WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
Witness Name: Lesley Jessie Sewell
Statement No.: WITN00840100
Dated: 16 April 2024
POST OFFICE HORIZON IT INQUIRY
FIRST WITNESS STATEMENT OF LESLEY JESSIE SEWELL
I, LESLEY JESSIE SEWELL, will say as follows...
INTRODUCTION
1.
I am a former employee of Post Office Limited and between April 2010 and
November 2015 held positions of Head of IT & Change, Interim Chief
Operating Officer, Chief Information Officer (“ClO”), and ClO and Operations
Director.
This witness statement is made to assist the Post Office Horizon IT Inquiry (the
“Inquiry”) with the matters set out in the Rule 9 Request dated 6 March 2024
as amended on 26 March 2024 (the “Request’).
References to “POL” in this witness statement are references to Post Office
Ltd. References to “RMG’ are to Royal Mail Group. References to “SPMs” are
to Subpostmasters, Subpostmistresses, Managers and Assistants. References
to “Separation” are to POL becoming independent from RMG on 1 April 2012.
References to “Horizon” are to the Horizon IT System. References to “HNGx”
are to the second iteration of Horizon that was rolled out from March 2010.
Page 1 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
References to “Crowns” are to branches owned and directly managed by
POL. References to “Multiples” are to franchises such as WHSmith.
References to “Bugs” are to errors or defects with Horizon.
4. A significant period of time has passed since my tenure at POL (2010-2015).
In the making of this statement, I have sought to refresh my memory from the
contemporaneous documents provided insofar as is possible. I make this
witness statement to the best of my recollection, knowledge and belief. I have
been assisted in preparing this witness statement by my legal representatives,
Reed Smith LLP.
BACKGROUND
5. I have a bachelor’s degree in Applied Computing from Newcastle Polytechnic
and an MBA from Newcastle University. I started my career at Newcastle
Polytechnic within its Computing department as a trainee Computer Operator. I
left in 1985 to join Northern Rock as a trainee programmer. I worked at
Northern Rock until 2010. During my 25 years at Northern Rock, I held
numerous IT roles and led many major IT programmes. When I left Northern
Rock I held the position of Managing Director of IT.
6. I joined POL as Head of IT & Change in April 2010. I held this role until
approximately Q1/Q2 2012, reporting to Mike Young, Chief Operating Officer
(‘COO’). In around Q1/Q2 2012, at short notice, Mike Young left POL. I was
asked to step in as Interim Chief Operating Officer while a restructure was
considered. I held this role until around Q3/Q4 2012, reporting to the CEO
Paula Vennells. From this time, I joined the Executive Committee (the “ExCo’).
Page 2 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
By the end of Q4 2012 I was the CIO, reporting to the Strategy Director, Sue
Barton. I reported to her until she left POL at the end of 2013. I then reported
to the Chief Financial Officer (“CFO”), Chris Day, until the end of 2014. In
around early 2015, following a restructure, I became Operations Director in
addition to ClO. I was not part of the Group Executive that was created in late
2014. I reported to the new CFO, Alasdair Cameron, until I left POL at the end
of November 2015 (I resigned in early June 2015 and was on gardening leave
from 1 October 2015).
7. Onjoining POL, my understanding was that I had been brought in to oversee
the Separation from RMG and the resulting IT transformation and to build the
IT capability post-Separation. To provide some context about
Separation/POL’s IT transformation, from an IT perspective, the scale of the
process was enormous. It was probably one of the largest IT transformations
in the UK at the time. The professional challenge of overseeing an IT
transformation is what appealed to me. Prior to Separation, the majority of IT
services used by POL sat within RMG and POL was able to piggy-back off
these. The main IT service that sat within POL was the contract with Fujitsu
who, at that time, provided front office and network services to the branches
along with a couple of smaller systems. My task was to take the shared IT
services from within RMG and build those services from scratch within POL.
My objective was, with the support of the executives and the Board, to build a
holistic IT strategy for Separation. Horizon and the relationship with Fujitsu
was one part of the overall IT strategy. The ‘IT Strategy Update’ of January
2015 in POL00109859 gives an idea of the scale of the IT strategy, however it
broadly included reviewing the IT organisation and its processes and creating
Page 3 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
an operating model which could support Separation and the transformation
activities. There were a number of systems built during Separation which
required significant procurement exercises, including the Fujitsu contract. I
provide further detail about the IT strategy I put in place at paragraph 67 below
and how Fujitsu fit into that.
8. Initially, during my tenure as Head of IT & Change, the day-to-day operational
service management of Horizon and the management of the contractual
relationship with Fujitsu was the responsibility of the Managed Services team.
Andy McClean led this team and reported into the COO Mike Young. Managed
Services at this time was also responsible for the management and oversight
of the outsourced business activities and relationships (e.g. Bank of
Ireland/HP/Telephony). As Head of IT & Change, in so far as Horizon was
concerned, I had responsibility for any IT change activity (i.e. introduction of
the Post & Go machines). If there were any significant incidents (i.e. a P1 or
P2 as I refer to below at paragraph 18) the IT team would be involved to
support any investigation into the incidents. I raised with Mike Young, that the
responsibility for the operational management and contractual relationship
management of the Horizon contract was in the wrong part of POL and should
have been under IT. As I have set out above, if there was a significant incident
involving Horizon, the Managed Services team, supported by the separate IT
team, would work together to investigate. The issue with this was that the IT
team did not have full oversight of Horizon (the contractual relationship with
Fujitsu and day-to-day management). This changed when the Head of
Managed Services left in Q3/Q4 2011. From that point on, as Head of IT &
Page 4 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
Change, I took responsibility for Service Management, which included Horizon
(the contractual relationship with Fujitsu and day-to-day management).
9. As CIO, my priorities included: (i) delivery of the IT strategy and new IT
operating model; (ii) delivery of RMG/POL separation technology activities; (iii)
acting as Chair of the IT Transformation Committee; (iv) procurement and
implementation of all IT services post-separation (including the Fujitsu contract
which was put to the market for the re-procurement of services which were
covered under that contract); (v) management and oversight of the outsourced
business activities and relationships (e.g. Bank of Ireland/HP/Telephony); (vi)
stakeholder engagement regarding IT matters; (vii) Account Executive
engagement with key suppliers, auditors and advisors; and (viii) operational
cost reduction. As CIO I was the executive accountable for the contractual
relationship with Fujitsu in respect of Horizon. This included overall oversight
of any change activity and provision of operational service from Fujitsu (I
provide details of my team in the following paragraph). From late 2013 into
2014, I took on additional responsibilities for Information Security which
included (i) reviewing the Information Security operating model, policies and
procedures; (ii) commissioning a Deloitte maturity review to inform the
operating model; and (iii) recruiting a new Head of Information Security. In
2015, while reporting to Alasdair Cameron, and with the additional role of
Operations Director, I also took on the additional responsibility for back-office
activities for Product and Branch Accounting (“P&BA”) and HR. I have
considered FUJ00175161 and agree with the description of my “agenda” as
CIO. During my tenure I was not responsible for prosecutions of SPMs. While I
was involved in the commission of the Second Sight Report and the Project
Page 5 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
Zebra report, I was not responsible for the action points arising from the
recommendations of each of these reports, which were dealt with by the
Sparrow Working Group (initially set up to manage the Second Sight Report)
which I was not a member of and which reported to the Board.
10.As CIO I brought in an experienced IT Programme Lead/Transformation
Director, Neil Wilkinson, who was responsible for delivering Separation and
then more broadly the IT Transformation (procurements and delivery). I also
brought in a Chief Technology Officer, Paul Bleasby, who led the architecture
team and was the Chief Architect of POL’s IT systems. He worked closely with
third party suppliers (including Fujitsu) and the wider business on developing
the IT strategy and delivering aspects of the IT transformation programme. I
would rely on Paul for technical input. David Hulbert was the existing Head of
Service, responsible for the day-to-day operations of all the IT services
(including Horizon). All directly reported to me, in addition to a Head of
Business Relationships, Head of Quality and Standards, Head of Managed
Services and Head of Projects.
4
.I have been asked to summarise my professional career since leaving POL. In
December 2015, I joined a start-up private equity backed specialist mortgage
lender as COO. I led the business build programme and was accountable for
technology, change, new mortgage business and account servicing. I left in
November 2019 and retired from full-time employment. Since the Covid-19
pandemic, I have supported ‘Be the Business’ (a small business giving small
companies support) and I am a governor of a college.
