WITNO6900100
WITN06900100
Witness Name: Anthony Nicholas Stewart
MARSH
(Tony Marsh)
Statement No.: WITN06900100
Dated: 27th April 2023
POST OFFICE HORIZON ENQUIRY
FIRST WITNESS STATEMENT OF TONY MARSH
I, TONY MARSH, will say as follows...
1. This witness statement is made to assist the Post Office Horizon IT Inquiry (the
‘Inquiry’) with the matters set out in the Rule 9 Request dated 14 April 2023 (the
‘Request”).
2. lama former employee of Post Office Ltd and held the position of Head of
Security between September 1999 and December 2006. I joined The Post Office
in November 1981 as a postman and progressed in January 1983 to the grade of
Postal Officer (Counter Clerk). In 1985 I applied to join the Post Office
Investigation Department (POID) and was promoted to Investigation Officer, taking
up the role in September 1985. From September 1985 to September 1999 I
performed a number of operational investigation roles, rising to Head of Revenue
Page 1 of 48
WITNO6900100
WITN06900100
Protection for the Post Office Security and Investigation Service, the successor to
POID.
As an Investigation Officer in POID I was responsible for undertaking
investigations into a range of theft and fraud crimes committed against The Post
Office by staff members, sub-postmasters or members of the public. This included
investigating thefts or frauds committed in Branch or Sub-Post Offices by staff
members, sub-postmasters or their staff. During this time there were also periods
when I was employed solely on investigating offences affecting the postal side of
The Post Office, in particular when employed on the Mail in Transit Group (1988 -
1990) and the Revenue Protection Team (1996 -1998). From 1998 to 1999 I was
the Head of Business Strategy for Corporate Security. As Head of Security for
Post Office Network, subsequently Post Office Ltd, between September 1999 and
December 2006, I was responsible for the security of staff, sub-postmasters and
their staff, customers in post offices, cash and other assets in Post Offices, Cash
Centres, Stock Centres and Notes Held to Order Centres. I was also responsible
for assuring the secure design of Post Office products and processes. I was
responsible for the work of a team of Home Office-recognised investigators and for
ensuring their compliance with standards for operating that complied with relevant
laws and regulations and with policies and standards set by the Post Office,
subsequently Royal Mail, Corporate Security Team, who retained reserved powers
over policy and standards during my period as Post Office Ltd Head of Security.
For a period around 2002 or 2003 the Network Audit Team also reported to me,
but I have no record of exactly when that was nor for how long. Between July 2004
and April 2005 I was the Service Lead for the Sales and Service Improvement
Page 2 of 48
WITNO6900100
WITN06900100
Programme, and from April 2005 until my departure in December 2006 the Post
Office Ltd Equipment and Projects Teams also reported to me. There was also a
period during this time when the Investigation Team, together with the Audit Team,
were under the control of the Head of Compliance, a role in the Finance
Directorate. I have no records to indicate when or for how long this was, but it may
have coincided with the period between July 2004 and April 2005 when I was
seconded onto the Sales and Service Improvement Programme, I do not believe
that the Audit Team returned to me after this period.
On 1st January 2007 I moved from Post Office Ltd to Royal Mail Operations,
where I took on the role of General Manager Security. This role had no
responsibility whatsoever for Post Office Ltd security or investigations. In March
2008 I was promoted to Group Security Director for Royal Mail Group. This role
and its Policy & Standards Teams created policies and standards that applied to
all of the businesses across Royal Mail Group. This included Post Office Ltd up to
the point of its legal separation from Royal Mail Group. For a period of time from
the middle to the end of my time as Group Security Director the Royal Mail Group
Criminal Law Team also reported to me, however as a non-lawyer I provided
business leadership to the team but played no part in professional standards or
compliance. I have no record of exactly when the team transferred to me but I
believe that by the time this happened the team had already relinquished service
provision to POL for POL prosecutions. I accepted voluntary redundancy from
Royal Mail Group on 26th March 2017 and have been retired since then.
Page 3 of 48
WITNO6900100
WITN06900100
I have been asked to consider the agenda for a meeting on 28 October 1999
entitled “Horizon: Management of Security in the Live Environment”
(WITN05970148), and in particular item 3g “Fraud Investigations Interface”. I have
no recollection of this meeting, the discussions that took place or its outputs. I had
been in post in POL less than a month at this point. I have been asked “how was
the transition to Horizon live expected to impact upon fraud investigation?” I
cannot answer this in the context of this meeting, but in more general terms I
believe that, as the initial iteration of Horizon was an automation of much of the
accounting and balancing process for branch and sub-post offices, the impact was
expected to be a variation in where evidence on stock, cash and accounting
reports for an office would come from, from hand-completed paper records to
computer-stored data, which would be produced by the Horizon system, although I
did not know then nor did I ever learn exactly how evidence from Horizon was
obtained.
I have been asked to consider two documents, references FUJ00001986 (Fujitsu
Services/Post Office Ltd Operational Business Change -Branch Interface
Agreement) and FUJ00001999 (Operational Business Change - Branch, Service
Descriptions and schedule of service prices) and to explain my involvement in the
agreements detailed in these documents and agreements relating to Fujitsu's
contractual obligations more generally. As the Head of the Network
Implementation and Security Team at this time, members of my team were
responsible for negotiating and agreeing very detailed system changes to
coordinate with changes in the Post Office Ltd network of offices. As the Head I
was the designated approval authority for POL but I gave my approval having
Page 4 of 48
WITNO6900100
WITN06900100
received confirmation from the team members involved that the changes were
appropriate and acceptable to POL. I do not believe that I had any significant
involvement in discussions nor do I have any relevant views on the content of the
documents now.
I have been asked to consider an email chain dating from January 2004 at
FUJ00126036, the IMPACT R3 Branch Trading Issues Report from February 2004
at FUJ00126042 and the document entitled “Branch Trading Reporting,
Management and Control and Transaction Management Conceptual Design” from
March 2004 at FUJ000899771. I note that in the email I support concerns
expressed by my own representative and those of other parts of the POL
Operation that the retention of a suspense account without proper controls and an
authorisation process could lead to an increase in postings of losses to the
suspense account. I also note that I question whether it is still necessary to
maintain a suspense account as such.
I have been asked to explain the role that a suspense account played before its
removal. In responding to this I have been guided to review the following
documents:
i) ‘ Losses and gains policy within the POCL agency network ‘(version 1, 20
November 1998) (POL00088904) (see, in particular, section 1, part 2 ‘Authority To
Hold Losses In Unclaimed Payments’);
Page 5 of 48
10.
WITNO6900100
WITN06900100
ii) ‘ Post Office Ltd - Security Policy: Accounting losses policy for agency
branches ‘(version 1, February 2003) (POL00086845) (see, in particular, section 3
‘—Authority to Hold Losses’);
iii) ‘ Post Office Ltd —- Security Policy: Liability for losses policy (for agency
branches) ‘(version 1.7, September 2003) (POL00088867) (see, in particular,
section 3 ‘-—Authority to Hold Losses’).
From these I am reminded that the role of the suspense account was to hold the
value of errors, predominantly losses, where the cause of the error is known and
where a compensating error notice is expected to be received to balance and
cancel the error within the following 8 weeks.
I have been asked to “explain the rationale for the removal of the suspense
account function which had previously been available to SPMs as part of the
IMPACT programme and your involvement in the decision-making about this.”
Other than the documents that I have been shown I have no recollection of the
IMPACT programme nor, beyond the email chain that I have seen, any
recollection of what other involvement I may have had in the decision to remove
the suspense account function.
I have been asked whether “the decision to remove the suspense account
function proceed on the basis that SPMs were contractually liable for any
discrepancies between Horizon generated cash and stock positions and the actual
physical position determined by branch office staff? If so, where did this
Page 6 of 48
11.
WITNO6900100
WITN06900100
understanding come from?” I have been guided to review the following documents
to assist me in answering this question:
i) “Post Office Ltd —- Security Policy: Accounting losses policy for agency
branches” (version 1, February 2003) (POL00086845) (see, in particular, section 1
and section 3);
ii) “Post Office Ltd - Security Policy: Liability for losses policy (for agency
branches)” (version 1.7, September 2003) (POL00088867) (see, in particular,
section 1 and section 3).
