
Mr Beer: Yes, 28 February 2012 – sorry, 2022!
Sir Wyn Williams: That’s what confused me.
Mr Beer: Yes, 2022. If we just scroll up just so we can see who it is from, thank you. It’s from the Inquiry, it’s addressed to the partner then handling matters at Herbert Smith Freehills, and it’s dated 28 February 2022, so it is a letter addressed to your recognised legal representatives from the Inquiry. We can see from the heading what the request is about:
“Request for information pursuant to Rule 9 of the Inquiry Rules 2006 – Request number 11 – Matters arising from Board Minutes (excluding Project Sparrow minutes).”
You referred earlier to Rule 9(11) and Rule 9(14). Were you using that as shorthand for the way in which the Inquiry styles its requests? They are each sequentially numbered. This was the 11th in the series and there’s a summary of what it was about in that heading.
Ben Foat: That is correct.
Mr Beer: So when you refer to Rule 9(11) that’s what this is about.
Ben Foat: Correct.
Mr Beer: So it’s a request made pursuant to Rule 9 of the Inquiry Rules 2006 and, for those not familiar, that’s the provision, is this right, by which the Inquiry formally requests the disclosure of documents from the Post Office and others?
Ben Foat: That is right.
Mr Beer: If we scroll through the document, please. You’ll see that there’s information about other things and then, if we stop there, request 15 within Rule 9(11) was a request for disclosure of:
“The Minutes of the Audit, Risk and Compliance Subcommittee of the 11 February 2014 … refer to a report which outlined the proposed changes to the prosecutions policy and a paper to explain the most appropriate way to communicate the prosecutions policy.”
Then this:
“Please provide copies of the same and copies of all iterations of the prosecutions policy since 1999 that are in POL’s custody or control.”
So it’s that last sentence that’s the operative one, is that right, Mr Foat, “copies of all iterations of prosecutions policy since 1999 that are in POL’s possession or control”?
Ben Foat: Correct.
Mr Beer: I’m not going to turn it up now, if we go to the last page of the letter, we can see that a response was due by 31 March 2022, so it gives a month to reply to the request?
Ben Foat: Correct.
Mr Beer: The Post Office responded to Rule 9(11) part 15 on 14 May 2022 by disclosing some documents to the Inquiry and, amongst those documents that were disclosed, was one document that’s relevant to the present issues. Can we look, please, at POL00038452. Thank you. This is a version of the guidance that we just saw. Can you see that?
Ben Foat: Yes.
Mr Beer: “[POL]
“Security Operations Team
“Compliance
“Guide to the Preparation and Layout of Investigation Red Label Case Files.
“Offender reports & Discipline reports.”
So it’s by no means exactly the same as the guide that I showed you earlier but, in very broad terms, fulfils the same purpose as the guide that we just saw, namely to give guidance on the construction of files and the contents of prosecution files.
Ben Foat: Correct.
Mr Beer: So, in response to request 15 in our Rule 9(11), we received this document?
Ben Foat: Correct.
Mr Beer: Correct? Now, I think you agree, Mr Foat, that the documents which ought to have been disclosed in answer to the request were the suite of documents that we’ve just been discussing?
Ben Foat: Correct.
Mr Beer: Therefore, including the other iteration of this guide, but also all of the other documents that I showed you, including the ID codes document containing the racist and offensive identity codes?
Ben Foat: Yes. Correct. The suite of documents should have been provided.
Mr Beer: That should have been provided to us in the spring of 2022?
Ben Foat: I think the – certainly, the policy documents absolutely needed to be provided. I read them as being both the request 11 and the request 14 as requiring the full suite of documents to be provided.
Mr Beer: Okay, we’ll take that shortly in the interests of time. There was a follow-up request in August 2022. Request 14, so Rule 9(14), and you’re saying that would have captured all of the documents. I’m not going to quibble with you over which was the trigger, whether it was 9(11) or 9(14), but, by the middle of 2022 we should have had the suite of full documents?
Ben Foat: Yes, correct.
Mr Beer: Sorry, the full suite of documents?
Ben Foat: Correct.
Mr Beer: Can I look at now why we didn’t get them?
Ben Foat: Yes, sure.
Mr Beer: Can we look at your witness statement, please, page 5, paragraph 16. Thank you, it’s page 5., paragraph 16, at the foot of the page. You deal with them compendiously. You say:
“Requests No 11 and No 14 sought POL policy and procedure documents relating to POL’s conduct of criminal investigations and prosecutions. To identify such arguments, [Peters & Peters] and [Herbert Smith Freehills] ran search terms across a Relativity database which I will refer to as the CCRC database.”
Just stopping there, “Relativity database”, can you explain what a Relatively database is, please?
Ben Foat: It’s an eDiscovery, electronic disclosure platform. So within the context of this Inquiry, it contains the data repositories of the Post Office, which contains, I understand 54 million documents.
Mr Beer: So it’s a commercially available, purchasable, e-disclosure platform?
Ben Foat: Correct.
Mr Beer: You continue:
“Those searches were designed to identify responsive documents in a database that contains millions of documents. The CCRC database is hosted on Relativity by POL’s eDiscovery provider, KPMG, together with other databases that hold POL documents. The CCRC database contains materials collated for the purposes of the criminal appeals. Searches were and are run across this database for the purposes of disclosure in accordance with POL’s post-conviction disclosure obligations, to conduct document reviews, and to identify and produce documents to the Inquiry.”
If we move down to paragraph 17, you say a document, which you’ve called Appendix 3, that’s the guide, yes?
Ben Foat: Yes.
Mr Beer: I’m going to call it the guide:
“[The guide] was responsive to the search terms run by [Herbert Smith Freehills] across the CCRC database for the purpose of Request No 11. The other appendices were not produced for the following reasons:
“Copies of appendices 1, 2, 4, and 5 [they are other of the suite of eight documents that sat behind the Excel] belonged to the same ‘family of documents’ as [the guide].”
Yes.
Ben Foat: Correct.
Mr Beer: “… (ie [those documents] were all contained in a zip [file] that was attached to an email dated 7 March 2013 that was sent by a POL Security Team manager).”
Ben Foat: Correct.
Mr Beer: “Although they belonged to the same ‘family of documents’, Appendices 1, 2, 4 and 5 were not produced at the same time as [the guide] because they were not responsive to the search terms so they were not reviewed for the purpose of responding to Request No 11.”
Yes?
Ben Foat: That’s correct.
Mr Beer: To summarise what you’re saying is that, for the purposes of responding to request 11, search terms were used, ie words –
Ben Foat: Yes.
Mr Beer: – were used. They only picked up the guide document. They didn’t pick up any of the other documents?
Ben Foat: Correct.
Mr Beer: And that, although the guide document was within a family of other documents, those other documents were not disclosed?
Ben Foat: Correct.
Mr Beer: Then if we go down to (b), you say:
“Appendices 6, 7 and 8” –
Appendix 6 is the ID codes document that contains the racist and offensive language?
Ben Foat: Correct.
Mr Beer: “… were not responsive to search terms and were not within the ‘family of documents’ and it was not apparent at the time that they belonged to the suite of documents.”
Ben Foat: Correct.
Mr Beer: Can I ask you some questions from what you’re saying here. So an email has been sent on 7 March 2013 that contained Appendices 1-5 as a zip file, yes?
Ben Foat: Mm-hm.
Mr Beer: The guide document was Appendix 3, and that caused a hit to a search term, yes?
Ben Foat: Correct.
Mr Beer: Only Appendix 3, the guide, was disclosed to us, but not the other four documents in the family?
Ben Foat: That’s correct.
Mr Beer: What guidance was given to your document reviewers about what they should do with documents that are within a family of documents, ie documents which are linked to one another, when only one of them is responsive to a search term?
Ben Foat: So there is guidance that’s given to the reviewers. There is both a first tier and a second tier review. Reviewers are encouraged, if they do have any queries, to raise them. My understanding is that – to the approach to family of documents is that they would look at the relevant context, the relevant request, and determine whether or not the family of documents should be looked at.
In this particular case, they didn’t look at what I call Appendix 1, 2, 4 and 5, and I understand why, from what they have told me, the reason for that is because it wasn’t responsive, so they didn’t look into the family of documents.
Mr Beer: So because –
Ben Foat: Just factually speaking.
Mr Beer: Yes. So because there wasn’t also a hit in the other four appendices, we’re not going to look to see what those appendices contain to see whether they touch upon or are relevant to the document that does contain the hit –
Ben Foat: That is correct.
Mr Beer: – even though they’re within a family together?
Ben Foat: Yes. That is correct.
Mr Beer: Was that guidance – was that the guidance that was given, that you – because there are no hits in another part of the family, you don’t look at the other part of the family?
Ben Foat: I would need to take that question away. I am not aware. I do know that there are cases where, even though there aren’t those hits, the family documents would be checked, but it would depend on the relevant request, it would depend on the suite of documents that was contained, so I imagine a zip file. But I’m not instructed with that particular detail.
Mr Beer: Have any changes been made to any guidance that did exist on how to treat families of documents since this episode has unfolded?
Ben Foat: Since this has occurred, yes. So most recently, HSF have gone through – obviously to date there has been roughly disclosure of 117,000 documents. HSF have identified that there are approximately 30,000 documents that would be family documents of the 117,000. They’ve then – obviously that’s just responsive, that’s not necessarily relevant.
They’ve then gone on to identify that there would be approximately 1,500 documents that are relevant, of which I understand less than 700 would be relevant to Phase 4.
Mr Beer: The phase that we start in about an hour’s time?
Ben Foat: Correct.
Mr Beer: Have you investigated the content of the instructions that were given to document reviewers that enabled them to discard other documents within a family, on the basis that the other documents didn’t themselves respond to a search term?
Ben Foat: That is an ongoing question for remediation.
Mr Beer: Would you agree that the approach of only disclosing documents within a family if they are themselves responsive to a search term is a rather mechanistic approach to a disclosure exercise?
Ben Foat: I do agree. It’s obviously a very difficult exercise to be managing a repository of 54 million documents. Of course, the reviewers don’t know of the relevant documents. So they are – there’s a number of processes that go on. So search terms is one way. But there are other avenues that are also done to try to identify the documents. But I accept your premise.
Mr Beer: It’s rather mechanistic because it focuses on – the use of search terms will turn over or potentially turn over the documents and only the documents that are responsive to our search terms and not apply a human mind to the documents that accompany or are related to that document?
Ben Foat: Understood.
Mr Beer: So if there was, for example, an email attaching two documents, two Word documents, asking for views from two people and they set out opposing views on an issue, if one of the attachments was worded in a way that was responsive to your search terms, and the other one wasn’t, on this approach, the reviewer would only look in the document that was responsive to the search term, and wouldn’t look in the other document?
Ben Foat: Factually, that’s what happened in this particular situation. I think the broader issue is around the de-duplication –
Mr Beer: I’m going to come to that in a moment. I’m just looking at what the reviewers did, if they’re confronted with an email, it’s got two things attached to it, they get a hit for one document because a word has been used –
Ben Foat: Correct.
Mr Beer: – they are not instructed. That’s part of an email chain. There are two documents attached to the email. Have a look yourself in the other document and see whether it responds to the request?
Ben Foat: I think they are and, in certain cases, they have done that. I would like an opportunity to perhaps bring back that guidance and –
Mr Beer: This is your opportunity, Mr Foat. We have asked you to set out in writing, in your 19-page witness statement, what occurred on this occasion and why it occurred?
Ben Foat: Yes.
Mr Beer: Is it your understanding, on this occasion, that the reviewer did not look in any of the other of the suite of documents in the zip file to see whether they are responsive to the request that was made?
Ben Foat: That is so.
Mr Beer: They didn’t apply a human mind to it?
Ben Foat: I can’t comment as to what was in their mind but what you have said is factually accurate.
Mr Beer: But is it an outlier, is what I’m driving at? Is it somebody made a mistake or is it because of the instructions they were given were faulty? “If you’ve got an email that’s got two attachments, ten attachments, have a look, reviewer, to see whether the entire suite of documents should be disclosed”. Was that instruction given?
Ben Foat: I don’t think the instruction was given, and my rationale for saying that is there were cases there they did check. But I take your point and accept that the approach taken in this particular case was that, had the family documents been checked, then it would have identified documents Appendix 1, 2, 4 and 5, but it wouldn’t have identified appendix 6, 7 and 8.
Mr Beer: When would appendix 6, 7 and 8 have been identified?
Ben Foat: Those documents would have only been identified in the – by the de-duplication process.
Mr Beer: Can you explain what the de-duplication process is please?
Ben Foat: Sure. When providing documents to the Inquiry, obviously in a massive repository in an organisation, there may be duplicates of documents. So rather than actually provide literally the same document, there is a process called de-duplication. Now, in this particular case, where the error occurred, is that instead of –
Mr Beer: Sorry, can I interrupt: the second error.
Ben Foat: Yes, correct. Where the error occurred, or second error, was that when you de-duplicate, you should de-duplicate if they’re identical. In this case there were other attachments that were de-duplicated. So if I could perhaps explain that more clearly.
So when you have – and we talk about families of documents. So when you have what’s called a primary or parent document, so a cover email, and it contains a series of attachments, so you might send photographs of plants, which are the attachments. What happens in what’s called the top-line de-duplication process, if you have an attachment, an email that – sorry, you have an email, which is your parent document and then you have, let’s say, three attachments which have three different plants – insert whatever sort of plant you want – what should normally happen is that, where you have literally the exact same replica of that, so there is another version that is identical, that has exactly the same cover email with the same attachments of those three plants, that would then be de-duplicated and that’s called the top-line methodology.
That didn’t happen here. What happened in this particular case is that, where there were versions – so instead of having an exact replica of the cover email with the three different attachments, where there were versions where there was the cover email but, let’s say, four plants that were attached to the email, the item line methodology that was used meant that it would consider them as the same when they were not. And they would therefore de-duplicate and, therefore, that is why the Inquiry did not get to see and, indeed, the reviewers didn’t get to see Appendix 6, 7 and 8.
Mr Beer: You describe that in paragraph 18 of your witness statement on page 7, at the top of the page you say, “Copies of Appendix 3” that’s the guide, yes:
“Copies of Appendix 3 exist in duplicate, and near duplicate form in the CCRC database … some of those duplicate versions of Appendix 3 have family documents … The duplicate versions of Appendix 3 were tagged as ‘duplicate’ by POL’s eDiscovery provider, KPMG, and so they were considered unnecessary to review.”
That’s a shortened way of explaining what you just said, yes?
Ben Foat: Yes, apologies.
Mr Beer: What you’re just saying here is, as I’ve put to you, there’s a double error. There’s the one we’ve spoken about already, but what you’re describing that the Post Office did, and its document providers did, is, I find a document that’s responsive to a search term, it’s part of a family, I’m not going to look at the family. That document itself is also a part of other families but, because I’ve already decided to disclose that single document, the guide, I’m not going to look at other families in which that document appears.
Ben Foat: Yes, that’s the first point, in respect of the approach to family documents.
Mr Beer: Yes.
Ben Foat: Yes.
Mr Beer: But you’re not going to look at the appearance of that document elsewhere in the document universe because it is assessed to be a duplicate?
Ben Foat: Correct.
Mr Beer: So I missed the opportunity to see in what context the document appears in all of those other places in the document universe?
Ben Foat: Yes, had the de-duplicate process been the accurate process, it would have led to the identification of all of the documents.
Mr Beer: So you’re missing the opportunity to see whether that document appears in another family, and where in the family it appears, and whether other documents in those other families also need to be disclosed?
Ben Foat: Yes, working it backwards. Correct.
Mr Beer: The guide to which Appendix 3 – so the guide, which is Appendix 3, was itself undated, wasn’t it. There’s no date on it.
Ben Foat: Yes, I believe so.
Mr Beer: Yes, it’s undated. Wouldn’t it be important, therefore, to disclose the email of 20 March 2013 to show that that document and the other four documents which were part of the family were in circulation at that point, March 2013?
Ben Foat: Yes, but they weren’t responsive. But I agree, they ought to have been but, factually, they weren’t responsive.
Mr Beer: Because all we get is a free-floating appendix that could be a year old, it could be 50 years old. We don’t know the date of it. So having the email that says “This was sent between A and B on 7 March 2013”, shows that it was at least in circulation then?
Ben Foat: Of course –
Mr Beer: It helps to try to date the document, doesn’t it?
Ben Foat: Indeed, and for which I can only apologise. To be fair to the reviewer, of course, if the documents weren’t responsive, they themselves wouldn’t have known.
Mr Beer: But this document was responsive, wasn’t it, the guide –
Ben Foat: Oh, sorry, the guide was –
Mr Beer: But the email to which it was attached wasn’t itself disclosed?
Ben Foat: Correct.
Mr Beer: All we got was an undated document?
Ben Foat: Correct.
Mr Beer: Can we look at a similar problem, please, and turn to paragraph 44 of your witness statement, which is on page 15. You say:
“An examination of emails obtained from the historic Security Team’s archive has been carried out.”
Just to date this exercise, this is part of the post-revelation of the problem clear-up exercise; is that right? What you’re referring to happening in paragraph 44?
Ben Foat: Apologies. If I could just have a moment to read the context?
Mr Beer: Yes. If you go back to the heading, to paragraph 36. It says:
“Investigative steps and preliminary findings”.
You tell us, from paragraph 36 onwards, things that have now been done in the light of the revelation of the problem, the non-disclosure problem.
Ben Foat: Correct, the point why I reflect is that, whilst there have been examinations, there have been a number of steps that have been taken, obviously before now, in order to secure documents and to speak to people. So that’s just the point that I was attempting to clarify.
Mr Beer: Yes.
Ben Foat: But, yes, obviously since 30 May there has been an examination of all of this to remediate the issues as quickly as possible.
Mr Beer: So in paragraph 44, you’re referring to what’s been done now, now that the non-disclosure problem has been pointed out, yes?
Ben Foat: Yes, other than to say, of course, that the relevant documents were collated and put on to Relativity and it was done initially through the – in 2020 in the post-conviction disclosure –
Mr Beer: Yes, so the documents you’re referring to in paragraphs 44(a) to (e) were, in fact, on Relativity at the time that the searches in March and then August 2022 were carried out?
Ben Foat: Correct.
