1 Thursday, 11 May 2023 2 (9.58 am) 3 MR BEER: May I call Roderick Ismay. 4 SIR WYN WILLIAMS: Of course. 5 RODERICK MARK ISMAY (sworn) 6 Questioned by MR BEER 7 MR BEER: Good morning, Mr Ismay, my name is Jason 8 Beer and I ask questions on behalf of the 9 Inquiry. Can you give us your full name, 10 please? 11 A. Roderick Mark Ismay. 12 Q. Thank you for coming today to assist the Inquiry 13 in its work and thanks also for the provision of 14 a witness statement, we're very grateful to you. 15 You should have in front of you a hard copy of 16 that witness statement, it's dated 13 January 17 2023 and if you turn to the last page of it, 18 which is page 20, you should see a signature. 19 Is that your signature? 20 A. That is my signature, yes. 21 Q. Are the contents of that witness statement true 22 to the best of your knowledge and belief? 23 A. Yes, they are. 24 Q. For the purpose of the transcript -- it needn't 25 be displayed -- the URN is WITN04630100. I'm 1 1 going to ask you questions today about the range 2 of matters referred into your witness statement, 3 but not about certain matters that arise in 4 Phase 5 of the Inquiry, in particular I'm not 5 going to ask you about the Second Sight 6 investigation, nor Phase 6 of the Inquiry. 7 Can I start, please, with your career, 8 qualifications and experience. Do you have any 9 professional qualifications that are relevant to 10 the issues that we're going to speak about 11 today? 12 A. So my professional qualification is a chartered 13 accountant. 14 Q. What degree did you obtain? 15 A. Accountancy. 16 Q. When did you become a chartered accountant? 17 A. I think that was 1994 or 5. 18 Q. I think you then worked in Ernst & Young; is 19 that right? 20 A. That's correct. 21 Q. Was Ernst & Young at that time an accountancy, 22 audit and management consulting firm? 23 A. Yes, it was, yes. 24 Q. Over what period did you work for Ernst & Young? 25 A. I worked for Ernst & Young from when I left 2 1 university, which would be 1992, I think, and 2 I worked for them for about 11 years, probably 3 until 2003. 4 Q. When you joined the Post Office? 5 A. When I joined the Post Office, yes. 6 Q. What was your role in Ernst & Young? 7 A. So I joined Ernst & Young as an audit trainee, 8 and did my studies during the first couple of 9 years working with Ernst & Young. I worked in 10 our Sheffield office and had a number of audit 11 clients in the Sheffield area, spanning 12 manufacturing businesses, pharmaceuticals and 13 the Post Office. 14 Q. If I divided Ernst & Young's work into three 15 things, accountancy, audit and management 16 consultancy, you were in the audit part; is that 17 right? 18 A. I was in the audit part. There were certain 19 times where people would work with different 20 functions and I did spend some time working with 21 the management consultancy practice as well. 22 Q. In the answer before last you gave the range of 23 clients that you worked for and, amongst those, 24 was the Post Office. 25 A. Yes. 3 1 Q. What work did you do for the Post Office when 2 you were at Ernst & Young? 3 A. So I initially was a trainee within the audit 4 team, an audit junior, and progressed through 5 such that I was senior manager on the Post 6 Office Counters audit account when I finished. 7 Q. For how long did you work for the Post Office 8 when you were at Ernst & Young? 9 A. The Post Office would have been one of the first 10 clients that I started on working at Ernst & 11 Young, and so probably for the tenure of my time 12 at Ernst & Young, I -- Post Office would have 13 been one of my clients, so that would have been 14 about 11 years. 15 Q. So for the entirety of the 11 years, at one time 16 or another, the Post Office was a client -- 17 A. Yes. 18 Q. -- of Ernst & Young and you were working on that 19 account? 20 A. Yes, the Post Office was a client of Ernst & 21 Young throughout all my time there and each year 22 I would have had some involvement with the Post 23 Office on the audit, yes. 24 Q. Were you part of the Ernst & Young team that 25 reviewed what was called the CAPS project in 4 1 November and December 1996? 2 A. I can't remember the acronym CAPS, I don't know. 3 Q. Were you part of the Ernst & Young team that 4 advised Post Office Counters Limited on a series 5 of Acceptance Incidents, as they were called, in 6 August 1999 as part of the contractual process 7 of accepting the Horizon System? 8 A. I can't remember doing that and I don't think, 9 no. 10 Q. In the course of that process, the acceptance 11 period, serious concerns were raised by Ernst & 12 Young over the integrity of the data that 13 Horizon produced, such that Ernst & Young felt 14 unable to provide an unqualified opinion on the 15 accuracy of Post Office Counters Limited's 16 accounts. Do you recall participating in that? 17 A. I would have been involved in the Post Office 18 Counters audit at that time. I can't remember 19 a matter in the audit opinions relating to the 20 Horizon System in respect of its reliability but 21 I can remember that the Post Office spent a lot 22 of money on Horizon and it impaired the total 23 value of it, such that the organisation had 24 a question about going concern. So there was 25 a £1 billion impairment, which raised 5 1 a significant, as I say, going concern question 2 for Post Office Counters, and for Royal Mail at 3 the time. 4 My recollection would be that any reference 5 of concern in the audit opinions, I think, would 6 have been uncertainty related to the going 7 concern of the organisation. I can't remember 8 it being a narrative about the integrity of the 9 Horizon System. But I may be wrong. I may have 10 forgotten but my recollection would be that it 11 was the impairment and the going concern of the 12 organisation. 13 Q. This was a different issue. It culminated -- 14 I'm not going into detail on this but it 15 culminated in a letter that we've seen a lot of, 16 dated 23 August 1999, in which Ernst & Young 17 said they were so concerned about the integrity 18 of the data produced by Horizon that they would, 19 if the problems persisted, be unable to sign off 20 the accounts without expressing a qualified 21 opinion? 22 A. I think that we were approached by the Finance 23 Director at the time with what my recollection 24 would be a hypothetical question of, given that 25 it was a complex system that was being deployed, 6 1 a hypothetical question of, if there were 2 anomalies, would you be able to sign the 3 accounts on an unqualified basis, and on that -- 4 so my recollection would be that that was 5 a hypothetical question, which led to that. 6 I don't remember that being something that 7 manifested itself in the audit opinion in the 8 published accounts, though. 9 Q. Why was a hypothetical question being asked, to 10 your knowledge, that, if there were these 11 problems with Horizon data, would you be able to 12 offer an unqualified opinion? Why was the 13 hypothetical being asked? 14 A. I think that the hypothetical was being asked 15 because it was a very difficult contractual 16 situation for the deployment of an enormously 17 expensive system, where the partnership between 18 BA, the Benefits Agency, and Post Office 19 Counters at the time, and the extent to which 20 benefits were going to get paid either directly 21 into bank accounts or through cash in post 22 office counters, was an enormously complex and 23 sensitive question for the citizens of the 24 country at the time. 25 And I think that the Post Office, as -- 7 1 something that -- my recollection would be that 2 there was an original request for benefits to be 3 paid on an automated basis through post offices. 4 That kind of evolved, and there was more of 5 a question of is it going to be paid directly 6 into bank accounts or not? The risk of it being 7 paid into bank accounts directly would mean that 8 a lot of footfall into post offices would not 9 happen which, in turn, would have bought 10 a question about the viability of the Post 11 Office. 12 That's a different thing to the integrity of 13 the Horizon System but I think, within the sort 14 of dynamics of the contractual conversations 15 that were going on, the ability to table 16 powerful statements with the suppliers and 17 designers of the systems probably led to that 18 question which would give impetus to the Post 19 Office to make sure that a robust system was 20 designed. It would have been extra leverage 21 amongst all the different stakeholders to say 22 "Our auditors would not be happy if this system 23 did not work and, therefore, if such a situation 24 did arise, what would your opinion be?" 25 And I think that was the context of what led 8 1 to that -- 2 Q. So who was asking you? 3 A. I think the question was coming from the Finance 4 Director of the Post Office at the time, asking 5 Ernst & Young. 6 Q. Sorry, I missed that name? 7 A. I think the question was coming from the Finance 8 Director of the Post Office as a question to 9 Ernst & Young at the time. 10 SIR WYN WILLIAMS: Can I ask, can everyone hear 11 Mr Ismay all right? Because, for some reason, 12 I'm not catching every word, but if everybody 13 else, is, that's fine. 14 THE WITNESS: I'll move nearer the mic. 15 SIR WYN WILLIAMS: No, no, I have a screen showing 16 what you're saying as well but -- 17 MR STEIN: Sir, if I may say so and with respect to 18 Mr Ismay, he speaks a little fast. Now, bearing 19 in mind I do sometimes, I understand the 20 problem. 21 SIR WYN WILLIAMS: Fine. 22 THE WITNESS: Okay, I'll try to slow down. 23 Apologies. 24 MR BEER: So was the Finance Director of Post Office 25 asking you in Ernst & Young this question? 9 1 A. He was asking Ernst & Young that question. 2 Q. What was your involvement in the provision of 3 an answer to the question? 4 A. I can't remember but I expect that the question 5 would probably have come through to the audit 6 partner and, as the senior manager on the 7 account, or the manager at that time, I think, 8 I would have been consulted as part of "What is 9 the Ernst & Young response going to be to that 10 question?" 11 Q. Did these discussions, to your memory, involve 12 a concern over the integrity of the data that 13 Horizon was producing? 