Page 6 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
THE HORIZON IT SYSTEM
12.1 had no knowledge of Horizon before joining POL other than at the interview
stage being told about key suppliers, including Fujitsu. On joining POL, I
learned more detail about Fujitsu building Horizon and that the contract had
been in place since the 1990s. I understood Horizon to be the point-of-sale
system at the Post Office counters (SPMs, Crowns and Multiples) which would
be used to process and record all transactions performed within a branch. I
cannot recall any of the specific details, but during my first few weeks at POL it
is likely that I would have been given a walkthrough of Horizon and it is
possible that some high-level architectural presentations regarding Horizon
were delivered to me. Beyond this, the only formal training on Horizon I recall
was for Christmas support for the Post Offices, which was limited training on
Horizon and more specifically on the Post & Go machines. I would have had a
high-level awareness about how the system was architected, however as
Head of IT / CIO I was neither a technical nor a functional expert in Horizon.
13.1 do not recall reading the May 2009 Computer Weekly article before joining
POL. I was not employed by POL at the time of this article and do not recall
being involved in any internal discussions about it when I joined. I do recall
reading Computer Weekly articles at some point during my tenure but I cannot
recall when I did so or specifically which ones.
14.Around the time I joined POL in April 2010, I recall that the second iteration of
Horizon (“HNGx’) was in the process of being rolled out. I understood that the
changes were primarily as a result of a cost reduction exercise, a refresh of
some of the hardware, and application changes to support SPMs. I later
Page 7 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
understood that there was a level of resilience removed as part of the HNGx
roll out. Previously branches could continue to operate if the branch was
unable to connect to the datacentre, however HNGx required the branches to
be connected to the datacentre to be operational. Coming from a banking
background (where branches could continue to transact if they lost connectivity
to the datacentre) I had concerns about this from an operational resilience
perspective (i.e., customers could not be provided with services if branches
lost connectivity). This issue was addressed in papers to the Board (see
POL00096035 and UKGI00018115 by way of example).
15.On joining POL I was not aware of either (a) bugs, errors or defects in the
Horizon IT system (“BEDs”) (b) a lack of integrity in the Horizon IT System or
(c) complaints addressing BEDs or concerns with integrity.
16.1 had no input into the commission of or production of Rod Ismay’s report of
August 2010. I received a copy of it due to my role as Head of IT shortly after I
started at POL. To the best of my recollection, it was around this time that I
first understood that there were challenges to the integrity of Horizon. The
report suggested that these concerns were not founded. I took the report at
face-value, and it was my understanding from reading the report that there was
not an issue relating to the integrity of Horizon and that there were significant
business controls in place. I have no recollection of whether the report was
used in POL’s response to complaints made by SPMs concerning the integrity
of Horizon. I do not think I would have been aware of this at the time.
17.1 recall an issue shortly after I joined POL which led to the roll out of HNGx
being halted. This was not a software fault relating to Horizon, rather a
Page 8 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
database issue which was causing performance issues with Horizon. The roll
out was halted until this was fixed. The first software fault relating to Horizon I
can recall was “the 62 bug” in 2010 (see POL00134346 which provides an
overview of this). I also have a clear recollection of the “Local Suspense
Incident” affecting 14 branches in 2013 (see POL00190016). My
understanding for these faults was that the affected branches were all
contacted and that the faults did not result in a negative financial impact.
18. There were two broad categories of technical issues relating to Horizon which I
would be made aware of (i) complete Horizon network outages, which I
referred to as “P1s” and (ii) technical issues affecting a significant number of
branches, which I referred to as “P2s”. There would have been exact
definitions of P1 and P2 faults but I do not recall these. The “62 bug” and
“Local Suspense Incident” referred to above were P2s. POL00190037 and
POL00029627 confirms that there was no negative financial impact for SPMs
and no prosecutions in relation to these two bugs. More generally, I was not
aware that any of the errors or defects that my team investigated were linked
to prosecutions.
19.Prior to my taking responsibility for Service Management in Q3/Q4 2011, it was
the responsibility of the Managed Services team to inform me of these issues
and engage with the IT team. In some cases, these issues would be escalated
to the Executive. An Incident Review would then be carried out by Fujitsu, who
would provide a written response to POL. Any significant issues would be
discussed at the operational and executive supplier reviews with Fujitsu. I
understood that operational reviews took place between Fujitsu and Service
Page 9 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
Management every week. I was not involved in these meetings. It is my
understanding that Executive reviews were not taking place prior to me taking
responsibility for Service Management. Once I had taken responsibility for
Service Management, I attended Executive meetings either monthly or bi-
monthly depending on need with my senior team, a Fujitsu account executive,
sales executive and service executive. Service Management, David Hulbert or
the Duty Manager would communicate P1s and P2s to all key stakeholders
across the business, keeping them updated in relation to the issue, impact and
resolution. I would also assist in communicating P1s and P2s at Executive
level, often by text message, telephone call or in-person.
20.To the best of my recollection a small number of P1s and P2s occurred during
my tenure. Following review of the documents I do recall the 4 significant
services failures which occurred over a 9-month period in 2011/2012.
POL00105585 provides detailed explanations from the technical team of each
incident. As a result of these service failures, two reviews were undertaken —
a tactical review and a strategic risk and resilience review (by KPMG), both of
which were reported to the POL Board. The tactical review examined each
individual incident, reviewed the root cause and established lessons learnt and
improvements were implemented. The strategic review which was conducted
by KPMG considered the resilience in the infrastructure as compared against
other retailers or banking. This was an area of concern for me as I have
detailed at paragraph 14 above. The strategic review gave the Board clarity on
recovery of the datacentres (post implementation of HNGx) and costs to move
to a more resilient platform.
Page 10 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
21. Technical issues relating to individual branches or a smaller number of
branches (i.e. not P1s or P2s) were dealt with by the operational IT service
team who were the primary interface with Fujitsu. David Hulbert, the Head of
this team directly reported to me from Q3/Q4 2011. P&BA and the National
Business Support Centre (“NBSC”) reporting to Rod Ismay, were the primary
contact points for the SPMs. I would only be involved in dealing with this type
of branch IT issue if they were directly escalated to me. I would raise any such
escalations with David Hulbert for action and with the Fujitsu Executive, if
necessary.
22.1 have considered an email thread dated 7 October 2014 (POL00210241) in
which Kevin Gilliland (Retail Director) escalated a branch Horizon network
connectivity issue to me. The documentation shows that I asked lan Thomas
to look into this, copying David Hulbert and Andy Grant. I cannot recall who
lan Thomas or Andy Grant are. I then ask “We do seem to be getting a lot of
issues in this area — is there an underlying systemic problem?” By systemic, I
meant is this a widespread issue which is affecting many branches. While I do
not recall this specific issue today, it appears from the email thread to have
been a local branch network issue and not an issue with the Horizon software.
23.1 do not recall the specific term ‘ARQ data’. I assume that this refers to the
Horizon audit transactional data stored within the audit database. I did not
have a low-level detailed knowledge of what data fields were stored, I do recall
it being a secure audit log of all transactions performed at a branch, which was
described as being stored in a WORM (write once read many) storage and
signed with a digital key. I remember attending a meeting with either Second
Page 11 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
Sight or Deloitte and Fujitsu (Executives and Fujitsu systems experts) and
POL representatives where Fujitsu presented the details of Horizon’s
architecture and explained how transactions were stored securely and could
not be altered given the digital key against each transaction. I refer to this at
paragraph 63 below.
OPERATION OF POL AND HORIZON
24.1 was not involved with concerns about disputed shortfalls in branch accounts.
As I recall, the primary point of contact for these queries was via P&BA which
was managed by Rod Ismay, or escalated through the Retail team managed
by Kevin Gilliland. Only during 2015 (when I took on additional operational
functions as referred to above at paragraph 6) did P&BA report through to me.