Mr Beer: What I want to understand is why they weren’t turned up in March and August 2022. So in paragraph 44, you set out a series of emails, which you say are from the historic Security Team’s archive. There are five of them, but (a) and (b) are essentially the same chain. So there are four email chains.
I just want to go through them, please. Can we start, please, with POL00118096. Thank you.
If we can scroll down, please. I’m sorry, just to the bottom of the first page. Thank you.
You can see it’s an email dated 23 May 2011, from Dave Posnett, who was an accredited financial investigator in the Security Operations Team, to a wide group of people, correct?
Ben Foat: Correct.
Mr Beer: He says, under the subject, “Casework Compliance”:
“Most of you are aware that case files submitted for legal advice will become subject to compliance checks. This process is due to commence in June and is designed to raise standards of files submitted (including their contents – reports, taped summaries, appendix enclosures, recoveries, stakeholders, etc) and ensure there is a consistent approach across the team. It is also probably an opportune time given that we have recently recruited new people to the team.
“I’ve associated relevant documents that feed into the compliance process. Please familiarise yourself with these documents.”
Then there will be some meetings and the dates are set out. If we just scroll up we can see a forwarded email of August 2011 attaching the compliance zip that Mr Posnett referred to, yes?
Ben Foat: Correct.
Mr Beer: So you’ve got an email of May 2011 from Dave Posnett of the Security Team to a wide range of people in the Security Team attaching a zip file about case compliance. Now, that zip file contained a series of documents. Can we look, please, at POL00118101. We can see it’s the guide, yes?
Ben Foat: Yes.
Mr Beer: So the guide would have been responsive to the search terms in the same way as Appendix 3 was and produced a hit, yes?
Ben Foat: The guide, which is Appendix 3, was responsive.
Mr Beer: Yes. So if a search had been undertaken using those search terms, this guide, being an attachment to this email, as part of a zip file, would also be responsive?
Ben Foat: I don’t think the email would have been responsive, but the guide, Appendix 3, yes.
Mr Beer: What is displayed to the reviewer when they get a hit?
Ben Foat: They have a list, there’s a whole list of documents that they have. So they would have to click in to it to actually see the relevant document.
Mr Beer: What is displayed to the reviewer to show them that it is part of a family of documents?
Ben Foat: There is – my understanding is that there is an icon that they would have to click into to link it into the family document.
Mr Beer: So just –
Ben Foat: But I don’t think – and I’m happy to check this, but I don’t think that email would have been responsive because, looking at the email, it doesn’t contain any of the search terms.
Mr Beer: No, but if the guide contained a responsive search term, the reviewer can click the icon to see which email this was an attachment to?
Ben Foat: Correct.
Mr Beer: So what are they told, the reviewers? Are they told to do that, to check the email? Because, if they’d done that on this occasion, we would have seen that this guide, also undated, was in circulation in May 2011, wouldn’t we, and we would that have seen who was circulating it?
Ben Foat: Yes. The reviewer does a linear review.
Mr Beer: What does that mean?
Ben Foat: Well, in the sense – it’s sequentially. So they don’t necessarily know all these documents exist. It’s just the documents that come up that are responsive, and then they will go through them and my understanding is that, where it is responsive, they would check the family documents.
Mr Beer: So what has happened here, then? Because we’ve got an email from Mr Posnett to a whole bunch of people in the Security Team saying “You need to comply with this compliance document”. That’s important, isn’t it, because the email shows who was distributing it, the email shows to whom it was distributed. The content of the email shows an instruction. “You must comply with this, and you’re going to be audited for your compliance”. They’re all relevant things that we get from the email that we don’t get from the guide?
Ben Foat: Of course, and I recognise that. I think factually what happened here is that, because the cover email, if you like, wasn’t responsive, it was sitting – I imagine it would have been sitting in the family documents but it was not checked. That is plainly wrong and so I acknowledge that point but, just factually, that’s why I don’t think that email was picked up at that point.
Mr Beer: Can we look, please, at POL00118104. This was also an attachment to Mr Posnett’s email, the racist and offensive ID codes document, and so this was part of the family too, agreed?
Ben Foat: Agreed.
Mr Beer: So if we got the email, we would know that it was Mr Posnett, on 23 May 2011, distributing to a wide variety of people within the security and operations team saying, “You’ve got to comply with these racist and offensive ID codes and you’ll be marked down if you don’t”. That’s relevant information for us, isn’t it?
Ben Foat: Correct, and had the approach to search terms, family documents and de-duplication been right, it would have been identified.
Mr Beer: Because one of the things that POL has said in response to this part of the scandal within a scandal within a scandal, is these are outdated documents, they’re from the past. But as we pick away at this, we might find that, by looking at the emails, that, in fact, they were in circulation until quite recently, might we, if we get the emails?
Ben Foat: Well, there is – my understanding is that they are historic in nature. My belief about that, and that they with us necessarily be so because the Post Office stopped prosecuting and has not prosecuted, and that policy came in 2019. I recognise the racist and unacceptable language that’s contained within that document and for which I can only apologise to see that. That is certainly not consistent with my values and nor the current Post Office. I accept that is a document that clearly was in existence at that time.
Mr Beer: It wasn’t just in existence, was it? It was being circulated and saying, “You must comply with its terms and if you don’t, you’ll be picked up for non-compliance”?
Ben Foat: In 2011 –
Mr Beer: Yes.
Ben Foat: – that appears to be the case.
Mr Beer: Okay, let’s go on, please. Can we look, please, at POL00118110. Can we start by looking at the second page, please. Just scroll down, please. It’s from Mr Posnett again, dated 27 April 2012. Do you see that?
Ben Foat: 27 April, correct.
Mr Beer: An email to a wide variety of people in security operations team, again. Subject is “Case Compliance”. He says:
“All,
“The compliance checks on submitted offender interview case files will continue in 2012/2013. Associated are all the supporting documents needed, which have been amended where appropriate.”
Can you see that?
Ben Foat: Correct.
Mr Beer: Then if we go to page 1, we can see somebody called Andrew Wise, who was in Security Operations North, forwarding that email in October, the end of October 2012, forwarding the last attachment, the Compliance zip file, to a group of people who I think were in Security Operations in the north of England:
“Hi All,
“I am assuming that most of you (if not all) have seen the case compliance info before. Now that everyone is up and running and progressing cases I thought it would be a good time to refresh on the compliance checks.”
So he’s forwarding a zip file too. So it’s forwarded again the year after we’ve just looked at it by Mr Posnett and then in October 2012, by somebody else within Security and Operations.
Can we just look at a couple of the attachments within this zip file. POL00118124. It’s the guide again, yes? So the email that’s being sent around as a compliance requirement in April and October 2012 amongst the zip file includes the guide.
Then POL00118128. Another part of this zip file being sent around within POL in April and October 2012 is the racist and offensive ID codes document.
So would you agree that the email that I showed you of April and October 2012 was relevant information for the Inquiry to receive?
Ben Foat: Agree.
Mr Beer: Because it shows that, again, the compliance guide and this document were being circulated with instructions to security teams that they will be audited against their compliance with their terms?
Ben Foat: Yes, certainly I understand, under request 14, which included guidance, that it ought to have been disclosed.
Mr Beer: So looking at the April 2011 and now the April and October 2012 emails, all three of which had the guide and the racist and offensive ID codes document attached, can you explain if it was the pool of documents over which the search was run that caused them not to be included, or the de-duplication exercise that you referred to that caused them not to be included in material sent to the Inquiry?
Ben Foat: My understanding is it’s the de-duplication exercise. I say that because, in addition to the various setting up of the data repositories and the PCDE work review and the review that was done by HSF and Peters & Peters with their search terms, they had also interviewed Andrew Wise and had also taken all of the relevant materials from his laptop. And so my understanding is that they would have been – they are on Relativity but, because of the search terms, families and, specifically in this, the de-duplication, they – it wouldn’t have been picked up to the reviewer.
Mr Beer: I just want to press you on that. In paragraph 16 of your witness statement – no need to turn it up – you say that the pool within Relativity of material that was looked at for the purposes of these two requests was the CCRC?
Ben Foat: Mm-hm.
Mr Beer: This material appears not to be within that pool. So was that the problem, looking at too small a universe, or was it the de-duplication exercise that meant that this material was included and, therefore, even though there may have been a hit against it, was not disclosed to us?
Ben Foat: My understanding is that it would be the de-duplication exercise.
Mr Beer: On what basis do you reach that understanding?
Ben Foat: Sure. Because the – I agree, it wouldn’t necessarily be picked up in the CCRC or the PCDE exercise, but that isn’t the only database that sits within Relativity. So Relativity, as I said, has over 54 million documents. The CCRC database has over 5 million documents. There are over 160 different data repositories within Relativity, as well as all of the mail boxes. And so, whilst I accept that these emails may not have been picked up in the CCRC database, my understanding – but I’m happy to be corrected on the point – is that it wouldn’t have been identified because of the de-duplication error. But I’m happy to take that away and report back to the Inquiry.
Mr Beer: If we just look, then at paragraph 16 of your witness statement, which is on page 5, you say in the second line:
“To identify such documents, [Peters & Peters] and HSF ran search terms across a Relativity database which I will refer to as the CCRC database … The CCRC table is hosted on Relativity by POL’s eDiscovery and provider KPMG … The CCRC database contains materials collated for the purposes of the criminal appeals. Searches were and are run across this database”, et cetera.
It only refers to the CCRC table there, rather than other parts of the document universe within Relativity. So I’m trying to establish whether that’s the problem or the de-duplication exercise, which you have attributed the blame to.
Ben Foat: Yeah. As I said, I’m happy to come back to it, having taken instructions. But my understanding with these requests is that the documents that weren’t disclosed ultimately, in all cases, had the de-duplication been correct, then those appendices would have been disclosed but I’m happy to come back and report back to the Inquiry with specifics.
Mr Beer: Can we look at a third email, please. POL00118129. Much narrower distribution between Andrew Wise and Helen Dickinson, Mr Wise being a security manager in Chesterfield. Here is all the Dave Posnett stuff – sorry, that “Dave Posnett sent through to me”, “the stuff Dave Posnett sent through to me”. Can you see that?
Ben Foat: Yes. Thank you.
Mr Beer: Attached to that email, so we’re here now in July 2016, I’m not going to turn them up in the interests of time. Take it from me that the attachments to that included the guide and the racially offensive ID codes document. So this email, if this had been disclosed to us, would have shown that in 2016 the guide and the racially offensive ID codes document were still in circulation amongst, at least, these two people.
Ben Foat: Correct.
Mr Beer: So can you help again as to why the de-duplication exercise had the effect of excluding the emails from disclosure to us?
Ben Foat: Because where you have – the Relativity system gives a preference to various versions of the documents and the preference that it would take normally is at the time. So that’s the first point. The second point is that, on this particular case with the email, because the email itself wasn’t responsive, it wouldn’t have been picked up. So the search terms –
Mr Beer: The search term would have hit the guide –
Ben Foat: Absolutely, yes.
Mr Beer: – and the reviewer could see an icon –
Ben Foat: Yes.
Mr Beer: – that linked that to this email?
Ben Foat: Yes, and it’s the same family issues document that we have discussed.
Mr Beer: So I’m going to press you again –
Ben Foat: Yes.
Mr Beer: – why is it that a reviewer would not go back and look at the family of which the document for which they had a hit was a part?
Ben Foat: Because in this particular case, they weren’t responsive.
Mr Beer: That’s not really an answer though, is it? Because if they’re responsive, they are going to consider them for disclosure anyway. We’re looking at a different issue, namely you have a document which is part of a family –
Ben Foat: Mm-hm.
Mr Beer: – why do you not look at the rest of the family, because it provides context, colour, assistance, to this Inquiry, doesn’t it?
Ben Foat: Sure, and I accept that. Just factually speaking, my understanding is that although the guide – so Appendix 3 – was identified, this particular email wasn’t. Now, there are a number of reasons why that didn’t. So, given that, on the face of this document, it doesn’t appear to contain any of the search terms, it would seem to me that it therefore wasn’t responsive, because of the approach that was taken with family documents, meant that such documents therefore wouldn’t have been disclosed and if there was multiple copies of this, it may not have been disclosed on that basis.
So I accept your premise that it should have been disclosed but, factually, that’s the explanation that I have for why it has not been disclosed, from those that were managing and overseeing this process.
Mr Beer: Isn’t it blindingly obvious, though, that where you turn up a document that’s undated, you would see which documents were associated with it, in order to try to date it and see who was passing it around within the organisation?
Ben Foat: They may not have seen this cover email. I take your point –
Mr Beer: Because they didn’t look.
Ben Foat: Quite.
Mr Beer: So what’s been done to improve that situation? I appreciate that we’re now going to get 1,500 documents for the hearing that starts in 26 minutes.
Ben Foat: Correct. So – and, look, I appreciate there have been a number of areas which haven’t been done to the standard that we would expect but we are quickly remediating them. In respect of the search term issues, new modified search terms have been designed and are being run. In respect of the family documents, as I explained before, we have already remediated that process. We understand that there are 1,500 documents, of which less than 700 will be relevant to Phase 4. I take your point that Phase 4 starts today.
Mr Beer: We’ve already had Phases 2 and 3.
Ben Foat: Understood, and so the approach that we would take is to ensure that we prioritise the documents that are relevant to Phase 4, so that we can make sure that they are given to the Inquiry prior to the witness giving evidence. And of course, we will work with the Inquiry to make sure that they are prioritised in that order.
Mr Beer: I mean, that’s very kind but it leads to the situation where, last night, Mr Blake received from POL three documents at 10.30 in the evening, I think, relevant to Mr Ferlinc, who is giving evidence in a minute. That’s what this situation has caused.
Ben Foat: I appreciate that and, on behalf of Post Office and myself, I absolutely apologise. We are on it, though. We are remediating it. We’re wanting to make sure that we are transparent. I think one of the things that we have done throughout this process is that, when these issues have been identified, I’ve always ensured that we be completely transparent with the Inquiry, that we disclose the issues, we disclose our approaches to ensure that there is that transparency and that we quickly remediate the situation, as quickly as possible.
I think it’s fair to say these issues need to be seen within the greater context of this extremely complex and large-scale disclosure exercise.
Mr Beer: Lastly, please, can we look at POL00118137. If we go to the second page, please. We can see that this is an email exchange of 21 May 2019. If we just scroll down so we can see who Dimitri Wren was: an associate paralegal with Womble Bond Dickinson. If we scroll up, please, Dimitri Wren says:
“I am assisting Mandy with disclosure queries and in this case, SharePoint document instruction. Our data analyst has advised that the following SharePoint documents are password protected and they require a password to access them …”
Then over to the first page, please, and scroll down, please. Mr Wise, a security manager:
“Some of the documents we provided to Bond Dickinson are password Protected … I have tried the usual 2 security passwords we use however these do not work as the documents are from before they can [sic] into use.
“Would you have the passwords for these documents, they are the ones you collated on to SharePoint.”
So this is May 2019. It looks like, for a disclosure exercise, the documents are being accessed.
Scroll up, please.
You’ll see that there is a zip file as an attachment, yes? I’m not going to go through them again. The guide is one of the documents within the zip file, as is the racially offensive ID codes. So it looks like they were being considered, is this right, for disclosure? Would this be in the Group Litigation Order, May ‘19?
Ben Foat: My understanding from Womble Bond Dickinson, as part of the ongoing investigation that we’re undertaking, is that this email was associated with the further issues trial. So the further issues trial was a third trial that had been set down, which did not ultimately eventuate.
Mr Beer: So is the answer the same: that the guide and the other suite of documents, including the racially offensive ID codes document, wasn’t disclosed to us, even though the guide would have produced a hit, being an attachment to this email, because of the de-duplication exercise?
Ben Foat: Correct.
Mr Beer: Okay, that can come down.
It’s right, isn’t it, that Eleanor Shaikh made a request on 10 April 2023 for documents which detailed the quality and compliance assurance processes for investigations which were implemented by Post Office Security Team in 2008 and to 2011, under the Freedom of Information request?
Ben Foat: That is correct.
Mr Beer: The Post Office and that FOI request on 19 May 2023, so about a month later, by disclosing all documents within the suite of eight?
Ben Foat: Correct.
Mr Beer: The ID codes document that we have seen does not detail the quality and compliance assurance processes itself, does it?
Ben Foat: No.
Mr Beer: It just contains some ID codes?
Ben Foat: Correct.
Mr Beer: So why was it disclosed to Ms Shaikh as part of a family of documents that detailed a quality and compliance assurance process but not to the Inquiry?
Ben Foat: Um –
Mr Beer: Why was it picked up? This a family of documents, which is all about compliance and assurance. We need to disclose all of them, even though this individual one is not on its face.
Ben Foat: The answer is because the FOIR team wrote to the Security Team member, Andrew Wise, so you may recall his name from a number of the documents that you’ve just shown me. Andrew Wise, immediately in being informed as to the scope of the relevant FOIR, namely the quality assurance and the audit, knew exactly and could pinpoint immediately that those were the documents that would be responsive to that particular request.
Mr Beer: So even though we’d asked for prosecution policies and prosecution guides, that same exercise wasn’t gone through?
Ben Foat: Quite. But there is a different process that necessarily went through, in terms of the Inquiry. So in terms of the FOI request, it was able to be sent to someone who immediately already knew of the existence of the document, and could identify it and produce it. Obviously in –
Mr Beer: Can we have some of that treatment too, please?
Ben Foat: Of course and you do. But in order to provide a large-scale disclosure exercise, where there is the 54 million documents, in this particular case, obviously, the reviewers, unlike Andrew Wise, didn’t – they don’t know of the document’s existence until they do the search terms, until they do that review.
So I take your point. I’m merely just trying to explain why the FOIR situation – why the documents were disclosed under FOIR, and why that was an easier process than the process that we undertake in terms of disclosure to the Inquiry. I absolutely accept they should have been disclosed to the Inquiry.
Mr Beer: I have shown you four occasions that emails circulated the guide and the racially offensive ID codes document, amongst quite a wide group of people. Can we look at paragraph 40 of your witness statement, please, which is at the foot of page 13. You say in your statement:
“Email searches have so far identified 23 occasions on which Appendix 6 [that’s the racially offensive ID codes document] was sent as an attachment within the Security Team between 2012 and May 2019.”
So in addition to the four that I’ve pointed out, there are another 19 circulations; is that right?
Ben Foat: Correct.
Mr Beer: That goes right up to May 2019?
