IBM committed 'ethical transgressions' to win botched project

Big Blue bid way too low, but Gov incompetence was main reason for $1bn blowout

IBM has found to have acted unethically during a bid to win work developing a new payroll application for the Australian state of Queensland's Department of Health, but has not been held directly or solely responsible for the $AUD1bn blowout in costs on the project.

IBM's been under the microscope for its role in this project because it started life in 2007 as a $6m job. That became $27m and has now reached over a billion dollars, because the application is a dud: staff have been overpaid, underpaid, forced to repay money and sometimes not paid at all. With the health sector having a colossal and unionised workforce, those stories and the blowouts became political dynamite. That the only way to get the application working was to throw people at it – as of May 2012 1,010 people worked with the app and handled 92,000 forms a fortnight – meant the system had increased costs instead of producing savings.

Worst of all, despite the mess Queensland's government decided not to pursue IBM for damages, a scandal that meant when a new government formed an inquiry into the matter was a fine idea from both governance and political perspectives.

That inquiry's final report (PDF) emerged today and is not pretty reading for IBM or the State of Queensland.

Let's start with IBM, which as keen readers may recall found itself under investigation thanks to one Michael Burns, a former senior IBM executive who found himself consulting on the project to the Queensland government. Burns agreed with a policy to implement a prime contractor for the project and encouraged IBM to bid.

The report is not kind to Burns (referred to as 'Mr Burns' throughout), who the report says “entertained a distinct partiality for IBM and, indeed, displayed a bias in its favour”. That bias saw Burns adjust assessment criteria to favour IBM's bid.

IBM Global's s commercial and public sector, Lochlan James Bloomfield, also comes off badly, with the report saying he must have known that Burns “was behaving extraordinarily for a man charged with the responsibility of investigating a very substantial government IT program and guiding the procurement process for a contractor to take it over.” The report suggests Bloomfield's “emails to his superiors indicate that he understood that a valuable business opportunity was being offered to IBM which it should do its utmost to exploit. He cannot have thought the same favouritism was extended to his competitors.”

Bloomfield's competitors were Logica and Accenture, both of which were familiar with the Department and its operations, experience that made them well-placed to do the payroll job. But Burns encouraged IBM to bid too, and at some point IBMers also found themselves able to access information about their rivals' bids. There's a suggestion they used the information gleaned from those documents to underbid the pair.

IBM's lower price was the main factor in it winning the deal, but the report says “evidence gives rise to a suspicion that IBM offered a price to win the tender which did not genuinely express its estimation of the true costs involved. I cannot make a definitive finding to that effect but the evidence suggests that is a distinct possibility.”

The report is very clear that none of this activity was corrupt. Indeed, Burns' motives remain obscure as there's no evidence he stood to profit from supporting IBM.

What's crystal clear is that Queensland's procurement and project management processes were hopeless. The report finds that just one person with governance responsibility for the project raised objections to the odd procurement process and that those objections weren't acted upon. The State also offered a terrible brief for the project. Here's how Commissioner Richard N Chesterman describes it's work:

“The State did not adequately communicate to IBM the business requirements for the workforce of Queensland Health which would permit IBM to design a payroll system which accommodated the number and complexity of pay rules. IBM did not actively elicit information about those requirements which would have allowed it to design such a system. The result was ongoing disputes about scope which resulted in changes to the contract, increases in price, and delays to the implementation date.”

The project didn't go well, with partial releases proving inadequate, in part because software was taken live even though it was known to be unready.

Things went predictably badly and by 2010, Queensland wanted to be shot of IBM and received advice it could terminate Big Blue's contract and start lobbing flaming sueballs in its direction.

But the State decided not to do so and instead settled with the company “driven by assumptions that without IBM’s presence there was a substantial risk that the payroll system would fail utterly and that if the State insisted upon its contractual right to terminate, IBM would disregard its disengagement obligations and refuse to assist with the remediation and/or improvement of the system.”

The report says one of the State's negotiators were “timid”, capitulated during negotiations with IBM, and should instead have gone in hard because the State stood to gain tens of millions of dollars in damages.

Commissioner Chesterman makes many recommendations on how Queensland can improve its procurement practices to avoid such messes in future. He's also critical of the concept of shared services, saying this project's failure “may be the most spectacular example of all the unsuccessful attempts to impose a uniform solution on a highly complicated and individualised agency.”

Chesterman also says IBM should never have won the work, due to “ethical transgressions of its employees arising out of the use of Accenture’s information”, lack of scrutiny of its proposed price and because “Mr Burns’ intervention in the evaluation process distorted and seriously flawed the selection of the Prime Contractor”.

He concludes that “The replacement of the Queensland Health payroll system must take a place in the front rank of failures in public administration in this country. It may be the worst.”

The Reg is aware of none to match it in Australia, and few that paint a major global vendor in such a poor light. ®

Similar topics

Other stories you might like

  • Research finds consumer-grade IoT devices showing up... on corporate networks

    Considering the slack security of such kit, it's a perfect storm

    Increasing numbers of "non-business" Internet of Things devices are showing up inside corporate networks, Palo Alto Networks has warned, saying that smart lightbulbs and internet-connected pet feeders may not feature in organisations' threat models.

    According to Greg Day, VP and CSO EMEA of the US-based enterprise networking firm: "When you consider that the security controls in consumer IoT devices are minimal, so as not to increase the price, the lack of visibility coupled with increased remote working could lead to serious cybersecurity incidents."

    The company surveyed 1,900 IT decision-makers across 18 countries including the UK, US, Germany, the Netherlands and Australia, finding that just over three quarters (78 per cent) of them reported an increase in non-business IoT devices connected to their org's networks.

    Continue reading
  • Huawei appears to have quenched its thirst for power in favour of more efficient 5G

    Never mind the performance, man, think of the planet

    MBB Forum 2021 The "G" in 5G stands for Green, if the hours of keynotes at the Mobile Broadband Forum in Dubai are to be believed.

    Run by Huawei, the forum was a mixture of in-person event and talking heads over occasionally grainy video and kicked off with an admission by Ken Hu, rotating chairman of the Shenzhen-based electronics giant, that the adoption of 5G – with its promise of faster speeds, higher bandwidth and lower latency – was still quite low for some applications.

    Despite the dream five years ago, that the tech would link up everything, "we have not connected all things," Hu said.

    Continue reading
  • What is self-learning AI and how does it tackle ransomware?

    Darktrace: Why you need defence that operates at machine speed

    Sponsored There used to be two certainties in life - death and taxes - but thanks to online crooks around the world, there's a third: ransomware. This attack mechanism continues to gain traction because of its phenomenal success. Despite admonishments from governments, victims continue to pay up using low-friction cryptocurrency channels, emboldening criminal groups even further.

    Darktrace, the AI-powered security company that went public this spring, aims to stop the spread of ransomware by preventing its customers from becoming victims at all. To do that, they need a defence mechanism that operates at machine speed, explains its director of threat hunting Max Heinemeyer.

    According to Darktrace's 2021 Ransomware Threat Report [PDF], ransomware attacks are on the rise. It warns that businesses will experience these attacks every 11 seconds in 2021, up from 40 seconds in 2016.

    Continue reading

Biting the hand that feeds IT © 1998–2021