I would say that this seems to be a reasonable assumption and I would refer to
the fourth paragraph of the introduction of document POL00088904, which is
dated 20 November 1998, which states “From a purely contractual perspective a
sub postmaster or other agent is responsible for all losses caused through his own
negligence, carelessness or error.” This document predates my arrival in POL and
this form of words carries forward into subsequent documents on the Losses
Policy. I cannot remember being informed that any event, including the migration
from paper accounting and balancing to the use of Horizon, had modified the sub-
postmasters’ contractual position.
I have been asked “Do you now and did you at the time consider that it was
satisfactory that SPMs were required to “settle centrally” even where they
disputed a Transaction Correction / Transaction Acknowledgement /
discrepancy?” In response to this I will say that, from memory, this was a near-
universally held position across POL and one from which I had not had cause to
differ. At my current level of remove now from events of 20 years ago I do not feel
it is appropriate to express an opinion.
Page 7 of 48
12.
13.
WITNO6900100
WITN06900100
I have been asked “For the period of time you worked within it, please provide an
account of the role which the Security team played and the policies / practices in
place relating to criminal investigation and prosecution of SPMs / Crown Office
employees. Where the role / policies / practices changed over this period of time,
please make this clear (by reference to dates and / or policies insofar as you are
able to do so) and explain the changes.” I have already outlined the high-level role
of the team at paragraph 3 above, I shall provide more detail in the following
paragraphs.
I have been asked “Please explain why Royal Mail Group Ltd (before the
separation of the Post Office) and later POL (after the separation) had a practice
of bringing private prosecutions against its agents / staff where they were
suspected of financial crime, rather than referring the matters to the police / the
CPS. You may be assisted by the document entitled “A Brief History of
Investigations, Prosecutions and Security in Royal Mail” at LCAS0000124.” I
believe that I can rely entirely on document LCAS0000124 in answering this
question, as I wrote the document, with considerable input from a former
colleague Alan Baxter, as detailed in the copyright notice at the end of the
document. In essence the answer is that since the mid-17th century the General
Post Office and all of its successors had resourced and managed the investigation
and prosecution of offences and offenders against its businesses and people. The
knowledge and expertise within the investigation teams was valued by the Post
Office and Royal Mail businesses and there was a belief that the existence of the
investigation function had a strong deterrent effect, reducing the likelihood of the
Page 8 of 48
14.
WITNO6900100
WITN06900100
commission of crime by both employees and agents and by outside offenders.
More recently it was also undoubtedly true that the police and Crown Prosecution
Service (CPS) in many parts of England and Wales were over-stretched and that
amore consistent approach to The Post Office/Royal Mail investigations was
achieved across the UK through the use of retained resources. Obviously private
prosecutions were only brought in England and Wales, with the Procurator Fiscal
having authority in Scotland and the Director of Public Prosecutions in Northern
Ireland.
I have been asked to consider the following documents:
i) “Royal Mail Group Ltd Criminal Investigation and Prosecution Policy” (1
December 2007) (POL00030578, which appears to be substantially the same as
the policy of the same date with a variation on the title at POLO0104812) (see, in
particular, section 3);
ii) “Royal Mail Group Security — Procedures & Standards — Standards of
Behaviour and Complaints Procedure” (version 2, October 2007) (POL00104806);
iii) “Royal Mail Group Crime and Investigation (S2)” (version 3.0, September
2008) (POL00031004);
iv) “Royal Mail Group Crime and Investigation Policy” (version 1.1, October 2009)
(POL00031003);
v) “Post Office Ltd - Security Policy —- Fraud Investigation and Prosecution Policy”
(version 2, 4 April 2010) (POLO0030580);
vi) “Post Office Ltd Financial Investigation Policy” (4 May 2010) (POL00030579);
vii) “Royal Mail Group Security - Procedures & Standards — The Proceeds of
Page 9 of 48
15.
WITNO6900100
WITN06900100
Crime Act 2002 & Financial Investigations” (version 1, September 2010)
(POL00026573);
viii) “Royal Mail Group Security - Procedures & Standards — Initiating
Investigations” (September 2010); (POL00104857)
ix) “Royal Mail Group Ltd Criminal Investigation and Prosecution Policy” (version
1.1, November 2010) (POL00031008);
x) Post Office Ltd Financial Investigation Policy (version 2, February 2011)
(POL00104853);
xi) Post Office Ltd Anti-Fraud Policy (February 2011) (POL00104855);
xii) “Royal Mail Group Policy Crime and Investigation S2” (version 3.0, April 2011)
(POL00030786);
xiii) “Post Office Limited: Internal Protocol for Criminal Investigation and
Enforcement (with flowchart)”, (October 2012) (POL00104929);
xiv) “Undated Appendix 1 - POL Criminal Investigations and Enforcement
Procedure (flowchart)”, (October 2012) (POL00105226);
xv) Draft “Post Office Limited: Criminal Enforcement and Prosecution Policy”
(November 2012) (POL00030602);
xvi) “Conduct of Criminal Investigations Policy” (version 0.2, 29 August 2013)
(POL00031005);
xvii) “Conduct of Criminal Investigations Policy” (version 3, 10 February 2014)
(POL00027863).
I have been asked to explain my role in the development, authorisation,
management and/or assurance of any of these policy documents. I can say that
as all of the documents are dated after my departure from Post Office Ltd I played
Page 10 of 48
16.
WITNO6900100
WITN06900100
no part whatsoever in the development, authorisation, management and/or
assurance of any of the documents published under the Post Office Ltd banner.
Of the remaining documents, “Royal Mail Group Ltd Criminal Investigation and
Prosecution Policy” (1 December 2007) (POL00030578) was produced whilst I
was General Manager Security for Royal Mail Operations and I contributed to the
assurance of it, whilst the remaining documents published under the Royal Mail
Group banner were developed by members of my team, assured across relevant
RMG business units and were owned by me as Group Security Director.
I have been asked to explain the organisational structure of the Post Office
Security Team whilst I led it. When I joined Post Office Ltd in September 1999 the
proposed structure, created by the team that led the Shaping for Competitive
Success (SCS) programme, was one with three territories, North, East and West.
Each was led by a Territorial Security Manager and within these territorial teams
were a number of senior and more junior security managers, who were expected
to be multi-functional, although most had specific skillsets in either security or
investigations. Shortly after my arrival, probably within the first year, working with
my lead team, I modified the team structure to create functional teams with a
national and then geographical remit. This created a National Internal Crime and
Investigations Manager (Head of Investigations) and an Investigation Team, which
had a national remit, with suitable skilled personnel geographically placed around
the UK, and a leadership structure that was also geographically located and
responsible. As best I can remember, and I may not be entirely accurate with
structure or team names, in addition there was an External Crime Team and a
Physical Security Team, which followed similar structures, and a Commercial
Page 11 of 48
17.
18.
WITNO6900100
WITN06900100
Security Team and an Administration Team, which were central and London-
based. This was the most significant change affecting investigation activity. Over
the following five plus years further changes tended to involve reductions in staff
numbers as part of cost-saving programmes, as well as me personally taking on
wider responsibilities, as detailed in paragraph 3 above.
I have been asked who within the Investigation team determined how a criminal
investigation would be conducted? I can say that Royal Mail Group documents
existed dated prior to those that I have been shown at paragraph 14 above. These
detailed policies for investigations across Royal Mail Group at the time that I was
Head of Security for POL. Below these policy documents process and procedure
documents also existed that gave trigger values and examples for the level of
investigation that various events would warrant. These would normally have been
interpreted by the Casework Management Team within the Investigation Team
who would give initial advice and instructions to the investigator tasked with
commencing an investigation. Decisions and guidance would also have been
made or given by team leaders, regional leaders or the Head of Investigations,
depending on the seriousness or value of the allegations or loss.
I have been asked what the role of the Financial Investigation Unit was, and in
what circumstances they would become involved in an investigation being carried
out by the Security team? The Financial Investigation Unit was only developed
towards the end of my time at POL. The role of the unit, which was comprised of
at least two Accredited Financial Investigators, was to use the provisions of the
Proceeds of Crime Act 2002, in support of investigations in which significant
Page 12 of 48
19.
20.
amounts of money had been stolen or defrauded, to recover the proceeds of the
crime(s) under investigation from the offender(s), or any other party to which the
offender(s) may have transferred them. I cannot make any comment on the
approach adopted by the FIU after I left POL.