Ben Foat: Correct.
Mr Beer: Has the number increased, since you made this witness statement, from 23?
Ben Foat: Not that I am aware of. There are a number of steps that we’re taking to verify that number but I don’t have any updated figure on that.
Mr Beer: What assurance or guarantee can you give to the Inquiry, to the other Core Participants and to the public, that what has occurred in this instance, a serious failure in POL’s disclosure, will not happen again?
Ben Foat: Well, firstly, I recognise that, clearly, as we’d discussed today, that there are a number of areas where we have fallen short and I genuinely apologise for that, I think we have taken immediate steps to remediate the issue. We are on it. We have already modified the search terms. We have already gone through the family documents approach. We are working through the duplication – de-duplication approach, which we know is not across all Rule 9s, for instance.
But we are genuinely working through the issues to remediate them as quickly as possible to be completely transparent with the Inquiry with where we are and, as I mentioned before, we do want to support the Inquiry to be able to continue its work and therefore prioritise the remediation in terms of the witnesses in Phase 4.
Sir Wyn Williams: What’s the timescale for you completing that work, realistically, Mr Foat?
Ben Foat: Sir, I don’t have any precise instructions on that point but save to say that certainly the search terms and the family documents will be shortly done, I understand, in a matter of a fortnight or so. The de-duplication issue, I am just not instructed at this time to give a time frame.
Sir Wyn Williams: Because I am concerned that we are rapidly approaching a period when, quite justifiably, many people will be taking their holidays and the like and, therefore, there is the possibility of the remediation steps which you wish to take being prolonged and, so far as can be avoided, I want to avoid that.
So I would like you, not now in the witness box, but shortly after you’ve ceased giving your evidence, to discuss so that as fully as may be and to write to me giving me a pretty precise timetable of what we’re looking at.
Ben Foat: I absolutely will do that, sir, and, in particular, if it would help the Inquiry, to provide a direct report also from the people who are directly undertaking the remediation to give that clarity, not just in terms of the scope of the remediation steps but also the dates in which we expect that to be completed.
Sir Wyn Williams: All right. I’m not saying that my request to you is the only request I’ll make. I want to reflect upon the evidence you’ve given and discuss it with my team, who I may yet issue directions in writing, putting it neutrally, to assist you, to comply, putting it more aggressively, to make you comply with a pretty tight timetable.
Ben Foat: Thank you, sir.
Mr Beer: Sir, thank you very much. They’re the only questions I ask Mr Foat.
Sir Wyn Williams: Thank you, Mr Beer.
Mr Beer: Sir, apologies to the shorthand writer. We’ve gone straight through deliberately. Might we take a 15-minute break now until 12.05.
Sir Wyn Williams: Of course. If it helps, I am prepared to sit a little later this evening so that we don’t rush to start now, so that the shorthand writer can have more of a break.
I’ll leave that in Mr Blake’s hands to discuss whether with everyone involved whether we need to start at 12.15 and sit a little later or whether 12.05 is all right.
Mr Beer: Sir, thank you very much.
(11.50 am)
(A short break)
(12.07 am)
Mr Blake: Thank you very much, sir. Can I now call Mr Ferlinc.
Sir Wyn Williams: Yes, of course.
Martin Ferlinc
MARTIN CHARLES GEORGE FERLINC (sworn).
Questioned by Mr Blake
Mr Blake: Thank you very much. Can you give your full name, please?
Martin Ferlinc: Martin Charles George Ferlinc.
Mr Blake: Thank you, Mr Ferlinc. You should have in front of you a witness statement. Do you have that, or at least a bundle containing your witness statement behind tab A?
Martin Ferlinc: Okay, if I can find that one. Yes, I have it in front of me.
Mr Blake: Thank you very much. Can I ask you – that statement is dated 11 May 2023?
Martin Ferlinc: Yeah.
Mr Blake: Can I ask you to turn to the final page, that is page 28 –
Martin Ferlinc: Okay.
Mr Blake: – just before we get to the index. Is that your signature there?
Martin Ferlinc: It’s my signature, yes.
Mr Blake: Is that statement true to the best of your knowledge and belief?
Martin Ferlinc: It is.
Mr Blake: Thank you very much. For the purpose of the transcript, that is URN WITN08610100. Thank you very much.
That can come down. Thanks.
Thank you, Mr Ferlinc. I’m going to start with your background. You were employed by what I will refer to as the Post Office or POL from 1979 to 2011, albeit it was known through a number of different names throughout that period; is that right?
Martin Ferlinc: Correct.
Mr Blake: You started as a counter clerk after the completion of your A levels?
Martin Ferlinc: Correct.
Mr Blake: Amongst your early roles you were a Crown Office branch manager?
Martin Ferlinc: Yeah, in the mid-1980s, I believe.
Mr Blake: From 1989 onwards, you worked in various audit related roles?
Martin Ferlinc: That’s right.
Mr Blake: 1989, you were audit manager in Nottingham?
Martin Ferlinc: That’s right. Audit manager in Nottingham.
Mr Blake: In 1993, the Post Office was restructured into seven regions, and you became audit manager for the Midlands region and then the regional audit manager in 1995?
Martin Ferlinc: Correct.
Mr Blake: In 1998 or 1999, there was a review that you have detailed in your witness statement. It was a review of the structure. Can you briefly tell us the purpose of that review and its outcome?
Martin Ferlinc: Yeah. I’m not entirely sure of the timeline. It could have been 1998 when it started and 1999 when it finished. Essentially, at the time, so around about 1998, there were two auditing departments within Post Office. So you had a Post Office internal audit team, which comprised around about 30 members of staff, based in Chesterfield or London, largely managerial grades, largely with internal audit qualifications, and that team basically audited head office functions.
Separate to that team were regional auditors. They were largely people who had counter office background experience, didn’t have auditing qualifications and were separate from the internal audit team, so you had these two teams together. So around about 1998, the National Audit Team, which was the Post Office’s internal audit team, decided to review the structure, the processes, the policies, that the regional audit teams had in place. I was working, as you said, in the Midlands region and was seconded to National Audit to take part in this review.
So that review looked at every aspect of the regional audit teams, there were seven regions, and the outcome for that review, which took a few months, was to develop this new team called the Network Audit Team, and the idea was that that team would slot under the national audit team, so forming one auditing body with the internal auditors effectively managing the old regional audit teams. So that sort of summarises that project.
Mr Blake: Thank you very much. Was that in any way linked to the rollout of Horizon, which we know was in the ‘99 period?
Martin Ferlinc: I don’t believe it was. There wasn’t, to my knowledge, any link at all.
Mr Blake: In 1999 or thereabouts, you became Head of Network Audits, so you were the head of that new team –
Martin Ferlinc: That’s right.
Mr Blake: – of network auditors. I think there came a point in time where what you’ve described as the National Audit Team separated out and went to the Royal Mail –
Martin Ferlinc: Yes.
Mr Blake: – and the network team stayed with the Post Office?
Martin Ferlinc: Yes, so as I mentioned, the idea was for this new Network Audit Team to slot under the National Audit Team. I’m not sure of the time frame but a short period after that team was devised, the internal audit team – and there was one in Post Office Counters, Royal Mail and Parcelforce, were moved into Royal Mail Group and the decision was taken that, even though that team would move to Royal Mail Group, the Network Audit Team would still stay within Post Office Limited.
Mr Blake: You became part of what we know as the Security and Investigations Team, initially; is that right?
Martin Ferlinc: Yes, not immediately. So initially, because this team was sort of left without a home, it was given a temporary line within the Finance Directorate and then it went to the Operations Directorate and then, shortly after, it was moved to a Security and Investigations team which itself was undergoing a review of its own structure.
Mr Blake: Slightly confusingly, following one of these reviews, your team became called, I think, the National Audit and Inspections Manager – or you became the National Audit and Inspections Manager?
Martin Ferlinc: Yes, when I’ve gone through my own memories I’ve struggled to work out at what point these role names changed but, yes, National Audit and Inspections Manager – the inspections bit was, once we came under the Security Team, we also looked at physical inspections while we were at branches. So my team would go to branches and include now a physical inspection of security, physical security. So that’s why the team was then expanded to be called Audit and Inspections.
Mr Blake: During that period, the core work that you were managing was branch auditing?
Martin Ferlinc: Absolutely, yeah.
Mr Blake: I think you first reported to Tony Marsh, who we will hear from tomorrow, and, at some point, it moved to Rod Ismay, who we have already heard from.
Martin Ferlinc: Yeah.
Mr Blake: How big was your team?
Martin Ferlinc: When it started, so when it was created in 1999, I believe it was 103 or 104, of which probably about 10 or 11 people were in a core admin team in Chesterfield. So the remaining 90 people would be dotted around the UK, in various little places to be able to go locally to branches to audit them.
Mr Blake: So you described the early days of your work, you were in the regions. It was separated by regions. Was it now focused, concentrated, on a national team?
Martin Ferlinc: Yes. So before this new team, there were seven regional audit teams doing things differently, with subtly different practices and different interpretations. So one of the aims of this new team was to bring some consistency to the operations. So it was a centralised, managed team, albeit with resource placed around the UK.
Mr Blake: Perhaps taking this out of turn – and we will come to it – but did that in any way affect the way that auditors related to the subpostmasters, for example? Did it break up any of those personal relationships that may have existed when it was operating at a regional level?
Martin Ferlinc: Only in the context of – because we had less resource, this team of 103, for the Network Audit Team, probably would have been about 150/160 in the seven individual teams. So there’s less resource out in the field and therefore less local resource. So perhaps the local auditors wouldn’t be from somewhere you were as familiar with, if you were at a branch.
Mr Blake: That change in resource happened when, the late 1990s?
Martin Ferlinc: Yeah. And I would just add to that, you know, from the creation of that team of 103/104, the numbers were always coming down. So there were less and less staff in that team over the next six to eight years.
Mr Blake: I think you’ve said in your witness statement there were issues – or there weren’t new staff coming in because your team was actually getting smaller?
Martin Ferlinc: Yeah, I mean, the broad policy at Post Office at the time was that there was no compulsory redundancy. So if any reductions in staff occurred, then those displaced staff would be found a new home. And I forget the term used for those people but, essentially, if a vacancy came up in my team, we would be expected to fill that vacancy with a displaced, surplus person from somewhere else. But I don’t recall many vacancies happening because of this constant reduction in staff.
Mr Blake: You’ve also mentioned in your witness statement about looking back, a lack of people with IT expertise, for example. Was it difficult to bring those kinds of people in because of those difficulties –
Martin Ferlinc: Because of those restrictions. I think, to be fair, we’re going back to 1999/2000. For most of my team, arguably all of my team, they probably hadn’t even touched a computer since about 1995 – or before 1995. So most people didn’t have much IT background anyway, sent an email, used the Word document. So it was very much about learning on the go.
Mr Blake: Because new members weren’t joining that team, you weren’t getting people with more recent expertise?
Martin Ferlinc: Exactly.
Mr Blake: You continued in that role until 2006 or 2008, you’re not entirely sure of the precise date –
Martin Ferlinc: Yeah. Can I just clarify that. I think, reading through some of the other documentation that I’ve seen now in more detail, I think it might be that I changed role in 2006 but that in 2008 the auditing teams were moved into the Network Directorate. So I think there was a two-year span where I reported to Keith Woollard and, by 2008, the auditing arm of my team moved, organisationally.
Mr Blake: Thank you. You became compliance risk and assurance manager?
Martin Ferlinc: Yeah.
Mr Blake: You’ve said that involved providing management information on compliance audit activity. Very briefly, can you tell us what that involved?
Martin Ferlinc: Yeah, I mean, essentially, that time in Keith Woollard’s team, there’s a greater focus on compliance risk with regulatory obligations, so anti-money laundering, providing assurance to Bank of Ireland and other partners, NS&I, DVLA. So my role was to use the audit findings, albeit the auditors were no longer reporting to me, but to use their findings on compliance activity to provide assurance to our clients and partners.
Mr Blake: You were on something called the Post Office Risk and Compliance Committee?
Martin Ferlinc: Yes. On it, I attended many of the meetings, probably not all of them.
Mr Blake: I think you took minutes of those meetings, did you?
Martin Ferlinc: Again, I think probably minutes is – perhaps I took notes and that was not at every meeting. So I think the responsibility for those minutes or notes was shared with someone from Security.
Mr Blake: Thank you. We’ll look at some minutes in due course but can you give us some examples of the types of person that sat on that committee, how high up in the company they were, for example?
Martin Ferlinc: Well, it was a subcommittee of the Executive Team. So it would include directors from the Team. It would also be chaired, over time it changed, but I think Sir Mike Hodgkinson was chairing it at some point, Alan Cook was chairing it at some point, and then at each of those meetings people would be invited, depending on the subject of the day, to present something or talk about something or be questioned about something.
Mr Blake: That committee had a link to the board of POL?
Martin Ferlinc: To the Executive Team, which in turn had a link to the board, yes.
Mr Blake: Thank you. I just want to take you to your witness statement, paragraph 90 to 92. That’s WITN08610100. Thank you very much. It’s paragraph 90 to 92. That is page 27. I’ll read that out, that says at 90:
“With the exception of issues encountered during a communication failure/power outage at a branch, for which there are fall back processes, I did not have nor was I aware of any concerns regarding the robustness of the Horizon system during my time working for Post Office. Any issues I had heard about seemed to be considered as related to in-branch/user error.
“As I did not have any concerns, there was no communication decision to make.
“I was not aware of any instruction given to auditors to disregard possible problems with Horizon as a possible cause for discrepancies, noting that I did not have direct contact with branch auditors after those roles moved (organisationally) into the Network Directorate.”
So in none of the roles that we have already discussed, so from heading the Network Audit to your involvement in the Post Office Risk and Compliance Committee, in the latter half of the first decade of the 2000s, did you hear anyone raise issues with the robustness of Horizon?
Martin Ferlinc: I guess it depends on, you know, the definition of robustness. I think there were glitches and there were the occasional things that came to light, such as screens freezing or amounts being stuck in suspense. These, from my position at the time, seemed to affect individual branches rather than being systemic across the whole of the network, which is what I would have expected from a system that wasn’t robust.
Mr Blake: So if we look at paragraph 90, for example, you talk there about a communication failure and a power outage of a branch –
Martin Ferlinc: Yeah.
Mr Blake: – what you might understand is a hardware failure or something along those lines?
Martin Ferlinc: Yes.
Mr Blake: What you don’t mention there is bugs, errors or other defects.
Martin Ferlinc: Okay. I mean, in terms of bugs, I suppose, from my perspective at the time and even now, would be that any software will have some bugs. That’s why we have software updates and fixes. So I think there’s always a sense of there might be some issues in the system but they are being fixed with the software updates, but nothing from my perspective that made me feel that the system wasn’t robust. And I don’t remember people talking in those terms either.
Mr Blake: They may not have been talking in terms of robustness –
Martin Ferlinc: Okay.
Mr Blake: – but are we to take it, from what’s written there and from your oral evidence, that you were aware, in general terms, that there were bugs, errors and defects but that your view was that they were corrected by updates?
Martin Ferlinc: They were corrected in some form or other. So updates or a manual workaround. So there were issues, individual issues that had been reported but, as I said, nothing to me that made me feel like this was a systemic problem across the whole estate.
Mr Blake: Where were you receiving that information from, so the fact that these issues were corrected, for example?
Martin Ferlinc: I guess in terms of audit activity, so, you know, as an audit activity, it might be a case of “This is an issue that’s being resolved”, or “This is an issue that’s currently happening to me because I’ve got an amount in suspense that doesn’t – shouldn’t be there”. So probably from audit activity would be the main source.
Mr Blake: When you say “audit activity”, do you mean branch auditors on the ground reporting back to you?
Martin Ferlinc: Yeah, through their audit reports.
Mr Blake: The fact those issues had been corrected, was that coming also from the auditors or was there someone else in the company who was reassuring you that those kinds of bugs were being –
Martin Ferlinc: I mean, that’s a good question, I’m not always entirely sure there was always that sense of it was being corrected. It was a known problem and someone was looking at it, was perhaps the assurance, for want of a better word, that I was given.
Mr Blake: The someone, who would that be? Would that be Post Office, Fujitsu, Helpline?
Martin Ferlinc: Combination of both. A combination of the two helplines, so initially Horizon Support or NBSC.
Mr Blake: I want to ask you, before we get on to specific examples, just some very basic questions, because you’re going to be the first of our policy witnesses and we will hear from people who were on the ground but I’ll start by asking you the basics of auditing. When one things of auditors, you think of, for example, an accountant who signs off a company account. Can you tell us about the job of a Post Office branch auditor? Because you’ve distinguished between the network or the branch auditors and, for example, the national auditors?
Martin Ferlinc: Yes, so using your example, I’d say the auditors were more like stocktakers, that they would go to a branch to physically count, broadly speaking, cash and stock and some other items, and validate that they were there, in comparison to what should be there.
Mr Blake: Were they accountants or people with particular qualifications?
Martin Ferlinc: No, as I mentioned earlier, this resource was, broadly speaking, a set of staff that came from a counter experience, Crown Office background, without any auditing qualifications. I’m not aware of any single member of the team that would have had an auditing qualification.
Mr Blake: Can you tell us the difference during your period of involvement between an auditor and an investigator?
Martin Ferlinc: Okay. So there were two separate roles and two separate teams. As I mentioned in the organisational structure, there was a point when the audit and investigation teams reported to Tony Marsh, Head of Security and Audit, but prior and after that, we separated into different areas as well.
But to answer the question, the auditor’s role was to go out there and to verify that assets were at the branch and, where they weren’t, over a certain amount of discrepancy, there would be kind of a line drawn and then the investigation team would be involved. So they would come to the branch and start to investigate the matter further, in addition to the Network Management Team. So there was like two reporting lines at that point, one would go to Network Management to make decisions, contractual, and the investigators would be involved in making more in-depth investigations into potentially what the cause of the discrepancy was.
Mr Blake: We’ve heard at some points, particularly in the Human Impact evidence that we heard in Phase 1 of this Inquiry, evidence about auditors and investigators attending a branch together. Did you have experience of that?
