The risk rating of the UK’s crime intelligence database is being elevated to “Red” by the governments projects’ watchdog as the DB struggles to migrate from a legacy Oracle platform.
The Police National Database (PND) shares information across all police forces, non-police law enforcement agencies, and regulatory bodies. The crucial database is meant to shift to the cloud, but procurement for this move has been delayed at by more than a year.
Last month, the National Infrastructure and Service Transformation Authority (NISTA), the HM Treasury unit that advises government on major projects, said the move from the amber assessment last year to red in 2025 was down to the Home Office, which runs the project, getting a impact assessment which revealed a five-month hold up in delivery.
“Since then, the Home Office has collaborated closely with the supplier [CGI IT UK Limited] to undertake a comprehensive review of the end-to-end delivery plan. This included significantly increasing commercial support and initiating a full programme reset,” the report said.
In May this year, the Home Office’s Investment Committee declined the proposed “Contract Change Notification” and instead chose to pursue a contingency option. “The programme is now preparing for a further NISTA-led… review, which will evaluate the progress of the contingency approach and inform updates to the Full Business Case ahead of the next investment committee meeting in December 2025,” the report said.
The PND was proposed after so-called Soham murders in 2002 — the subject of a national outcry in the UK – where two 10-year-old girls were murdered. The subsequent Bichard Inquiry identified a number of critical points of failure in police intelligence, inability of police forces to access potentially important information in systems outside of a specific geographic jurisdiction, leading to systemic failings in sharing information about Ian Huntley, who murdered them. CGI won the contract in 2009 and the system was launched in April 2011.
Elements of the current PND transformation program include a transition to cloud-native architecture, improve the usability of the system, and replace or update obsolete Oracle databases and middleware.
A transparency notice published last year said that since 2016, investment in the system was limited to ‘keeping the lights on’ because of the introduction of the National Law Enforcement Data Programme (NLEDP). NLEDP imagined the Police National Computer (PNC) would be combined with the PND, creating a single system. “However, between 2016 and 2020 NLEDP faced some significant challenges that impacted progression and delivery. Upon various reviews of NLEDP the decision was made for a complete reset of the programme, with PND being removed from the scope of work,” the notice said.
“The PND transformation is being delivered to address the technological debt in PND which is causing a failing service,” it said.
Meanwhile, the procurement of a supplier to help with the transformation seems to have stalled.
In October 2023, the Home Office published a “prior information notice” to begin pre-competition talks with potential suppliers. The procurement was for a “service and technical integrator to manage the ‘cloud-based’ PND service as well as deliver a continuous change pipeline to develop its capabilities and may also include some residual transformation activity,” it said at the time.
It said a contract notice to kick off the competition would be published in April 2024. However, an updated notice in September 2024 said that contract notice would not be published until April 2025.
There is still no sign of that notice. We asked the Home Office when it will appear and for a statement in response to the NISTA report.
Last week, the Home Office awarded PA Consulting a £37.5 million (c $50 million) contract to help build the successor to the PNC. ®