You might want to consider the cost of not upgrading legacy tech, UK's Department for Work and Pensions told

Processes relying on 1980s ICL mainframe contributed to £1bn pension black hole


Brit MPs have told the Department for Work and Pensions (DWP) it should factor in the cost of not upgrading a 34-year-old legacy system when reviewing tech investments after it contributed to a £1bn pension shortfall.

The department should consider whether there are "cost-effective ways to upgrade its IT systems and enhance its administrative processes to ensure the quality and timeliness of management information and reduce the risk of repeated errors," a report from the Public Accounts Committee (PAC) said.

This follows a report by the National Audit Office (NAO) which found that a legacy ICL-era mainframe was one of the causes behind the failure to pay more than £1bn in state pensions.

The NAO said that contributing to systematic errors were processes that relied on systems with "limited automation" and required "the use of multiple systems and interpretation of complex rules."

Despite the difficulty and cost of upgrading legacy technology, the DWP should also consider the downside cost of remaining reliant on it, the PAC said. "In prioritising what IT infrastructure to upgrade, it should factor in the opportunity cost of not upgrading old systems, including the cost of errors and underpayments to the citizen."

MPs said the DWP processes were "not fit for purpose."

"The underlying IT system that is it relies on to manage millions of pensioner records dates back to 1988 and is heavily manual. Despite the complexity of state pension entitlements and the increased risk posed by manual processes, the department's existing quality checks failed to identify the systematic underpayment of thousands of pensioners.

"The department repeatedly missed opportunities to upgrade and instead added new functionality by introducing additional systems on top of the first, some of which are also increasingly out-of-date, increasing the complexity of its administration," the PAC said.

First introduced in 1988, the Pension Service Computer System (PSCS) remains the main system to manage millions of pensioner records. It was said to be one of the first Virtual Machine Environment (VME) mainframe computers to be installed by central government, supplied by ICL Limited, which was later bought by Fujitsu.

Fujitsu said it would support VME until 2020, after which it offered migration to a cloud-based managed service, according to an earlier NAO report [PDF]. "This will enable VME users to run their legacy applications on modern infrastructure."

The latest PAC report said DWP staff were resistant to upgrading PSCS – the state pension "workhorse" – because "the process of doing that is incredibly complex and very risky from a business point of view."

As well as the PSCS, DWP staff access different IT systems and manually copy information from one system to another to calculate pension awards. Other systems include:

  • The National Insurance Record System (NICs) owned by HM Revenue & Customs (HMRC)
  • The Customer Account Management system (CAM), launched in 2006 to support record management and history of the state pension
  • The CAMlite system, also launched in 2006, for customers who live or have lived outside the UK

The DWP £1bn pensions black hole relates to rules under which married women could claim 60 per cent of their basic state pension based on their husband's record of contributions. Some of the women affected have battled for years to get the department to admit to the errors. Staff time on the repayments is expected to mount to £25m and the job will not be finished before 2023.

The BBC quoted one grandmother of four as saying she had spent two years battling for her money before she eventually received £7,334 in back payments for eight years of missed pensions.

At the time of the NAO report, a DWP spokesperson said: "We are fully committed to ensuring the historical errors that have been made by successive governments are corrected, and as this report acknowledges, we're dedicating significant resources to doing so. Anyone impacted will be contacted by us to ensure they receive all that they are owed.

"Since we became aware of this issue, we have introduced new quality control processes and improved training to help ensure this does not happen again." ®


Other stories you might like

  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading
  • Big Tech loves talking up privacy – while trying to kill privacy legislation
    Study claims Amazon, Apple, Google, Meta, Microsoft work to derail data rules

    Amazon, Apple, Google, Meta, and Microsoft often support privacy in public statements, but behind the scenes they've been working through some common organizations to weaken or kill privacy legislation in US states.

    That's according to a report this week from news non-profit The Markup, which said the corporations hire lobbyists from the same few groups and law firms to defang or drown state privacy bills.

    The report examined 31 states when state legislatures were considering privacy legislation and identified 445 lobbyists and lobbying firms working on behalf of Amazon, Apple, Google, Meta, and Microsoft, along with industry groups like TechNet and the State Privacy and Security Coalition.

    Continue reading
  • SEC probes Musk for not properly disclosing Twitter stake
    Meanwhile, social network's board rejects resignation of one its directors

    America's financial watchdog is investigating whether Elon Musk adequately disclosed his purchase of Twitter shares last month, just as his bid to take over the social media company hangs in the balance. 

    A letter [PDF] from the SEC addressed to the tech billionaire said he "[did] not appear" to have filed the proper form detailing his 9.2 percent stake in Twitter "required 10 days from the date of acquisition," and asked him to provide more information. Musk's shares made him one of Twitter's largest shareholders. The letter is dated April 4, and was shared this week by the regulator.

    Musk quickly moved to try and buy the whole company outright in a deal initially worth over $44 billion. Musk sold a chunk of his shares in Tesla worth $8.4 billion and bagged another $7.14 billion from investors to help finance the $21 billion he promised to put forward for the deal. The remaining $25.5 billion bill was secured via debt financing by Morgan Stanley, Bank of America, Barclays, and others. But the takeover is not going smoothly.

    Continue reading

Biting the hand that feeds IT © 1998–2022