14 A. I think the question was if the -- I'm trying to 15 remember what you said right at the start of the 16 question about a qualification, you referred to, 17 at the start? 18 Q. Yes. 19 A. So I presume that would have come from the 20 question about the integrity but, as I say, my 21 recollection of the actual audit opinion going 22 into the statutory accounts was that it was more 23 about the impairment and the going concern of 24 the organisation that was the matter of concern 25 and focus within the audit. 10 1 Q. What did you learn, if anything, at this time 2 before you left Ernst & Young over concerns 3 within the Post Office expressed to Ernst & 4 Young or found by Ernst & Young over the 5 integrity of the data that Horizon produced? 6 A. I haven't got a recollection of things in my 7 Ernst & Young role having come from the Post 8 Office to say that there were concerns about the 9 system, no. My recollection would be more about 10 the impairment and consequently looking at 11 income generating units within the Post Office 12 Network and the Post Office commercial side of 13 the business to say is that a -- is there 14 a return to profitability for the different 15 segments of the Post Office Counters 16 organisation at the time. 17 Q. So we're talking about entirely different 18 issues. I'm talking about Ernst & Young writing 19 to the Post Office saying, "We've got such 20 concerns about the integrity of the system that 21 you're operating that we can't offer 22 an unqualified opinion". You're talking about 23 the profitability of the organisation generally? 24 A. Yes, I am. Sorry, I realise that's different to 25 your question but I can't remember something -- 11 1 I can't remember a conversation about the 2 integrity of the system, at that time, leading 3 to correspondence from Ernst & Young about it 4 that I was involved in. 5 Q. In any event, you joined the Post Office in 6 September 2003 and left in March 2016, and so 7 served in the Post Office for 13 years? 8 A. Yes. 9 Q. Is it right that in that 13-year period you 10 undertook three main roles. Firstly as Head of 11 Risk and Control -- 12 A. Yes. 13 Q. -- between September 2003 and June 2006? 14 A. Yes. 15 Q. A period of about three years? 16 A. Yeah, yeah. 17 Q. Secondly, as Head of Product and Branch 18 Accounting, P&BA, from June 2006 onwards? 19 A. Yeah. 20 Q. Then, thirdly, your job description was Head of 21 the Finance Service Centre. 22 A. Yes. 23 Q. When was that from? 24 A. I'm not sure when Product and Branch Accounting 25 became the Finance Service Centre but somewhere 12 1 between 2010 and 2014, somewhere within that 2 period. So the -- I continued to lead to the 3 Product and Branch Accounting, the people who 4 were part of the Product and Branch Accounting 5 team that whole operation became part of the 6 Finance Service Centre and we took on certain 7 other functions like accounts payable. It was 8 part of a precursor to Royal Mail privatisation 9 and separating the Post Office from Royal Mail. 10 So certain transaction processing functions, 11 if you like, like accounts payable, needed to be 12 built for the Post Office to have on its own 13 because it had relied on Royal Mail before. So 14 probably the move from it being P&BA to Finance 15 Service Centre would probably have been two or 16 three years before Royal Mail privatisation 17 because it was part of that journey. 18 Q. Can I deal with each of those three roles in 19 turn, then. 20 A. Yes. 21 Q. Firstly, your work as Head of Risk and Control 22 and, as we've said, that was from September 2003 23 until June 2006. What was the nature of your 24 role as Head of Risk and Control? 25 A. So the role -- initially, I came into the 13 1 organisation with two internal control managers. 2 I'm not sure who they reported to before but 3 that became part of my team. But the main 4 mandate from the Finance Director coming into 5 the organisation, when I took that role, really 6 was about getting ready for Financial Services. 7 So I was involved in writing the final 8 management letter from Ernst & Young to the Post 9 Office in my last year at Ernst & Young, and one 10 of the observations that I made in there was 11 just a kind of routine observation that the 12 organisation is moving into financial services 13 and it's going to be important that financial 14 services compliance is a key part of the 15 organisation moving forward. So when I joined, 16 the Finance Director effectively said, "Your 17 last management letter said get ready for 18 compliance for financial services, so that's 19 what I'd like you to do". 20 So that dominated my job when I joined the 21 Post Office, even though I'd got a title of risk 22 and control, which did involve talking to heads 23 of different departments in the organisation 24 about what they saw as risks in their areas and 25 working with Royal Mail Group audit to look at 14 1 vital few controls audit activity, such as it 2 might be a payroll process. 3 The bulk of my actual time for a good amount 4 of time in that job was going to seminars with 5 the -- I think the FSA, as it was at the time 6 and meeting Bank of Ireland, and helping to -- 7 helping the Post Office understand what it's 8 responsibilities were going to be as 9 an appointed representative to the Bank of 10 Ireland as it entered Financial Services. 11 Q. If somebody asks me what I did as my job I would 12 say I provide legal services, I ask questions of 13 witnesses in court and I write opinions and 14 advices, full stop. 15 A. Right, yeah. 16 Q. Could you translate the answer I've just given 17 into what you did between 2003 and 2006 for your 18 job in sort of a 1, 2, 3, if there are three? 19 A. My job title was about talking to different 20 functions around the organisation to find out 21 what their risks were, to assess controls in 22 their areas. That was what my job title would 23 be. In practice, most of my time was looking at 24 financial services compliance. 25 Q. So your role was principally financial services 15 1 compliance? 2 A. Yeah, so for a large part of that risk and 3 control job, it was financial services 4 compliance. 5 Q. Your title was Head of Risk. What other risks, 6 other than financial, were within your 7 portfolio? 8 A. Any risk that the organisation could have would 9 be something that could come on to the risk 10 radar and be subject to linkages to that job. 11 Q. To whom did you report? 12 A. I was a direct report to the Finance Director. 13 Q. Who was? 14 A. Who was when I joined, that was Peter Corbett. 15 Q. Did it remain Peter Corbett for the three years? 16 A. Yes, it did, yes. 17 Q. Did you attend board meetings of Post Office 18 Limited? 19 A. I did for -- I was in attendance or presenting 20 on certain topics, which were financial services 21 related. 22 Q. How frequently did you attend Post Office 23 Limited board meetings? 24 A. I -- not many. I probably went to a couple of 25 them and I'm not actually sure whether it was 16 1 Post Office Limited board or Post Office Limited 2 Executive Team. So the group that I was going 3 into had got David Mills, who was Post Office 4 Managing Director at the time, and his executive 5 team. I wasn't in a room which had got 6 non-executive directors in. So I may have been 7 wrong to say that I was in board meetings. It 8 may have been Post Office Limited Executive Team 9 meetings that I was in. 10 Q. In that three-year period, you think you 11 attended a couple of times? 12 A. I think I attended a couple of times in there, 13 and, yeah, and then that led to also a Post 14 Office Limited Risk and Compliance Committee. 15 Q. We'll come to that in a moment. 16 A. Right. 17 Q. Did you prepare written reports for the Post 18 Office Board Executive Team meetings? 19 A. I think I prepared one to do with the Bank of 20 Ireland and getting ready for financial 21 services, yeah. 22 Q. Was the format that they were tabled at such 23 board meetings and then you would present them? 24 A. Yes, but, as I say, I'm not sure whether it was 25 board or -- 17 1 Q. Executive Team? 2 A. -- but yes, and I would have just been in 3 attendance for that part of the meeting. 4 Q. When you took over the role, how many people 5 reported to you? 6 A. When I joined, two people reported to me. 7 Q. They're the two internal control managers that 8 you spoke of earlier? 9 A. Yes. 10 Q. What is an internal control manager? 11 A. A bit like an auditor, so somebody who would 12 look after the processes in a particular 13 function and test the controls in that area. 14 Q. How many people did they have underneath them? 15 A. None. 16 Q. So you had a staff of two? 17 A. Yes. 18 Q. You say in your witness statement that the role 19 evolved to take on responsibility for the Branch 20 Audit Team? 21 A. Yes. 22 Q. What was the Branch Audit Team? 23 A. That was the individuals who would go out to 24 Post Office branches to conduct physical asset 25 verification audits which would be checking cash 18 1 and stock. They would also go out to Post 2 Office branches and to Post Office cash centres 3 to count cash again there but also to perform 4 compliance checks. 5 Q. How many people were in the Branch Audit Teams? 6 A. A lot. Probably -- it could have been around 7 about 100 when I joined. So -- no. When 8 I joined, I had two people. When I got the 9 branch audit team and that came to me, that 10 would have been about 100 people in that team. 11 Q. How were the branch audit teams organised? 12 A. There was a national audit team manager who had 13 regional managers reporting to him. So I think 14 we had seven regions back then. So there would 15 have been, say, a North Thames and East Anglia 16 I think, individual managing a team of seven, 17 eight, nine people for that region. So the 18 audit manager had got seven reports under him, 19 I think, and then also an individual who would 20 have been doing risk modelling to identify where 21 the regional audit teams would go out to do 22 their work. 23 Q. In that structure, who reported to you? 24 A. The national manager reported to me. 25 Q. What was his or her name? 19 1 A. That was Martin Ferlinc. 