I have been asked which other teams within the Post Office were involved in
criminal investigations and prosecutions, what were their roles in the process and
how did the Security team work with them in this area? The primary input team to
criminal investigations would have been the Audit team, who both reported deficits
or other anomalies that they had discovered and also audited both branch and
sub-offices upon request from the Investigation Team, where suspicions had been
raised elsewhere. The Retail Line Teams, which managed branch and sub-offices
would also provide information or detail suspicions that might start investigations.
For the increasing number of offices working under Horizon, information had to be
acquired from Horizon, which I think was arranged via the Network Business
Support Centre (NBSC). The Transaction Processing team also provided
information on accounting details for offices under investigation. In investigations
directly affecting products the product manager in Network Banking, subsequently
the Marketing Department of POL, might also be involved. Decisions on contracts
for sub-postmasters or discipline for employees were made by the relevant
manager in the Retail Line, as were decisions on prosecution, based on advice
given by lawyers in the Post Office Legal Services Criminal Law Team.
I have been asked what legislation, policies, guidance and / or principles governed
the conduct of investigations conducted by the Security team during the period I
Page 13 of 48
WITNO6900100
WITN06900100
21.
WITNO6900100
WITN06900100
worked within it and how this changed over the period I held relevant roles within
it? I can say that the primary legislation that governed POL, and indeed all of
RMG’s approach to investigations was the Police and Criminal Evidence Act
1984, together with its various Codes of Practice. In addition surveillance and
associated acquisition of data, which took place far less frequently in POL than in
other parts of Royal Mail, was governed by the Regulation of Investigatory Powers
Act 2000, and aspects of the prosecutions brought by Post Office Ltd and Royal
Mail were subject to the Criminal Procedures and Investigations Act 1996.
Following the development of the Financial Investigation Unit the Proceeds of
Crime Act 2002 governed parts of the investigation of specific cases in which
recovery of proceeds of crime were sought. These acts were subject to change
following review by parliament and any changes to legislation were carried over
into RMG and POL ways of working. Policies and standards for investigations
existed in a variety of forms in The General Post Office and The Post Office from
long before I joined the Post Office Investigation Department. There was a linear
continuity between these and the updated documents produced by the RMG
Security Policy and Standards Team, which set the standards for POL
investigations between September 1999 and December 2006. Without sight of
them and at this remove I cannot give accurate evidence on the details contained
in these documents, but these standards would have been carried forward and
included in any POL-specific principles or guidance used within the Investigation
Team during this time.
I have been asked what the process was for dealing with complaints about the
conduct of an investigation by the Security team? Document POL00104806,
Page 14 of 48
22.
23.
WITNO6900100
WITN06900100
Royal Mail Group Security — Procedures & Standards — Standards of Behaviour
and Complaints Procedure” (version 2, October 2007), detailed above, provides
full details of the procedures from October 2007 onwards, but I believe that this
document is an update on a previous document which laid out very similar
standards and processes. The document details expected professional standards
of behaviour for investigators and explains fully how complaints relating to
improper behaviour in the course of an investigation should be investigated.
I have been asked what, if any, supervision was there over criminal investigations
conducted by Security Managers? I can say that at every level within the Security
Team an individual would have a line manager who would be responsible for
supervising both the quality of work of that individual and their general standards
of behaviour, both professional and personal. In the case of investigators
undertaking investigations, the investigation case file would be regularly submitted
to the Casework Management Team for review, to update central records and to
provide guidance on next steps. At the same time errors, omissions or poor
practices would have been identified and brought to the attention of the
investigator or their supervisor, depending on the seriousness of the issue.
I have been asked to explain the RMG / Post Office approach to suspected fraud
and the responsibilities of the Security team in combatting fraud. The documents
relating to fraud that are detailed in paragraph 14 all post-date my time at Post
Office Ltd. I can say that, overall, the policy was that fraud should be prevented
where possible, and deterred where prevention was not realistic. Where there was
a suspicion or evidence that fraud had taken place then the circumstances and
Page 15 of 48
24.
WITNO6900100
WITN06900100
perpetrators of the fraud were to be investigated, with the aim of gathering
sufficient evidence for the perpetrator to be dealt with, by way of discipline, up to
dismissal or termination of contract, and through the judiciary, if this course was
appropriate. A parallel objective would also be to identify the value and manner of
the fraud, and the movement of the assets subject to fraud, with the aim both of
recovering all or as much of the value as possible, and also learning from the
method of fraud, with the aim of preventing or deterring similar offences in the
future. The Security Team would be central to all of these actions, with advisory
roles around prevention and deterrence.
I have been asked how RMG / Post Office policy and practice regarding
investigation and prosecution of Crown Office employees differed from the policy
and practice regarding investigation and prosecution of SPMs, if at all, and
whether this changed over the period of time that I held relevant roles? I would
say that there was no significant difference in policy or practice in the investigation
or prosecution of suspects during the time that I was Head of Security at POL.
The investigative processes differed slightly in every case, whether employee or
agent, but the ultimate aim was always to fully and fairly investigate a suspected
or alleged crime. The principal objective would be to gather all available evidence,
whether in support of the allegation, counter to it or in mitigation. This would be
key to enabling the relevant line manager to make appropriate decisions on
discipline or contractual status, Legal Services to advise on suitability for
prosecution and the relevant line manager also to make a decision on whether to
pursue prosecution.
Page 16 of 48
25.
26.
WITNO6900100
WITN06900100
I have been asked to explain the circumstances in which an auditor would be sent
to conduct an audit at a Post Office branch. In the context of the Inquiry I can say
that there are a number of circumstances in which auditors might attend a Post
Office branch. Firstly this might be because the branch had not been audited for a
significant period, from memory this was three years for sub-post offices, and it
was therefore due a standard audit. Secondly because the Audit Risk Model had
highlighted the branch as higher risk, which could occur for any number of
reasons, such as elevated cash holdings, elevated levels of error notices, or a
significant change in cashflows or transactions. Thirdly because the Security
Team had formed a suspicion that something was amiss at the branch and either
wanted to establish a baseline for the office accounts or because it was planned
to invite the sub-postmaster or members of staff for interview. In the case of the
interview of a Crown Office counter clerk, it would usually only be their personal
stock rather than the whole branch that was audited. Finally, sub-post office
branches were always audited fully prior to transfer to a new sub-postmaster.
I have been asked in what circumstances an investigator would attend an audit of
a branch and what an investigator’s role was on attendance? The overall
circumstances in which an investigator might arrange for an audit to take place
are detailed in the previous question. I would say that whether the investigator
attended during the audit was often a matter of personal preference. Some offices
were just too small to have at least two auditors and two investigators on site
during the entire audit, and investigators would often attend nearby and wait for a
phone call from the lead auditor with details of the outcome of the audit. In some
circumstances, where the audit was clear, the investigator might not therefore
Page 17 of 48
27.
28.
WITNO6900100
WITN06900100
need to attend at that time. Some investigators always preferred to be on site, as
initial reactions on the part of someone suspected of serious fraud were often
telling. In some cases, where sub-postmasters had left the premises at the start of
a previous audit and then returned with additional funds that enabled the office to
balance, investigators would be on site to ensure this did not happen, or to ensure
that in cases where it did the additional funds were preserved for evidential
purposes.
I have been asked if a shortfall / discrepancy was identified during an audit of a
branch, who would the auditor report that shortfall / discrepancy to? I can say that
where the audit had been arranged at the request of an investigator it would of
course be reported to the investigator. Where the audit was one taking place for a
non-security reason it would normally be reported to the Retail Line Manager for
the office and to the auditor’s supervisor in the audit team. If either the auditor,
their supervisor or the RLM were alarmed at the size of the shortfall then it might
be reported to the Security Team, usually via the Casework Management Team
as a central point of contact (in my time) who would decide whether an immediate
security response was required.
I have been asked “Where a shortfall was identified following an audit of a SPM’s
branch:
i) What and who determined whether an investigation into potential criminality
was conducted by the Security team or the case was taken forwards as a debt
recovery matter by the Financial Services Centre and / or the relevant legal team?
Did this change during the period you worked within the Security team?
Page 18 of 48
29.
WITNO6900100
WITN06900100
ii) Did the SPM’s local contract manager have any input into this decision-making
process? Did this change during the period you worked within the Security team?
iii) What were the triggers / criteria for raising a fraud case following the
identification of a shortfall / discrepancy in a SPM’s branch? Were the triggers /
criteria for raising a theft or false accounting case different and if so what were
they? Did these change during the period you worked within the Security team?”