Angela Van-Den-Bogerd became Operations Director/Head of Operations in
2015 and was responsible for P&BA and HR back office. She reported through
to me. However, I understand that separate to the work that I had oversight of,
she was heavily engaged with and reporting to Sparrow at this time (Sparrow
was a Working Group set up to manage the Second Sight review, which I
address further at paragraph 47 below). At this time (nor at any other time),
was I involved in the day-to-day activities of the support PB&A provided to the
branches. I do not recall any escalations during that period with regards to
shortfalls in branch accounts.
25.My understanding of how SPMs would raise concerns about the IT system is
that concerns were reported to and managed by the call centres, in particular
P&BA and a help line in Fujitsu. I had no direct involvement in this process.
Day-to-day oversight of the IT help lines was within Service Management and
Page 12 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
Fujitsu, and also Atos towards the end of my tenure (I refer to Atos at
paragraph 67 below. In short, this company was appointed as Service
Integrator in respect of POL’s new IT tower model post-Separation (from
October 2013)). I was only made aware of any issues in the event of a P1 or
P2 issue, or an escalation of a branch issue as described above.
26.1 set out here the ways in which reported problems with Horizon could be
escalated within POL and/or Fujitsu:
(i) Escalation from the IT help desk through to the Head of Service
Management (David Hulbert) and ultimately onto me. This would be
escalated at the same corresponding levels within Fujitsu.
(ii) Some issues were escalated through POL executive, typically via the
CEO, Retail Director or via P&BA.
(iii) I Whilst I cannot recall the specific details, I do recall that SPMs could
follow a complaints process.
(iv) I My understanding was that within Fujitsu, concerns could be escalated
to them by POL (e.g by the Retail Director) via Service Management.
The chain of escalation from there was to a senior manager for service
and then through to the executive line.
27.1 would not be aware of the volume of complaints about Horizon as this was
managed through another business area within POL. I do not recall which.
28.1 understood advice and assistance was provided to SPMs by PB&A. I am
unable to provide a view of the adequacy of this advice. I recall that general
Page 13 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
advice and support was one of the points that came out of the first Second
Sight report in July 2013 as needing to be addressed, and I recall this was fed
through to the Sparrow project (the Working Group set up to manage the
Second Sight review, which I address further at paragraph 47 below).
29.1 do not recall which business area handled training on Horizon. I personally
do not recall having any involvement with or oversight of this, although it is
possible that my team would have been asked to comment on training
materials. I cannot, therefore, express a view on whether the training provided
was adequate. I recall the Second Sight Interim Report commented on
training not being adequate. This would also have been fed through to the
Sparrow project.
30.1 had no involvement in POL’s audit of SPM’s branch accounts.
31.1 became aware around the time of the Rod Ismay report that prosecutions
were taking place, but I did not appreciate the full scale of these until later. I
understood that data from Horizon was being used as part of the supporting
evidence in those legal proceedings and the importance of the integrity of the
data. At some point (I do not recall when) I became aware that there was a
contractual obligation for Fujitsu to provide audit data as part of any
investigations. I do not recall appreciating that POL could prosecute
individuals itself without referral to external authorities until around the time of
the Second Sight review. At this time, I did not give this much consideration
and would not have been able to comment on the prosecutions themselves.
At the time I joined POL, the prosecutions had been ongoing for many years. I
did not have involvement with these as they were handled by the legal
Page 14 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
department. I can see from the documents provided an occasion in 2013
when Simon Baker (a member of my team) was asked to obtain information
on “bugs” in connection with a prosecution (please see POL00164510 and
POL00060572) but that was the extent of my involvement.
32.1 understood that Gareth Jenkins was a Fujitsu technical expert on Horizon
and later a technical witness for POL in legal proceedings. I did not have any
professional relationship with Gareth Jenkins, although the documents
provided show an occasion where I did have email contact with him following
an escalation to an account executive at Fujitsu. In addition, I have also
reviewed FUJ00124536 in which Gareth Jenkins sends me a copy of his final
witness statement from the 2010 Misra case heard at Guildford Crown Court
on 28 June 2013. I do not recall being aware of the Misra case in 2010. I had
not long joined POL. I was not responsible for prosecutions and I do not recall
having any active involvement in prosecutions. I do not recall asking for this
statement or how it was asked for and it would be extremely unusual as CIO
to request a copy of a witness statement. I can only assume (given the timing)
that I had been asked to obtain it as part of the Second Sight review or it may
have been related to the prosecution referred to in the above paragraph (I
have no recollection of this but note the emails are a few days apart).
THE ERNST AND YOUNG (“EY”) 2009/2010 and 2010/2011 AUDIT FINDINGS
AND ACTION THEREAFTER
33.Shortly after I joined POL in April 2010, I was asked to attend an end-of-year
controls audit final review meeting with EY and other POL employees
regarding the 2009/2010 audit. I recall that this audit was being overseen by
the Finance team as part of the normal financial year end activities which is
Page 15 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
not unusual, but it appeared that Finance had taken a lead role in the IT
elements. The operational responsibilities for Horizon at this time were
through Managed Services (Andy McClean) reporting into the COO (Mike
Young).
34.Coming into POL, I recall being concerned by the findings of the 2009/2010
audit, in particular the number of findings and recurring issues. Having read
the summary document to refresh my memory, EY had a number of
challenges in identifying an individual within POL who owned the relationship
with outsourced providers (including Fujitsu) who could reinforce EY’s
requests to Fujitsu for evidence required to complete the audit. EY required
intervention from senior POL staff and senior Fujitsu UK executives. This was
not something I was involved with.
35.1 do not recall the date on which responsibility and senior engagement for the
IT elements of the controls audit moved to me. I do not recall what
involvement I had in the 2010/11 audit other than I can see from the
documents provided that my involvement in the 2010/11 EY controls audits
appears to start in around March/April 2011. At this point the operational
management of the Fujitsu contract was still within the remit of Managed
Services. At the time I took responsibility for the audits, I assigned
responsibility to one of my team, Andy Jones (Head of Quality and Standards
within IT), to co-ordinate between EY & Fujitsu and to track and ensure
actions were being completed with appropriate evidence for the auditors.
Andy Jones continued in this role for the duration of my time at POL. I also
Page 16 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
recall engaging with Internal Audit during my tenure to validate that external
audit actions had been completed or were on course to be completed.
36. The EY audit was an annual activity, and I led the move following the 2010/11
report from a standard audit with Fujitsu to an ISAE3402 standard (which
superseded SAS70). The main benefit of this for POL was that this was a
recognised standard for the controls over a service provider that the auditors
could test and POL could rely upon. From my perspective, it appeared that the
main issue was that no one within POL had taken ownership of the IT controls
in place with Fujitsu. I made Andy Jones accountable for the annual audit
process and management of audit actions with clear objectives through his
annual performance reviews (POL00137282). The audit outcomes needed to
be significantly improved so that POL could become comfortable with the
controls. It was made clear to the RMG Board that a move to the ISAE3402
standard would take around 2 years; 2011/2012 being foundational and
2012/2013 for completion of the ISAE3402 (RMG00000003). I worked closely
with EY and the executives at Fujitsu to ensure they knew how important this
was. Paula Vennells and Mike Young were also involved in gaining
commitment from the most senior levels within Fujitsu. Fujitsu also committed
to covering the costs for the ISAE3402.
37.The IT team worked with Fujitsu and EY to define the scope and requirements
of the ISAE3402, and Fujitsu engaged a consultancy firm (possibly KPMG) to
perform their audit and prepare the ISAE3402 prior to EY performing the
annual controls audit. This was presented to the Senior IT team and myself
on an annual basis. Whilst I cannot remember the specific outcomes of the
Page 17 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
EY audits, I recall that there was a significant improving trend. This can be
seen from POL00021431 and POL00105629.
38.Based on my previous experience in a banking environment, I understood and
agreed with the importance of the controls described by EY regarding systems
access and management of technical or systems changes to Horizon. Having
refreshed my memory by reading the management letter from the 2010/2011
audit and the summary of the 2009/2010 findings, I did agree with EY’s
findings that there needed to be an improvement in the governance of the
outsourcing contract and other areas identified. As I set out in paragraph 8
above, my view during 2010/2011 was that the contractual relationship and
day-to-day operational management of the Fujitsu contract was in the wrong
area of the business, although IT and Managed Services did report through to
the same Executive Director (the COO). I agreed with EY that a move to a
ISAE3402 standard would be beneficial for POL and would provide a much
more structured approach for POL/EY whereby the control objectives (over
management of change and access to systems) and required outcomes were
clear for all parties. Having read the audit report provided it is clear that as
the 2010/2011 audit was the first full year audit following the implementation
of HNGx, there was a lot of work to be done by Fujitsu around the control
environment and within POL to be comfortable with the controls in place. The
documents reference Fujitsu’s CISO (Chief Information Security Officer) being
involved. I vaguely recall this escalation as part of the resulting actions taken.