2 Q. Were the teams based regionally? 3 A. Yes. 4 Q. How did you supervise and manage the work of the 5 Branch Audit Team? 6 A. I primarily met with Martin. We talked through 7 risk modelling, as in what pieces of data might 8 cause us to go out to a Post Office branch. 9 I didn't have that much contact with the 10 individual branch auditors performing the audits 11 because my contact mainly was with Martin. 12 Q. Did you ever go out to see Branch Audit Teams? 13 A. I met the whole of the team in that we would 14 have had a national team communications and 15 training day. So somewhere like Post Office had 16 a training centre near Rugby, Coton House. 17 I think we convened the whole of the team at 18 some point to come together there as a training 19 and engagement event for the team, so I would 20 have been to a function where all of the team 21 would have the opportunity to be there. 22 I also went out, I think I only went out to 23 two -- probably two audits themselves to assist 24 the team as being -- playing a role within the 25 team at a branch audit and being responsible for 20 1 counting part of the cash and liaising with the 2 colleagues in branch on an actual audit. 3 Q. Was that because your skills were necessary or 4 was it the boss showing his face? 5 A. That was for me to better understand the 6 activity that the team were performing, yeah. 7 Q. When in the three-year period did you take over 8 responsibility for the branch audit team? 9 A. I think that would have been within a year of 10 joining the Post Office. I'm not sure how 11 quickly but I think it would have been within my 12 first year of working there. 13 Q. Was there, when you took over the function of 14 Head of Risk and Control in September 2003, 15 a Post Office Audit Committee? 16 A. When I joined, I don't think there was a Post 17 Office Audit Committee. There was Royal Mail 18 Group Audit Committee and any matters pertaining 19 to Post Office would have been subject to that 20 Group Audit Committee. And, indeed, most of the 21 internal audit resource was part of the Royal 22 Mail Group internal audit team, who would look 23 at certain things in Post Office, in Parcelforce 24 and in Royal Mail. 25 Q. Can we look, please, at POL00021415. You'll see 21 1 these are the minutes of a committee called the 2 Post Office Audit Committee. 3 A. Yes. 4 Q. They're dated 13 March 2001, and so two and 5 a half years before your time. 6 A. Yes. 7 Q. You'll see the list of those present, those in 8 attendance and those also present. 9 A. Yes. 10 Q. Then if we just scroll down, you'll see some of 11 the business dealt with. Just go back up to the 12 top, please. This minute tends to suggest that, 13 at least in March 2001, there was a Post Office 14 Audit Committee? 15 A. Right. Let me clarify that, then. So the Post 16 Office Group changed its name several times. 17 So -- and there's significant confusion in many 18 areas about what's Post Office, what's Royal 19 Mail even now. So I think, at that time, the 20 Post Office was the Post Office Group and the 21 Post Office Group had got divisions, which were 22 Post Office Counters, Royal Mail and 23 Parcelforce, but it was called the Post Office 24 Group. 25 At some point, the names were reversed such 22 1 that it became the Royal Mail Group, which still 2 had the same pillars under it. So there was 3 always Post Office Counters, which became Post 4 Office Limited -- so there was always Post 5 Office Counters, there was always Royal Mail, 6 there was always Parcelforce, but the overriding 7 group name in the '90s and at this point, 8 I think, was called the Post Office Group. 9 At some point in the 2000s, that Post Office 10 Group became called the Royal Mail Group, 11 although it was exactly the same things, and 12 then, at some point, it became called Consignia 13 Plc. Then it went back to being called Royal 14 Mail Group. 15 So this document isn't Post Office Counters, 16 or Post Office Limited Audit Committee, this is 17 the group audit committee. 18 Q. Can you tell us that from the list of those that 19 are shown as being present and in attendance? 20 A. Yes, so Marisa Cassoni, as Group Finance 21 Director, and Douglas Hill, as Group Director of 22 Financial Management, makes clear to me that 23 that was a group -- that was a committee that 24 was looking at Group matters. 25 Q. When you joined in September 2003, were you 23 1 provided with the back editions of the Audit 2 Committee minutes, such as this one? 3 A. No. I could probably have asked for them but, 4 no, I wasn't provided with back copies of 5 committee minutes, no. 6 Q. You were taking over an audit function? 7 A. Yes. 8 Q. Did you not see which issues the Audit 9 Committee, even if it was the Group, had been 10 considering in the recent past and how the Audit 11 Committee had sought to address them? 12 A. I didn't and, in hindsight, that may have been 13 something I should have asked but I very much 14 had a mandate to look at financial services 15 regulatory compliance when I joined, and so the 16 focus and the mandate from the Finance Director, 17 and indeed from those POL-ET meetings that 18 I went into was all about regulatory compliance 19 when I started. Even though my role picked up 20 the Network Audit Team, the individual mandate 21 and most frequent questions to me were about how 22 do we get on the path to regulatory compliance? 23 Q. After you joined in September 2003, did the what 24 you've called the Group Audit Committee 25 continue? 24 1 A. Yes, I think the Group Audit Committee 2 continued, I think, yeah. 3 Q. Did you attend the Group Audit Committee? 4 A. I think I only attended one Group Audit 5 Committee. 6 Q. So were you by invitation, then? 7 A. Yes. 8 Q. How often did that Group Audit Committee meet? 9 A. I don't know. I would expect it was quarterly 10 but I don't know. 11 Q. Do you know whether there were written terms of 12 reference for it? 13 A. I would expect so but I don't know. Well, 14 I would expect that there would have been. 15 Q. Do you know how that audit committee reported 16 back to the Post Office Board, whether that was 17 the board of Post Office Counters Limited or 18 then, as it became, Post Office Limited? 19 A. I don't know what the mechanism was for the 20 group audit. The group Post Office Limited 21 directors would have received messages from the 22 Group Audit Committee, I'm not sure what media, 23 whether that was an agenda item at a POL-ET, or 24 a dedicated audit relationship meeting but 25 I know there would have been dialogue, there 25 1 would have been a governance process for how 2 those would interact but I can't remember what 3 that governance process was. 4 Q. We also have some minutes, I'm not going to show 5 them to you, of something called an Audit and 6 Risk Committee of the Royal Mail Holdings Plc. 7 Is that different from this Group Audit 8 Committee? 9 A. I don't know whether that was a change in name 10 from this Committee. As I say, this Post 11 Office -- the Group changed its name between 12 Post Office and Royal Mail. The particular 13 titles of committees sometimes changed without 14 the committee itself changing but as a better 15 acknowledgement of what the scope of that 16 committee was. So it could well have been the 17 same committee, most likely was. 18 Q. Does it follow that, by the time you joined in 19 September 2003, there wasn't a dedicated Post 20 Office Limited Audit Committee? 21 A. Yes, that's right. For the Post Office Limited 22 company in isolation there wasn't a -- wasn't 23 an audit committee for that specific limited 24 company, no. 25 Q. We know that at some point an entity called the 26 1 Risk and Compliance Committee was formed. 2 A. Yes. 3 Q. Of which company was that a committee? 4 A. Post Office, Post Office Limited. 5 Q. When was it formed? 6 A. Some time during the tenure of my 2003 to 2006 7 role, probably 2005. 8 Q. Why was it formed? 9 A. Well, I think I said, in one of those ET 10 meetings that I went to, that, in a governance 11 sense, it would be beneficial for the 12 organisation to have got its own audit 13 committee. And I think the agreement of that 14 Post Office Limited ET was that I was going to 15 turn into the Post Office Limited Risk and 16 Control Committee that you've just mentioned. 17 Q. When you joined, was it striking to you that the 18 Post Office did not have a risk, audit or 19 compliance committee? 20 A. No, I think when I joined, because it was 21 an integrated group, it would be common for 22 an integrated group to have got one group audit 23 function, and so I don't think it was unusual 24 for a group of companies just to have one group 25 audit function. But the journey for the Post 27 1 Office Group or the Royal Mail Group for 2 30 years has been one of will there or will 3 there not be part of this organisation 4 privatised, and therefore there had been comings 5 and goings of how should Post Office Counters 6 Limited possibly separate itself within that 7 scenario. 8 And so I think the idea of Post Office 9 Limited getting its own audit committee back in, 10 I think it was 2005, was probably appropriate, 11 given the continued national debate about would 12 one or more parts of the Post Office/Royal Mail 13 Group be privatised. 14 Q. How often did the Risk and Compliance Committee, 15 once it was created, sit? 16 A. I think that met quarterly. 17 Q. Did it report back to Post Office Limited's main 18 board? 19 A. I think the papers from it would have gone back 20 to the board. 21 Q. So copies of the minutes; is that right? 22 A. The minutes, yes. 23 Q. Was that the only means of communication back to 24 the main board? 25 A. I think that was the formal mechanism back to 28 1 the board. The Post Office Limited Risk and 2 Compliance Committee had got the then chairman 3 of the organisation, I think Sir Mike 4 Hodgkinson, so he was the chair for that 5 committee. He would have been on the board, as 6 would the Finance Director, who was in 7 attendance at that committee. So I think those 8 two individuals would have been both in the Risk 9 and Compliance Committee and in the board and, 10 therefore, that would have been a means of 11 communication, as well. 12 Q. That document can come down from the screen. 