In answer to these questions I would say,
i) this question sounds as though it refers to processes brought in after I had left
POL, during my time investigations into criminality were conducted by the Security
Team, part of whose duty was to recover losses where possible. In a few cases
where, after investigation, insufficient evidence existed to prosecute, the case
might then be passed to Legal Services Civil Litigation to attempt recovery from
individuals not bound under contract, but from memory this was rare, and rarely
successful.
ii) again, I believe that the process referred to dates from after my time at POL
iii) I do not believe, during my time, that the triggers were different between fraud,
theft or false accounting, in essence there needed to be a prima facie case to
suspect criminality. There may have been specific monetary values but I am afraid
that I was too remote from the casework management process to be able say now
what those were, they may well also have changed during my time in POL as the
number of staff in the Security Team was reduced.
I have been asked to consider the following documents
i) “Royal Mail Group Security - Procedures & Standards — Suspension from Duty”
(version 1, November 2005) (POL00104809);
Page 19 of 48
30.
WITNO6900100
WITN06900100
ii) “Royal Mail Internal Information — Criminal Investigation Team — 7.11
Suspension from Duty” (version 1.0 final, May 2012) (POL00105231);
I will say that document reference POL00104809 dates from my time as Head of
Security for POL and makes specific reference to the treatment of POL employees
and agents, albeit it was produced by Royal Mail Group Security. The second
document POL00105231 was also produced by Royal Mail Group Security and
dates from considerably after I had left POL and indeed I believe from after the
date at which RMG and POL formally separated.
I have been asked what the Security team’s role was in suspension decisions
where a shortfall was identified by an audit? I would say that the Security Team
had no role in suspension decisions where there was no suspicion of criminal
activity stemming from a shortfall. Where the Security Team were involved due to
suspicions of criminality, then document POL00104809 suitably details policy and
procedure, both prior to and after its publication.
“2.3 The decision to suspend one of our employees or agents from duty lies solely
with their business unit. Under no circumstances can Investigators advise
suspension or suspend an employee themselves. The only exception to this
concerns Agency Branch Office cases and is explained in detail at 8.1 below.”
“8.1 In dealing with the question of suspension from duty of an individual working
at an agency office it has to be borne in mind that such staff are not our
employees. Sub-Postmasters and franchisees are regarded as agents who are
contracted to provide services to our Business and their assistants are employees
of the Sub Postmaster or franchisee. When therefore, it is essential that a Sub
Postmaster's/Franchisee's contract for services is suspended the reasons must be
Page 20 of 48
31.
32.
WITNO6900100
WITN06900100
communicated to the Retail Line Manager (RLM) who is responsible for making
this decision. The RLM will then decide whether the suspension from duty should
be covered by placing the office (or equivalent) in the charge of a temporary Sub-
Postmaster or by closing it temporarily. Normally it will be possible to effect the
suspension from duty of an Assistant suspected of a criminal offence by
discussing the matter with the Sub Postmaster/franchisee. The RLM or Contracts
Manager must be made aware of all investigations carried out at an Agency Post
Office Branch.”
I have been asked how the decision-making around suspension differed as
between Crown Office employees and a SPM at an agency branch? I believe the
answer to this question, as it relates to Security Team involvement, is covered in
my response at paragraph 30 above. I cannot provide any information from a retail
line perspective.
I have been asked “Once a decision had been made to conduct a criminal
investigation, what process did Security team investigators follow in conducting
their investigation?” and invited to consult documents now detailed at paragraph
14. As I noted earlier, none of those documents relate to my time at Post Office
Ltd. I will say from personal experience that the fundamental investigation process
involved validation of the alleged or suspected circumstances that led to the
suspicion that a crime had been committed. Once this had been done the process
would move on to the identification, gathering and securing of evidence through
the analysis of business records and systems, the interviewing of suspects and
witnesses, the searching of property and premises where appropriate, and the
Page 21 of 48
33.
WITNO6900100
WITN06900100
legal accessing and analysis of external data such as banking records, again
where appropriate. All of these processes had to be conducted in compliance with
the legislation and codes of practice outlined in the response to paragraph 20
above, specifically but not solely, the Police and Criminal Evidence Act 1984,
together with its various Codes of Practice, the Regulation of Investigatory Powers
Act 2000, the Proceeds of Crime Act 2002 and the Criminal Procedures and
Investigations Act 1996.
I have been asked to consider the following documents:
i) “Post Office Internal Prosecution Policy (Dishonesty)” (December 1997)
(POL00030659);
ii) “Royal Mail Group Policy Prosecution (S3)” (created September 2008, version
3 effective from April 2011) (POL00030800);
iii) “Royal Mail Group Prosecution Policy” (version 2.1, October 2009)
(POL00031011);
iv) “Post Office Ltd Fraud Investigation and Prosecution Policy” (4 April 2010)
(POL00030580);
v) “Royal Mail Group Ltd Criminal Investigation and Prosecution Policy” (version
1.1, November 2010) (POL00031008) (see, in particular, paragraph 3.2.9);
vi) “Royal Mail Security - Procedures and Standards - Prosecution Decision
Procedure” (version 2, January 2011) (POL00030598);
vii) “Royal Mail Group Prosecution Policy” (version 3.0, April 2011)
(POL00030685);
viii) “Post Office Prosecution Policy” (version 1.0) (effective from 1 April 2012)
(POL00031034);
Page 22 of 48
34.
WITNO6900100
WITN06900100
ix) “Post Office Limited: Internal Protocol for Criminal Investigation and
Enforcement (with flowchart)”, (undated but understood to have been produced in
2012) (POL00104929);
x) “Appendix 1 - POL Criminal Investigations and Enforcement Procedure
(flowchart)”, (undated but understood to have been produced in 2012)
(POL00105226);
xi) Draft “Post Office Limited: Criminal Enforcement and Prosecution Policy”
(November 2012) (POL00030602);
xii) “Post Office Prosecution Policy England and Wales’ (effective from 1
November 2013) (POL00030686);
xiii) “Post Office Limited Prosecution Policy for England and Wales” (version 1, 22
January 2016). (POL00030811)
I have been asked to explain my role in the development, authorisation,
management and / or assurance of any of the policies listed above. The first listed
document above, Post Office Internal Prosecution Policy (Dishonesty)” (December
1997) (POL00030659), was signed by my predecessor as Group Security Director
for Royal Mail Group, and as I was working for him at that time I may have
contributed content to the document. All the other documents post-date my time
as Head of Security POL and therefore, as with the documents at paragraph 14
above, I played no part whatsoever in the development, authorisation,
management and/or assurance of any of the documents published under the Post
Office Ltd banner. Of the remaining documents, Royal Mail Group Policy
Prosecution (S3)” (created September 2008, version 3 effective from
April 2011) (POLO0030800), Royal Mail Group Prosecution Policy” (version 2.1,
Page 23 of 48
35.
36.
WITNO6900100
WITN06900100
October 2009) (POL00031011) and Royal Mail Group Prosecution Policy” (version
3.0, April 2011) (POLO0030685) were all produced by the Head of Criminal Law, I
believe at a time prior to the point at which the Criminal Law Team came under
my control. The remaining documents, published under the Royal Mail Group
banner with URNs POL00031008 and POL00030598, were developed by
members of my team, assured across relevant RMG business units and were
owned by me as Group Security Director.
I have been asked to describe the RMG / Post Office prosecution policy, the
rationale behind it, its aims and any ways in which it changed during the period
that I held relevant roles. I can best do this by quoting from Post Office Internal
Prosecution Policy (Dishonesty) (December 1997) (POL00030659) “The Post
Office's policy is normally to prosecute those of its employees or agents who
commit acts of dishonesty against the Post Office for the purpose of illegally
acquiring Post Office property or assets, or the property or assets of Post Office
customers and clients while in Post Office custody, where this is deemed to serve
the public interest. Other wrongdoings will normally be dealt with via the discipline
code.” This was the over-arching RMG policy whilst I was Head of Security POL
and not a position that I differed from later when I became Group Security
Director.
I have been asked “Following an investigation, who decided whether a SPM or
Crown Office employee should be prosecuted and what would considerations
determined whether a prosecution was brought?” This decision, which would be
made with access to the offender report and the advice of a lawyer from the
Page 24 of 48
37.
38.
39.
40.