From the documents provided there were also areas where POL needed to
assess the risk and compensating controls, especially for privileged users
Page 18 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
which I believe were considered by the Audit, Risk and Compliance
Committee (subcommittee to the ExCo).
39.1 recall concerns were raised by the Board about the cost of the EY audits as
they were expensive due to the additional testing EY had to perform to satisfy
the end of year audit requirements and they queried why POL should pay
rather than Fujitsu. Fujitsu bore the cost of the ISAE3402 once implemented.
Aside from this, I do not recall cost being a factor in relation to the steps POL
took in response to EY'’s findings.
SHOOSMITHS LITIGATION
40.1 recall this threatened litigation but do not recall being actively involved in
POL’s response to it. At this time, I was Head of IT & Change and reported to
Mike Young (COO). From a review of the documents, I can see that it was
initially proposed that I would be a member of a Steering Group to manage
POL’s response to challenges to Horizon from Shoosmiths / Access Legal and
the Justice for Subpostmasters Alliance (“JFSA”) but as seen in
POL00294878 Rod Ismay asked me if I would involve or devolve to David
Hulbert and/or David Gray who were both on my team. It is likely that I would
have devolved the responsibility to the experts in my team, and document
POL00294844 confirms this. I have no recollection of having direct oversight of
my team’s work on this. My team would have worked directly with Rod Ismay
on this. At this time Separation and the associated IT transformation was my
key priority and was taking up the majority of my working day. I have no
recollection of what POL’s strategy in responding to this litigation was and do
Page 19 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
not think I would have had a detailed understanding of this at the time due to
my limited involvement.
41.The only thing I can recollect in relation to legal professional privilege being
used within POL is that the legal department asked that anything to do with the
Horizon IT system in relation to threatened litigation to be marked as privileged
and confidential. I have no specific recollection of who in the legal team
communicated this or how/when this was communicated.
ENGAGEMENT WITH MPS IN EARLY 2012
42.1 was aware that meetings were taking place between MPs and Paula
Vennells. I also recall that Angela Van-Den-Bogerd and Alice Perkins were
involved in attending meetings with MPs. I recall being asked to attend the
office of Jo Swinson, the then Postal Minister, with Mark Davies
(Communications and Corporate Affairs Director) and Alwen Lyons (Company
Secretary) at short notice but I do not recall the date. I recall standing outside
her office in the corridor while her aides came out and asked us questions. I do
not recall any specific questions, only that they were Horizon related. I would
have been involved in the preparation for other meetings between MPs and
POL executives, together with my team (for example by commenting on
briefing papers as seen in POL00145100) but I cannot recall specific details of
what I did beyond what is seen in the documents. I (or my team) may have
been asked to comment on responses to journalists. I can see some examples
from the documents (POL00145113 and POL00142801) although beyond this
do not recall any specifics.
Page 20 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
43.In relation to POL00105481 I note 3 action points assigned to me “(i) be ready
to present our view on Computer Weekly and what these views are based on;
(ii) find out the views of the IT industry and the Govt on Computer Weekly
(possibly ask lan Watmore’s new CIO); and (iii) consider who we might
suggest as an independent IT consultant who could carry out a review, 2 or 3
possibilities so there is a choice”. The action points referring to Computer
Weekly were in relation to a suggestion made by James Arbuthnot MP that
POL should bring them into the business to carry out a review of Horizon. In
relation to point (iii) above, I recall that the UK government had set up an area
called Government Digital Services. I was tasked with going to talk to
government leaders and others in the industry to seek their views on Computer
Weekly and if they were able to conduct a review of Horizon. The proposal to
bring Computer Weekly journalists into POL to conduct this review was
unusual. The appropriate response, in my view, was to bring in an independent
expert to carry out a forensic review of whether there was a systemic issue
with Horizon (see POL00137248). I recall suggesting that Deloitte undertake
the independent review as they were on POL’s consultancy panel and could
be contracted quickly to do such a piece of work. Second Sight was eventually
instructed to carry out this review and I set out my involvement in that review
below in paragraphs 46-51.
44.“Remote access” has a specific meaning in IT which is the ability for support
staff to access the systems for support purposes i.e., software updates or
hardware diagnostics etc. I understand the Inquiry is referring to whether
Fujitsu had the ability to alter SPMs transactions when it uses the phrase
“remote access”. I recall an occasion early into Alice Perkins’ tenure as Chair
Page 21 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
of the Board when I gave a presentation to her walking her through how
Horizon worked at a high-level. The Powerpoint presentation would have been
prepared by one of my team. Beyond this, I cannot recall providing any formal
briefings to senior managers or board members on the integrity of Horizon.
Although I do not recall specifics it is likely that there would have been informal
discussions around the subject. I can see from the documents that,
throughout my tenure, I would be asked to provide feedback and updates to
the board as and when required on a number of IT related subjects. They also
show I was asked to provide information by Paula Vennells regarding remote
access, prior to her attending the Select Committee (please see
POL00150993, POL00311320, POL00151029, POL00311345 and
POL00311353 by way of example). As can be seen from POL00150993, I
would rely on my team to provide technical details. In terms of what
information was given, I would be transparent and did not intentionally hold
anything back. If something was highly technical, when presenting to the
Board or senior management, my practice would be to try and turn that into
plain English.
45.1 have considered page 10 of UKGI00016088 and what is meant by “Lesley
Sewell reported that a tactical review was underway to understand the single
points of failure within the system. A more strategic review was also needed
for re-visiting decisions made on critical back-up for system failures”. I
addressed this at paragraph 20 above. As a result of 4 significant service
failures over a 9-month period in 2011/2012, two reviews were undertaken — a
tactical review and a strategic risk and resilience review (by KPMG), both of
Page 22 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
which were reported to the POL Board. The tactical review examined each
individual incident, reviewed the root cause and established lessons learnt and
improvements were implemented. The strategic review which was conducted
by KPMG considered the resilience in the infrastructure as compared against
other retailers or banking. The strategic review gave the Board clarity on
recovery of the datacentres (post implementation of HNGx) and costs to move
to a more resilient platform. To the best of my knowledge none of the incidents
covered by these reviews led to prosecutions.
INSTRUCTION OF AND ENGAGEMENT WITH SECOND SIGHT
46.1 recall being involved in early discussions with the General Counsel (Susan
Crichton), Paula Vennells and possibly others in the ExCo about how best to
conduct a forensic review of Horizon. By forensic review I mean a detailed,
low-level analysis of data, audit and system logs, functionality, and potentially
application code, which would aim to identify any anomalies within the system.
This was an action point arising from the meetings with MPs. Susan Crichton
led the review. I refer to para 43 above in which I set out that I recall
suggesting that Deloitte carry out the independent review and the reasons for
this. I was not aware of Second Sight prior to 2012 and believe it was Susan
Crichton who suggested them. I vaguely recall meeting with Deloitte and
Second Sight with Susan as part of the selection process. I do not recall who
ultimately made the decision to appoint Second Sight or any of the specific
details about why they were chosen. I would have commented on and fed into
the ambit of the investigation, but do not recall any specifics.
Page 23 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
47.As regards the Sparrow Working Group, while I had some involvement in the
project for escalations and review of the interim report, I was not a member of
this group and had appointed representatives from my team to support
Sparrow. This was because I had been asked by the CEO to focus on
Separation and IT transformation. I recall that Second Sight were informed of
the P1/P2 IT issues and their resolution.
48.All requests for information from Second Sight were managed through
Sparrow. My team were involved in actioning IT requests and supporting the
working group. Initially there was a Manager, Simon Baker, assigned to
support co-ordinating the activities reporting to the working group, who was
then later supported by Steve Allchorn. There was also a Manager assigned
from the IT team located in Chesterfield (Kevin Lenihan) who was the conduit
between Sparrow and Fujitsu for any information requests from Second Sight.