13 How frequently did you attend the newly 14 formed Risk and Compliance Committee? 15 A. I think most of the meetings, unless I was on 16 holiday. I think I would have attended all of 17 them because I was involved in preparing the 18 agenda for those committees. So up until 19 I moved into the Product and Branch Accounting 20 Team, I think I would have attended all -- 21 Q. Every one, barring holiday? 22 A. Yes, I think so. 23 Q. Did the Risk and Compliance Committee have terms 24 of reference? 25 A. Yes, I think we did have a terms of reference 29 1 when we set up. 2 Q. Was it a decision-making body? 3 A. No, I don't think it was a decision-making body, 4 I think it was one that would give views on 5 information that was submitted to but it wasn't 6 a body that had, say, a delegated authority to 7 make expenditure decisions or ... 8 Q. Or any other decisions? 9 A. I don't think so. 10 Q. You said that it instead make recommendations? 11 A. Yeah. 12 Q. To whom did it make those recommendations? 13 A. I think those recommendations would have been 14 what had gone to Post Office Limited Executive 15 Team. 16 Q. Can we look, please, at POL00047544. If we just 17 scroll down a little bit, you'll see that this 18 is a branch auditing report for Period 6 in the 19 financial year 2004 to 2005. It's dated 20 29 October 2004. It's from Martin Ferlinc, who 21 you mentioned, and is that his full job title: 22 "National Audit & Inspections Manager"? 23 A. Yes, yes. 24 Q. It's to, amongst other people, you, Head of Risk 25 and Control? 30 1 A. Yes. 2 Q. If we look in paragraph 1, we'll see that the 3 report makes clear that its first purpose is to 4 inform your work in a report that you were to 5 prepare to the Post Office Board or the 6 Executive Committee, as appropriate, and to the 7 newly formed compliance committee; can you see 8 that? 9 A. Yes, I can. 10 Q. If we go down to the "Executive summary" in 2, 11 it reads: 12 "The total of all cash account losses 13 revealed at audit in the first six months of the 14 year has amounted to £2.8 million (from 15 approximately 1,000 audits). While the 16 shortages revealed that the majority of these 17 audits would be made good by the subpostmaster 18 or might be rectified by error notices, 19 £1.9 million of the total amount is based on the 20 findings of just 20 branches audited. Although 21 in some of these cases, there were indications 22 of errors being made, which would be rectified 23 by an error notice, there is also a significant 24 risk that the losses identified in most of these 25 cases will not be recovered. It is also 31 1 a concern that in spite of the size of amounts 2 of discrepancies, a precautionary suspension was 3 not made in 35% of these cases." 4 So, first six months of the year, losses of 5 £2.8 million revealed at audit, yes; 6 £1.9 million of the total attributed to 20 7 branches audited; significant risk that the 8 losses will not be recovered. 9 Then if we go to the end of that paragraph 10 there: 11 "... in spite of the size of the amount 12 a precautionary suspension was not made in 35% 13 of the cases." 14 You were responsible for the Branch Audit 15 Teams at this time, yes? 16 A. Yes. 17 Q. Can we take from this summary of the losses that 18 it had been discovered on audit that 19 a suggestion was made that discernible errors 20 had been made by postmasters in some cases? 21 A. Yes. 22 Q. Those errors could be rectified by error notices 23 and followed up by a payment by the 24 subpostmaster? 25 A. I believe the audit team would have checked with 32 1 the Product and Branch Accounting Team at the 2 time if there were error notices pending and, 3 therefore, there would be an understanding that 4 the -- that wouldn't actually be a shortage in 5 the round if an error notice was known to be on 6 its way to resolve it. But if Product and 7 Branch Accounting didn't have any knowledge of 8 any error notices that were going to be on the 9 way to the branch, then the shortage identified 10 at audit would be deemed to hold true in the 11 round because there wasn't any error notices 12 expected to offset it. 13 Q. Can we also take it from this summary that some 14 of the losses discovered at audit could not be 15 explained by discernible errors? 16 A. Yes. 17 Q. In fact, most of them? 18 A. Quite possibly, and the reason that the 19 understanding of me and of the audit team at the 20 time was that money had been stolen and that one 21 can't identify a discernible error that has 22 caused the money not to be there, if a -- if it 23 happened that a subpostmaster or member of staff 24 employed by a subpostmaster or if a door had 25 been left open and a customer had managed to 33 1 take money out of the till, there isn't going to 2 be an error notice -- there isn't going to be 3 an error that defines that; it's an example of 4 theft. 5 Q. But the concern that is expressed, that the 6 losses won't be recovered, is because, on audit, 7 the majority of the losses couldn't be explained 8 by discernible errors? 9 A. Well, you can't explain theft. 10 Q. Is that the mental process that you went to: if 11 there's not a discernible error, it must be 12 theft? 13 A. That was a possible scenario in the audits and, 14 sometimes, as has been referred to in some of 15 the documents in the packs that I've received, 16 there have been statements that an individual 17 confessed at the time the auditors went in, and 18 I'm aware of audit team members having said to 19 me that they went into a branch and somebody 20 would say to them "I'm grateful you've come to 21 conduct this audit because I've been paying off 22 a debt and I can't go on like this and I've been 23 using money to pay off a debt". 24 And that was in a small number of branches 25 so, as an organisation, you know, we were 34 1 passionate about our subpostmaster community and 2 our network of branches but, in our some of our 3 Crown Offices and some of the sub post offices, 4 sadly there were some situations where 5 individuals admitted, or members of staff of 6 individuals admitted, that they'd taken money, 7 and sometimes one couldn't believe that 8 a trusted member of staff may have taken 9 something. 10 But you've got the reference to Blackwood 11 here and my recollection from Blackwood was that 12 that office was co-located with a sorting 13 office, I think, or a delivery office, and 14 I think my recollection is that the audit report 15 noted that the door was left open between that 16 post office and the delivery office next door 17 and that the safe wasn't always shut and, 18 therefore, a scenario where £436,000 was 19 identified as a loss at audit, there was a clear 20 risk that unidentified individuals had come 21 through an open door to an open safe and taken 22 batches of money from it. And there would not 23 be an accounting error for anybody to identify 24 which would lead to that, it was simply an open 25 safe that someone may have taken the money from. 35 1 Q. In the answers you've just given, you have 2 suggested, would this be right, that in the 3 absence of a discernible error, the assumption 4 was that losses were caused by a postmaster's 5 conduct, whether that was accidental or 6 deliberate? 7 A. Yes, that was the belief in a number of cases, 8 yes. 9 Q. Is that why the report in that last sentence on 10 the first paragraph there expresses a concern 11 that the postmaster wasn't suspended in 35 12 per cent of the cases, ie it's got to be down to 13 them, they should have been suspended? 14 A. I think that was the -- 15 Q. That's the implication, isn't it? 16 A. That is the implication, yes. 17 Q. Did it ever occur to you or anyone else that 18 applied their brain to the issue that the losses 19 might not be caused by postmaster conduct? 20 A. It occurred to us that it could be caused by 21 a third party other than the postmaster having 22 taken the money. It could have been a trusted 23 member of staff or, in the situation that 24 I described that I believe from my recollection 25 was the situation at Blackwood, where an open 36 1 door and an open safe could have had a number of 2 unidentified individuals having access to that 3 safe. 4 Q. But it was always down to the postmaster in some 5 way, the loss? 6 A. Under the postmaster contract, yes. 7 Q. No, no. That's a separate issue about financial 8 and legal responsibility for losses. I'm not 9 going to spend time working through with you 10 whether that was a correct interpretation of the 11 contract or not. But, as a matter of fact, your 12 belief and the belief of those around you was 13 all losses, unless we can see what the error 14 was, are down to the conduct of a subpostmaster 15 in some way? 16 A. Yeah, ultimately it was the responsibility of 17 the subpostmaster. 18 SIR WYN WILLIAMS: That's not quite the question 19 he's asking you, Mr Ismay. I think what he's 20 trying to get from you is an acceptance, if you 21 do accept it, that your thought processes in 22 2004 was that these losses were caused by human 23 activity, either accidentally on the part of 24 subpostmasters or their staff, or deliberately. 25 A. That's correct, yes. 37 1 SIR WYN WILLIAMS: That was your explanation for all 2 these losses? 3 A. Yes, that was the thought process, yes. Thank 4 you. Yeah. 5 MR BEER: It didn't occur to you or anyone around 6 you that there may be system faults that are 7 causing the losses? 8 A. My understanding from the IT teams was that they 9 didn't think there was a foundation to the 10 allegations that were made. So, at this time, 11 as documents in this pack indicate, the 12 Cleveleys case, for example, had happened four 13 or five years before this document. It's known 14 that the Cleveleys case involved some 15 allegations about the system -- well, I think 16 the documents here say there was a lack of 17 system records to substantiate the case going 18 forward and that's led to the outcome of that 19 one. 20 So I, in my role as when I joined as Head of 21 Risk and Control, I did ask a question into the 22 team of "Well, look, if we've got this 23 allegation being made, is this -- you know, is 24 there a foundation to this?" And the very 25 strong view coming to me from colleagues in the 38 1 IT team at that time was that it was -- there 2 was no foundation to the allegation that had 3 been made in the Cleveleys case. 4 Q. Was that just a conversation? 