WITNO6900100
WITN06900100
Criminal Law Team, would always be made within the retail line in POL, usually by
the direct line manager or supervisor of the suspect. The report and the lawyer’s
advice would detail the facts of the case, any mitigating or aggravating factors, the
likely possibility of success of a prosecution and whether prosecution would be
considered to be in the public interest.
I have been asked whether the SPM’s local contract manager would have any
input into this decision-making process and whether this changed during the
period I worked in relevant roles? It is my belief that, during my time in POL, this
decision would always have been taken by the Retail Line Manager, or any
successor role as manager of the sub-postmasters’ contracts.
I have been asked “When a decision was made to start a prosecution, what test
was applied? In particular, what factors were considered at the public interest
stage?” Although as I've noted above, this is a decision that I have never been
required to take with regard to a sub-postmaster or counter clerk, the decision-
maker would have the advice of the Criminal Law Team, which would cover the
public interest test as part of the Code for Crown Prosecutors.
I have been asked “What advice, legal or otherwise, was provided to those
making decisions about whether to prosecute a SPM or Crown Office employee?”
I believe that this is fully covered in paragraphs 36 and 38 above.
I have been asked whether the legal advice on prosecutions was provided by
internal or external lawyers, or both? I can say that during my time in both POL
Page 25 of 48
41.
42.
43.
WITNO6900100
WITN06900100
and RMG, primary advice in cases under the control of teams that I led was
always given by internal lawyers, although upon occasion there might also be
ancillary advice provided by an instructed barrister.
I have been asked “Was there a particular approach applied to cases where a
shortfall / discrepancy was identified on audit?” In answer to this I would say that
there was a particular approach to any such cases where dishonesty was
suspected, but it was the particular approach adopted for all cases of alleged or
suspected dishonesty on the part of Post Office Ltd employees or agents, as it
was important for the sake of fairness that there was a consistency in approach.
I have been asked “In what circumstances were steps to restrain a suspect’s
assets by criminal enforcement methods such as confiscation proceedings
considered?” In answering this I will stress that at no point in time was I an expert
on the provisions of the Proceeds of Crime Act. I will say however that in the final
two years or so of my time as Head of Security, if the losses and actions in a case
met the levels that were required for one of POL’s Accredited Financial
Investigators to take action, such as restraint of assets, then I believe these steps
would have been considered.
I have been asked “Who decided whether criminal enforcement proceedings
should be pursued and what factors did they consider when making decisions
around this?” I can say that in POL from the introduction of the Financial
Investigation Unit and subsequently in Royal Mail Group when the structure was
introduced there, certain senior investigators were trained as Senior Appropriate
Page 26 of 48
44.
WITNO6900100
WITN06900100
Officers, whose task it was to assess and authorise whether applications for
disclosure, freezing or seizure of assets should made. At no time was I one of
those officers.
I have been asked “What training, qualifications and / or experience were required
for an investigator within the Security team to be able to conduct investigations
where a SPM / SPM'’s assistant / Crown Office employee was suspected of a
criminal offence? Did the requirements change over the period you working within
the Security team?” I can say that, when I joined the Post Office Investigation
Department in 1985, I received a considerable volume of pre-reading before I took
up post. When I took up post I received six weeks of classroom training in
investigation techniques, legislation, the interviewing of suspects and witnesses
etc. Following this I received three three-month periods of on the job training, each
of which was with a different senior mentor, before being appointed to my first
posting with, initially, relatively close supervision from a senior investigator. Over
the following years this training process was modified so that new entrants spent a
number of separate shorter periods in the classroom, interspersed with on the job
experience focusing on the skills most recently learned. I was never directly
involved in training delivery after my own induction, other than as an on the job
mentor for a number of trainees. I cannot say with absolute certainty, but I believe
that during my period as Head of Security POL, new entrant investigators to POL
Security were sent to receive initial training from the RMG Security Team’s
Training Team, but would have performed their on the job and mentored periods
of experience under the supervision of experienced POL Investigators.
Page 27 of 48
45.
46.
WITNO6900100
WITN06900100
I have been asked “What instructions, guidance and / or training were given to
investigators within the Security team about interviewing a SPM / SPM’s assistant
/ Crown Office employee who was suspected of a criminal offence?” I can say that
I have outlined above what I believe to be the general approach to training, across
RMG and in POL during the time that I was Head of Security. Within the
documents that I have been shown I have seen very few that relate to the actual
time when I was the Head of Security. I have been asked to consider a number of
documents, detailed at paragraph 46 below, all of which post-date my departure
from Post Office Ltd and are not therefore strictly relevant. I will say however that I
believe the detailed instructions and guidance given in the document “Royal Mail
Internal Investigation Team — Criminal Investigation Team — 7.4 Interviewing
Suspects” (version 1.0 final, March 2011) (POL00104867)” are an update on
earlier documents that would have provided similar guidance to investigators.
I have been asked whether any of the following documents were provided to
investigators within the Security team, and for any that were, to please summarise
the key points in the document:
i) “Royal Mail Group Security Investigation Guidelines — Group Security
Investigation Circular 5- 2008: Written Records of Tape Recorded Interviews” (20
November 2008) (POL00104818);
ii) “Royal Mail Group Security Investigation Guidelines — Group Security
Investigation Circular 5- 2008: Written Records of Tape Recorded Interviews”
(version 5, June 2010) (POL00104836);
iii) “Royal Mail Internal Investigation Team — Criminal Investigation Team — 7.4
Interviewing Suspects” (version 1.0 final, March 2011) (POL0014867);
Page 28 of 48
47.
WITNO6900100
WITN06900100
iv) “Appendix 1 to P&S 7.4 Interviewing Suspects on tape — Quick Reference
Guide England and Wales” (version 1, March 2011) (POL00104859);
v) “Appendix 4 — Interviewing Suspects Using Notes of Interview Quick Reference
Guide — England & Wales’ (version 1, March 2011) (POL00104861);
vi) “Royal Mail Internal Information — Criminal Investigation Team — 8.6 Written
Record of Tape Recorded Interviews” (version 1.0 final, June 2011)
(POL00104875);
I can say that the publication date of all of these documents post-dates my
departure from Post Office Ltd to Royal Mail Group. Consequently I am unable to
make any comment on the provision of these documents to POL Investigators
after December 2006.
I have been asked “What instructions, guidance and / or training were given to
investigators within the Security team about taking witness statements in the
course of an investigation?” As with the question at paragraph 45 above regarding
interviewing, I have been provided with none of the instructions or guidance
documents that would have been available to POL investigators during the time
that I was Head of Security POL. Again, however, I would draw attention to the
documents quoted in the following paragraph 48, in particular the document
“Royal Mail Group Security — Procedures & Standards — Witness Statements”
(version 2,
January 2010) (POL00104827)’ and say that I believe that these are an update on
earlier documents that would have provided similar guidance to investigators.
Page 29 of 48
48.
49.
WITNO6900100
WITN06900100
I have been asked whether any of the following documents were provided to
investigators within the Security team, and for any that were, to please summarise
the key points in the document:
i) “Royal Mail Group Security —- Procedures & Standards — Witness Statements”
(version 2, January 2010) (POL00104827);
ii) “Royal Mail Group Ltd Security — Procedures & Standards — Appendix 2 to
P&S 5.4 — Managing the Witness and Structure and Contents of Witness
Statements” (version 1, January 2010) (POL00104826).
I can say that the publication date of all of these documents post-dates my
departure from Post Office Ltd to Royal Mail Group. Consequently I am unable to
make any comment on the provision of these documents to POL Investigators
after December 2006.
I have been asked “What instructions, guidance and / or training were given to
investigators within the Security team about conducting searches in the course of
an investigation?” As with the question at 45 above regarding interviewing, I have
been provided with none of the instructions or guidance documents that would
have been available to POL investigators during the time that I was Head of
Security POL. Again, however, I would draw attention to the documents quoted in
the following paragraph 50, in particular the document “Royal Mail Group Security
— Procedures & Standards — Searching” (version 5, January 2009)
(POL00104828)” and say that I believe that these are an update on earlier
documents that would have provided similar guidance to investigators.
Page 30 of 48
50.
51.
WITNO6900100
WITN06900100
I have been asked whether any of the following documents were provided to
investigators within the Security team, and for any that were, to please summarise
the key points in the document:
i) “Royal Mail Group Security - Procedures & Standards — Searching” (version 5,
January 2009) (POL00104828);
ii) “Royal Mail Group Security — Procedures & Standards — Searching” (version 6,
January 2011) (POL00104849).