I was not involved in the day-to-day activities of the review save for that, as
CIO, I was a point of escalation with the Fujitsu Account Executive (if
required) as I had the senior Executive relationship with them. I recall one
issue that I was asked to escalate to the Fujitsu Account Executive which
related to a SPM going into a basement at Fujitsu’s offices in Bracknell in
2008. The SPM reported that they had witnessed Fujitsu employees changing
transactional data. The purpose of the escalation was to ensure full access to
information from Fujitsu for Second Sight and the working group. I recall that
Fujitsu were adamant that the basement was a standalone test system not
linked into the Horizon network. I enquired of Fujitsu what the physical
infrastructure was as can be seen from POL00029605. They confirmed that
the test system infrastructure was physically separate from the data centre
Page 24 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
which processed the live network data. They also told us that it was common
practice to invite stakeholders in to see the testing environment. There was no
reason to doubt the information provided by Fujitsu as it was all plausible.
49.1 am reminded by POL00099063 that the interim report said that there were
no systemic issues with Horizon and that Second Sight were made aware of
the 2 incidents as detailed in paragraph 18 above. Other findings were that:
(i) where there was a power or communications failure during the processing
of a transaction, timely, accurate and complete information about the status of
a transaction was not immediately available to SPMs; (ii) support and advice
to SPMs in response to concerns needed to be improved; (iii) the lack of an
effective ‘outreach’ investigations function within POL resulted in POL failing
to identify the root cause of problems and missing opportunities for process
improvements; and (iv) the lack of a ‘suspense account’ meant it was difficult
for the SPMs to deal with disputes.
50.POL00099153 appears to be a list of suggestions from me to the Sparrow
working group about what should happen as a result of the Second Sight
report. I had come to POL from a banking background and in a bank
environment there would typically be a suspense account at a branch level.
By ‘suspense account’ I mean a branch level account where transaction
anomalies could be parked until they were resolved. As I understood it at the
time, there was no ability to do this within post office branches and SPMs had
to balance at the end of each day. The implementation of a suspense account
was one of Second Sight’s recommendations, and the action to ‘consider a
suspense account at branch level was to assess what would be necessary to
Page 25 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
make this change. While I did not take a leading role on follow-up actions, I
did give a view to the Sparrow working group on next steps. This included
scoping the ‘suspense account’ changes and further guidance to the branches
on communication failures.
51.1 was concerned the initial review by Second Sight was not forensic enough. I
would have voiced this to Paula and Susan. As regards the views of others, I
vaguely recall others having concerns about how the review was being carried
out and how long it was taking, I cannot recall specifically who but am
reminded by POL00145100. The first review was at a much higher level than I
had expected and, in my view, from a technology perspective, Second Sight
needed to go into the transactional and low-level system logs to do a deep
technical dive. Whilst the initial report said there were no systemic issues with
Horizon, I expected a more detailed analytical review of the individual cases.
THE INTERIM REPORT AND THE MEDIATION SCHEME
52. After Second Sight were engaged, my main involvement in the preparation of
the interim report related to obtaining material from Fujitsu in relation to the
Bracknell matter. As regards any “preparation for and response to” the interim
report, as set out above, in POL00099153 I made suggestions about what
could be done in response and how any subsequent actions could be
structured. I was not involved in the day-to-day working group action plan. I
have no memory of requesting any amendments to the report, but from the
documents provided it is clear that I reviewed the interim report and provided
comment to Paula Vennells and Susan Critchon (POL00099088). I can see
from POL00099088 that I have provided comments on a marked-up version of
Page 26 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
the interim report in relation to two areas in which POL and Second Sight had
conflicting views (the Bracknell matter and one of the spot reviews which
related to a connection failure).
53.1 was not actively involved in the Mediation Scheme or the Working Group. As
regards POL00089708, I am listed as a member of the Mediation Scheme
Working group in 2013, but not in 2014. The provenance of this document is
not known to me. I was not a member of the Working Group, although as can
be seen from the documents, I was copied on emails relating to the interim
report. In the second half of 2013/2014 I was focused on Separation and IT
transformation. I also was heavily involved with the Deloitte review (see
“Project Zebra” below).
54.1 recall that Second Sight produced a second report in August 2014, although I
do not recall the detail. I was not actively involved in its preparation as, at this
time, I was focused on the areas set out above. I can see from POL00207852
that I had been away on holiday and on my return, David Hulbert provides an
update to me about the second report. I cannot recall being involved in POL’s
response to the second report.
55.As I saw it, Project Sparrow was in place to manage the Second Sight review
and any resultant actions, and to oversee the Mediation scheme. As I was not
part of the group I am unable to provide any more specific detail. I do not know
why the Project Sparrow committee became a formal subcommittee of the
board and would expect those who sat on the board could confirm this.
Page 27 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
56.1 do not recall any policies or strategies POL adopted in responding to
complaints made about Horizon, both in the mediation scheme and more
widely. I therefore do not recall any factors taken into account when deciding
on any such policies or strategies, or any disagreements. By the end of 2014, I
did not sit on the Group ExCo. I recall it was meeting daily during this time. I
joined a monthly meeting to prepare any board papers. I am therefore unable
to comment on this and I imagine most of the discussions about this would
have taken place at group executive level.
57.1 do not recall being involved in briefing Paula Vennells, Alice Perkins or other
senior managers within POL in respect of the Mediation Scheme, whether in
readiness for a board meeting or otherwise.
58.1 have addressed my involvement relating to the ambit of Second Sight’s
investigation above at paragraphs 46-51. My team facilitated access to IT
documents from within POL and from Fujitsu. As regards POL’s approach to
disclosing documentation to Second Sight, if my team were asked to collect
information it would have either gone directly to Second Sight and/or to the
legal team. I would have asked my team to be transparent in terms of
providing information.
59. Any knowledge I have regarding the investigation of POL’s suspense account
and the allegation that POL may have unexplained profits caused by SPM’s
settling illusory discrepancies post-dates my time at POL, and the source of
any knowledge I have will be the media.
Page 28 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
POL’S RESPONSE TO COMPLAINT’S FOLLOWING THE MEDIATION SCHEME
60.1 understand that the Mediation Scheme ran from August 2013 until the end of
6
Q1 2015. At the time, I would have been aware of the Mediation Scheme and
potentially the Working Group closing but I was not actively involved in either. I
would have been copied in on emails regarding criticisms of POL in the media
(such as the BBC’s Panorama episode) and in Parliament. While I do not recall
the Bracknell issue re-surfacing in 2015, I can see from POL00002575 that
Nigel Shaw, Account Executive of Fujitsu, wrote to me about it in connection
with the Panorama programme. I had dealt with this issue when Second Sight
was completing its interim report. I do not recall being involved in any briefing
to the POL board and / or more senior managers on the integrity of Horizon
following the closure of the Working Group.
.I cannot recall being directly involved in POL’s internal communications
regarding challenges to the Horizon IT system. While it is possible I may have
been asked to comment prior to communications being issued, I do not recall
any specific instances. I am not aware of any POL policy in respect of such
communications.
PROJECT ZEBRA
62.To the best of my recollection, the request for a further review of Horizon came
from the POL Board. I am reminded by POL00138190 and POL00138191 that
POL sought legal advice from Linklaters about what an expert report into
Horizon should cover. I was not involved in obtaining this legal advice. The
Page 29 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
Deloitte report was instructed by the General Counsel (by now Chris Aujard). A
Terms of Reference was agreed with Deloitte as can be seen from
POL00108462. I also had input into this, as can be seen from POL00147961,
where I commented that there was not enough detail in the first draft. The legal
team led the review. Phase 2 was at the request of the Board (I am reminded
by the documents that there was a meeting on 30 April 2014).
63.As to why Deloitte were selected, I can only assume it was because they were
on POL’s consultancy panel and were known to POL having previously
completed work within IT and Information Security. I had also recommended
them in the past. The review was limited to a desktop review, meaning it was
restricted to reviewing documentation and speaking with technical experts. I do
not recall why it was limited to assurance work only, although performing a full
end-to-end system historic forensic review would have been challenging given
the original Horizon system had been replaced by HNGx. I also recall the time
and possibly cost of a deeper forensic dive being an issue, in particular time,
as if I recall correctly, POL wanted the review to done quickly. My view was
that a forensic review needed to take place but that this was a good start. I
recall my team being involved in ensuring Deloitte had access to resources
required within Fujitsu (from system architects and specialists) and by
engaging with the Fujitsu Account Executive to facilitate this. I remember
attending a meeting with either Second Sight or Deloitte and Fujitsu
(Executives and Fujitsu systems experts) and POL representatives where
Fujitsu presented the details of the systems architecture and explained how
transactions were stored securely and could not be altered given the digital
key against each transaction. If I recall correctly, Fujitsu stated in this meeting
Page 30 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
that correctional transactions could only be added through a facility that
required the SPM to accept.
