CaseStudy
The Post Office-Horizon scandal is one of the biggest modern accounting scandals. Despite some unique aspects, all accountants can learn lessons from the aftermath. Christian Doherty reports
At the end of 2023, few observers would have predicted a decades-old IT failure to dominate the news agenda, prompting comment from politicians and celebrities alike. But the Post Office-Horizon scandal managed exactly that, even to the point of leading news bulletins for a full two weeks in January.
Acres of newsprint and hours of comment have been generated by the story, with the recent public inquiry offering more insight into how exactly thousands of innocent sub-postmasters found themselves variously charged with fraud, ignored by authorities and – in many cases – dismissed from the jobs they had come to love. Given that between 1999 and 2015, more than 900 sub-postmasters were convicted of theft, fraud and false accounting based on faulty Horizon data, it represents the biggest miscarriage of justice in UK legal history.
As Winston Churchill once put it: “Never let a crisis go to waste.” So what are the key lessons accountants can draw from the Horizon debacle?
1. Complexity of governance systems is a recipe for disaster
One of the most startling aspects of the Horizon scandal was how it laid bare the convoluted governance structure that underpinned the Post Office’s operations. Post Office Limited is a state-owned private limited company. As the organisation has developed over the years, there has grown a sometimes bewildering system of checks, balances, accountability and responsibility that takes in staff, executives, suppliers, partners, government, civil servants and the regulatory bodies that oversee the Post Office. Not surprising, then, that a culture of buck-passing and confusion took root as stakeholders handed off responsibility for tricky areas.
Key lesson: keep reporting lines clear, and always match responsibility with accountability.
Image: Getty
2. Siloed system leads to trouble
IT systems management developed in the late 1990s and early 2000s focused on what Martin Nikel, director of eDiscovery, litigation support and cyber risk at global consultancy Thomas Murray, calls ‘functionalisation’. “That’s where they would basically base their system on a manufacturing model, which compartmentalised different functions to gain efficiencies,” he says.
Nikel has written extensively on the scandal and says that by separating processes into buckets, companies create specialists in one specific task. He adds: “From a management perspective, that makes everything look easy and sleek, and allows you to improve the process.”
However, with that separation, communication between departments can suffer. “I think the biggest failing – and we saw this come out in some of the witness testimony – is that many people simply didn't understand what other people were doing,” Nikel explains.
“As a result, they didn’t ask any questions about the broader use of data, for instance. They didn’t ask, ‘What was it for?’ or ‘Why am I signing this witness statement?’ because they were never asked to think outside of the box. For accountants, that’s a really big issue. They have to ask those questions to understand what’s going on.”
Key lesson: encouraging staff to take a bigger picture view of the business to understand the wider context can generate more critical thinking and, by extension, better governance.
3. Professional scepticism is even more important these days
Asking those questions has to be a key priority for accountants in systems that might be separate. “So even in accountancy, you’ve got one person who is responsible for the ledger, another who handles something else. There is that lack of communication, where nobody is going to question other elements,” Nikel says.
“So often in the accounting world, the forensic accountants come in afterwards when things go wrong. Those are the people that then ask the questions. And if you see like Second Sight, for instance, where the forensic guys were brought in to investigate the Post Office scandal, they started asking the right questions – broader questions than just, ‘This is just how it works’.”
That, he believes, leaves the accountancy profession failing to bring to bear its carefully honed (and ethically critical) professional scepticism when suspecting governance failures are occurring. “When the process is siloed, too many people don’t understand the business,” says Nikel. “So accountants might understand the numbers, but they don’t necessarily understand where those numbers came from or how they were arrived at.”
Key lesson: whatever the potential benefits of technology (and potentially AI) , there is no substitute for a well-trained accountant’s judgement.
4. Audits are only useful if you take them seriously
There’s no doubt that the audits undertaken at the Post Office failed to have the stated effect: to uncover system and process failures, and drive improvement. Certainly, the Deloitte report which did highlight failings in the IT governance structure was largely ignored. “I think there’s some good examples where there were some big misses by the Post Office understanding what was reported back by the Deloitte report,” Nikel suggests.
“And those reports did flag some concerns with the Horizon system, but obviously that detail and information wasn’t acted on. I sometimes feel that these audit reports are very much like a rubber stamp that isn’t necessarily looked at in this level of detail that they should be, because it looked as though the attitude was, ‘The auditors say everything’s okay so no need to do anything’.
The danger in this instance is that, due to fractured and siloed processes, no one takes ownership of the follow-up work and nothing changes.
Key lesson: while the auditors might sign off the accounts, unless recommendations are absorbed and acted on, a valuable opportunity to improve is missed.
5. External experts and vendors need to understand their role and responsibilities
Most organisations engage external service providers occasionally as these experts can often speed up processes and deliver service. However, Nikel points out that in the Post Office scenario, where a large number of external service providers were engaged, conflicts of interest began to emerge.
The Post Office scandal was a classic example of dysfunctional client/agency relationships taking hold and leaving all parties compromised and systems prone to failure. In Nikel’s view, this debacle brings into focus the commercial relationship and independence of key advisers.
“Clearly there has been the emergence of a commercial aspect: that because you’re working for the organisation, and they are the client, you don’t want to say anything too difficult to them. So when you hear advisers saying, ‘Here’s the way you can get out of this thing’, as opposed to, ‘You really shouldn’t be doing this’, then it’s an immediate concern.
A blurring of the lines around this issue – where external contractors lost sight of their broader responsibilities to the public good – is a reminder of the accounting profession’s remit.
Key lesson: never forget the ultimate purpose of accounting: to provide assurance to the broader community that things are done right and to the highest ethical standard.