I can say that the publication date of all of these documents post-dates my
departure from Post Office Ltd to Royal Mail Group. Consequently I am unable to
make any comment on the provision of these documents to POL Investigators
after December 2006.
I have been asked what instructions, guidance and / or training were given to
investigators within the Security team about the duty on an investigator to
investigate a case fully? Although I have not been provided with any documents
on which to rely for this, I can say that I believe that all investigators would have
been made aware, during the course of their training, of the importance of
following all avenues during an investigation, so that the investigation is
completed in the fullest manner possible, and that all information and evidence,
whether in support of an allegation or counter to the allegation, should be
gathered and made available to the suspect's managers (for employees and
agents), to casework management and lawyers advising on the case and, in due
course if a prosecution ensues, to the defence.
Page 31 of 48
52.
53.
54.
WITNO6900100
WITN06900100
I have also been asked what instructions, guidance and / or training were given to
investigators within the Security team about obtaining evidence in the course of an
investigation? Again, although I have not been provided with any documents on
which to rely for this, I can say that I believe that all investigators would have been
made aware, during the course of their training, of the importance of gathering all
available information and evidence, whether in support of an allegation or counter
to the allegation, and making it all available to the suspect's managers (for
employees and agents), to casework management and lawyers advising on the
case and, in due course if a prosecution ensues, to the defence.
I have been asked “Were the Security team ever given guidance on whether and
in what circumstances evidence should be sought from third parties who might
hold relevant evidence and, in particular, Fujitsu, where shortfalls were identified
in branch?” I have no direct personal experience on which to rely for this, but as I
note above I believe that all trained investigators would have been aware of their
duty to investigate and acquire all relevant evidence and, in the case of a branch
operating on Horizon, where it was believed that Fujitsu as the system operator
had additional evidence beyond that available through Post Office Ltd channels,
this evidence should have been sought from Fujitsu.
I have been asked “What instructions, guidance and / or training were given to
investigators within the Security team about an investigator’s disclosure
obligations?” As with the question at paragraph 45 above regarding interviewing, I
have been provided with none of the instructions or guidance documents that
would have been available to POL investigators during the time that I was Head of
Page 32 of 48
WITNO6900100
WITN06900100
Security POL. Again, however, I would draw attention to the documents quoted in
the following paragraph 55, in particular the document “Royal Mail Group Ltd
Security - Procedures & Standards — Appendix 1 to P&S 9.5 Disclosure of
Unused Material & the Criminal Procedure and Investigations Act 1996” (July
2010) (POL00104848)” and say that I believe that these are an update on earlier
documents that would have provided similar guidance to investigators.
I have been asked whether any of the following documents were provided to
investigators within the Security team, and for any that were, to please summarise
the key points in the document:
i) “Royal Mail Group Ltd Security — Procedures & Standards — Appendix 1 to P&S
5.4 — Rules and Continuity of Evidence” (version 1, January
2010)(POL00104891);
ii) “Royal Mail Group Ltd Security —- Procedures & Standards — Appendix 1 to
P&S 9.5 Disclosure of Unused Material & the Criminal Procedure and
Investigations Act 1996” (July 2010) (POL00104848);
iii) Royal Mail Internal Information — Criminal Investigation Team — Appendix 7 to
7.4 Dealing with Defence Solicitors & Complaints by Suspects (version 1, March
2011) (POL00104893).
I can say that the publication date of all of these documents post-dates my
departure from Post Office Ltd to Royal Mail Group. Consequently I am unable to
make any comment on the provision of these documents to POL Investigators
after December 2006.
Page 33 of 48
56.
57.
WITNO6900100
WITN06900100
I have been asked “What instructions, guidance and / or training were given to
investigators within the Security team about drafting investigation reports to
enable a decision to be made about the future conduct of a case?” As with the
question at paragraph 45 above regarding interviewing, I have been provided with
none of the instructions or guidance documents that would have been available to
POL investigators during the time that I was Head of Security POL. Again,
however, I would draw attention to the documents quoted in the following
paragraph 57, “Royal Mail Internal Information — Criminal Investigation Team — 8.2
Guide to the Preparation of Suspect Offender Reports, England, Wales and
Northern Ireland” (version 1.0 final, June 2011) (POLO0104881) and “Royal Mail
Internal Information — Criminal Investigation Team — Appendix 1 to 8.2 Suspect
Offender Reports, Preamble Guide, England, Wales and Northern Ireland (version
1.0 final, June 2011) (POL00104879). and say that I believe that these are an
update on earlier documents that would have provided similar guidance to
investigators.
I have been asked whether any of the following documents were provided to
investigators within the Security team, and for any that were, to please summarise
the key points in the document:
i) “Royal Mail Internal Information — Criminal Investigation Team — 8.2 Guide to
the Preparation of Suspect Offender Reports, England, Wales and Northern
Ireland” (version 1.0 final, June 2011); (POL00104881)
ii) “Royal Mail Internal Information — Criminal Investigation Team — Appendix 1 to
8.2 Suspect Offender Reports, Preamble Guide, England, Wales and Northern
Ireland (version 1.0 final, June 2011) (POL00104879).
Page 34 of 48
58.
59.
WITNO6900100
WITN06900100
I can say that the publication date of all of these documents post-dates my
departure from Post Office Ltd to Royal Mail Group. Consequently I am unable to
make any comment on the provision of these documents to POL Investigators
after December 2006.
I have been asked to “Please consider the last heading on page 6 of the
document entitled “Security Operations Casework Review” (February 2013) at
POL00105223. Prior to the introduction of the tool Credence (which the Inquiry
understands to have been introduced in 2009), what analysis was done by
Security team investigators of Horizon data when a SPM / SPM'’s assistant /
Crown Office employee attributed a shortfall to problems with Horizon? Is the
document at POL00105213 of relevance to this question and if so can you assist
with the likely date of the document?” I can say that the first document
POL00105223 post-dates my departure from POL by over 6 years, and the
second document POL00105213 means nothing to me. Consequently I cannot
assist with this question.
I have been asked “For the period of time you held relevant roles, please explain
the process for requesting Horizon data from Fujitsu and how that process
changed over time.” I can say that at no point in my time at POL did I have any
requirement to request Horizon data from Fujitsu, that I never requested Horizon
data from Fujitsu and that I cannot explain anything about the process or how it
may have changed over time.
Page 35 of 48
60.
61.
62.
63.
64.
WITNO6900100
WITN06900100
I have been asked “What were ARQ logs and what did you understand their use
to be? What other logs were you aware of and how did they differ?” I can say that
I have no idea what ARQ logs are, nor am I aware of any other logs with respect
to Horizon.
I have been asked “Whose decision was it whether ARQ data was requested from
Fujitsu in any given case?” I have no knowledge to enable me to answer this
question.
I have been asked “Where a shortfall had been identified and the relevant SPM /
SPM’s assistant / Crown Office employee was attributing the shortfall to problems
with Horizon, where the SPM / SPM’s assistant / Crown Office employee did not
have corroborating evidence of material problems with Horizon, was ARQ data
requested from Fujitsu as a matter of course? If not, why not?” Again, I have no
knowledge or experience that would enable me to answer this question or its
supplemental.
I have been asked “Where ARQ data was obtained from Fujitsu, in circumstances
where a shortfall had been identified and the relevant SPM was attributing the
shortfall to problems with Horizon, was this data provided to the SPM in question
as a matter of course? If not, why not?” Once again, I have no knowledge or
experience that would enable me to answer either of these questions.
I have been provided with a list of names and have been asked “What (if any) are
your recollections of the following criminal cases:” I have chosen not to list the
Page 36 of 48
65.
66.
67.
WITNO6900100
WITN06900100
names in this statement but can say that at no point in my time as Head of
Security POL did I ever perform the role of investigator, and consequently I never
investigated any specific cases involving sub-postmasters, sub-post office
assistants or crown office counter clerks. None of these names are familiar to me
nor are the details of their cases.
I have been asked “whether there are any prosecutions (including but not limited
to the above) which you had a role in as investigator which you consider are
relevant to the matters being investigated by the public inquiry (in particular, bugs,
errors and defects in the Horizon system)? If so, why do you consider them to be
relevant?” I can say, as I have noted above, that I had no direct involvement in
any investigations which I would consider relevant to the Inquiry, and I have no
knowledge of bugs, errors, or defects in the Horizon system.