64.1 am reminded by POL00138271 that Deloitte were asked to put more
information in the second interim version of the report and to structure it more
clearly. The Deloitte summary paper of their initial findings (prior to completion
of the full report) was presented to POL Board and they were asked to attend a
Board meeting. I attended for this agenda item and the General Counsel was
also in the meeting. The full review would have gone to the General Counsel
and myself, and most likely to a wider circulation. I was not involved in the
wider distribution of the report. I can see from POL00138432 that a summary
of the findings and recommendations of the Deloitte report were presented to
the Board Risk and Compliance Committee by the General Counsel Chris
Aujard. I was not a member of this committee and do not recall seeing this
summary at the time. Having reviewed this document now, I do not think it fully
conveys the findings from the Deloitte report and in particular I note that it
recommends that there is not a review of the transactions. As I understood it at
the time, the key actions arising from the Deloitte report fed into the Sparrow
Project and were presumably dealt with by them. Other actions, such as future
looking considerations, I would have expected to have been fed into the IT
programmes.
65.1 am reminded of the findings of the Deloitte report from the documents
provided and can recall that I broadly agreed with them. I recall that Deloitte
identified that 1 transaction had been added by Fujitsu during the time of the
HNGx pilot or early roll out. I immediately escalated this internally within POL
Page 31 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
to the CEO and General Counsel. I recall this as I was angry on finding out this
information. Fujitsu had consistently contended that data could not be added
or amended without the knowledge of the SPM or their consent as the SPM
through a system facility called Transaction Corrections. I do not remember
the transaction type (the Deloitte report details it as a ‘Balancing Transaction’)
however my understanding prior to this was that any changes of this nature
had to be accepted by the SPM and there was a full audit trail. I understood
that although the balancing transaction was outside of the normal process, the
SPM was aware. I escalated this with Fujitsu who were asked to provide
details of this case and to assure POL there had been no other transactions of
this nature. I believe confirmation was provided by running a program against
all transactions to determine if there had been any other transactions of this
type. The Deloitte report makes reference to an email regarding this type of
transaction. I would have shared the results with my team.
THE FUTURE OF THE HORIZON IT SYSTEM
66.1 took a lead role in any discussions regarding the future use of Horizon at POL
and therefore have a clear recollection about this topic. These discussions
took place throughout my tenure and it was a constantly evolving process. As
set out above at paragraph 7 I was accountable for POL’s IT strategy post-
Separation with approval at Executive and Board level. I would have taken in
views from all key stakeholders across the business about the IT strategy
(including the future use of Horizon) and would have ensured it aligned with
POL's business strategy. From early on in my tenure, it was clear that the legal
team had concerns about the Fujitsu contract as it was originally formed in the
Page 32 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
1990s and had never been out to public tender. It was therefore difficult to
assess its value for money, particularly from a public purse perspective. I also
recall concerns from other business stakeholders (i.e. marketing and retail)
about how user-friendly Horizon was and the time it took to change when
introducing business changes. In addition, technology had moved on
significantly since Horizon was introduced. These concerns were continually
raised and discussed throughout my tenure.
67. The IT strategy I was developing was complex. As such, the work was
supported by external consultants, primarily Deloitte and Berkerley
Partnership who assisted in developing the IT strategy as well as providing
support for the numerous procurements that had to take place. The
procurements were also supported by external legal representation as well as
the internal procurement and legal teams. It was a huge undertaking and was
probably one of the largest IT procurements in the UK at the time. The IT
strategy put in place was a tower model for IT outsourcing. This model
operated with a service integrator (“SI”) sitting at the top which managed
specific areas of technology underneath it on behalf of POL e.g. end-user
(desk-top), network, front-office, back-office (HR, finance, systems) and digital
(website). All parts of the tower model, including for the SI, went out to
procurement. Atos were awarded the contract for the SI in October 2013.
Prior to the tower model and prior to Separation, by contrast, from an IT
perspective, POL’s only material contract was with Fujitsu.
Page 33 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
68. The Fujitsu contract was one part of the wider IT strategy landscape. There
were numerous discussions with Fujitsu regarding the future of Horizon and
more broadly the POL IT Strategy throughout my tenure. These discussions
were with the account executives (which changed over time) but I recall Paul
Patterson and Helen Lamb in particular. At executive meetings, Fujitsu were
given an update about POL’s IT strategy, although we had to be careful about
what could be said given the ongoing procurements. About a year after I
joined POL, Fujitsu made a proposal to extend its services beyond the end of
the current contract. The contract ran until March 2015 and the proposal was
for a 5-year extension. POL00114269 (19 September 2012 Board Paper) has
refreshed my memory on this topic. Some of the Fujitsu software and
hardware was coming to the end of its life. POL had to decide whether it
would proceed with the 5-year extension with Fujitsu or to continue with the
new IT strategy/tower model. I recall Fujitsu’s proposal was discussed at
length internally and it was decided not to proceed with it due to legal reasons
(i.e. because the contract had not been out to tender and it was difficult to
demonstrate value for money) and also because the contract was perceived
as lacking flexibility when considered alongside the business and overall IT
strategy, which was forward-thinking and focused on new technologies (such
as digital) in contrast to the legacy Horizon system. I recall this decision was
communicated to Fujitsu in September 2012. If I recall correctly, the full IT
strategy was not quite finalised at this point. Although it was decided not to
extend the Fujitsu contract for 5 years, it is clear from the Board paper above
that any move to a new solution/provider would likely require a short
extension to the Fujitsu contract to manage the risk of moving platforms.
Page 34 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
69. Fujitsu, through executive engagement, were well aware of the plans to
eventually move to a tower model. As the procurements for the towers model
progressed, if I recall correctly, Fujitsu decided to bid for Front Office
(Horizon), and End User. There may have been other areas it bid for too.
Fujitsu was not successful in its bid for the End User procurement. After this, I
recall that Fujitsu took the stance that they did not want to continue with the
bid for Front Office. This was at the end of 2014. At that point, Fujitsu wrote to
POL stating that they were effectively in exit mode. Please see
POL00109859 which includes a paper to ExCo and the Board regarding the
Fujitsu Transition and Risk Management, and an update on the broader IT
transformation programme. The Board paper details all the material risks and
actions being taken. In my view, Fujitsu did not like the tower model IT
strategy and that they would be managed by an SI. The tower model posed a
threat to Fujitsu’s supply of IT services to POL and its revenue. While I cannot
recall the precise figures, I was aware that the POL contract had contributed
to a significant percentage of Fujitsu's UK revenue.
70.Front Office was eventually awarded to IBM. At some point after I left POL I
became aware from the press that POL had decided not to move away from
Fujitsu as it was too great a risk for the business to take and POL extended the
contract for Front Office with Fujitsu. I recall during my tenure that Fujitsu
repeatedly told POL that they thought it was a risk to POL to move away from
them.
Page 35 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
71.In my view the support and operational service that POL received from Fujitsu
did not change over time. It was in Fujitsu’s interests that they maintained
good service levels because as per the contract, Fujitsu had to pay
compensation to POL if there were any material service outages. The
relationship, however, did change over time. As I set out above, Fujitsu
challenged the tower structure, as this was a risk to their revenue. When
Fujitsu were not successful with any bids and removed themselves from the
Front Office procurement, that marked a key change in the relationship. As
can be seen from POL00109859, POL put in place a dedicated transition
manager to closely manage Fujitsu. In 2015, as can be seen in
FUJ00175195, Alisdair Cameron was involved as part of the Transition
services agreement and ensuring support at the highest level for POL’s exit. I
recall that Fujitsu wrote not only to myself but also Paula Vennells in 2015
(see FUJ00168944 and FUJ00168945). It was clear from the letter that they
were in exit mode. Fujitsu also stated that they would not support any
subcontracting if POL should need it. It was disappointing but not unexpected
given that they were in exit mode.