Martin Ferlinc: Absolutely. So ordinarily what would happen, for a routine audit – and what I mean by routine is we’re going there without expecting to find any problem, issue, discrepancy and, when we do, we report it up to Network and Investigations and, in those cases, people from Network and/or Investigations would then come to the branch. But, also, there will be types of audits which will be requested by the investigation team. So the investigation team may be doing some work, understanding there’s a potential risk at this branch, they would arrange what would be called a special audit, and they would ask us to turn up at this branch on a certain day, and they would be there.
Often, they would be waiting outside until we finished the audit of accounts and once we finished the audit of accounts, they would then make the decision as to whether to pursue the matter further. I don’t remember, but I may be wrong, that auditors and investigators would turn up at the same time. There may have been an occasion when that happened but, generally speaking, the auditors would arrive, perform their task and then, if required, the investigation team would come in.
Mr Blake: Looking back, can you see any problem with the auditors and the investigators being in the branch at the same time, from the perspective of the subpostmaster?
Martin Ferlinc: It might feel quite intimidating and it might feel like almost being – like they’d been set up. But I think, from our perspective, from my perspective, as long as there was clear, defined responsibilities that we pursued our role up to this point and then at that point the investigation team decided what to do, then that responsibility line for me was quite clear. But I can understand from a human impact point of view it may feel quite intimidating to be faced with two activities at the same time.
Mr Blake: Was there any separate guidance for when an auditor was present at the same time as an investigator, when there was an investigation going on, as to how the auditor should conduct themselves?
Martin Ferlinc: How should they conduct themselves?
Mr Blake: Well, did they have any training on investigation methods or Police and Criminal Evidence Act or continuity of evidence, or anything like that?
Martin Ferlinc: No, I mean, they performed their role as they were required to do and then at that point, as I said, if there was a requirement to pursue the matter further, the investigation team would pursue it. I think the only overlap would be the investigation team might ask the auditors to obtain extra reports. But that would be it.
Mr Blake: We’ll go on to talk about the kinds of reports that auditors could obtain. Could we first look at POL00085769, please.
A document will be brought onto screen. It’s a 2011 document, October 2011. So you probably weren’t involved at the time. This is a “Business Loss Programme Board Report”. But it’s page 9 I’d like to look at. It’s just a description of the role of audit – thank you very much. So it says there:
“Although often spoken of as if it were a fraud prevention device, audit is in reality simply a means of checking whether the assets within a branch correspond to our record of assets. Where there is a discrepancy it is not necessarily possible to say how that difference arose.”
Is that something you would agree with, that description?
Martin Ferlinc: Let me just read it again. I would agree with it. Maybe the first sentence “often spoken of”, I’m not sure “often”, but certainly sometimes spoken as a fraud detection device.
Mr Blake: Reading that, was the essence of an auditor’s job, essentially, to check whether X equalled Y in the branch?
Martin Ferlinc: Yes, so, you know, both before and after Horizon we would, my team would go in and essentially verify that the physical assets matched up to what should be there so that would be creating a cash account of sorts and that would be essentially their job, stocktaking activity.
Mr Blake: Looking into why the difference arose was not really part of the auditor’s function?
Martin Ferlinc: Not really. I think it would be a case of, if there was a discrepancy, there would be an effort to identify why that might be. So, for example, I’ve audited branches in the past. My first reaction would be: have I done something wrong? Have I got the wrong figures? Have I missed something off? So I think initially, there I would be to make sure they’ve got everything, had they concluded everything. They would probably – not probably, they would talk to the person in charge, and say, “Look this is our current position, can you shed any light on it?” So not interviewing, as such, but just establishing have we got everything we need to have? Often that would then translate to yes, I know about this, or a case of “I’ve no idea”.
At that point – sorry, the auditors would then, again, just go through some of the information that’s available on site. But at that point, if there is a significant discrepancy, it would then be flagged up on this escalation process.
Mr Blake: Thank you. That can come down.
In your experience, was the line between those who were auditors and those who could, for example, close a branch or pursue criminal action, in comparison to those who could just carry out that sort of pure mathematical calculation, was that clearly delineated?
Martin Ferlinc: Just to be clear what you mean about closing the branch. Do you mean the decision to close a branch or the act of closing a branch?
Mr Blake: Either or both.
Martin Ferlinc: Okay, the decision to close a branch was never the responsibility of the audit team. So any decision to close a branch would be at the network, possibly with investigation input, but the network management would decide whether, on the basis of our findings, it was necessary to close the branch. If the decision was to close branch, then my audit team would effectively produce the final cash account, remit the items that were in hand. So yes, there would be some involvement in the closing of the branch, but kind of a technical movement of cash and stock, or transferring it to somebody else.
So sometimes, it wasn’t so much the branch was closed but maybe the subpostmaster was precautionarily suspended and an interim subpostmaster was found, so rather than having to close a branch, an option could be just to transfer the assets to this interim subpostmaster.
Mr Blake: Who would make that decision?
Martin Ferlinc: The decision would always be made by the Network.
Mr Blake: Do you think it was clear to subpostmasters, managers, et cetera, of that delineation?
Martin Ferlinc: I think with hindsight, probably not and I think – I know there are occasions when I’ve heard of – and particularly subpostmasters, but also Crown Office staff, as well, had complained about the conduct or behaviour of an auditor, and when I found out the person’s name I’ve realised, well, it wasn’t an auditor, it was an investigator. So clearly, there wasn’t a communication to the subpostmaster to say, “This is my role”.
I believe that auditors would go into a branch and make it clear “We’re here to audit the branch”. I don’t know what process took place when the investigators came in and whether those lines were blurry. So from a subpostmaster’s point of view, they’ve got four people in the branch, they’re all part of the same team, perhaps, from their perspective.
Mr Blake: Thank you very much. I’m going to take you to an illustration of the divisions of the roles, and I wonder if you can assist us. It’s POL00084978. You may have seen this in your bundle. If we could – thank you very much, if we could just look at 1 to 4, so exactly where you are currently on the screen.
Martin Ferlinc: Okay.
Mr Blake: Using this illustration, is it right to say that if there was a discrepancy, then it’s notified to the contract advisor, investigation team, and network compliance manager. I mean, that’s essentially what you’ve already told us this morning –
Martin Ferlinc: Yeah.
Mr Blake: – that the job of the auditor –
Martin Ferlinc: This a flowchart for the team after 2008 but I think, broadly speaking, that would be the flow prior to it, as well.
Mr Blake: Is that irrespective of how the discrepancy arose?
Martin Ferlinc: I guess it depends on the Network’s decision-making process. So they will be told “This is a discrepancy, it’s X amount”. There may or may not be a reason at that point. So it may well be there’s already been an admission or this figure in the balance snapshot or the office snapshot doesn’t equate to this other figure. So they will be given some fact-finding outputs, I suppose, to make the decision. But sometimes, as you have kind of alluded to, it wouldn’t be clear. It wouldn’t be clear they’d was a loss due to a known error or something in the account which didn’t look right. It just wouldn’t be clear. So irrespective, that figure would be related to the Network Team to make a decision.
Mr Blake: Thank you. If we turn over the page, it will identify there what then happens. Can you, if you’re able to, briefly walk us through the process that’s outlined there from the Audit Team’s perspective? If it doesn’t reflect what happened when you were there, then please tell us any differences.
Martin Ferlinc: Yeah, I think the one thing that strikes me as probably not as I would remember it, is on the left-hand side there’s a diamond shape towards the middle. It says, “Are there financial irregularities or suspicious circumstances?” and then there’s a drop down to a box at the bottom saying “Seek proposals to make good discrepancy”.
In my mind, we wouldn’t do that. In my mind, if there was any known issue, and certainly admission of theft, for example, or any other suspicious activity, we wouldn’t seek proposal to make it good. That again would be left with the Network Management Team to decide how they want to proceed. So that looks slightly out of kilter with what I would remember of the process when I was there.
Mr Blake: But, essentially, it leads down to the contract advisers?
Martin Ferlinc: Yes.
Mr Blake: You used the words “known issues” a couple of times.
Martin Ferlinc: Okay.
Mr Blake: What this box, this explainer, doesn’t seem to show, is what to do if a discrepancy is unexplained. Was there a focus on that particular type of issue? Was there enough training, for example, or explanation to the audit team as to what to do in those circumstances?
Martin Ferlinc: No, I think – and I think with hindsight there probably should be more guidance in training but, essentially, what would happen is, if there’s a discrepancy, and it can’t be identified for any other – for any reason, then it would be reported for someone to make a decision. Probably what should have been happening was to look in more detail and, certainly, if an investigation team wasn’t involved, because they would normally start to delve more into detail. So there would have been probably more guidance to the auditors to say, “This is what perhaps you could look for”, and I don’t know there was and there should have been.
Mr Blake: This really matches the explanation you previously gave that an auditor was there to see if X matched Y, not to look into Y –
Martin Ferlinc: I saw them as fact finders. They gathered the facts as they saw them and provided that information to make a decision.
Mr Blake: Thank you. I’d like to now look at how often audits took place.
That can come down. Thank you.
You’ve explained in your statement that, prior to 1993, audits were scheduled on a cyclical basis. Can you briefly explain – I appreciate that’s a long time ago now, but –
Martin Ferlinc: Did I say 1993?
Mr Blake: I believe you did. But if it’s not, then please say.
Martin Ferlinc: In my head it’s 1999, but –
Mr Blake: Well, I think it moved to something called a frequency basis on 1999. It’s a little unclear in the witness statement, that’s why –
Martin Ferlinc: Okay, let me try and clarify it then. When I joined the audit team in 1989/1990, branches were essentially audited on a frequency basis. It was either every 12 months, 27 months, 39 months. So basically one, two, three years, with some exceptions, the exceptions being if they were known as being high risk. And the high risk was quite crude at that point, it was the previous audit finding a high risk issue to consider or were there lots of error notices? So, apart from those two factors, broadly speaking, branches were audited on this cyclical basis, one, two, three years.
Mr Blake: Is that every branch?
Martin Ferlinc: Every branch, Crown Office, every branch. So, at that point, there would have been about 20,000 branches, so every branch filtered into these three categories of frequency. You’re right about the 1993, to some degree. So in 1993, the National Audit Team, the Post Office internal audit team, developed a risk model which was put out to the seven regional audit teams to use. So the National Audit Team developed the model but it was deployed, operated by the regional audit teams.
And that had essentially a number of metrics that identified the risk of branches. That was used from around about 1993 to 1999. As part of the review of regional auditing to 1999, it became clear that that risk model was felt flawed, in as much as the high-risk models – the high-risk branches in that model tended just to be the biggest branches. So all the Crowns and all the big branches were always filtering to the top and it was therefore difficult to maintain this frequency because all the high-risk branches were tending to be bigger branches.
So as part of that project in 1999, the frequency approach was removed in place of just purely risk model selection.
Mr Blake: Thank you very much. We’re going to look at something called the audit process manual. I think you’ve described in your witness statement there was a policy manual and a process manual; is that correct?
Martin Ferlinc: Yes.
Mr Blake: What was the purpose of the audit process manual?
Martin Ferlinc: The audit process manual was really a guide to auditors in how to perform their work. So going back to the point of we’ve got seven regional audit teams, which also was the basis of having 32 district teams prior to that, all operating in different ways, different practices. So in designing this new Network Audit Team in 1999-ish, the audit process manual was designed to bring some consistency so that people auditing in Scotland would be doing the same thing as people auditing in Cornwall. So that, essentially, was the purpose.
Also, going back to pre-1995, we didn’t have computers. We didn’t have Word documents. So a lot of the process was just local knowledge. You knew it or you didn’t know it and it wasn’t really documented in how to do an audit. So as we became more automated or using computers more, there was a desire to put things on paper to both provide that consistency of approach but also have it documented for new people, not that we got many, but to enable them to understand “Well, how do I do my work?” It’s all laid out.
Mr Blake: So it’s purpose was for the network field team rather than for, for example, individual branches?
Martin Ferlinc: Yes.
Mr Blake: Can we look at POL00084650, please. Thank you very much. This is Chapter 1 of the Audit Process Manual, “Audit Plan and Scheduling”, and is this the chapter that sets out how audits were scheduled? I appreciate this is dated a bit later on but, in essence, I think –
Martin Ferlinc: Yes, it’s three years after I left that sort of area but, equally, the layout, the set-up, the content, is broadly the same.
Mr Blake: Thank you. The various versions are at the bottom of this page, so we have an original version in 2002.
Can we turn to page 3, please. It’s paragraph 2.1 on page 3. So 2.1 and 2.2 refer to something called the “Financial Branch Performance Profile”, can you talk us through that? Is that what you were talking about when you said the system changed or was it something different?
Martin Ferlinc: Well, it’s 2011, it’s not a term I would know. But I suspect it’s similar to the risk model that I would have known. And that risk model changed its name over time. At one point, it was called the Financial Audit Risk Model, acronym FARM. There was another acronym of ALARM, which I can’t remember now what that would stand for but, basically, those were financial risk models. I suspect, I’m looking at 2.2, the sort of metrics within it, it looks to be the same. It’s just a different name.
Mr Blake: So you’ve explained that, early on, there were regular, scheduled audits of all post offices but then it went to a risk-based model that was multifactorial?
Martin Ferlinc: Yeah.
Mr Blake: What was the purpose behind that? Was it to reduce the number of audits, ultimately, that –
Martin Ferlinc: I think it’s because there were audits being reduced. So because of headcount reduction, cost reduction, the level of staff was reducing all the time, there was a need to make sure the resource that we’ve got available is utilised as much as we can. So the idea was to target our resource to where we felt there was the biggest risk.
Mr Blake: In addition to that model, whatever the model may have been called at the relevant time, there were other bases for carrying out an audit?
Martin Ferlinc: Yes.
Mr Blake: I think one was robbery or burglary, a planned audit.
Martin Ferlinc: Yes.
Mr Blake: I think if we look at 3.7, so that’s over the page, in fact page 5. There’s something called random audits.
Martin Ferlinc: Yes, I was going to mention that.
Mr Blake: Yes.
Martin Ferlinc: Because I’d kind of omitted that in the previous explanation, that, yes, we have a risk model approach that replaces the purely cyclical approach, but there was always a considered risk of if we only ever audit the branches with the highest risks, there may be some branches who may never see us, even though on the profile it looks like the risk is quite low.
So the idea was two-fold with the random audits, was to (a) make sure that there’s always a chance that any branch could be audited because, from a pure random sample, you know, it could be audited tomorrow. But, also, it gave us a baseline measure. It enabled us to say, right, if we just purely audit on a random basis, this I what we’re likely to find, and compare that to the risk indicators.
Mr Blake: In terms of numbers, what kind of numbers are we looking at for random audits or percentages, versus planned –
Martin Ferlinc: It was 5 per cent, so whatever the numbers were, I think it was always designed as being 5 per cent of the total plan being random selected. Just to pick up on the robbery and burglary, those sort of activities and transfers well, they were kind of event driven. So, you know, a burglary happens, we have to go and attend today. A transfer is scheduled for next Tuesday, we’re planning to go next Tuesday. So they were always announced visits. The person at the branch would know that we were coming, whereas the random audits, the risk profile audits, would be unannounced activities.
Mr Blake: Thank you very much.
Can we now talk about information that’s available to the auditors themselves in the branch. Can we look at POL00084801, please. So this is sticking with the Audit Process Manual. But this is Chapter 3. Do you recall in your time how many chapters there were of the Process Manual?
Martin Ferlinc: I’m sure there’s an index somewhere in the documents I’ve seen, but quite a few.
Mr Blake: So we’re here Chapter 3, “Performing a Branch Audit”, is that also aimed at the Network Field Team itself?
Martin Ferlinc: Yeah, I think the whole Process Manual’s individual chapters are all designed internally with members of the team.
Mr Blake: This one is a 2010 version, version 5.1, but am I right in saying that from 1999 onwards, there was some form of –
Martin Ferlinc: Yeah, so in 1999 or thereabouts this Process Manual was designed. It was – you know, it evolved over time but yeah, there was always a manual of this format from 1999 onwards.
Mr Blake: Thank you. Could we look at page 3, please. At 2.1, it sets out three different types of audit, a financial assurance, both FAA and Tier 2; a compliance audit; and a follow-up audit. Are those the delineations that you recognise or was it something different?
Martin Ferlinc: Yes, yes.
Mr Blake: Can you briefly take us through the difference between the three or, in fact, four different types of audit?
Martin Ferlinc: So in terms of the top bullet point, Financial Assurance and Tier 2, I don’t know the timeline of when this changed but there came a point, again with the headcount reduction, with the less and less resource but still the same level of branches to go out to, a decision was taken to perform what’s called a Tier 1 audit, a Financial Assurance Audit, so the first part of the audit would be to verify the high value items, so all the cash, high level items of stock, against what should be at the branch.
And if that didn’t reveal any concerns or discrepancies, that would be the end of the financial audit. If there were any concerns it would then be extended to Tier 2. Tier 2 was basically a previous audit, a full financial audit. So the Financial Assurance Audit was just simply just check the key high risk value items are at the branch: if they are, move on; if they’re not, do a full audit.
Mr Blake: So I have understood correctly that at the same time the frequency of audits was reducing because of the reduction in headcount, for example, there was also a change in the depth of the basic audit?
Martin Ferlinc: Yes, as I say, I don’t know the timeline but when this Financial Assurance – I’d say mid-2000s, but I’m guessing, but certainly there was a point where there was this challenge of reducing headcount, how do we perform the same level of activities? The only way to do it perhaps would be to reduce the activity over more branches rather than having a full audit at less branches. Do you want me to go on to the next two bullet points?
Mr Blake: Yes, thank you very much.
Martin Ferlinc: So compliance auditing. If I take you back to 1999, a long way, but at that point, the audit was, basically, just a financial audit, and a view on security. So is the parcel hatch secure? Are alarms tested? Things like that.
Going to 2000 and beyond, as we took on more products and more clients and became more involved in regulatory affairs, we had a role to perform compliance audit activities. So when an auditor went in, by and large they’d do both audits on the same event. So they’d do the financial audit. Once that had been completed, they would then move into the compliance auditing activity. So there was a range of compliance audit tests to be completed across a range of different aspects. So it could be anti-money laundering requirements, it could be DVLA’s requirements. There’s a range of product-based requirements. So they would be doing some testing to respond to these compliance activities and that would be part of the same report, but it would be – it would go off in different chance in terms of how it would be used.
Mr Blake: In your view, was there sufficient resource and time to now dedicate – or auditor’s time to compliance issues, as well as the financial assurance issues?