5 A. Yes. 6 Q. Is that the way audits normally work: somebody 7 who is responsible for an IT system, you say to 8 them, "Somebody has alleged your IT system isn't 9 working properly and is causing financial 10 errors", and they say back to you, "No, it's 11 not", and you say, "Oh, okay, then"? 12 A. Well, for me, coming in with the structure of 13 team that I'd got as I joined and not having 14 an IT auditor, there wasn't an alternative to 15 doing that. But I was also looking at it in the 16 context of the organisation had put a lot of 17 project management into the whole deployment of 18 the IT system, a lot of specialists involved, 19 the reports that gets referred to with my name 20 from 2010, I, in there, refer to something that 21 IT had told me about of the Gartner report, 22 which was not something that I conducted, not 23 something I would have understood the 24 technicalities of what the Gartner specialists 25 were looking at, but said that it made positive 39 1 comments about the deployment of the system. 2 And, therefore, I was operating in 3 an environment where I asked the IT team "Is 4 there a basis to these allegations", and they 5 said no, and I'd also got the message that 6 there'd been all these specialists involved in 7 working through the design and deployment of the 8 system and, clearly, the material that you're 9 now showing me does mention lots of issues that 10 were identified during the procurement and 11 design and deployment of the system. 12 I wasn't aware of all of those things. 13 I was aware of the context where there'd been 14 a lot of IT specialists involved in the 15 deployment of it and that a Go Live had been 16 taken on the basis of trusted testing of it. 17 Q. So your state of mind was informed, you say, by 18 the things that said the system was working 19 well. You hadn't been shown any of the things 20 that we now know exist to show that there were, 21 putting it neutrally, issues with the integrity 22 of the data that it produced? 23 A. Yes, I was receiving stuff talking about 24 positives and why there were reasons to rely on 25 the system and that it worked, and so I didn't 40 1 see something that said "Well, what was it that 2 was alleged in the Cleveleys case and how was 3 that tackled? How was that responded to, to 4 rebut it?" I didn't see that. But I was 5 assured by the team in IT that it was -- that 6 there wasn't a foundation to it. 7 Q. Who in IT gave you that assurance? 8 A. I would have been speaking to -- so David Smith 9 was Head of the IT at the time. It would have 10 been somebody -- him or somebody in his team 11 I would have spoken to. 12 Q. Was there a risk register? 13 A. Each department had got a risk register. IT had 14 got a risk register. I don't recall that this 15 was something that was recorded as a risk on 16 that register. 17 Q. So IT didn't have the Horizon System on its risk 18 register; is that what you're saying? 19 A. Yes. 20 Q. Did you, as Head of Audit, maintain a risk 21 register? 22 A. I didn't maintain a risk register other than 23 what was collated out of what individual 24 departments had got and a discussion with them 25 about what was on their risk registers. 41 1 Q. So you maintain sort of a super risk register; 2 is that right? 3 A. Yes. 4 Q. For the company? 5 A. Yes. 6 Q. Post Office Limited? 7 A. Post Office Limited, yes. 8 Q. Was the Horizon System on that super risk 9 register? 10 A. I don't think it was, no. 11 Q. What research or inquiry did you undertake to 12 determine whether the Horizon System should be 13 on the risk register or should not be on the 14 risk register? 15 A. Because I was aware of the allegations that had 16 been made in Cleveleys, because that had been 17 reported in Computer Weekly, and I received, 18 I think -- there was a press cutting service 19 within the organisation. So I would have 20 received press cuttings, I think, in the 21 organisation, that would have highlighted there 22 has been this article and this allegation. 23 As I say, I asked David or somebody in his 24 team what -- was there a basis to this? I'm 25 having a meeting with the IT -- some people in 42 1 the IT team about their risk register and so 2 I know I asked something at that time about, 3 "Well, given the allegations being made, should 4 there be a risk here?" And the response was 5 very firmly that there wasn't a foundation to 6 that allegation. 7 Q. Was there anything more systematic than that in 8 the maintenance by you of a risk register in -- 9 when I say "that", I mean reading an article in 10 Computer Weekly which makes an allegation, and 11 speaking to the head of IT who says there's 12 nothing in it? 13 A. I'm sure I had a more detailed conversation than 14 I'm describing there but I can't remember the 15 spec of what we went into. 16 Q. Were there regular tabled meetings where you 17 would pull in the heads of department and say, 18 "Let's look at your risk register, let's 19 interrogate them, let's pick apart why things 20 are and aren't on those risk registers"? 21 A. Yeah, I think I probably had -- well, thinking 22 about the cycle for the Risk and Compliance 23 Committee, which was quarterly, I think I would 24 have had a meeting with a senior representative 25 out of the Marketing team, the IT team, the 43 1 Network team, all the seven or eight divisions 2 in the Post Office, I would have met them 3 quarterly before compiling a paper into the 4 Compliance and Risk Committee. 5 Q. It was the conversation with the head of IT that 6 meant that the Horizon System never entered any 7 risk register? 8 A. Yeah. 9 Q. Can we look please at POL00021416. You'll see 10 these are the minutes of a Risk and Compliance 11 Committee for 25 -- sorry, for 5 January 2005. 12 I think we can see that you gave your apologies. 13 A. Yes, yeah. 14 Q. If we just scroll down, please, item 0301, 15 "Investigate" -- these are action points: 16 "Investigate how subpostmasters appointment 17 and suspension/reappointment process can be 18 improved to reduce risk -- lessons learnt from 19 the Sandbach case. To include developing our 20 own internal pool of interim branch managers. 21 "Tony Utting to supply an update to the 22 forum on the Turners Hill case. 23 "Turners Hill case to be sent to Bob 24 Wigley", and the like. 25 If we carried on looking -- I'm not going to 44 1 spent time doing it -- we can see that are from 2 these minutes and from the other minutes from 3 the Risk and Compliance Committee, the Risk and 4 Compliance Committee was considering the 5 specifics of individual investigations involving 6 subpostmasters and lessons learned from those 7 investigations. Is that a fair reflection of 8 part of the work of the Risk and Compliance 9 Committee? 10 A. Yes, it is. 11 Q. So it was usual for this Committee to consider 12 individual cases? 13 A. Yes, it did. 14 Q. The first action as we've seen, is to 15 investigate how appointment and suspension 16 processes can be improved to reduce risk. Was 17 that, in fact, seen as a risk to the Post Office 18 at the time, that subpostmasters were the risk 19 and greater control was needed of them through 20 the suspension process? 21 A. I think the risk that was seen was that post 22 offices increasingly had a retail side, and 23 there was a risk that the retail side of the 24 branch may not be that financially successful. 25 I think there'd been examples where -- not 45 1 necessarily just individual subpostmasters but 2 there might have been a franchise partner that 3 the organisation worked with, and there have 4 recently been large franchise organisations who 5 have experienced financial difficulty. And 6 the -- what was being looked at here, I think, 7 was to say "Are we, and we should be doing 8 credit checks on the organisation", which, as 9 I say, might be a limited company franchise. 10 It might be a significant multiple partner 11 we were looking at, not just the subpostmaster, 12 although the phrase is subpostmaster here, but 13 it was saying how effectively are we doing 14 business credit checks on the organisations to 15 which a franchise is going to be given to run 16 a Post Office because, if we take on a contract 17 with a business partner which has got financial 18 difficulties, that potentially creates a risk to 19 kind of use working capital out of the Post 20 Office side to prop up the shop side. 21 Q. So I think the answer to my question is yes, 22 that the risk to the organisation was seen as 23 coming from dishonest subpostmasters? 24 A. From -- well, from financially challenged 25 partners. Not necessarily just subpostmasters. 46 1 As I say, there were major national multiple 2 partners that the Post Office worked with, and 3 you'll have seen in the press in the last few 4 years some of these major national organisations 5 have experienced financial difficulties. 6 Q. This refers to subpostmasters and their 7 suspension, doesn't it? 8 A. It does, but I think the process that was being 9 worked on was wider than just subpostmasters. 10 Q. Can we look at page 3 of these minutes, please, 11 and look at the foot of the page at 3.3.3, 12 "Internal Crime": 13 "Tony Utting gave a broad overview of the 14 team dynamics for internal crime. 15 "There are over 600 cases at present spread 16 over 39 [organisations]. 17 "Financial investigations (freezing proceeds 18 of crime) were discussed and issues around Home 19 Office training. £1.2 million recovered so far 20 this year. 21 "An over view of the security features for 22 Post Office Card account was discussed. 23 "DWP cash cheques and liabilities were 24 discussed ... 25 "New risk model for profiling subpostmasters 47 1 was discussed." 2 Can you help the Inquiry, please, with what 3 the new risk model for the profiling of 4 subpostmasters was, please? 