72. Any reviews of Horizon with regards to security and stability that had taken
place over the previous years would have fed into the procurements and were
considered. The alternative technologies proposed were current state-of-the-
art and more advanced than HNGx. To the best of my recollection, the
concerns about Horizon that were voiced internally as regards IT
infrastructure related to the legal (contractual) issues, user-friendliness,
operational resilience and lack of flexibility of the system as referred to above
Page 36 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
at paragraph 66 rather than in relation to transaction alterations and fraud
allegations against SPMs.
LEAVING POL
73.1 resigned from POL in early June 2015. By the end of 2014, I was very
unhappy at POL. There were a number of reasons for this. Towards the end of
2014, Paula Vennells decided to change POL’s structure and create a Group
Executive. This was not well managed. I had always reported through to an
executive but also sat on the ExCo from 2012. Paula’s view was that I should
not sit on the Group Executive and lose the Executive title and be part of the
lower-level leadership team. This was notwithstanding the fact that my
responsibilities were increasing (becoming Operations Director in addition to
CIO). I was no longer involved in broader group executive decision making or
group discussions. Paula had also brought in a Transformation Executive who
sat on the Group Executive who took responsibility for all transformation work.
It felt as if my role was moving towards a more operational role after many
years of working on Separation and IT transformation. I felt that I could no
longer do my job properly. I also felt that the culture at POL had changed.
When I started at POL there was a warm culture, but towards the end of my
tenure, the culture was not supportive and did not fit with my personal values.
All of this made me so unhappy that it was affecting my physical and mental
health. In early June 2015 I resigned without having another job secured. I was
put on gardening leave from 1 October 2015 rather than working my full notice
period until November 2015.
Page 37 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
GENERAL
74.Having spent time reviewing the documentation provided by the Inquiry and
reflected on my time at POL, I do believe that POL would have benefited from
having an independent technical expert (or recruiting a POL employee with
sufficient remit and authority) able to conduct technical forensic reviews at the
stage at which Horizon was being challenged. Their role would have been to
challenge the accepted position that Horizon was not the root cause of any
issues and remove the reliance on Fujitsu technical expertise and system
knowledge. Fujitsu owned the intellectual property rights to the majority of
Horizon and POL was reliant on Fujitsu for technical expertise. This individual
would have been involved in the external reviews which were conducted, and
provide a central, consistent ‘font of all knowledge’ for all things to do with
challenges to Horizon. An independent technical expert would have benefited
the Second Sight report, as it appears that they performed an initial
investigation of cases, then referred the detailed technical investigation to
Fujitsu/POL.
75.The key actions that resulted from the Deloitte review (Project Zebra) were as I
understood managed under the Sparrow working group. On reflection, while I
was not asked to do this at the time, I feel that these would have benefited
from oversight by IT.
76.1 do not feel qualified to pass comment on how POL handled challenges to the
integrity of Horizon by SPMs, MPS, journalists and members of the public any
further than I have already done so throughout this statement. I did not have
Page 38 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
sufficient involvement with the prosecutions to offer comment on POL’s
approach to the prosecutions or disclosure of information to SPMs.
77. There are two other matters that I consider are of relevance to the Inquiry that I
would like to draw to the attention of the Chair: (i) attempts by Paula Vennells
to contact me after I left POL in 2015; and (ii) a recent attempt by the BBC to
contact me for comment.
78.As part of my preparation to make this statement, I have checked my personal
mobile telephone, personal email account and my iPad to see if there were
any relevant communications I had with former POL colleagues after I left POL
at the end of November 2015. To the best of my knowledge and research,
Paula Vennells contacted me 4 times in 2020 and 2021 via either email,
telephone call or text message. It has taken me some time to locate all of
these communications. On 8 March 2020, Paula Vennells emailed my
personal email account from a personal email account of hers. I exhibit a copy
of that email at WITN00840101. In that email, she asked if I could spare her
some time for a call as she had “been asked at short notice to appear before a
BEIS Select Committee on all things Horizon/Sparrow and need to plug some
memory gaps! My hope is this might help avoid an independent inquiry but to
do so, I need to be well prepared”. I had not spoken to Paula since I had left
POL in 2015. We spoke on the telephone later that day. I made brief notes in
relation to that call which I exhibit as WITN00840102. I recall the call was
short. I had no POL papers to refer to at the time to refresh my memory so
anything discussed was from memory alone. I was not following the POL
litigation. I was never contacted about the litigation.
Page 39 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
79.Paula contacted me again on 15 June 2020 via text message requesting a call.
I cannot recall what was discussed and I cannot find any notes I made in
relation to this call. Paula contacted me again on 11 December 2020 by calling
my mobile telephone. I cannot recall what was discussed. I did not make any
notes in relation to this call. Paula contacted me again on 12 April 2021 via text
message requesting a call. We spoke for longer this time and I made a file
note which I exhibit as WITN00840103. My notes are in shorthand and it
appears as though I have recorded what Paula said to me. I can see from my
notes that there is reference to the Project Zebra Deloitte report and a
reference to a call to Gareth James of Deloitte who I recall was the lead on this
project who I worked with a lot. I cannot recall why he was mentioned. I do not
know what is meant by “lawyers say we didn’t do anything about it”. Paula
must have said this to me and I do not know to which lawyers she referred. I
suspect the reference to “can we publish” relates to the fact that POL wanted a
report from Deloitte that it could publish. I recall Deloitte were nervous about
this and the reference in my notes to “massively caveated” may have been a
reference to Deloitte’s position i.e. the report could only be published if it was
subject to caveats. I do not know what “PV got jumpy” means. I can see
reference in my notes to the EY audits. I can only assume the reference to
“very little testing done” is to the Deloitte report being a desktop review. I think
the reference to “Stage 2 work” was a reference to the recommendations
coming out of the Deloitte report more generally. I believe the reference to “in
light of 3700 lost money as result of shortfalls” is a reference to the number of
SPMs with shortfalls. I also recall Paula converting this number into a monthly
average of SPMs with shortfalls. I had not heard these figures prior to this
Page 40 of 41
WITNO00840100
WITNO00840100
DocuSign Envelope ID: 18BBACOF-512A-46C8-9CE4-83F4F 24D5E48
conversation. If I had been aware of the magnitude of the losses during my
tenure I would have been surprised and concerned about this. My notes refer
to the “Court of Appeal case on 23 April 2021”. I do not recall being aware of
these legal proceedings at the time I spoke to Paula. I had no involvement in
those proceedings. I can also see that I have made reference to “Deloitte
report said that transactions could be amended/changed?” and have added
“not my understanding”. At the time of writing this note, my understanding of
the Deloitte findings was that only 1 balancing transaction had taken place.
80.Paula contacted me on four occasions in total. I recall blocking her number
after the last call as I did not feel comfortable with her contacting me. I had no
access to POL papers and was relying on my memory only. I exhibit the text
messages arranging the four calls as WITN00840105.
81.1 was contacted by Olivia Davies of the BBC on 3 April 2024. I exhibit that
email as WITN00840104. She was seeking information about POL from an
Information Security perspective (i.e. not in relation to Horizon). I forwarded the
email to POL’s witness support team and they responded on my behalf the
following day saying that I did not wish to speak with the press.
Statement of Truth
I believe the content of this statement to be true.
Signed G RO
Dated: 4/16/2024
Page 41 of 41
Index to First Witness Statement of Lesley Jessie Sewell
WITNO00840100
WITNO00840100
No.
URN
Document Description
Control Number
7
POL00109859
Executive Committee Agenda for
meeting due to be held on 15
January 2015. The “IT Strategy
Update” (pages 7 to 16) of 15
January 20215 prepared by Lesley
Jessie Sewell, discusses the scale
of the IT strategy.
POL-0111095
FUJ00175161
Executive briefing note providing a
description of the CIO's (Lesley
Jessie Sewell) agenda.
POINQ0181342F
POL00096035
Post Office Ltd Board Noting Paper
on Horizon prepared by Lesley
Jessie Sewell in March 2012.
POL-0095618
UKGI00018115
Post Office Technology Risk and
Resilience Review paper prepared
by Lesley Jessie Sewell in
September 2012.