Martin Ferlinc: I think with hindsight, it was quite demanding, for an auditor to go into a branch and look at all of those aspects. Sometimes they had to defer the compliance activity because the financial activity had taken so long or sometimes, for example, if a subpostmaster wasn’t at the branch, then there wasn’t much merit in performing the compliance activity and we’d probably arrange to come back at a convenient time for both of us.
But yeah, there was quite a lot of activity to perform, but the financial audit always took place first. So that was the priority before the compliance activity kicked in.
Mr Blake: Just before we finish for lunch, can you tell us about the follow-up audit and what that was?
Martin Ferlinc: Probably less clear about the follow-up audit but I guess what would happen is that if –
Mr Blake: We can turn to – if we scroll down, it may assist.
Martin Ferlinc: Oh, okay.
Mr Blake: To 2.6.
Martin Ferlinc: Okay. It’s answered there for you, then. Basically, that’s – when we went to a branch, and particularly with compliance activity, if there were issues that needed to be addressed, the follow-up activity was to go back at a later point to ensure that those points had been addressed.
Mr Blake: Thank you very much. I have a few more questions on this document relating to the information that was available to an auditor but I think, given where we are on the time, we’ll break now for lunch until 2.00 and we can come back to the same document.
Martin Ferlinc: Okay.
Sir Wyn Williams: All right, that’s good. So I’ll see you all at 2.00. Thank you very much. Talk about anything except your evidence, all right?
The Witness: Fine. Thank you.
(12.57 pm)
(The Short Adjournment)
(2.05 pm)
Mr Blake: Good afternoon, sir.
Sir Wyn Williams: Good afternoon.
Mr Blake: We’ve had some difficulty with the transcription. Everybody in this room will have live transcription. It may be that you, sir, do not have live transcription but a full transcript will be available at the end of the day if you don’t have it.
Sir Wyn Williams: Don’t worry about me. I prefer to read it afterwards anyway.
Mr Blake: Thank you.
Mr Ferlinc we left off on the Audit Process Manual and it’s POL00084801, Chapter 3 “Performing a Branch Audit”. Can we go to page 11 of that. If we could scroll down to 8.2, there’s a section in this manual that addresses Horizon reports. Does this set out what reports an auditor would have available to them when they conducted an audit?
Martin Ferlinc: Can you just confirm which section you’re looking at?
Mr Blake: Yes, absolutely. So if we have a look, for example, at 8.2.4, it says there:
“The following report printouts must be obtained from the Horizon system, examined and filed with the working papers in line with the current retention process …”
Martin Ferlinc: Okay. On my screen, it goes down to three bullet points, is that all there is?
Mr Blake: No. It scrolls over the page. Perhaps you can talk us through, using this document or just your own recollection, the kinds of reports that an auditor would be able to have access to?
Martin Ferlinc: I’m going to say essentially everything that the manager in charge of the branch would have access to. So we’re talking about reports that identify which stock units are at the branch in use, we’re talking about transfers between those stocks, remittances in and out of the branch, an office snapshot or a balance snapshot which will highlight at any moment in time what should be in the branch and how the balance position should look like.
So I think that virtually all the reports that the auditors would have access to would be accessible to the person in charge of the branch.
Mr Blake: Am I right in saying they would either have the subpostmaster log-in themselves or they would have their own log-in to access those reports on the branch’s own system?
Martin Ferlinc: Correct.
Mr Blake: We’re going to hear in this phase about issues with what we know as Fujitsu ARQ data. That is Fujitsu-held transaction data from Fujitsu’s raw audit trail. Was ARQ data provided to Post Office branch auditors?
Martin Ferlinc: Not to auditors. That would have been obtained by the investigators.
Mr Blake: Was any other Fujitsu audit data held by Fujitsu, such as product of the raw audit trail or later the audit table provided to auditors?
Martin Ferlinc: I’m not aware of that. My recollection is the only information that the auditors accessed at the branch were on the Horizon System at the branch that a manager level access could also obtain.
Mr Blake: Was consideration given or are you aware of any discussions relating to the obtaining of that kind of audit data from Fujitsu for auditors, for example, in the case of a serious dispute about a transaction with a subpostmaster?
Martin Ferlinc: This goes back to the investigation team having access to that data. I think there came a point – and I’m not quite sure who made the decision or when the decision was made – but that ram data would be made available to investigators rather than auditors, having that fine line between who is using that data. So even though, in Fujitsu’s terms, it might be available to a PO internal auditor, we would define it as investigators would use that data for investigation purposes, rather than auditors.
And as I said to you in response to a question earlier today, I think with hindsight there may have been some guidance, training that could have been provided to auditors to access that data, use the data, particularly when the discrepancy perhaps wasn’t serious enough to involve an investigator but may have been a discrepancy that worried the branch.
Mr Blake: So we talked earlier about, for example, the auditor checking whether X equals Y. Is it fair to say that they didn’t have sufficient information to identify why X didn’t equal Y?
Martin Ferlinc: If X didn’t equal Y, it wasn’t clear what the difference would be. So there could be a number of reasons and it was often difficult to establish what that reason could be.
Mr Blake: Was it because nobody thought of transferring that kind of information to branch auditors or were there, in fact, difficulties in obtaining that information, for example, from Fujitsu?
Martin Ferlinc: I’m not sure at the outset whether it was envisaged that auditors would have that access to the data and whether it would be too complex for them to analyse. As I said, that may be when the decision was made to push that avenue towards the investigators to perform that role.
Mr Blake: Were you aware of any difficulties in investigators obtaining that information?
Martin Ferlinc: Only in terms of I believe they had a level to which they could make request they could only have so many requests in a particular period, I believe.
Mr Blake: Thank you. We will come on to look at some documents in that regard.
I’m going to move on now to the security policy and can we look at POL00088867, please. We spoke before lunch about the difference between a process document and a policy document. Is this what you had in mind when you referred to a policy document?
Martin Ferlinc: Yes.
Mr Blake: Can you just outline for us, using this as an example, what the difference is between a process and a policy?
Martin Ferlinc: I guess a policy would probably be more for a wider audience than – whereas the Process Manual was simply for auditors to work to, the Policy Manual would have a wider remit.
Mr Blake: Who would you have in mind for this particular policy?
Martin Ferlinc: I mean, it says in terms of the audience there but basically that group of people, people in the retail line and the network, including agents – well, Transaction Processing, Product and Branch Accounting, as it became known.
Mr Blake: So quite a wide distribution?
Martin Ferlinc: Yes.
Mr Blake: This one is written by yourself, you’re listed there as the author. Was that a significant document for you, as far as you were concerned.
Martin Ferlinc: I think from my recollection and it does say “Version control … Replaces all previous versions”, I think there were different varieties of this policy, of a losses policy that was born in the late 1990s, and I think this probably – if I look at the timeline here.
Mr Blake: If we scroll down it may assist, actually, because there’s some slight confusion in the document because if we scroll down to the bottom but keeping that table that we can currently see at the bottom, slightly below that, it actually refers to it being version 2.0 January 2004, albeit we saw at the top it said version control 1.7, September 2003. I don’t know if that assists or doesn’t assist?
Martin Ferlinc: Just an admin error, I guess. I think this is just the latest version of similar policies that were badged under different areas and it goes back to the fact that in this period, 2003, the audit team reported to Tony Marsh’s security team. So I think he probably took policies that were drawn by me and had them under his ownership.
Mr Blake: So would the words that are used in this policy be your words?
Martin Ferlinc: I would expect them to be my words with input. I mean, as you can see from the top there, there’s quite a few people who would have input to the policy.
Mr Blake: At this stage, you were audit and inspections manager and that was, as you’ve explained, part of the security team.
Martin Ferlinc: Yes.
Mr Blake: Version 1.2 there refers to amendments following discussions with the NFSP and the policy being agreed with the NFSP negotiators. Can you assist us with why it would be shared with the NFSP?
Martin Ferlinc: I think the previous policies were, maybe as a matter of courtesy, but also in terms of engagement and input. I don’t personally recall the meetings but there would have been meetings to have had that – I’m guessing, I suppose – yes, the involvement would be agents or implicated by the policy and, therefore, the Federation would –
Mr Blake: That was typical, was it, of these kinds of policy documents, that they would be agreed with the NFSP?
Martin Ferlinc: Yes.
Mr Blake: Can we look at page 4, please, which is the introduction and purpose. Looking there, perhaps the second substantive paragraph or your own recollection, can you summarise for us briefly the purpose of this policy?
Martin Ferlinc: I guess it goes back to the original policy, as I said probably late 1990s, which I think, from recollection, was a policy that was developed in the Midlands region of the seven regional teams and then, when those regions were effectively expanded into a new organisational structure, that policy was redesigned into a business policy and, similar to the regional audit structure review, I think it was designed to aid some consistency in decision-making and interpretation of existing policies.
Mr Blake: If we scroll down there’s section 2, prevention of losses and, in essence, it says there that there should be good accounting practices to prevent losses in branches. That’s the most effective way of reducing losses; is that a fair summary?
Martin Ferlinc: Yes.
Mr Blake: It’s over the page to section 3 that I would like to spend a little bit of time on this afternoon. Can I ask you to look at the first two paragraphs there and to read those perhaps to yourself and to take us through those first two paragraphs; what do you understand, in summary, that to mean?
Martin Ferlinc: If a subpostmaster can identify an error, knows that it is likely to lead to an error notice or a transaction correction and can sort of substantiate that, then that would provide them with the circumstances where they could seek authority to hold them in suspense.
Mr Blake: Looking at that second paragraph, it says there:
“Under circumstances where the exact cause of the loss is known and a compensating error is expected to be returned, losses may be held in the suspension account …”
Am I to read into that that losses can only be held in a suspense account if the exact cause is known?
Martin Ferlinc: Yes.
Mr Blake: If we look at then the third paragraph, it says:
“Before moving a specific accounting discrepancy to the suspense account, authority must be sought from the Agents Debt Team 3 via the [NBSC]. If there’s no clearly defined evidence of a known error (and, therefore, no error notice likely to be issued) authority will not be given.”
Martin Ferlinc: Okay.
Mr Blake: So, again, reading that it seems that, if there isn’t a clearly defined evidence of a known error, authority won’t be given to transfer into the suspense account; is that correct?
Martin Ferlinc: That’s how I would read it, yes.
Mr Blake: If we look at that from another way round, if there was an unknown error, so a bug, error or defect that wasn’t known to the NBSC, is it right to say that the subpostmaster would have to make good that discrepancy?
Martin Ferlinc: I think that’s how I’d interpret it.
Mr Blake: If we move down to the sixth paragraph, which begins “To give”:
“To give authority to hold losses within the suspense account, even with evidence of the error, is against the principle of right first time. Granting authority to hold amounts in suspense should, therefore, always be considered to be the exception the rather than the norm. Agents are expected to address the underlying cause of misbalancing and must expect that any subsequent errors of a similar nature will be referred to the retail line for corrective action.”
So it seems there that agents are expected to address the underlying cause even if that is, for example, a technical fault?
Martin Ferlinc: Yes, I think at this stage we probably – it was written on the basis of a transactional error that was made at the branch – either the subpostmaster knew about it or they didn’t know about it – as opposed to a system error.
Mr Blake: If it was applied to a system error, it’s a little harsh, isn’t it?
Martin Ferlinc: Yes. I mean, as I said, this was probably written at a time when it wasn’t considered that there were to be bugs or glitches in the system which would cause those types of errors.
Mr Blake: Is that because it was likely to have been drafted in the very early stages of Horizon or drafted by –
Martin Ferlinc: The policy initially was written pre-Horizon and a lot of these – if you compare previous versions, you will probably find a lot of similarity in the language used.
Mr Blake: So some of the pre-Horizon language would have been copied in to this without thought being given to bugs, errors and defects?
Martin Ferlinc: Possibly, yes.
Mr Blake: If we go over to page 8, please, there is a section on Horizon Issues, so presumably that is a new section post the implementation of Horizon or rollout of Horizon, or certainly in the development – at least the development stages of Horizon?
Martin Ferlinc: Yes.
Mr Blake: I’m going to read to you – I will take each paragraph separately. The first is:
“If an agent feels that an error has occurred via the Horizon system, it is essential that this be reported to the Horizon System Helpdesk. The HSH will only consider the incident for further investigation if the branch has evidence of a system fault. If no evidence is available, the case will not be investigated and the agent will be held responsible for making good the loss.”
How would a subpostmaster be able to show that there was a system fault?
Martin Ferlinc: I don’t know that they could.
Mr Blake: Do you think it was fair to place that kind of a burden on a subpostmaster?
Martin Ferlinc: Looking at it now, absolutely not.
Mr Blake: I’ll read the second paragraph:
“System faults are very rare and are normally identified after full investigation has been undertaken. All known system errors are managed through the Network Support Problem Management. Access to Problem Management is via the NBSC. If the agent feels that the issue is not being resolved, they should flag the issue up with NBSC. If a known system error has caused a shortage, the agent should be given authority to hold the loss in suspense until the system error has been reconciled and an error notice issued.”
Now, this was drafted or produced in 2003. We know from the Bates and Others litigation the group action, and the judgment of Mr Justice Fraser that there are a number of bugs, errors and defects prior to that date. So in 2000 there was the Callendar Square bug; there was something called the data tree build failure discrepancies in 1999 and 2000; there were Girobank discrepancies in 2000; counter replacement issues in 2000 and 2002; phantom transactions in 2001, that’s something that I will come back to; reconciliation issues in 2000 and 2002; something called concurrent log-ins in 1999 and 2000.
So where did the line that system faults are very rare come from?
Martin Ferlinc: I’m not entirely sure and, having read it myself in preparation for my witness statement, it wasn’t clear to me where that language came from, going back to the input, or where that input would have come from.
Some of those glitches/bugs you named, at the time I wasn’t aware of them and so I suspect other people probably weren’t aware of them. So even though there were possibly people within Fujitsu and Post Office that were, many people were not.
Mr Blake: The language, the specific words “system faults are very rare” was that something that you think you may have drafted, having been provided that information or do you think that’s somebody else’s drafting?
Martin Ferlinc: It feels like part of the business input I would have been told system faults are very rare.
Mr Blake: And who by?
Martin Ferlinc: I’m not sure. If you go back to the input, it might help.
Mr Blake: So perhaps if we look at page 1, in the middle of the page there’s “Business input”.
Martin Ferlinc: So many of those names, to be honest, I’m not entirely sure what their roles were. A lot of them fall under the Security Team or the Product and Branch Accounting Team, the last – well, four of the last five names, I don’t recall what their roles were.
Mr Blake: We have there Assurance, Tony Marsh. Would Tony Marsh have read and signed off this document?
Martin Ferlinc: Absolutely. Well, he should have done.
Mr Blake: Where would you likely have received information about the operation of the system: so faults in the system? Are you able to assist broadly, even if it’s not a name of an individual the department that might have contributed to that –
Martin Ferlinc: I can’t recall where that information came from.
Mr Blake: Do you remember any discussions about that wording?
Martin Ferlinc: No, no.
Mr Blake: Can we look back again at page 8, please. Sticking to that second paragraph, we have, in that first sentence, “normally identified after a full investigation has been undertaken”. Again, was that something that you would have drafted?
Martin Ferlinc: I clearly would have drafted it. I don’t know where that wording would have come from.
Mr Blake: How would you have satisfied yourself of the accuracy of that statement?
Martin Ferlinc: I guess talking to those people who were giving the input and also, you know, talking to, in this case, Tony Marsh, the business owner of the policy.
Mr Blake: Are there any specific discussions that you recall regarding that, whether it’s in relation to the production of this policy or just, in broader terms, that somebody providing you with reassurance that system faults are very rare and normally identified after full investigation?
Martin Ferlinc: I think there were just business messages coming out from top-down to say “Horizon’s been a success”, you know, “these millions of transactions are being performed”, and so it was kind of a message coming through various channels that were saying “If there are any system issues that you are hearing about, they’re very rare”.
Mr Blake: You say “top-down”. I mean, we’ve discussed earlier you are involved in, say, the Post Office Risk and Compliance Committee?
Martin Ferlinc: Mm-hm.
Mr Blake: Do you think that was a message that was being reached by that committee or being passed down by that committee?
Martin Ferlinc: I can’t recall at those committee meetings ever having discussion about Horizon issues at all. I may be wrong but I can’t recall those discussions. I think the messages I’m talking about were top-down are just messages from directors of the board and the ET.
Mr Blake: And you say “passed down”. How would it have been transferred, that information?
Martin Ferlinc: Just through various channels. I mean, they would have workshops where they would have leadership senior managers attending, giving key messages for the next year. That could have been a key message from those workshops.
Mr Blake: Do you remember the names of any individuals who you can recall having given those messages?
Martin Ferlinc: I can’t.
Mr Blake: I just want to sum up what we’ve been through in relation to this particular policy and I’m just going to put a few points and it may be that you can just answer these yes or no. If you need to give more detail then feel free but I think it may be that they can be answered just yes or no.
Is it right to say that, under this policy the burden was on the subpostmaster to show that there was a system fault?
Martin Ferlinc: Under this policy, rightly or wrongly, that’s what it says.
Mr Blake: Second, that if they didn’t have evidence of a system fault it wouldn’t be investigated by the Helpdesk, and that’s the first paragraph that we see there, the final sentence?
Martin Ferlinc: I’m not sure that’s true but that’s what the policy says.
Mr Blake: Is there something you have in mind?
Martin Ferlinc: No, I’m just thinking that there may well be things that subpostmasters are not aware of being investigated. That’s the only thing I can think of.
Mr Blake: But applying that policy, if there was a system fault and if they didn’t have evidence, it wouldn’t be investigated?
Martin Ferlinc: Yes, if they believe a system fault is to blame and they don’t have a reason for it or can provide evidence for it, that policy would suggest it wouldn’t be investigated.
Mr Blake: Third, the way that they were directed to address this was through the NBSC; is that correct?
Martin Ferlinc: Can you repeat your question?
Mr Blake: Certainly. So they were – if we look at the page before – sorry, page 5, it was the third paragraph there, subpostmasters will be asked to direct this to the NBSC.
Sorry, it’s the third paragraph before moving.
Martin Ferlinc: Yes, I think if there was any issue of any description that the branch wanted to raise, it would always go through the NBSC initially.