5 A. So that would have been, when you asked me about 6 the structure of the National Audit Team and 7 I said there was an individual separate to the 8 regional teams who would have been looking at 9 risk modelling. I think this was looking at 10 what was going on there and so the factors that 11 would influence the audit team to go out to Post 12 Office would have included various items of 13 data, and this last line here was a comment 14 about what pieces of data were going into that 15 exercise. 16 So, for example, if there had been, through 17 central checks being conducted, something about 18 cheques not arriving at the cheque processing 19 centre, or examples of Post Office Saving Stamps 20 missing from pouches coming in, counterfeit 21 cheques being encashed, any indications of some 22 perhaps customer complaints. There'd be 23 a number of pieces of data which would be 24 weighted and would then come up with a prompt to 25 say there's a higher score attributed to these 48 1 branches from all these different bits of data. 2 So it wasn't about profiling a subpostmaster 3 as such; it was about looking at the data and 4 perhaps customer complaints related to a Post 5 Office branch which would include Crown post 6 offices, to say, based on that data, this 7 location is one that we think we need to send 8 the audit team out to. 9 Q. Who was responsible for writing the new risk 10 model for the profiling of subpostmasters? 11 A. There was somebody in Martin's team who was 12 leading that. I can't remember the name of the 13 person but somebody in his team was -- had got 14 that dataset. 15 Q. Did this approach of profiling subpostmasters 16 and reviewing the process to reduce the risk 17 that they might present through the use of the 18 suspension process dovetail with the concurrent 19 rollout of the IMPACT Programme? 20 A. No, it was totally separate. 21 Q. Nothing to do with the IMPACT Programme and in 22 the IMPACT Programme debt recovery being 23 prioritised? 24 A. No, this is totally separate to that. 25 Q. So there's two things. We've seen and heard 49 1 a lot of evidence about one of the drivers for 2 the IMPACT Programme was to reduce debt and to 3 seek to recover more of it from subpostmasters. 4 That was going on within the organisation. 5 Then, separately, this was going on as 6 a different piece of work, one unrelated to the 7 other? 8 A. No, they were totally separate. There may have 9 been some of the same people involved in both of 10 them but this one, in isolation, could actually 11 have led to more debt being identified. So -- 12 Q. And more recovered -- 13 A. Not -- 14 Q. -- using the Proceeds of Crime Act, for example? 15 A. The risk profiling would lead to more being 16 identified. The risk -- this risk profiling 17 could lead to more debt being identified. Risk 18 profiling itself would not lead to a chance of 19 more recovery but, yes, the powers under the 20 Proceeds of Crime Act would have potentially 21 enabled more debt to be recovered but the risk 22 model itself was purely about identifying issues 23 in branches, not about the recovery of them. 24 Q. Was the number of investigations tracked as part 25 of the Risk and Compliance Committee? 50 1 A. I don't know. It clearly is the number of -- 2 I don't think there was a metric presented to 3 that Committee to say "This is how many we've 4 done this month", but this paragraph is 5 an example of some metrics being presented to 6 it, but I don't think that was kind of on 7 a formal "Let's keep looking at that every 8 month" basis. 9 Q. Can you recall whether -- you obviously weren't 10 present at this meeting but, outside of it -- 11 any concern was raised over there being 600 12 cases being investigated? 13 A. Yes, there would have been concern that -- yeah. 14 I mean, I don't think any organisation would 15 want to have got a large number of any 16 investigations going on. 17 Q. Had there historically been investigations at 18 this level? 19 A. I believe that there'd always been 20 investigations that had been going on, going 21 back into the cash accounts world, pre-Horizon 22 being deployed. Yes. 23 Q. Was the level or the number of investigations 24 seen as telling you something about the Post 25 Office? You said there would have been concern 51 1 at any investigation into staff. Was the number 2 of them seen as a metric or as a measure of that 3 concern? 4 A. I don't think the number was seen as a metric on 5 a scale, if you like. There wasn't like 6 a threshold that says this is a concern and this 7 is even more of a concern but I think no 8 organisation would really want to have got one 9 investigation going on. 600 clearly would be 10 even more unsettling but that's not to say that, 11 you know, 200 is acceptable, 600 is -- it's just 12 600 is a big number. 13 Q. Was any attempt made to unpick or investigate 14 why there was a big number? 15 A. Yeah, I think there was reflections such as 16 there would be data collated and I think some of 17 that data is referred to in one of the tables 18 that went into that report that I summarised in 19 2010. So there was something -- a table of 20 metric of things coming out of that. Can you 21 ask me the question again, sorry? 22 Q. Yes. Was there any investigation into -- you 23 said this was a concerning high number. 24 A. Yes, yes. 25 Q. Was there any investigation into whether it had 52 1 changed from the past and gone upwards or 2 downwards and, if so, what the causes of the 3 high number of investigations were? 4 A. No, I don't think there was. Looking at this, 5 from what I can remember, I think just 600 was 6 a big number. I can't remember a conversation 7 about "It used to be 500, what's happened?" 8 I think this was purely looking at "It's 600, 9 that's a big number". 10 Q. This also speaks about freezing the proceeds of 11 crime and £1.2 million had been recovered in 12 a part year. Was that seen as a success by the 13 Post Office, in recovering £1.2 million? 14 A. No, I think that was a 2011 statement of what 15 was received. I don't think anybody was taking 16 joy out of any figure like that, by any means. 17 It was a sad situation, everything involved with 18 it. 19 Q. This refers to issues around Home Office 20 training about either financial investigations 21 and/or proceeds of crime. Can you remember what 22 they were: the concerns or the issues? 23 A. I don't know what the issues were around Home 24 Office training, no. I think the Post Office 25 investigators had to perform something under 53 1 the -- the legislation that followed on from 2 9/11, there was some sort of national 3 organisation that would do training to whatever 4 organisations had got financial investigators, 5 and I could only imagine there was so much 6 demand that it was perhaps hard to book 7 a training slot because there was so much demand 8 for -- 9 Q. If we go over the page, we can see there's 10 an action to "Inform Sir Mike". Is that 11 Sir Mike Hodgkinson -- 12 A. Yes, that is. 13 Q. -- the then chair of Post Office Limited? 14 A. Yes. 15 Q. "... of the Home Office contact if support is 16 required to speed up training for financial 17 investigators." 18 Was this part of a push to recover money 19 from subpostmasters? 20 A. It -- yes, it was part of a push to recover from 21 the cases that had been investigated, yes. 22 Q. Can we turn to POL00021417, please. We can see 23 minutes of the meeting on 6 April 2005, and we 24 can see that you're present on this occasion. 25 We can see at the top of page 2, the progress of 54 1 the actions from the meeting I've just spoken 2 about. 301: 3 "Investigate how subpostmasters appointment 4 and suspension/reappointment process can be 5 improved to reduce risk -- lessons learnt from 6 Sandbach case. To include developing our own 7 internal pool of interim branch managers", 8 et cetera. 9 "Status": 10 "Ongoing, paper to board." 11 In the "Action" there, it's been added in: 12 "[To develop] our own internal pool of 13 interim branch managers from 14 auditors/trainers/DMB staff -- potential to 15 widen scope and use Rapid Deployment Team." 16 Can you please explain what the Rapid 17 Deployment Team was, please? 18 A. No, I can't remember what the Rapid Deployment 19 Team was, no. 20 Q. Have you any memory of such a team? 21 A. I haven't, but the Post Office experienced 22 several periods of industrial action and I would 23 imagine that a team with that name would have 24 perhaps been part of sort of business continuity 25 planning and thinking "If we've got a strike in 55 1 our Crown Offices, how do we enable customer 2 service to continue?" So I know I was called at 3 some point to go and work on the counter in 4 number of Crown Offices during the strike 5 action. I don't think that was called the Rapid 6 Deployment Team but the nature of it was that it 7 was a rapid response to strike action. 8 Q. Amongst those who are going to go in and 9 essentially run a branch are auditors and 10 trainers? 11 A. Yes. 12 Q. Was there any concern raised about using your 13 auditors to go in and run branches or to use 14 trainers to run branches? 15 A. No. I think the reason that auditors and 16 trainers were suggested here is that they would 17 have been the people with most understanding of 18 the processes in a branch and, therefore, the 19 most competent people to ensure that customer 20 service continued in the branches effectively. 21 Q. We see that the action for Sir Mike is recorded 22 as completed. If we go forwards, please, to 23 page 4 of the minute, it's under 3.4.5, the 24 minutes record under "Corporate risk register": 25 "Reviewed current risk register and 56 1 discussed any movement of risks and causes." 2 Firstly, the current risk register. Is that 3 what we've described as the "super risk 4 register" maintained by you? 5 A. Yes. 6 Q. It says that you discussed any movement. 7 A. Yes. 8 Q. Was a record kept of the Risk and Compliance 9 Committee's decisions on movement of risk? 10 A. I would think so. 11 Q. Where? 12 A. I'd have thought if a risk had moved, that that 13 would be recorded in the minutes of the meeting. 14 But -- 15 Q. So does this -- 16 A. -- there evidently isn't any here so I don't 17 know where it got recorded. 