I have been asked, looking back, whether I have any concerns about any criminal
cases in which I was involved? I can say that I had no direct involvement in any
investigation case involving a frontline POL employee, sub-postmaster or sub-
office assistant after 1996, and that I have no unresolved concerns about any Post
Office or Royal Mail Group criminal case in which I was involved.
I have been asked “Did you have, or were you aware of, any concerns regarding
the robustness of the Horizon IT system during your time working for the Post
Office / RMG? In this context, the term “robustness” includes (a) the accuracy and
integrity of the data recorded and processed by the Horizon IT System (b) the
extent to which deficiencies in the Horizon IT System were capable of causing and
Page 37 of 48
68.
WITNO6900100
WITN06900100
/ or caused apparent discrepancies or shortfalls in the branch accounts (c) the
ability of the Horizon IT System to identify errors in data and discrepancies or
shortfalls in branch accounts and the cause of the same and (d) the ability of the
Horizon IT System continue to operate satisfactorily in the presence of adverse
conditions.” I can say that at no time did I have any real involvement with the
Horizon IT System and that I had no concerns regarding the robustness of the
system whilst I worked for POL or RMG. I was not aware of any other person
expressing concerns about the robustness of the system either. I will note that
during the period towards the end of my tenure in POL when the Equipment Team
worked for me, the team ran a programme to roll out or update (I’m not sure
which) Uninterruptible Power Supplies (UPSs) to various branch and sub-post
offices, to ensure the capacity of Horizon equipment to operate in the event of a
power cut. However, whilst that would clearly be an adverse condition, I do not
believe that anybody would expect a computer system to continue to operate,
satisfactorily or otherwise, in the absence of electric power.
I have been asked to “consider section 6 of the “Post Office Ltd —- Security Policy:
Accounting losses policy for agency branches” (version 1, February 2003) at
POL00086845) and the same section in the “Post Office Ltd — Security Policy:
Liability for losses policy (for agency branches)” (version 1.7, September 2003)
(POL00088867).” I have then been asked “Did the suggestion that system faults
with Horizon were “very rare” correspond with your understanding of the position
in 2003?” I can say that the statement, made at the relevant times in two
documents owned by me, that “System faults are very rare...” was exactly my
understanding of the situation with the Horizon system at that time and throughout
Page 38 of 48
69.
70.
WITNO6900100
WITN06900100
my time as Head of Security at POL. It was a position held and promulgated by
the IT Directorate and the Horizon roll-out programme, by the Retail Line and by
other departments in the Operations directorate and I had no reason, examples or
evidence to believe otherwise, or I would not have assured these documents.
I have been asked to consider documents bearing the URNs NFSP00000458
(NFSP NEC October 1999), NFSP00000447 (NFSP NEC January 2000),
NFSP00000540 (NFSP NEC June 2001), NFSP00000481 (NFSP NEC January
2004), NFSP00000474 (NFSP NEC March 2004), NFSP00000509 (NFSP NEC
June 2004), NFSP00000517 (NFSP NEC March 2006) and NFSP00000444
(NFSP Neg Comm October 2006). I have done so.
I have been asked to “Please summarise the nature and extent of your
interactions with the NFSP.” I can say that, following my appointment in
September 1999 I met regularly with the then NFSP General Secretary Colin
Baker and his relevant deputy John Peberdy. I believe the objective was to hold
quarterly meetings, although this timescale could elongate depending on
availability, issues to discuss and progress on issues previously raised. Generally
speaking the sorts of issues discussed were levels of burglary and robbery and
steps being taken to investigate and prevent these. We also discussed and I
provided regular updates on levels of funding for investment in security equipment
and how this would be rolled out. General points about criminal investigations
came up occasionally and, very occasionally, specific cases were raised. During
the period that I was responsible for the Audit Team the issue of losses and the
Page 39 of 48
71.
72.
WITNO6900100
WITN06900100
review of the policy on the recovery of losses obviously also came up, according
to the documents provided.
I have been asked “Did the NFSP ever raise concerns with you the robustness of
the Horizon IT system and / or about action being taken against SPMs following
the identification of discrepancies between Horizon generated cash and stock
positions and the actual physical position in branch? If so, how did you respond to
those concerns?” I can say that I have no recollection of the NFSP ever raising
specific concerns with me over the robustness of the Horizon system or about the
Horizon system in the context of action being taken against sub-postmasters
following the identification of discrepancies at a branch. That said, there was a
regular background level of general complaint from the NFSP about crime, losses
and the POL contractual position on recoveries of losses and I refused to be
drawn into general discussions without specific examples. Where any specific
examples of cases were provided to me these were passed to the relevant person
in my team or, occasionally, to a suitable person outside the team and I made a
point of feeding back on the issue at the next Security/NFSP meeting. I do not
recollect any specific case being raised with me where an issue was alleged with
the accuracy of Horizon data.
I have been asked to consider the minutes of a meeting of the POL Board of
Directors on 20 August 2003 at POL00021483. I can see that I am noted as being
“in attendance”. I can see no indication from the available text as to why I was at
the meeting, but I presume that I was there only for a portion of the meeting,
relating to a subject that was redacted from the minutes before they were supplied
Page 40 of 48
73.
74.
75.
76.
WITNO6900100
WITN06900100
to the Inquiry. I was not a Director in POL at this or any other time, and at no time
was I a Board Director or officer of either Post Office Ltd or Royal Mail Group.
I have been asked how frequently I attended Board meetings when I held the role
of Head of Security. As can be inferred from my answer in paragraph 72 above, I
rarely attended Board meetings, only as required if there was a specific security-
related matter to raise at Board level that my Director did not feel able to cover. In
these cases I would only be present for my specific topic. I doubt that I attended
more than 5 or 6 in this manner in my 7 years in POL.
I have been asked whether I recall any concerns being raised at Board meetings
about the robustness of the Horizon IT system and / or about action being taken
against SPMs following the identification of discrepancies between Horizon
generated cash and stock positions and the actual physical position in branch,
and if so who raised concerns and how were they dealt with? I can say that I do
not remember any mention of the robustness of Horizon or of action being taken
against sub-postmasters being raised at any Board meeting that I attended.
I have been asked whether I raised any such concerns myself, and if so what was
the response to any such concerns? I can say that I never had cause to raise any
such concerns and did not do so.
I have been asked if there are any other matters that I wish to bring to the
attention of the Chair of the Inquiry? As a matter of candour I wish to advise the
Inquiry that, in keeping with the authorization given and recommendation made to
Page 41 of 48
WITNO6900100
WITN06900100
me in the request dated 14'" April 2023, I have made contact with Post Office Ltd
to establish whether they and their insurance cover would provide funding for me
to obtain legal advice on this matter, if required. As part of this contact, as
permitted, I have shared details of the Rule 9 Request dated 14" April 2023 with
POL Legal Services. Post Office Ltd have confirmed that they would provide such
funding, however I have not felt it necessary to obtain legal advice in the
production of this statement and I have not shared any details of the draft or final
statement with POL, their lawyers or any other legal representative. I will advise
the Inquiry if and when this situation changes. There are no other matters that I
wish to bring to the attention of the Chair of the Enquiry.