Mr Blake: Fourth, that the subpostmaster would have to pay the shortfall if they couldn’t prove that there was a system fault?
Martin Ferlinc: Mm-hm.
Mr Blake: Is that correct?
Martin Ferlinc: That’s a correct assumption from how this reads.
Mr Blake: Fifth, that only if there was a known system error could the loss be held in the suspense account?
Martin Ferlinc: Yes, correct.
Mr Blake: And sixth, that the working assumption, as we’ve seen on the next – on section 6, was that system faults were rare and would have been identified, and that’s not just in the policy or written in the policy but, by the sound of it, that is the general working assumption?
Martin Ferlinc: I think at that stage that was the general working assumption.
Mr Blake: Does it follow then that, if there was an unknown error, a subpostmaster would have to pay up?
Martin Ferlinc: Yes.
Mr Blake: And that there was a reliance on the NBSC to identify known errors?
Martin Ferlinc: Or to at least log the issue and whatever resolution policy they had in place to put in place.
Mr Blake: If we look back at section 3 and the authority to hold losses, is it right to say that the ability to hold apparent losses in the suspense account was intentionally restrictive?
Martin Ferlinc: Yes, I think initially, again going back to pre-Horizon days, it was often used for the wrong reasons and they had lots of amounts being held in there. So it was used or was supposed to be used for specific cases where there were known errors awaiting transaction corrections or error notices.
Mr Blake: Ultimately, following the evidence that you’ve already given, it wasn’t for the auditor to look into any of this because the auditor’s job was principally to look and see if X equalled Y?
Martin Ferlinc: If you are talking about an audit discrepancy, absolutely. So the auditor would find the discrepancy, if there was one, and then there could be a number of reasons why there was a discrepancy. The subpostmaster would be expected to make good, unless they could identify this is the reason why.
Mr Blake: This policy, was that information that was being communicated to subpostmasters by auditors?
Martin Ferlinc: I think not necessarily the policy but, historically, there had always been, within the subpostmaster’s contract, two or three paragraphs, maybe more, that outlined the contractual obligations. I think auditors always have that phrase in mind from the policy – sorry, from the contract, rather than necessarily the policy that’s here.
Mr Blake: The burdens in terms of identifying known errors and, for example, the assumption that system faults were rare, do you think those were messages that were communicated to subpostmasters by auditors on visits?
Martin Ferlinc: I don’t believe they would have talked about Horizon issues being rare, they wouldn’t have talked about those issues. Fact-finding was what they were due to do. So if the subpostmaster said “I believe this is the reason why”, I would expect the auditors to log in that report.
Mr Blake: Surely there would have been a conversation on occasion between auditors and subpostmasters about what the policy says or about the Post Office’s approach to –
Martin Ferlinc: I think the only time the contractual obligation would come up is if there is a shortage and the subpostmaster would probably know their contractual obligation without the auditor having to remind them of it.
Mr Blake: Looking back now at that policy, do you think that the approach that was taken under that policy to subpostmasters was fair?
Martin Ferlinc: No, absolutely not because, as you have highlighted or alluded to, the onus in this policy was upon subpostmasters to prove something that they could not prove or probably could not prove. So it doesn’t feel fair.
Mr Blake: Thank you. I’m going to change the subject slightly now and look at the IMPACT programme, very briefly. It’s related because we’ve spoken about discrepancies and how they went into the suspense account when, for example, there was a known error. Do you recall that changing under what – I think you have referred to it as the branch trading. I think we call it the IMPACT programme?
Martin Ferlinc: Yes, I think when I saw that in the bundle I wasn’t entirely sure what that referred to but, for me, I think IMPACT related to a weekly balancing programme moving into a monthly branch trading programme.
Mr Blake: So the removal of a suspense account is – do you have a phrase for it or –
Martin Ferlinc: What phrase would you like me to give you?
Mr Blake: You refer to “branch trading”. Is that something set different?
Martin Ferlinc: No. Branch trading is just, as I said, the evolution of weekly cash accounting. The suspense account, in terms of IMPACT, I think the plan was to remove that, partly to avoid amounts being put in there without authority.
Mr Blake: Were you involved in that programme?
Martin Ferlinc: Not as such but I remember having a meeting to discuss how that would affect branches and, from my point of view, how auditors would see the difference.
Mr Blake: Can you briefly summarise your views on that?
Martin Ferlinc: I think at the time I was assured that transaction corrections, I think that’s part of the evolution from error notice to transaction corrections that transaction corrections would always be provided with evidence that cannot be disputed, effectively, and, on the very rare occasions that there was no evidence or insufficient evidence, there was a channel for that to be disputed. I’m not sure with hindsight that that was, you know, the way things went and I was assured at the time but, subsequently, I think there was still cases of transaction corrections being issued without the appropriate evidence.
Mr Blake: Do you recall who those discussions were with and who assured you?
Martin Ferlinc: It’s very strange. I can visualise being in the room with a member of the Product and Branch Accounting Team. It could be one of two names but I can’t be – you know, I can’t be certain who it was.
Mr Blake: We’ve heard from somebody called Susan Harding?
Martin Ferlinc: It wasn’t her.
Mr Blake: Did Susan Harding or any of her team ask you for your views on that programme?
Martin Ferlinc: Well, the person I think it was was called Marie Cockett. She may have worked within that team and I remember having a meeting with her to talk through how this would work.
Mr Blake: Do you recall the use of the “Settle Centrally” button to fill the void left by that programme because we’ve spoken about the suspense account and the use of it for known errors. Were you aware of the “Settle Centrally” button to be used to, in effect, fill that void?
Martin Ferlinc: Yes.
Mr Blake: What was your view on that?
Martin Ferlinc: Again, it was supported by being assured that transaction corrections will be supplied with evidence. So if they were provided with evidence that was satisfactory then why wouldn’t you settle centrally, if that was your chosen option to do so. I think the gap for me is that, if there wasn’t evidence, then what would you do?
Mr Blake: Can we look at POL00105418, please. It’s page 15. This is a number of different documents of – it’s page 15 that I’d like to look at. This is a document that was in your bundle. It’s an email to Lynn Hobbs. Do you remember who Lynn Hobbs was at all?
Martin Ferlinc: Yes, I remember Lynn.
Mr Blake: What was her role?
Martin Ferlinc: I know she was a senior manager within the Network Directorate. I can’t remember her precise role title.
Mr Blake: How about John Breeden?
Martin Ferlinc: He worked for her in her directorate.
Mr Blake: Can I ask you to look at the second paragraph and perhaps read that to yourself and I’d just like you to talk us through the views that are expressed there from yourself. (Pause)
Martin Ferlinc: Okay.
Mr Blake: Can you assist us with why you’re referred to there?
Martin Ferlinc: I’m not entirely sure and I think I’ve seen a similar note in another part of the bundle with my reference named and I think in that case – because here it says “totally against” and in that case it said something similar but different in wording. I’m not sure why.
I’m not sure whether my name was used to endorse their approach or to back their approach or to say that I was an obstacle to their approach. I can’t read from that paragraph what my reference was there for.
Mr Blake: Are you able to assist us with how it happened that something that was established in the policy, in terms of treatment of cash account losses policy and the use of a suspense account for known errors, for example, how that became seen after the IMPACT programme and replaced by the “Settle Centrally” button, how the use of that “Settle Centrally” button became somehow inherently suspicious to the Post Office?
Martin Ferlinc: I’m not sure I would see it as suspicious but, equally, it could still be open to abuse where people click on the button just to get it out of the account.
Mr Blake: Do you think there was a change in attitude at any point?
Martin Ferlinc: Possibly so. I mean, over time, people change roles, people change views. So I’m not entirely sure, and obviously the system has changed. But yes, I think it may well be that it was considered that, a bit like the suspense account, it was open to being abused.
Mr Blake: Do you have any views on that now?
Martin Ferlinc: To be honest, it’s difficult to go back to that time-frame to think through what I was thinking and I know my name’s been quoted. I don’t personally remember a conversation with John anyway, but I suppose it reflects that my concern would be, if you remove that facility to settle centrally, then there’s no transparency in what’s going to happen because, if you haven’t got the facility to say “I’m going to accept it”, even if that’s not what you do, there’s no record of what happened in that situation.
Mr Blake: You were aware presumably that the “Settle Centrally” button was used by people both who did accept but also those who didn’t accept the amount?
Martin Ferlinc: Well, it definitely could be, yes.
Mr Blake: One of the purposes of that was to enable the subpostmaster to balance?
Martin Ferlinc: Exactly.
Mr Blake: I’d like to move on now to bugs, errors and defects. We started today, this morning, by looking at what you wrote in your witness statement about that and we discussed it, and there’s one particular incident that I’d like to talk to you about this afternoon, and that relates to the Two Ball Lonnen Post Office in Newcastle. I apologise if my pronunciation of that is incorrect.
You have been provided with a number of different documents in that respect and I’m going to start with POL00104600.
Do you remember – and I’ll take you to the document in due course but you are mentioned in one of these documents. Is this an issue that’s broadly familiar to you, even if it’s just because we’ve provided you with the documents recently?
Martin Ferlinc: I remember the name of the branch. I don’t remember the detail and, even having looked through the thread of emails, the actual issue itself, you know, isn’t particularly familiar. But the branch’s name is so clearly there is some information that was available to me at the time.
Mr Blake: My purpose for taking you to this incident is there are a number of ways in which is the issue was dealt with that I’d like to ask you about and it may refresh your memory of particular issues that cropped up and this is just really being used as an example. This document here is from 4 April 2000, so that’s early in the life of Horizon, and I think you’ve already explained who Lynn Hobbs was?
Martin Ferlinc: Well, she worked as a senior manager in the network, yes.
Mr Blake: And Keith Baines?
Martin Ferlinc: The name’s familiar but I can’t think who he would be, his role.
Mr Blake: Now, there is a significant loss in this branch. I’m just going to read you one paragraph or some of the first paragraph, it says:
“Both officers have received additional support from HFSOs …”
That’s Horizon Field Support Officers; is that right?
Martin Ferlinc: Yes, that’s right.
Mr Blake: “… who investigated the cash accounts to the best of their ability and could not identify any reasons for the shortages. I am told by TP …”
What’s “TP”?
Martin Ferlinc: That would be Transaction Processing, which would then become Product and Branch Accounting.
Mr Blake: “I am told by [Transaction Processing] that no outstanding error notices exist for these offices and that in their opinion they cannot identify any system problems for the errors. The worst of the two is Two Ball Lonnen with an outstanding loss of …”
Now, I think that figure is, in fact, incorrect and we’ll see why but I think that’s meant to be £64,000 rather than £647,000?
Martin Ferlinc: I saw it as 64 anyway.
Mr Blake: Then there’s a second office:
“Both offices are run by the same multiple, Nigel Mills, who has a number of other offices in my area. In both instances comments were made by HFSOs about migration errors that would generate error notices and consequently the subpostmaster is now refusing to repay the loss. I know very little about the system but in the case of Two Ball Lonnen this office migrated on a Wednesday”, et cetera, et cetera.
Are those kinds of issues ones that you recall being experienced by subpostmasters?
Martin Ferlinc: I kind of have a reflection that at the time there’s always a sense of there could well be migration issues and there could be a number of aspects to it. There could be a branch that when they migrated already had a problem or it could be there could be something about the way the system migrates. So I think there was always a sense of that change over from a manual system to the Horizon System could bring up some issues.
Mr Blake: If we look at the final couple of sentences in that paragraph, it says:
“In the case of both offices the Helpdesk suggested that the system was experiencing problems which would eventually be resolved and an error notice would be generated. RNMs …”
What is RNMs?
Martin Ferlinc: It’s an acronym for Retail Network Managers, so it was, at that point, the sort of the liaison between Post Office and the branch, each branch was assigned, I guess, a Retail Network Manager.
Mr Blake: So:
“[Regional Network Managers] knowledge of the system was extremely limited and these assurances were therefore accepted and the offices allowed to carry the amounts in their suspense accounts.”
If we scroll down –
Martin Ferlinc: Can I just interrupt there?
Mr Blake: Absolutely.
Martin Ferlinc: It’s just useful to say you’ve just read out that sentence “The Retail Network Manager’s knowledge of the system was extremely limited”. I think at that period in time, I think the knowledge of the system was limited for a lot of people in the Post Office, auditors, trainers, investigators. I think we were learning as the system was rolled out.
Mr Blake: Thank you. The final paragraph there says:
“I do not believe we should write off almost £70k [that’s why it may be 64,000 rather than 640,000] without evidence that the system somehow ‘created’ these errors and they are just ‘paper errors’.”
Can we go to another document, same topic, it’s POL00104596. We’re still in 2000 here, June 2000, and can we turn over the page, please, to page 2, from Keith Baines to Lynn Hobbs:
“For Two Ball Lonnen, should the investigation include the [£19,000] in outstanding error notices, or just the [£45,000] authorised cash shortage?”
At that time, we can see Keith Baines was head of Horizon commercial. Can we go back to page 1, please, and have a look at the bottom of that page.
Lynn Hobbs says:
“Keith
“I would like to include both as the errors in P&As occurred during the same period as the shortages which the office is claiming are due to the system and which we think may be down to in-house fraud.”
Pausing there, do you remember was it common for branches to be complaining that errors are due to the system?
Martin Ferlinc: I’m not sure common but it had been heard. I had from auditors feedback to say there was a discrepancy and the subpostmaster believed it to be a system error.
Mr Blake: So that, in fact, is April 2000 and then it’s the first email in this chain at the top of the page where we’re in June 2000. So that’s a couple of months later and this is where your name is mentioned. So Lynn says:
“Keith
“We discussed these two offices at our last meeting and you said you would send me the information forwarded to Audits. I have not received anything to date and despite trying both Chris Paynter and Martin Ferlinc I have been unable to find anyone in Audits who has any recollection of having received information about them.”
Just pausing there, do you remember being chased at all about this? You don’t know?
Martin Ferlinc: No, sorry.
Mr Blake: “I have received copies of an audit summary for each office for audits carried out on [13 April].”
Again, pausing there: audit summary what do you understand by an audit summary?
Martin Ferlinc: I’m assuming that she means an audit report for the branch. Just going back to your previous comment, did I recall being chased? I’m not entirely sure what I’m being chased for. It says not being able to find anyone in Audits who has any recollection of having received any information about them, them being the two branches, I’m assuming.
Mr Blake: Yes.
Martin Ferlinc: But I’m not sure what sort of information she is expecting.
Mr Blake: So you don’t remember the incident and also you don’t –
Martin Ferlinc: No, but I do remember – I don’t remember the second branch’s name but the Two Ball Lonnen, I do remember the name and I can’t think why that would come to light.
Mr Blake: The audit summary, though, is that something that would be you could produce in branch from the Horizon System?
Martin Ferlinc: No. As I say, I think this is a written report. I’m guessing what she means by an audit summary, I can’t think of anything else other than an audit report. So at the end of each audit, the auditor would write a report in Word and email it to Network Management and, in the case of a subpostmaster at the time, it would be sent by post to them.
Mr Blake: So an audit summary wouldn’t, for example, identify the cause of an issue if it was, say, a technical issue?
Martin Ferlinc: All it would say is this is the discrepancy and where it can be identified what the discrepancy is, so it might be a case of there’s a £15,000 discrepancy, 10,000 is cash inflation, 3,000 is incorrect foreign currency listings. So it would break down what was known but then it would also have, you know, unknown discrepancy.
Mr Blake: So it would give you the numbers but not the cause of the discrepancy?
Martin Ferlinc: Exactly.
Mr Blake: This email continues:
“It is now over a year since these offices went live and we really do need to resolve these shortages (not surprisingly the subpostmaster who has about 10 offices in my area is unhappy with what he perceives the lack of progress). Can you forward the information sent to audits to me and confirm who in audits is dealing with this.”
I’m going to take you to another document in the same chain POL00104597. 20 June 2000. I’m going to read to you from that first paragraph. It says:
“I was looking to have their transaction information interrogated to try and understand how the errors could have occurred.”
Pausing there, so they are looking into how they have occurred. At that stage, was that the job of the Retail Network or the Head of the Retail Network, for example?
Martin Ferlinc: I don’t believe so and I do not know how it would be possible to be able to eliminate every possible cause.
Mr Blake: “I thought this was what we discussed in terms of obtaining information from Pathway which would only normally be available if we suspected a fraud. What I have received from you is a list of the calls made to the Horizon System Helpline on behalf of the office over the period since Go Live. I assume the information I have received is available basically that touch of a button rather than as a special request which we may have to pay a special payment for. I’m sorry to say that I don’t feel I am any further forward with these offices.”
So it seems as though Lynn Hobbs is trying to get to the bottom of the discrepancy, has been provided with something equivalent to what you, as an auditor, may have been able to obtain from the system itself?
Martin Ferlinc: I’m not sure whether this is referring to the ARQ data, because she refers to the data only being available – I can’t find the words now – if we suspected a fraud. So that’s where the investigators would be involved and they would have the route to obtain that detailed transactional data.
Mr Blake: So the complaint is that she’s received a list of the calls made to the helpline but not something more substantive from Fujitsu?
Martin Ferlinc: I think what Lynn makes there is a valid point, that there’s a gap in the process there, in that if a discrepancy involves an investigation, then that triggers off obtaining more detailed data. If it doesn’t, then there’s a gap because nobody’s pursuing that data.
Mr Blake: Absolutely, and that was precisely the question that I was leading to, which is, looking back at your time where you have the job that was being carried out by auditors, do you think that there was a missing job description effectively which is a more technical auditor or someone with technical knowledge who could investigate technical matters?
Martin Ferlinc: If I could go back 20 years I’d do some things very differently and I’m just highlighting on some of the things here. So, yes, absolutely a gap between the discrepancies involving investigators or not and I think there could have been and should have been a role for auditors to fill that gap but it needs the technical expertise, which wouldn’t have been there. Lynn also mentions about getting details of logs to the Horizon Helpline but also for NBSC. You know, we could and should have been able to access that information. So when we identified an audit loss of X amount, we could then say “But this branch has been reporting issues for the last 20 weeks” and, for whatever reason, we either didn’t feel that was available, that data, or what had been – I don’t know what the reason was but, for me, there’s a gap there in terms of being able to identify that sort of information that could have been available.
Mr Blake: Thank you. I’ll take you just to one or two more documents in this chain before we end that particular example. POL00104597.