18 Q. So this we should take to be a record of 19 a discussion that result in no movement? 20 A. I think that my recollection is that the things 21 that were on the risk register pretty much 22 stayed in the same position in terms of impact 23 and likelihood, and this risk register was one 24 that had probably got between 10 and 20 things 25 in a heat map shape on it. It would have things 57 1 like continuity of social network payments or 2 other major financial matters to the 3 organisation, and I think the position of those 4 on that risk register, in terms of their impact 5 and their likelihood, wasn't changing very much. 6 I think the risk register tended to be quite 7 a similar document because those things that the 8 organisation deemed to be the biggest risks were 9 always inherently going to be the biggest risks 10 to the organisation and weren't going to change 11 that much between the cycle of committees. 12 Q. So the risk remained static over time for your 13 three years; is that right? 14 A. I think the things that were on that register 15 probably did remain static, yeah. 16 Q. There's a discussion, it seems, recorded 17 adjacently in paragraph 3.4.6, about access to 18 Horizon, under the heading "Information Systems 19 security". Can you see that? 20 A. Yes, I can, yeah. 21 Q. Can you recall discussions, whether at this 22 meeting or in your three years, about improper 23 or unauthorised access to the Horizon System? 24 A. The things that I can remember, and I think this 25 is the exclusive thing that I can remember on 58 1 that, because it was the only thing that I was 2 aware of at the time, was of auditors going into 3 Post Office branches and seeing passwords 4 written on the wall, and therefore the sharing 5 of passwords between colleagues in Crown Offices 6 and in sub post office branches, this topic, 7 I think, was a concern about access to Horizon 8 by people sharing passwords in branches. 9 And that was a sort of a thing in an alleged 10 situation of missing money in a branch, the 11 sharing of passwords. If there was -- if there 12 was a transaction that was inappropriate in 13 a branch -- and, as I've said earlier, there 14 isn't a transaction for money being stolen, you 15 can't find a transaction for money being 16 stolen -- but if there was a transaction that 17 had been put in that was an inappropriate 18 transaction, it is not possible to identify who 19 the individual was where people share passwords 20 and user IDs, and our concern here was that it 21 was very clear that many branches had got user 22 IDs and passwords on the wall. 23 Q. So, again, the focus is on subpostmasters doing 24 things wrong? 25 A. And in Crown Offices, yes. 59 1 Q. Was there any, in your three years in this post, 2 discussion about Fujitsu employees having 3 unrestricted and unauditable access to the Post 4 Office Horizon System? 5 A. I didn't believe that individuals had got access 6 to the transactions in the system and, 7 therefore, there wasn't conversation about that 8 because I was advised by IT that individuals 9 didn't have the ability to do transactions on 10 the system. That it was purely colleagues at 11 the front on the Horizon counter who'd got the 12 chance to do systems. 13 Q. Just stopping there, breaking that answer down, 14 how did the conversation between you and IT 15 arise? Why were you having a conversation about 16 backdoor access by Fujitsu? 17 A. Because going back to such things as the 18 Cleveleys -- the allegations that were coming 19 out of the Cleveleys report. 20 Q. Again, was this part of the same conversation 21 with the head of IT? 22 A. Yeah. 23 Q. He said "No, there is no such access", and you 24 said, "Great"? Is that how it went? 25 A. Yes. 60 1 MR BEER: Thank you very much. That would be 2 a convenient moment. 3 SIR WYN WILLIAMS: Fine. 15 minutes? 4 MR BEER: Yes, please. I think that's 35 past. 5 SIR WYN WILLIAMS: 35 past, right. Jolly good. Or 6 25 to! 7 MR BEER: Yes. 8 SIR WYNN WILLIAMS: Right. 9 (11.20 am) 10 (A short break) 11 (11.36 am) 12 SIR WYN WILLIAMS: Yes, Mr Beer. 13 MR BEER: Thank you very much, sir. Mr Ismay, 14 before we move on can we just go back and check 15 one thing, please. Can we look, please, at 16 POL00029282. This was a document we looked at 17 yesterday with a Fujitsu employee called Steve 18 Parker, who you'll see mentioned as 19 a contributor to this document. You'll see 20 that, from the top left, it's a Fujitsu document 21 and it's dated 18 March 2004, so it's within the 22 period that we're looking at, at the moment of 23 your tenure in Risk and Compliance between 2003 24 and 2006. I'm not going to go through the 25 document because we looked at it extensively 61 1 yesterday. 2 It sets out the nature and extent of 3 Fujitsu's access in what has been described as 4 remote access or backdoor access to the Horizon 5 System. If we look at what's at the foot of the 6 page as we see it now, a point picked up by the 7 Chair yesterday, it's distributed to John Bruce 8 of Post Office Limited. Do you know who 9 Mr Bruce was? 10 A. No. 11 Q. Is that a name entirely unfamiliar to you? 12 A. I don't know that name at all, no. 13 Q. If, as some of our other records suggest, he was 14 an implementation manager for releases into 15 Horizon, releases about Horizon, would that be 16 within the IT department, as you've called it? 17 A. Yes, I think so. 18 Q. If this record is accurate, that this document 19 setting out the extent of remote access at least 20 went over to Mr Bruce, what would you expect the 21 chain to be, in order for you, in Risk and 22 Compliance, to know about it? How would this 23 get from Mr Bruce to you? 24 A. I don't know if it would. 25 Q. Why wouldn't it? 62 1 A. Because there were so many projects and so many 2 documents that there'll be thousands of 3 documents that never came anywhere near me or 4 any of my team. 5 Q. All right, what about the issue then, rather 6 than the document itself. If, let's assume for 7 the moment, there were documents that were 8 circulating which suggested that Fujitsu had 9 privileged access to counters that permitted 10 changes to financial data to be made and that 11 that privileged access was unauditable, you 12 would, I think, regard that as a risk to the 13 integrity of the system -- 14 A. Yes. 15 Q. -- and, therefore, information about which you 16 should know, being Head of Risk? 17 A. Yeah. 18 Q. Assuming such documents existed, how would you 19 expect the information or the issue to get 20 from -- once it entered Post Office through, 21 say, this route to somebody who is 22 an implementation manager, to get back to you in 23 Risk? 24 A. As I say, there were so many documents that 25 there wouldn't be something would cause me to 63 1 have said "Can I have a particular document like 2 this?" 3 Q. I'm not asking that. 4 A. Yes, but I think it would depend on the 5 gentleman who is named in here, if he was aware 6 that this was something that he should escalate 7 to somebody. So, first off, if he was the only 8 recipient in Post Office, then potentially 9 nobody else in Post Office might have known if 10 he was the only recipient. There'd be 11 a dependency on did it occur to him that he 12 ought to escalate it to somebody, given that -- 13 Q. Just stopping there, that sounds, if I may say 14 so, a rather shaky system of risk and 15 compliance, that it all depends on an individual 16 realising that they must escalate something. 17 Wasn't there a more systematic approach by which 18 departments would ask people to contribute on 19 a cyclical basis to an assessment of whether 20 there were risks of which they were aware and 21 then they were fed back centrally to you? 22 A. I think if the organisation had got a risk then 23 it would be conveyed -- if the organisation had 24 acknowledged a risk, then -- and if -- for 25 example, if I'd then communicated to departments 64 1 heads that I was concerned about a particular 2 risk, I'd expect that to be -- message to be 3 conveyed to trigger things to come back up, 4 but -- but I understood there wasn't 5 a foundation to the allegations that were being 6 made from the questions that we talked about 7 earlier today. 8 Therefore, I wouldn't have been asking for 9 sight of documents, and the operational change 10 procedures, I think there were many, many, many 11 documents that would have been like this, and 12 the organisation would have had empowered 13 individuals in some areas who were expected to 14 just get on with the thing they were dealing 15 with. 16 Clearly, I acknowledge the enormity of the 17 matter that you're referring to that is touched 18 on in this document, as you've suggested. That 19 puts -- probably puts this on a different scale. 20 But, in isolation, there would be many programme 21 managers and members of project teams who would 22 be the person dealing with that particular area, 23 and I don't think projects in lots of companies 24 would expect every document to be shared with 25 different people in the team when somebody has 65 1 got a defined role in a team to get on and do 2 something. 3 Q. Thank you. I'll move on. That can come down. 4 You were in charge of audit between perhaps 5 2004 and 2006 when you took on branch audit 6 responsibilities. What was your assessment of 7 the attitudes prevalent amongst auditors, so far 8 as subpostmasters were concerned, in that 9 period? 10 A. My understanding, from speaking to the team, was 11 that I sensed that they had good relations with 12 subpostmasters. Clearly, one isn't going to 13 have good relations after a situation perhaps 14 where a shortage is identified but the Post 15 Office audit team were going out to many 16 branches. It was a minority of branches where 17 issues arose and members of the team, when I did 18 meet some of them, would say -- well, you know, 19 I've gone out to a branch and they've said "Oh, 20 hello, we're pleased to see you again, you're 21 out for your routine audit again", and they've 22 kind of described a pleasant rapport with 23 colleagues and branches that they went out to. 24 Q. Have you listened to or read or seen a summary 25 of the Human Impact evidence that the Inquiry 66 1 heard last year as to the way in which 2 subpostmasters say they were treated by 3 auditors? 