UKGI028122-
001
POL00134346
Email thread providing an overview
of the software fault relating to
Horizon termed “the 62 bug”.
POL-0138799
POL00190016
Email thread on the local suspense
incident affecting 14 branches.
POL-BSFF-
0028079
POL00190037
Summary of the two anomalies
communicated to Second Sight as
part of the review.
POL-BSFF-
0028100
POL00029627
POL internal briefing note to Paula
Vennells titled “Second Sight review
into Horizon — Implications of Interim
Report” dated 2 July 2013.
POL-0026109
POL00105585
Email thread with explanations of the
4 significant services failures which
occurred over a 9 month period in
2011-2012.
POL-0104569
10
POL00210241
Email thread of 7 October 2014
regarding a Horizon network
POL-BSFF-
0048304
WITNO00840100
WITNO00840100
connectivity issue that was
escalated to Lesley Jessie Sewell.
11
POL00164510
Email of 28 June 2013 confirming a
new criminal case and a comms
statement to be prepared.
POL-0159866
12
POL00060572
Email thread on the bugs and
prosecutions sent to Lesley Jessie
Sewell.
POL-0057051
13
FUJ00124536
Email of 28 June 2013 from Gareth
Jenkins to Lesley Jessie Sewell with
James Davidson and Simon Baker
in copy providing a copy of his final
witness statement for the Misra
case.
POINQ0130750F
14
POL00137282
Email thread on the E&Y Audit dated
17 to 18 October 2012 with Lesley
Jessie Sewell making Andy Jones
accountable for the annual audit
process and management of audit
actions.
POL-BSFF-
0000058
15
RMG00000003
Minutes of the Royal Mail Holdings
plc Audit and Risk Committee held
on 8 December 2011.
VIS00007411
16
POL00021431
Minutes of the Post Office Limited’s
Audit, Risk and Compliance
Committee meeting held on 23 May
2012.
POL-0018061
17
POL00105629
Email thread on the management
control audit and E&Y producing an
ISAE 3402 report.
POL-0104594
18
POL00294878
Email thread on the proposal for a
steering group to define and manage
response to the JFSA challenges.
Rod Ismay asked Lesley Jessie
Sewell separately whether she
wanted to engage or devolve Dave
Hulbert and/or Dave Gray.
POL-BSFF-
0132928
19
POL00294844
Email of 23 September 2011 from
Rod Ismay to Lesley Jessie Sewell
providing a copy of the Horizon
challenges report and confirming
POL-BSFF-
0132894
WITNO00840100
WITNO00840100
that members of Lesley’s team were
engaged.
20 POL00145100 Email thread regarding James POL-BSFF-
Arbuthnot meeting brief where 0004227
Lesley Jessie Sewell provides
comments to Martin Edwards.
21 POL00145113 Email thread of 3 July 2013 POL-BSFF-
requesting Lesley Jessie Sewell on I 0004240
to comment on statement for BBC.
22 POL00142801 Email thread of 2 March 2013 on POL-BSFF-
Horizon media coverage, Lesley 0001966
Jessie Sewell asked to provide
comments on what to issue in
response to the press.
23 POL00105481 Notes of the meeting with James POL-0104661
Arbuthnot, Alice Perkins and Alwen
Lyons on 13 March 2012, Lesley
Jessie Sewell was assigned three
action points.
24 POL00137248 Arbuthnot/Letwin preparation POL-BSFF-
meeting of 10 May, Lesley Jessie 0000032
Sewell was assigned to respond to
questions regarding a thorough end-
to-end audit being performed.
25 POL00150993 Email thread on accessing Horizon. I POL-BSFF-
On 30 January 2015 Lesley Jessie 0010105
Sewell was asked by Paula Vennels
to assist with responses to questions
on the Horizon system and to
provide facts ahead of the Select
Committee.
26 POL00311320 In an email of 30 January 2015 POL-BSFF-
Melanie Corfield requesting Lesley I 0149370
Jessie Sewell to provide detail on
the testing and standards of remote
access.
27 POL00151029 Email thread of 30 January 2015 on I POL-BSFF-
remote access. 0010141
28 POL00311345 Email thread on accessing Horizon I POL-BSFF-
dated 30 January 2015. 0149395
WITNO00840100
WITNO00840100
29
POL00311353
Email thread regarding accessing
Horizon and providing comments
ahead of the Select Committee.
POL-BSFF-
0149403
30
UKGI00016088
Minutes of the Post Office Limited
Board of Directors meeting held on
15 March 2012.
UKGI026881-
001
31
POL00029605
Email chain on the Second Sight
Line of Enquiry with Lesley Jessie
Sewell confirming that she enquired
with Fujitsu on the physical
infrastructure.
POL-0026087
32
POL00099063
Interim report into alleged problems
with the Horizon system issued by
POL, JFSA and Second Sight
Support Services Limited.
POL-0098646
33
POL00099153
Email from Lesley Jessie Sewell to
executives on 9 July 2013 with
actions for managing activity going
forward.
POL-0098736
34
POL00099088
Email thread dated 7 July 2013 on
the draft statement with Lesley
Jessie Sewell providing comments.
POL-0098671
35
POL00089708
List of attendees for project sparrow
sub-committee, GLO sub-committee,
mediation scheme working group
and Horizon issues working group.
POL-0086701
36
POL00207852
Email thread on second sight part 2,
Dave Hulbert emailed Lesley Jessie
Sewell on 26 August 2014 following
her break and updating her on the
position.
POL-BSFF-
0045915
37
POL00002575
Email from Nigel Shaw to Lesley
Jessie Sewell on 21 August 2015
regarding the Panorama
programme.
VIS00003589
38
POL00138190
Email chain on Horizon with a note
of the Horizon report prepared by
Linklaters attached.
POL-BSFF-
0000419
39
POL00138191
Post Office Mediation Scheme
outline of report on Horizon, draft
POL-BSFF-
0000420
WITNO00840100
WITNO00840100
dated 28 March 2014 prepared by
Linklaters LLP.
40
POL00108462
Letter prepared by Deloitte dated 9
April 2014 regarding ways Deloitte
propose to assist Post Office Limited
in response to allegations on the
Horizon system.
POL-0106560
41
POL00147961
Email thread dated 7 April 2014 on
the work to be performed by Deloitte
in support of POL objectives.
POL-BSFF-
0007084
42
POL00138271
A draft of the Deloitte Executive
Summary titled “HNG-X: Review of
Assurance Sources”.
POL-BSFF-
0000500
43
POL00138432
Post Office Ltd Risk and Compliance
Committee Paper on Horizon review
by Deloittes summarising the work
undertaken by Deloittes, their
approach, key findings and their
recommendations.
POL-BSFF-
0000656
44
POL00114269
Extract from minutes of the Post
Office Limited Board meeting held
on 19 September 2012. A Noting
Paper prepared by Lesley Jessie
Sewell titled ‘Horizon Evolution
Update’ is provided.
POL-0113196
45
FUJ00175195
Email from Alisdair Cameron on 25
March 2015 regarding Fujitsu and
POL regarding transition services.
POINQ0181376F
46
FUJ00168944
Email dated 12 January 2015 from
Haydn Jones attaching letters to
Lesley Jessie Sewell and Paula
Vennels.
POINQ0175125F
47
FUJ00168945
Letter addressed to Lesley Sewell
from Paul Patterson (Fujitsu) dated
12 January 2015.
POINQ0175126F
48
WITNO00840101
Email from Paula Vennells to Lesley
Jessie Sewell dated 8 March 2020
requesting Lesley’s assistance
ahead of Paula appearing before a
BEIS Select Committee on Horizon
and Sparrow.
N/A
WITNO00840100
WITNO00840100
49
WITNO00840102
File note made by Lesley Jessie
Sewell on a telephone call with
Paula Vennells on 8 March 2020.
N/A
50
WITNO00840103
File note made by Lesley Jessie
Sewell on a telephone call with
Paula Vennells dated 12 April 2021.
N/A
51
WITNO00840104
Email from Olivia Davies of the BBC
dated 3 April 2024 seeking
information from POL from an
Information Security perspective.
N/A
52
WITNO00840105
Text messages between Lesley
Sewell and Paula Vennells between
8 March 2020 and 12 April 2021
N/A