3.41 One of the Department's key objectives, and in contemporary Private Finance Initiative thinking an imperative in terms of getting the project off the public sector's balance sheet, was to reduce the risk of fraud. Their business case for the project relied fundamentally on eliminating the cost of this fraud. In the existing paper system, such fraud includes:
■ loss or theft of order books and girocheques which are used by the wrong person;
■ manipulation, for example amounts changed or order book covers and foils swapped;
■ counterfeiting of payment instruments; and
■ customers continuing to cash a book which has been recalled.
3.42 The areas where the purchasers sought risk transfer to the supplier were set out in early project documents, such as the Prospectus, Request for Statement of Capabilities and the Statement of Service Requirements. But the purchasers did not hold detailed discussions about the exact transfer of fraud risk with each service provider until January 1996, just before the issue of the formal Invitation To Tender in February 1996. Where such unique and significant liabilities are involved, it is now recognised as good practice to reach an acceptable understanding with service providers much earlier in the process. Because there was at the time little experience and formal guidance in government on risk transfer the purchasers had to develop their own approach.
3.43 The differing readiness of the shortlisted bidders to accept fraud risk played a major role in the selection of Pathway as supplier. As well as being potentially massive, exposure to fraud broke new ground for the service providers. The two unsuccessful shortlisted bidders told us that they were very concerned about the risk exposure that bidders were being asked to accept. This concern focused on the maximum liability of £200 million to cover fraud and system failure or poor performance over the life of the contract. This suggested to them that they could be exposed to fraud or failures attributable in some way to failures by post office staff who operated the system or by the Department. They told us that these factors were reflected in very large risk premia within their bids. One bidder had decided not to bid at all until urged to do so by the purchasers.
3.44 Conversely Pathway told us that having assessed the security measures in their technical solution they had concluded that their probable exposure was only a handful of millions each year. So they were not deterred by this element of the Invitation To Tender. Under the contract they saw the Department and Post Office Counters Ltd as still being liable for instrument of payment fraud attributable to Department and post office staff and systems.
3.45 At the time the Card project was cancelled there had been no proven cases of fraud attributable to misuse or misappropriation of payment cards at the 200 post offices disbursing child benefit. Pathway had paid refunds to the Department totalling £2,000 in respect of duplicate payments to claimants attributable to deficiencies in the performance of their initial go-live system.
3.46 The failure to implement the new benefit payment arrangements nationally for all benefits by 1999 as planned had exposed the Department to an estimated £100 million or more of fraud a year through continued misuse of order books and girocheques.