We’re still in June 2000 and Keith Baines is there emailing Lynn Hobbs. He says:
“In order to get detailed information from the system, either special audit functions can be used at the outlet, or – for older data – a request has to be made to Pathway by our internal auditors. There’s a documented process for this, which from a PO point of view is ‘owned’ by audit.”
So where it’s talking audit there, that’s not talking about network audit, which is your team, that’s talking about the –
Martin Ferlinc: I am confused because I wasn’t sure whether that meant the investigation part, because they will trigger off the request, or whether it meant – and it would now be Royal Mail internal audit. I personally feel it would mean the investigators.
Mr Blake: So it may be that audit is being referred to there but, in fact, they mean investigators or what was your reading of that?
Martin Ferlinc: I think in the original documentation from Fujitsu, it referred to Post Office internal auditors, without perhaps using our structure of where we draw a line between audit finishing and investigation starting.
Mr Blake: It seems there a rather binary choice, that if it is current it can be obtained from Horizon and only if it’s older data can a request be made to Pathway. Is that a distinction that you remember at all?
Martin Ferlinc: Yes, in the sense of, at the branch, data was available and I can’t remember how many days but perhaps for a trading statement’s worth of days, 40 days, or something like that, and then any data beyond that period of time would not be accessible in the branch. So you would have to request it from Fujitsu or Pathway, in this case.
Mr Blake: I’m going to read on. It says:
“The process envisages an auditor visiting the outlet in the first place to examine the data held locally – auditors can log on with a special password that gives them access to additional reports not available to other users.”
Do you think this might be a misunderstanding of the auditor’s role or do you think this is an accurate description of what an auditor could have done?
Martin Ferlinc: I’m wondering whether it’s a misunderstanding of me, either now or then, as to what an auditor can access because my understanding was that an auditor could access everything that a manager at the branch could access. This is suggesting that there’s additional activity that they could access, and I don’t know whether that’s true or whether my memory’s failing me, but I thought that auditors could only access what a subpostmaster or a branch manager could access themselves.
Mr Blake: Then, in the third paragraph, he says:
“Then, if access to centrally archived data is required, the auditor will complete a specification form setting out the data required – eg what data types, what period et cetera. Pathway can cope with a maximum of 7 requests per month; my understanding is that a request could cover more than one outlet, so to maximise the use of the limited number available a co-ordinated approach is desirable. For each request Pathway will extract the relevant records from their data warehouse. The data is provided more or less in its raw, unprocessed form, so interpretation will take time and need someone with a thorough understanding of the audit trail specification.”
So, again, he’s referred there to auditors completing a specification form?
Martin Ferlinc: So either, as I said, I’d misunderstood this and actually there was a facility for auditors to access information beyond what is available to the branch or this refers to investigators. It talks about a maximum seven requests per month and I don’t know if that ties in with the requests for ARQ data that investigators say they can only have so many requests. I don’t know if it’s per month or whatever.
Mr Blake: Do you recall that limitation on the number of reports that could be obtained from Fujitsu?
Martin Ferlinc: I don’t remember the number but I know there was a limitation.
Mr Blake: Do you recall POL’s approach to that limitation? Were there concerns about the limited number or was it just accepted?
Martin Ferlinc: I don’t recall whether after that number there was a charge. There might have been the ability to have more than that number but chargeable. I don’t remember POL’s approach to that.
Mr Blake: And the reference at the end of this email:
“The data is provided more or less in its raw, unprocessed form, so interpretation will take time and need someone with a thorough understanding of the audit trail specification.”
From the evidence that you’ve given today, it doesn’t seem as though that is the kind of job that could have been done by an auditor?
Martin Ferlinc: No, we didn’t have that skillset to perform that sort of role. Not to say we couldn’t have achieved it but, equally, I don’t feel that we had it.
Mr Blake: Can we look at POL00093128, please. This is still with Two Ball Lonnen. Here we’re in August 2001, so quite a considerable time later, and this is an email from the Retail Line Manager and he says:
“It may help you to understand my concern if I explain that there is an ongoing dispute about shortages at this office …”
The Subpostmaster is blaming the Horizon System for the shortages.
Then we have reference there to concerns, the issue concerning advice given by the Post Office Helpline to the OIC – I presume that’s officer in the case?
Martin Ferlinc: Officer in charge.
Mr Blake: Officer in charge, Tracey Dowson, is that somebody you recall?
Martin Ferlinc: I think that’s the person in charge of the branch, the branch –
Mr Blake: They wouldn’t be referred to as the OIC, would they?
Martin Ferlinc: “The … advice given by Post Office Helpline to the [Officer in Charge] Tracey Dowson …”
So the officer in charge being the person in charge of the branch.
Mr Blake: The officer in charge of investigating the branch?
Martin Ferlinc: No, no, no.
Mr Blake: Or you are saying it’s –
Martin Ferlinc: Because it’s a nominee subpostmaster – it’s not a subpostmaster, it’s a nominee – they will have their own branch manager, for want of a better phrase, the term “Officer in Charge” is just referring to that person, the person in charge of that branch.
Mr Blake: Can you just remind us why there would be a nominee subpostmaster.
Martin Ferlinc: So nominee subpostmaster would – I can’t think of a particular company involved but it would be a company that would have perhaps 300 or 400 branches under their name, and so they would be the nominee subpostmaster, even though they’ve got 300 or 400 branches. So at each of their branches they would appoint/employ a manager to run their branch.
Mr Blake: I’m just going to read from her report. She says:
“‘I spoke to Carl who was very helpful but still no answers, he said it was a ghost figure in the system. I proceeded to roll the figures over as told and that Carl would contact myself on the Thursday morning.
“‘After the phone call he told me he had spoken to his Manager and that they were happy it would show as a shortage the next week, the explanation given is that it was a ghost figure that had got into the system but they did not know how’.”
Now, did you ever hear the term “ghost figures”?
Martin Ferlinc: I don’t recall hearing it at the time. I’ve heard it since and, obviously, since I’ve left the Post Office and this trial I’ve heard those terms but I don’t recall at the time hearing those terms.
Mr Blake: If we scroll down in the message from the Retail Line Manager he says:
“Clearly remarks about ‘ghost figures in the system’ attributable to our own staff are not likely to inspire confidence in Horizon and in this case may prove very damaging.”
We talked about a bug earlier called the phantom transaction bug?
Martin Ferlinc: Right.
Mr Blake: Were these kind of issues reaching your desk?
Martin Ferlinc: No. The emails that you show me, I’ve not had sight of those emails and particularly those emails where my name’s been inside them. I would have expected to have had some visibility copied into those emails.
Mr Blake: Did you see it as part of your function to draw together themes from various audits, words that were used, such as ghost transactions, or themes of bugs, errors and defects that may have been raised by subpostmasters?
Martin Ferlinc: I think there should have been a greater role in bringing together themes. As I said to you earlier, I think we could have had a role in looking at the logs of calls made to NBSC and trying to analyse what sort of calls are being made. Having said that, I would expect NBSC and their management to be doing that as well to be able to say “Look, we’ve had all these calls in the last month, these are the issues”. They may have been doing that but the outputs were not reaching my desk.
Mr Blake: I think that might be an appropriate moment for a break. I only have about 15 minutes’ worth of questions after the break. There will be some questions from other Core Participants but, sir, are you content for us to take a 15-minute break now?
Sir Wyn Williams: Yes, I am. That’s fine.
Mr Blake: Thank you very much.
(3.08 pm)
(A short break)
(3.25 pm)
Mr Blake: Can we now look at POL00021420. Mr Ferlinc, we were talking before the break about the need for some sort of macro analysis or drawing together various strings. I’m now going to move on to your time on the Risk and Compliance Committee. I think you said this morning you attended or went on the committee or something along those lines.
Martin Ferlinc: I attended many if not most of the meetings but I don’t think I was considered a member.
Mr Blake: This particular example is 22 March 2006 and, if we turn to page 3, it has your name – it appears that that’s one that you weren’t – you didn’t attend but it does refer to you or, certainly, you’re not listed in the members in attendance. Is this something you recall at all?
Martin Ferlinc: I’m not sure if – there’s three paragraphs there and it says “Closed” afterwards. I’m not sure if that’s just the whole action has been closed, in which case there seems to be a summary of the analysis done. But, as I touched on before and you’ve highlighted, I think there needed to be greater analysis done. One of the things that I feel was missing, perhaps, was to look at sort of post-event analysis.
What I mean by that is, if we have a branch where a subpostmaster is accumulating losses week, after week, after week and that results in their suspension and someone else takes over the branch, I think it was a big gap to look at the branch performance with the new person in charge because, if those losses continued, that would suggest, well, perhaps it’s nothing to do with the subpostmaster, there’s something in the branch that needs to be looked at.
Conversely, if the losses suddenly stopped, that might also give some information as well. I don’t think that analysis was ever thought through at the time to look at branches’ performance after a change of ownership.
Mr Blake: Why not?
Martin Ferlinc: I’m not sure. I look at it today and think that feels so obvious as a piece of activity to have done and relatively simple. If you look at 80 branches, potentially those 80 branches would have ended up with new people in charge to sort of track their performance over the next 6/12 months to see is the profile of the branch’s performance the same or different and what does that tell us? I just think that was a lost opportunity.
Mr Blake: So if we look at this as an example, the kind of macro-analysis that was taking place was, for example, analysing 80 branches with the largest shortages –
Martin Ferlinc: Yes.
Mr Blake: – rather than looking at follow-on from suspension or looking at particular bugs that had been referred to by different subpostmasters?
Martin Ferlinc: It would just have been simply a bit of number crunching, identifying that these branches had a similar sort of profile, so they might have all had information in the risk model that suggested there was an issue in cash declarations or it could have been they were all rural branches. I guess that’s what the analysis would have looked at, at that stage.
Mr Blake: Can we look at POL00021421, please. This is another meeting of the Risk and Compliance Committee on 6 September 2006. You’re listed on this occasion as in attendance. If we look at the summary action points, and it’s 0904, it says there:
“To analyse those branches where a financial irregularity has been revealed during 2006/7, to ascertain if there are any common profiles.”
Your name is there as the lead on that.
Martin Ferlinc: I think, again it probably just goes back to what I said before. I think this was looking at the profiles of those branches where there was an irregularity. So was there a particular stream in the risk model that suggested that was a concern, were there different types of that branch also in the risk model that we should target. Basically, I think that links to the previous activity.
Mr Blake: There were annual reviews. I mean, if we look at POL00033398, for example, I won’t take you to any particular pages but, I mean, you did produce reviews. Why didn’t those reviews address those kinds of issues?
Martin Ferlinc: I think this particular review on the quality auditing was triggered by the movement of the audit teams to the network. I personally had expressed a reservation of the move to a directorate, in terms of potential conflict of interest, auditors auditing branches where they might have also trained the same branch. So, as part of that, I think to mitigate that concern, there was a sense of, well, let’s go and do a piece of work to see whether there’s any concern about the auditing quality.
I think I might have mentioned in my statement at some point, probably the mid-2000s when I was heading the auditing team, my team was reviewed/audited by the internal audit team. So it’s kind of followed that theme of someone auditing the auditors.
Mr Blake: If I was to draw the themes together from some of your evidence today, certainly when you began you talked about the size of the team and it reducing over time, especially in the late 1990s onwards, and you’ve talked about auditors not being able to cover as many or carry out many audits as they previously had.
Is funding or the sufficiency of the numbers of your team in any way to blame for that lack of analysis or is it something else?
Martin Ferlinc: I think a couple of things. I think yes, absolutely, costs reduction, head count reduction throughout the 2000s put pressure on, you know, limiting resource with increased amounts. So as we went into financial services, there were more demands on compliance activities. So you got those two pressures of more auditing requirements, product managers wanted their products audited against limiting resource and then we got the skillset.
So I would have liked to have seen a broader wider skillset, more qualified skillset, which challenged against the headcount reduction. So those kind of two aspects created the challenge.
Mr Blake: Did you raise those concerns with anybody?
Martin Ferlinc: I would have raised it with my line manager. I think everybody, though, was in the same position, you know. My line manager was under pressure to reduce resource. Everybody across the business had those challenges.
Mr Blake: When you refer to your line manager, do you mean Tony Marsh or Rod Ismay?
Martin Ferlinc: At that time it would have been Keith Woollard.
Mr Blake: The very final document I am going to take you to, I think, post-dates your time. It’s POL00086765.
I don’t know if this is a document familiar to you at all?
Martin Ferlinc: Only because I have seen it in the bundle. But it was quite a long time after my time.
Mr Blake: If we look there, there is an analysis of the audit team and the second bullet point on the left-hand side, it says:
“Audit activity is restricted to the checking of cash and stock and the validation of procedural compliance questions.”
Is that something that you agree with as a concern?
Martin Ferlinc: Yes, this is another review of the – I’m assuming this is the internal audit team reviewing the auditors. But, yes, in terms of that paragraph, audit activity was very much focused on asset verification and compliance procedural checks.
Mr Blake: The asset verification would have made sense pre-Horizon because you’re counting physical numbers that are in stock in a branch but did that make less sense post-Horizon?
Martin Ferlinc: I don’t think so because there still needs to be some assurance that the cash is at the branch. There still needs to be some assurance that our assets are safeguarded. So I don’t think it follows that there’s less validity.
Mr Blake: Was the audit team ill-equipped for the additional challenge of Horizon – data from Horizon?
Martin Ferlinc: As I said earlier, across the board, I think there were challenges with a group of personnel who hadn’t grown up with technology at their finger tips and learning, you know, quite steeply in this learning curve.
Mr Blake: If we look on the right-hand side under “Weaknesses”, if we look at number 2:
“Poor management information, only statistics of visit numbers get reported.”
Number 6:
“Currently not a professional audit service.”
Are these concerns that you recognise at all?
Martin Ferlinc: Well, in terms of too – again, I don’t know what the management information is looking like. There was a bit more than statistics when I was involved but I don’t know what it looked like in – what period is this? Is it 2013? Not sure it says.
Mr Blake: I don’t think it says the date. If we go to page 3, please, and the bottom of page 3 that addresses number 4. It says there:
“The Auditing effort in Network is primarily focused around checking cash and testing counter staff compliance with statutory and contractual requirements.
“The Network Support Team is made up of approximately 220 FTE that are utilised to conduct a mix of audit work and training. The majority of staff are drawn from Post Office Counters, although some have been subpostmasters. All new staff receive detailed induction training [this is over the page], however, based on our review, none of the staff have any formal audit qualifications, nor do they have any professional audit training or experience prior to their appointment.”
Are those concerns that you shared or share now?
Martin Ferlinc: Absolutely. As I said earlier, our team was filled with resource, purely based upon a background of counter and to some extent cash centre experience. But post-Horizon, and I mentioned in my witness statement – or pre-Horizon that was quite a valuable resource, people who knew how counters worked they knew how the cash account worked, they had been working in branches. Post-Horizon, they didn’t know how Horizon worked other than the training they were afforded.
Mr Blake: Finally, in that second box about halfway down, it says:
“No detailed issue or trend information is produced to better inform management of possible systemic issues, strengths of weaknesses of control or management of risk across the business or within areas/regions.”
Again, is that something that I think you would agree with from the evidence you have given to me?
Martin Ferlinc: As I said, this is, what, five years after the audit team left me and two years after I left the business but I think it feels like a fairly common view that was shared prior to me leaving.
Mr Blake: Thank you. There will be questions from other Core Participants but is there anything, having seen all of that and all the evidence we’ve been through today, anything that you would like to raise with the chair?
Martin Ferlinc: I don’t think so.
Sir Wyn Williams: Thank you very much.
Mr Blake: Sir, do you have any questions before we move to Core Participants?
Sir Wyn Williams: No, thank you, no.
Mr Blake: Thank you. I will start with Ms Page.
Questioned by Ms Page
Ms Page: Hello, it’s Flora Page. I’m representing a number of subpostmasters.
I want to ask you particularly about Nichola Arch it’s probably not a name that you know but she was a subpostmaster who was amongst the same very early pilot as the Two Ball Lonnen branch. So in that very, very early stage, long before most of the rest of the network received Horizon, she and the Two Ball Lonnen branch were both in that first wave.
Just like them, she suffered doubling up problems. The same sort of problems – if we dig down into that Two Ball Lonnen correspondence, what we see is a doubling up problem and she experienced that in that same wave of rollout.
But when her branch suffered doubling up, she was prosecuted. Now, her branch was a single or a “singleton”, as I think they were sometimes known, whereas, of course, Two Ball Lonnen was part of this big chain and it seems that, as a result of being part of a big chain, Two Ball Lonnen got completely different treatment.
Do you think that there is a risk or a likelihood that subpostmasters who ran single offices were treated less fairly because they were small, less noticeable, more easy to run over, as it were?
Martin Ferlinc: I’m not sure that’s case and I can understand why that might be perceived that way. I think my concern, if I can just sort of broaden that point, I think, is that the people who ran offices their own, singletons, I don’t think the support structure was there, particularly in terms of Horizon rollout.
If I’m working at a Crown Office and my branch has been rolled over to Horizon, I’ve got people around me to talk to, “I’m having a problem with this transaction, what do I do?” When you’re a single subpostmaster, you’re on your own and, yes, you’ve got a phone call but it’s not the same thing as having someone to turn to. So I think just side-stepping your question in itself, I think there was perhaps a lack of support and understanding of how single subpostmasters needed to be supported differently.
So I understand that view, potentially, of how multiples/nominee postmasters were perhaps treated differently but I think, actually, I think single subpostmasters should have been treated differently in being given more support.
Ms Page: In a way, you seem to be agreeing with what I’m saying, in that they received the same support that multiples maybe did get and the Crown Offices maybe did get?
Martin Ferlinc: Yes, absolutely.
Ms Page: Thank you.
Mr Blake: We have questions from Ms Patrick and Mr Stein.
Questioned by Mr Stein
Mr Stein: Mr Ferlinc, I have a few questions to ask of you. Can I ask though to go back to a document that Mr Blake showed you, I think, about five minutes ago.
Frankie, if I give you the reference number, it’s POL00033398.
Mr Ferlinc, I represent a large number of subpostmasters and mistresses and I’m instructed by a firm of solicitors called Howe+Co. So we should have on the screen –
I believe I have the number right, POL00033398.
Sir Wyn Williams: No, it’s a different number, Mr Stein, on the screen, on my screen anyway.