Statement of Truth
Page 42 of 48
Index to First Witness Statement of Tony Marsh WITNO690
No
RN
Document Description
WITNO6900100
WITN06900100
Control Number
1
WITNO05970148
Horizon: Management of Security in the
Live Environment
1TN05970148
FUJ00001986
Fujitsu Services/Post Office Ltd
(Operational Business Change -Branch
Interface Agreement
PPOINQ0008157F
FUJ00001999
(Operational Business Change - Branch,
Service Descriptions and schedule of
service prices
POINQ0008170F
FUJ00126036
Email chain RE: Impact Branch Trading
issues
POINQ0132249F
FUJ00126042
Impact R3 Branch trading Issues
POINQ0132255F
FUJ00089971
Branch Trading Reporting, Management
and Control and Transaction
Management Conceptual Design
POINQ0096142F
POL00088904
Losses and gains policy within the POCL
agency network (version 1, 20 November
(1998
IPPOL-0085962
POL00086845
Post Office Ltd — Security Policy:
Accounting losses policy for agency
branches (version 1, February 2003)
IPOL-0083903
POL00088867
Post Office Ltd — Security Policy: Liability
or losses policy (for agency branches)
version 1.7, September 2003)
PPOL-0085925
10
LCAS0000124
(A Brief History of Investigations,
Prosecutions and Security in Royal Mail
1$00010364
11
POL00030578
Royal Mail Group Ltd Criminal
Investigation and Prosecution Policy (1
December 2007)
POL-0027060
12
POL00104812
Royal Mail Group Ltd Criminal
Investigation and Prosecution Policy (1
December 2007)
IPOL-0080444
Page 43 of 48
aS
RN
Document Description
WITNO6900100
WITN06900100
Control Number
POLO00104806
Royal Mail Group Security — Procedures
& Standards — Standards of Behaviour
and Complaints Procedure (version 2,
(October 2007)
IPOL-0080438
15
POL00031004
POLO00031003
Royal Mail Group Crime and Investigation
$2) (version 3.0, September 2008)
Royal Mail Group Crime and Investigation
Policy (version 1.1, October 2009)
IPPOL-0027486
POL-0027485
16
POL00030580
Post Office Ltd - Security Policy — Fraud
Investigation and Prosecution Policy”
version 2, 4 April 2010)
POL-0027062
17
18
POL00030579
POL00026573
Post Office Ltd Financial Investigation
Policy (4 May 2010)
Royal Mail Group Security - Procedures &I
Standards — The Proceeds of Crime Act
2002 & Financial Investigations” (version
(1, September 2010)
POL-0027061
PPOL-0023214
19
20
POL00104857
POL00031008
Royal Mail Group Security - Procedures &
Standards — Initiating Investigations”
September 2010)
Royal Mail Group Ltd Criminal
Investigation and Prosecution Policy”
version 1.1, November 2010)
IPOL-0080489
IPOL-0027490
21
22
POLO00104853
POL00104855
Post Office Ltd Financial Investigation
Policy (version 2, February 2011)
Post Office Ltd Anti-Fraud Policy
February 2011)
IPOL-0080485
IPOL-0080487
23
POL00030786
Royal Mail Group Policy Crime and
Investigation S2” (version 3.0, April 2011)
IPPOL-0027268
24
POL00104929
Post Office Limited: Internal Protocol for
(Criminal Investigation and Enforcement
with flowchart), (October 2012)
PPOL-0080561
Page 44 of 48
No I URN
Document Description
WITNO6900100
WITN06900100
Control Number
POLO00105226
[Undated Appendix 1 - POL Criminal
Investigations and Enforcement
Procedure (flowchart), (October 2012)
IPOL-0080851
26
27
POLO00030602
POL00031005
Draft Post Office Limited: Criminal
[Enforcement and Prosecution Policy
November 2012)
(Conduct of Criminal Investigations Policy
version 0.2, 29 August 2013)
POL-0027084
IPOL-0027487
28
POL00027863
(Conduct of Criminal Investigations Policy
version 3, 10 February 2014)
IPOL-0024504
29
POL00104809
Royal Mail Group Security - Procedures
& Standards — Suspension from Duty”
version 1, November 2005)
PPOL-0080441
30
POL00105231
Royal Mail Internal Information — Criminal
Investigation Team — 7.11 Suspension
rom Duty” (version 1.0 final, May 2012)
IPPOL-0080856
31
POL00030659
Post Office Internal Prosecution Policy
Dishonesty) (December 1997)
PPOL-0027141
32
POL00030800
Royal Mail Group Policy Prosecution
$3)’ (created September 2008, version 3
effective from April 2011)
POL-0027282
33
34
POL00031011
POL00030598
Royal Mail Group Prosecution Policy”
version 2.1, October 2009)
Royal Mail Security - Procedures and
Standards - Prosecution Decision
Procedure” (version 2, January 2011)
IPPOL-0027493
POL-0027080
35
36
POLO00030685
POL00031034
Royal Mail Group Prosecution Policy
version 3.0, April 2011)
Post Office Prosecution Policy (version
(1.0) (effective from 1 April 2012)
IPOL-0027167
POL-0027516
37
POL00030686
Post Office Prosecution Policy England
and Wales (effective from 1 November
2013)
Page 45 of 48
PPOL-0027168
URN
Document Description
WITNO6900100
WITN06900100
Control Number
POL00030811
Post Office Limited Prosecution Policy for
England and Wales (version 1, 22
January 2016)
IPOL-0027293
39
POLO00104818
Royal Mail Group Security Investigation
(Guidelines — Group Security Investigation
(Circular 5- 2008: Written Records of Tape
Recorded Interviews (20 November 2008)
IPOL-0080450
40
4
POL00104836
POL00104867
Royal Mail Group Security Investigation
(Guidelines — Group Security Investigation
(Circular 5- 2008: Written Records of Tape
Recorded Interviews (version 5, June
2010)
Royal Mail Internal Investigation Team —
(Criminal Investigation Team — 7.4
Interviewing Suspects (version 1.0 final,
March 2011)
PPOL-0080468
IPPOL-0080499
42
POL00104859
Appendix 1 to P&S 7.4 Interviewing
Suspects on tape — Quick Reference
(Guide England and Wales’ (version 1,
March 2011)
IPOL-0080491
43
POL00104861
Appendix 4 — Interviewing Suspects
Using Notes of Interview Quick Reference
(Guide — England & Wales” (version 1,
larch 2011)
IPOL-0080493
44
45
POL00104875
POL00104827
Royal Mail Internal Information — Criminal
Investigation Team — 8.6 Written Record
of Tape Recorded Interviews” (version 1.0
final, June 2011)
Royal Mail Group Security — Procedures
& Standards — Witness Statements”
version 2, January 2010)
IPOL-0080507
IPPOL-0080459
46
POLO00104826
Royal Mail Group Ltd Security —
Procedures & Standards — Appendix 2 to
P&S 5.4 — Managing the Witness and
Structure and Contents of Witness
Statements” (version 1, January 2010)
IPOL-0080458
Page 46 of 48
URN
Document Description
WITNO6900100
WITN06900100
Control Number
POLO00104828
Royal Mail Group Security — Procedures
& Standards — Searching’ (version 5,
January 2009)
IPOL-0080460
48
49
POLO00104849
POL00104891
Royal Mail Group Security — Procedures
& Standards — Searching’ (version 6,
January 2011)
Royal Mail Group Ltd Security —
Procedures & Standards — Appendix 1 to
P&S 5.4 — Rules and Continuity of
Evidence” (version 1, January 2010)
IPOL-0080481
POL-0080523
50
POL00104848
Royal Mail Group Ltd Security —
Procedures & Standards — Appendix 1 to
P&S 9.5 Disclosure of Unused Material &
lhe Criminal Procedure and Investigations,
Act 1996” (July 2010)
IPOL-0080480
51
POL00104893
Royal Mail Internal Information — Criminal
Investigation Team — Appendix 7 to 7.4
Dealing with Defence Solicitors &
Complaints by Suspects (version 1,
March 2011)
IPPOL-0080525
52
POL00104881
Royal Mail Internal Information — Criminal
Investigation Team — 8.2 Guide to the
Preparation of Suspect Offender Reports,
England, Wales and Northern Ireland”
version 1.0 final, June 2011)
POL-0080513
53
POL00104879
Royal Mail Internal Information — Criminal
Investigation Team — Appendix 1 to 8.2
Suspect Offender Reports, Preamble
Guide, England, Wales and Northern
Ireland (version 1.0 final, June 2011)
POL-0080511
54
POL00105223
Security Operations Casework Review”
February 2013)
IPOL-0080848
55
56
POL00105213
NFSP00000458
Fraud Risk Security Pro-forma - Guide To
(Obtaining Reports From Horizon
INFSP NEC October 1999
IPOL-0080838
1$00008916
Page 47 of 48
WITNO6900100
WITN06900100
No I URN Document Description Control Number
57 NFSP00000447 NFSP NEC January 2000 1S00008905
58 NFSP00000540 NFSP NEC June 2001 1S00008998
59 NFSP00000481 NFSP NEC January 2004 1S00008939
60 NFSP00000474 NFSP NEC March 2004 1S00008932
61 NFSP00000509 NFSP NEC June 2004 1S00008967
62 NFSP00000517 NFSP NEC March 2006 1S00008975
63 NFSP00000444 NFSP Neg Comm October 2006 1S00008902
64 POL00021483 inutes of a meeting of the POL Board of POL0000016
Directors on 20 August 2003
Page 48 of 48