Mr Stein: Sir, I agree. I think we are just tracking down the right one. Yes, we have it. Thank you very much.
So this is a document, we can see, Mr Ferlinc we have your name there. The date is February 2011 “Assurance Review: Quality of Auditing”. Now, if we can just go please through to page 4 of that document to start off with, just helping us with the presentation of this, these appear to be in slide format is this a presentation or a draft of a presentation?
Martin Ferlinc: Yes, it’s the way that reports – it was just the theme at the time. A lot of reports were written in a PowerPoint fashion, partly it’s a reporting mechanism but also it enables it to be presented.
Mr Stein: Okay. If we look at that page, which is page 4, and we go to the middle of the page it says:
“The key findings from this review that require further review or attention relate to the following issues …”
So if we centre ourselves on the date, this is 2011. You have spoken to Mr Blake more generally about the process of audit and the difficulties that you’ve discussed with him. So let’s just have a look at some of the details that are being expressed here:
“Branches selected randomly for audits are not done on the basis of random sampling methods.”
So if we unpick that, it doesn’t sound as though there are random audits; is that right?
Martin Ferlinc: Okay, so up until 2008/2009 maybe, there was a method for truly selecting random branches for audit. I believe that this is saying that, after that, they weren’t strictly random, there was some bias to the sample of random. So it might be that they chose random but because they didn’t have the resource in a particular area, they excluded that area from random sampling.
Mr Stein: Right. Because if you don’t have random sampling, then, as you’re aware from having worked in audit for years, biases can creep in?
Martin Ferlinc: Absolutely, and that was the message we wanted to put across. Up until 2008/2009, I was satisfied that there were true random sampling methods applied. After that time, there wasn’t.
Mr Stein: But if it wasn’t random, then who is doing the selection of the places of the post offices that should be targeted for auditing? Who is doing that?
Martin Ferlinc: Well, it would be the selection team within the audit team or whatever that team was called at the time but they weren’t applying true random sampling methods. They were adding a bias to that method. So they were choosing 5 per cent but they were skewing the sample by excluding certain areas from the population.
Mr Stein: So just help us a little bit more with this. When you say excluding certain areas of the population, what are we talking about? Are we saying that they chose, I don’t know, one particular town over another or they chose –
Martin Ferlinc: I can’t remember the detail. All I can remember is that the sampling methods were flawed.
Mr Stein: You will forgive me saying this doesn’t sound like it’s a good idea, if you are introducing something which is skewering, effectively, the results because –
Martin Ferlinc: I’m agreeing with you. My finding is this was a negative aspect that needed to be addressed.
Mr Stein: Okay. Let’s see if it gets better or worse.
Martin Ferlinc: Okay.
Mr Stein: Bullet point 2:
“Team members seem to lack awareness of how the Branch Profile works, and therefore, why they are auditing a branch.”
This seems to be a bad thing on its own but in combination with non-random sampling it seems to make it worse; do you agree?
Martin Ferlinc: I agree. This is my report and I highlighted these issues.
Mr Stein: How is it that you’ve got members of the team that seem to lack awareness of how the branch profile works and why they are even there?
Martin Ferlinc: Right can I just take a step backed. This is my review of a team that I was not managing. I was reviewing an auditing activity. This was not my team, this was the team underneath the network that was performing training and auditing activities, and I was reviewing the quality of that activity.
These are negative views that we probably share because these are negative findings from the review.
Mr Stein: But, as against the positive findings on the same page, the negatives do appear to be rather more, how can I put it, negative. They don’t seem to be balanced by the positive findings?
Martin Ferlinc: There were more negatives than positives.
Mr Stein: Whose failure is this? Is it yours because you are not maintaining oversight as the managerial level or is it the team’s? Who is the failing?
Martin Ferlinc: It’s the team leader of the Network Audit Support Team.
Mr Stein: Who was?
Martin Ferlinc: I beg your pardon?
Mr Stein: What’s the name of this team leader?
Martin Ferlinc: I don’t know the name of the team leader.
Mr Stein: Now, earlier in your evidence, you were discussing with Mr Blake another document that you had dealt with. I’ll just put this up on the screen for the moment just so we identify what it is.
Frankie, it’s POL00088867.
You recall this document. You were asked a number of questions about it. The matters that I just want to draw your attention, just as a reminder, this version is dated, it seems, 7 September 2003. You will see that is the fourth entry down, thank you, and that the author is you, Martin Ferlinc, National Audit & Inspections Manager, and its owner is described Tony Marsh. Just help us understand the connection between the author here and the owner. You write the thing, yes. What does “owner” mean? What does that mean in terms of the Post Office?
Martin Ferlinc: He owns the policy, he authorises the policy, he gives oversight to the policy.
Mr Stein: Does that mean that, in terms of your drafting of this, it then goes to Mr Marsh and Mr Marsh then approves it for further work or use within the organisation?
Martin Ferlinc: Yes –
Mr Stein: How does that bit work?
Martin Ferlinc: There’s normally an assurance process on this first table. It seems to be missing from this particular document but there’s normally an author, an assurance process and an owner. So, normally, an assurance process would look at it and critique it and give feedback and the owner would sign it off.
Mr Stein: Right. So somewhere, assuming this went further, this particular policy would go to Mr Marsh, the Head of Security, yes, and he would then sign it off and then that becomes the embedded document within the organisation; is that right?
Martin Ferlinc: Yes.
Mr Stein: Can we just understand other thing, which is the relationship between you as the National Audit & Inspections Manager and Tony Marsh, Head of Security. Does that mean that the Audit and Inspections part of POL at this time were under control auspices of Head of Security or Security?
Martin Ferlinc: Yes.
Mr Stein: So Security Department, it’s not just checking to make sure the windows are closed and that the fire alarms are on, and things like that. This is the type of security that relates to the proper functioning of the system; is that correct?
Martin Ferlinc: Not of the system. Tony Marsh was the Head of Security, Investigations and Audit. So the personnel that reviewed security policies in branches, investigation policies and now the audit and procedural inspection policies.
Mr Stein: When you say investigations, investigations means the investigations into the possible offences that may have been committed by subpostmasters?
Martin Ferlinc: Yes.
Mr Stein: So it’s bringing together audit, which is reviewing the quality of the operational systems and giving an oversight of that and a result in relation to that, as well as investigating?
Martin Ferlinc: Those three teams Audit, Security (physical security) and then Investigations, which may have been called internal crime or external crime, they all were separate entities under Tony’s ownership.
Mr Stein: Who had brought them together under Tony’s ownership?
Martin Ferlinc: From my recollection, because I used to report to Alan Barrie, the Operations Directorate there was a decision made that – security investigations, I think, has always been together from when I joined Post Office, I think. Those two teams were always together. And the idea from Alan Barrie was that there was a natural synergy for Audit to be under Tony’s command. That would have been around about 2000/2001 perhaps.
Mr Stein: Okay. So we can take from your evidence that the contents of this document, which you described in your evidence today looking at it with Mr Blake, parts of it were unfair. We can take that this document was something that was known about to Mr Marsh, Head of Security?
Martin Ferlinc: Yes. Just to clarify, I feel it’s unfair now. Whether I felt it was unfair at the time is a different situation because I don’t think at that time, I believed that there were systematic problems at branches involving Horizon. Now, clearly it does appear unfair.
Mr Stein: Let’s take that on then. Let’s go back to the time when you are writing this in 2003. We can look at the parts of it but you appear to be in agreement that this is saying that a subpostmaster who’s experienced a loss that they’ve got no explanation for, there’s no other explanation for it, you’ve got nothing to say that it’s system fault, then tough. Their problem, they’ve got to pay?
Martin Ferlinc: Yes.
Mr Stein: Does that sound like it seems fair to you at the time, in September 2003?
Martin Ferlinc: At the time it must have done but it doesn’t seem fair now.
Mr Stein: If you owned a shop Mr Ferlinc and someone came to you and said “Well, look, mate, the situation is this, that there’s some money gone missing here, can’t say it’s your fault but you’ve got to pay up”, does that sound like that’s fair to you now?
Martin Ferlinc: It depends on how it’s gone missing.
Mr Stein: Well, you don’t know. This is what is being said in this document. It doesn’t matter how it’s gone missing. It’s not been proven to be the fault of the subpostmaster.
Martin Ferlinc: But equally then, there are other things that could have happened. It could have been an error. If you look at the amount of transaction corrections, the number of error notices, there are so many errors that were being made and are probably still being made, there could be members of staff employed by the subpostmaster who may be taking money from them, there could be procedural security faults. So someone might just put their hand round the till and swipe some money. There’s so many potential losses that could have occurred.
Mr Stein: Yes, but I’m not even too sure you have actually mentioned any of those being the fault of the subpostmaster but, yet, your document is saying they have got to pay up?
Martin Ferlinc: But contractually they are liable for losses through negligence and carelessness and error.
Mr Stein: And you think that only sounds unfair now, Mr Ferlinc?
Martin Ferlinc: No, I’m saying if they are negligent, if they are – carelessness, if they’ve made an error then it’s appropriate that they would be liable for the losses. I think what I’m saying now is that any errors relating to system issues would not have been fair.
Mr Stein: Help us a little bit more with this. I am going to take you to another document in a moment but just help us a bit more with this. This suggestion, which is that you are saying has got something to do with the contractual requirements or you are saying this is the way it always was, was at the something that you had been told about, that you had been told by a manager about by somebody else saying look Mr Ferlinc this is the way it works. Is that something you were told?
Martin Ferlinc: When I joint the Post Office, when I joined the audit team, the contract very clearly stated that liability.
Mr Stein: Right. Now, just reminding ourselves that the date of this document is 7 September 2003 I am going to take you to a different document, which is a Fujitsu document.
Frankie, it’s FUJ00098169.
This is, as you can see, this is the front page of this document, “Fujitsu Services input to Feasibility Study”. This essentially is at the starting point of the IMPACT study, the IMPACT programme?
Martin Ferlinc: Okay.
Mr Stein: If we can go then to page 6 of this document – page 6 on Relativity pagination, please, Frankie – and then I’m going to be referring to the fourth and fifth paragraph on that page, so the one at the starts “Fujitsu Services is pleased to submit this document”.
So for clarity, Mr Ferlinc, I am not expecting you to have seen this document or, indeed, have been aware of it at the time. I just want to concentrate on the fact that this is a 2003 document, this is earlier to your document and I want to see what’s coming together in relation to this. This is saying this:
“Fujitsu Services is pleased to submit this document developed as an input to the Post Office E2E feasibility study [that’s End-to-End feasibility study] and looks forward to continued joint working in the development of effective systems to support the Post Office business. All pricing and timescales assume this approach.
“This paper sets out Fujitsu Services approach to the systems re-architecture, explains the design aims, outlines indicative pricing and offers a proposed implementation plan.”
So that, in summary, is what this thing is about.
Then page 34, please, Frankie.
So the paragraph I’m identifying here is 3.2.4 “Project 4 – Branch Liability Management”:
“Within the ‘Accounting, Reconciliation and Settlement, including Debt Recovery and Branch Control’ area of the business the following key business priorities have been identified:
“Simplify identification of debt.
“Reduce the amount of reconciliation.
“Increase the amount of debt recovered …”
Then the fourth bullet point:
“Put the emphasis on clients and customers to validate the data.”
Now, do you agree that, in the context of what we’re talking about here, the clients and customers to validate the data, we’re talking about the subpostmasters and mistresses in the branches?
Martin Ferlinc: Clients would be people like DVLA, clients would be the people that we’re managing products for.
Mr Stein: Subpostmasters?
Martin Ferlinc: I think – I’m not quite sure how – I would say clients is DVLA, NS&I.
Mr Stein: We can read on:
“Simplify branch processes by reducing the amount of paper.
“Centralise/consolidate agents debt.
“Enable matching of cash at branches with settlement with client.”
Martin Ferlinc: Client is DVLA, Alliance & Leicester; that’s what a client is.
Mr Stein: So you don’t believe that this applies to the branch offices?
Martin Ferlinc: There might be aspects of it that do but those things you pointed out don’t.
Mr Stein: I see. Now, we understand that the position in relation to the IMPACT system at the time was that there was a need at the time, 2003, for the Post Office to make more money. It was essentially having financial difficulties. Is that something you’re aware of?
Martin Ferlinc: Well, I mentioned throughout my presence today that there was a theme of reducing costs. Making more money is just the other side of that coin.
Mr Stein: Right. Where this is enabling matching of cash at branches was settlement with client, what’s that refer to? What do the branches refer to?
Martin Ferlinc: Can you just point out which point you’re referring to.
Mr Stein: That’s, I think, the seventh bullet point down.
Martin Ferlinc: I’m not sure how that links, the matching of cash with settlement with client. I’ve no idea.
Mr Stein: You don’t think this might relate to subpostmasters?
Martin Ferlinc: It’s talking about settlement with the client. So I don’t understand how it links with a matching of cash.
Mr Stein: Well, what are these branches being spoken about here then?
Martin Ferlinc: I didn’t write the document. I don’t know what it means. It doesn’t make any sense to me.
Mr Stein: I see. Well, let’s just go with the “put the emphasis on clients and customers to validate the data”; is that something you’re familiar with in relation to the operation of the Horizon System that whoever is operating the system they’ve got to validate the data?
Martin Ferlinc: No.
Mr Stein: Why doesn’t that make any sense to you?
Martin Ferlinc: Because Products and Branch Accounting would be matching the data. They’ll be matching the data that they get from branches to Horizon with the data that’s provided from the clients.
Mr Stein: Right. But then this document from Fujitsu is seeking to suggest that clients and customers, they’ve got to validate the data. What does that mean to you?
Martin Ferlinc: It doesn’t mean anything to me. Maybe Fujitsu haven’t understood the terminology that Post Office would use.
Mr Stein: I see. Well, let’s try it another way round. How would a subpostmaster, going back to our earlier discussion in relation to losses, how would they be able to find the evidence that relates to the operation of the Horizon System? What access did they have?
Martin Ferlinc: The same access that an auditor would have in terms of access –
Mr Stein: The same access as who?
Martin Ferlinc: The same access as an auditor would have such as all the transaction reports that come out of Horizon; so transaction logs, summaries that they would get out of the system.
Mr Stein: So you think that the branch managers in the individual branches had the same access as the audit team?
Martin Ferlinc: That was my understanding at the time and it is my understanding now that the branch manager has the same access level as the auditor. That might be a false memory but that is my memory.
Mr Stein: This question of what they had access to, the branches, is quite important; do you not agree? That if they –
Martin Ferlinc: I agree.
Mr Stein: I’m just trying to understand what the audit process was, though. Did you not make sure that the branch managers and mistresses had access to the same material or is it just something you’re thinking, well, that probably happened or it should have happened. Which?
Martin Ferlinc: They would have had the same access. I think what I’m not sure about is whether auditors had additional access to additional reports.
Mr Stein: There seems to be – if you draw back from your evidence, there seems to be a few things that are quite problematic. You’re talking about a contractual obligation on subpostmasters and mistresses to make good losses, yes?
Martin Ferlinc: Mm-hm.
Mr Stein: That’s your first – is that an assumption you made or that was what you were told?
Martin Ferlinc: It’s what I read in the contract manual.
Mr Stein: You read that in the manual?
Martin Ferlinc: In the subpostmasters’ contract, I seem to remember section 12 to 15 had details about the liability that subpostmasters had for losses through negligence, carelessness, error.
Mr Stein: Right. Well, what about trying to prove a loss when it’s the system that’s come up with it?
Martin Ferlinc: I agree. If the system’s created a loss, it’s very difficult for either party to be able to prove it.
Mr Stein: If the pressure on the subpostmaster and mistress is that they’ve have got to, as this document appears to be saying, they’ve got to validate the data, they’ve got to actually show, you know, where the problem is, if it’s a system error then how are they meant to do that?
Martin Ferlinc: As I said, I agree with you. If there’s a system error, it wouldn’t be easy for either party to be able to say this is an error that’s been caused by the system.
Mr Stein: Mr Ferlinc, when did it come to you that this was a bit of a problem? This has only come to you before giving evidence that you thought, well, bit of a pity these subpostmasters and mistresses didn’t really – weren’t aware of what was going on with the Horizon System and that we just nailed them for the money anyway?
Martin Ferlinc: No, I think what I said before is that these system errors weren’t visible. They weren’t things that I was aware of at the time.
Mr Stein: When were you aware of –
Martin Ferlinc: Probably when I left the business and in the media reports following, you know, the mid-2010s.
Mr Stein: You were aware of some errors with the system. You’ve not said it was perfect.
Martin Ferlinc: Hey, it wasn’t perfect and no system is perfect. As I said, every software system will have bugs and quirks and they are fixed.
Mr Stein: So who told you day-to-day, week-to-week of the errors? What reports did you get?
Martin Ferlinc: I didn’t get any reports.
Mr Stein: Did you investigate? Did you –
Martin Ferlinc: I didn’t.
Mr Stein: – as an example, in whatever way you could, give Fujitsu a ring or ask to visit them and consider with them how they deal with –
Martin Ferlinc: No.
Mr Stein: You don’t feel that that’s something of a failure?
Martin Ferlinc: I think with hindsight there were many things that could have done differently, absolutely.
Mr Stein: In hindsight? This was a failure at the time, Mr Ferlinc, a failure by you and your department actually not grasping the nettle and not actually look at what problems lurked behind the scenes. Do you not agree?
Martin Ferlinc: No, I don’t agree because at the time my team’s responsibility was for validating assets at branches and that’s what the team delivered.
Mr Stein: You don’t feel it was your responsibility just to keep your eyes closed, Mr Ferlinc, and just sort of barrel on regardless?
Martin Ferlinc: Not at all. I didn’t feel that’s what I was doing.
Mr Stein: Excuse me one moment.
Thank you, sir.
Sir Wyn Williams: All right. Is that all the questioning, Mr Blake?
Mr Blake: It is, yes.
Sir Wyn Williams: Right. Well, thank you very much, Mr Ferlinc, for coming to give evidence and answering a great many questions and for answering them, so far as I’m concerned, at least with clarity. Thank you.
Mr Blake: Thank you very much, sir. We’re back at 10.15 tomorrow morning with Mr Marsh.
Sir Wyn Williams: Very good. See you all at 10.15.
(4.07 pm)
(Adjourned until 10.15 am the following day)