4 A. No, I haven't. 5 Q. We've heard evidence from them that suggested 6 that auditors did not approach their task with 7 an open mind, that they sought to prove fault 8 and were unwilling to listen to the accounts 9 that subpostmasters gave. Are those attitudes 10 that you recognise? 11 A. No, I think that's disappointing. 12 Q. Was there, in your time, in the three years that 13 you held this role, a policy document that 14 governed the way in which audits were to be 15 conducted, for example the need to keep an open 16 mind and the duty to follow all reasonable lines 17 of investigation? 18 A. I don't know if there was a policy document like 19 that. But if you take the institute that I'm 20 a member of, things like independence and 21 objectivity are core things that are part of the 22 principles of the mindset. For -- 23 Q. Were all of the auditors members of your 24 institute? 25 A. No, they weren't. They weren't, no. 67 1 Q. So if there wasn't a policy document which 2 governed the way in which audits were to be 3 conducted, why wasn't there? 4 A. I don't know if there was or wasn't and 5 that's -- I appreciate that's not a very good 6 answer. I can't remember whether there was 7 a policy document or not. 8 Q. Was it recognised by you, as the Head of Audit, 9 that audits were the foundation, quite often, 10 for criminal investigations and then criminal 11 proceedings? 12 A. Yes. 13 Q. Was there, at that time, a policy that the 14 auditors were required to have regard to about 15 the conduct of their work because they knew that 16 it would lead to or may lead to a criminal 17 investigation? 18 A. I think auditors were expected to follow 19 standard recordkeeping procedures for what they 20 went out to and I would have, whilst I don't 21 know whether there was a policy document or not, 22 I would have expected them to be polite, 23 diplomatic, helpful, open minded when they went 24 out to do the audits but, clearly, you're 25 explaining there's been harrowing feedback that 68 1 they weren't. 2 Q. I'm going to take an example from much later on, 3 after your time, and just ask you whether you 4 recall anything similar. Can we look, please, 5 at POL00038853. If we just scroll down a little 6 bit, please, you'll see that this is a policy 7 concerned with the "Conduct of Criminal 8 Investigations". It's dated August 2013 and 9 owned by the Head of Security Operations. 10 That's a different division, essentially, from 11 your own, isn't it -- 12 A. Yes, it is. 13 Q. -- security operations? We'll see that this is 14 version 0.2, but I think we can see from the 15 revision history at the foot of the page that 16 even version 0.1 was dated 16 August 2013. It 17 seems that this policy for the conduct of 18 criminal investigations was written up for the 19 first time, so far as we can see, in 2013. 20 To your knowledge, was there an earlier 21 policy which documented the approach that should 22 be taken to audits which may lead to criminal 23 investigations? 24 A. I can't remember whether there was or wasn't one 25 before then. 69 1 Q. Can we just look at some of what was being said 2 in 2013 and whether it reflected the position in 3 your time. Can we look at page 11, please. 4 Appreciating this is directed at the Security 5 Manager and not auditors, the policy tells 6 readers that: 7 "The Security Manager must not overlook the 8 fact that a fair investigation is there to 9 establish the truth as well as substantiate the 10 allegation, so it is importance that any 11 evidence uncovered that may support the 12 subject's position is also recovered. It is 13 important to document every action, decision and 14 reason for decisions being made during the 15 course of the investigation." 16 Do you think similar guidance to that would 17 have been given to your auditors back between 18 2003 and 2006? 19 A. Well, I would hope so. I would hope that 20 a balanced approach was there, to be open minded 21 and to be recording evidence either way. 22 Q. Do you see anything wrong, if it did reflect the 23 approach that auditors would take back in the 24 day, with what's written there? 25 A. I feel like, looking at that, that it would be 70 1 enough to say "a fair investigation to establish 2 the truth", full stop. 3 Q. Yes, because it's reminding people that they 4 shouldn't overlook, that an investigation is 5 there to establish the truth? 6 A. Yeah. 7 Q. Presumably, there would never be any risk of 8 that being overlooked by your auditors? 9 A. Well, I would think that the all embracing thing 10 is to establish the truth and, if the truth 11 happens to substantiate the allegation, well 12 that's a subset of establish the truth, and it 13 probably should have had a full stop after 14 "establish the truth". 15 Q. It says that: 16 "[The individual] must not overlook the fact 17 that a fair investigation is there to establish 18 the truth as well as substantiate the 19 [investigation]." 20 Would you understand that's what 21 an investigation was for: to substantiate the 22 allegation? 23 A. Well, I think an investigation would have been 24 triggered because there was an allegation and 25 the allegation, presumably in this criminal 71 1 investigation policy, would have been that there 2 was an example of theft alleged. So the 3 investigation would have been initiated as 4 a result of an allegation, but I would have 5 thought the policy then should be to go to 6 wherever one needs to go to examine the 7 evidence, and that the policy should be to 8 establish the truth, full stop. 9 I don't know why the policy needs to remind 10 people -- as well as to substantiate the 11 allegation. 12 Q. It also says: 13 "... it is important that any evidence 14 uncovered that may support the subject's 15 position is also recovered." 16 Would that suggest to you a rather passive 17 process. If you come across anything that helps 18 a subject, retain it. It doesn't suggest that 19 you should actually look for any evidence that 20 points away from the suspect, does it? 21 A. Well, no, I guess if I was writing that, I feel 22 like it ought to say that "The security manager 23 must not overlook the fact that a fair 24 investigation is there to establish the truth", 25 full stop, and I would expect somebody to 72 1 understand that establishing the truth means 2 gathering all the evidence, whatever direction 3 the evidence supports. 4 Q. The things that you have just said, how was that 5 made clear to the very many auditors for which 6 you were responsible back in 2003 to 2006? 7 A. I'd like to think that would have been the sort 8 of thing we would have been saying in the 9 training events, where I alluded to getting 10 people together, I would like to think there 11 might have been a policy that referred to that, 12 but I can't remember if there was one. But I'd 13 like to think that an approach of objectivity 14 would have been in place for conducting audits. 15 Q. Can we look please at POL00090437. 16 If you forgive me a moment, I've just had 17 a file collapse. 18 Can we turn to the second page, please. We 19 understand this is a Post Office Investigation 20 Division file. Would you ever have seen such 21 files? 22 A. I didn't routinely get files sent to me to look 23 at. 24 Q. Whether routinely or not, would you get files 25 sent to you? 73 1 A. No. I -- at some point I asked to see a file, 2 I think when we were going through into the 3 Second Sight investigation, there was a branch 4 that I asked to see a file for then. But 5 I wouldn't have been sent files routinely, no. 6 So I wasn't sent files, I don't think. I wasn't 7 sent files. 8 Q. Can we go to a document within this file, 9 please, it's at page 87. It's an email from 10 Tony Utting to John Cole, copied to Keith 11 Baines, of 2 March 2006 I think that's a period 12 when you were still Head of Risk and Compliance? 13 A. Yes. 14 Q. If we just read it. The subject is "Re: Analyst 15 Resource for Civil Litigation cases": 16 "John, as discussed the other day, I do 17 believe that this is a job that could usefully 18 conducted within our team for a number of 19 reasons. 20 "Positive stuff. 21 "Our investigators routinely have to acquire 22 and examine Horizon transaction data as part of 23 their criminal investigation and prosecution 24 work and are therefore familiar with not only 25 looking at and analysing data, but can also 74 1 prepare their own witness statements in support 2 of the evidence they uncover. 3 "Because we also have strong ties with the 4 security and audit function within Fujitsu, we 5 are also able to take witness statements from 6 them in support of prosecution cases and could 7 use the same links in support of civil matters 8 (indeed, the standard statements that they 9 currently provide to us in prosecution cases 10 were originally drafted with support from our 11 team). I believe our contract states they will 12 provide support in this area." 13 So this is, would you read this, Mr Utting 14 making a pitch, essentially, for his team to 15 have some more staff so they can support civil 16 litigation against subpostmasters, as well as in 17 criminal prosecutions? 18 A. Yes, it looks like that, yes. 19 Q. He makes the point here "We've seen they've got 20 good links with security and audit within 21 Fujitsu". 22 Now if we scroll down, please, to the 23 bottom, to "The sting in the tail": 24 "It needs to be understood that as the 25 people running the system and its diagnostics, 75 1 only Fujitsu can provide evidence that the 2 system is working correctly. All we can do is 3 look at transactions, identify the dodgy ones, 4 and provide some idea of what has gone on and 5 who did it. So you might find that there has to 6 be a lot of input from Fujitsu on this from 7 a witness statement and court attendance aspect. 8 "I have spoken to Rod about this issue and 9 as we are in the throes of a 20% reduction, 10 unless I'm able to keep two of the CM2 heads 11 that I am being asked to lose, I will not be in 12 a position to undertake this work. I have asked 13 Rod to speak to Peter C about this and see where 14 we stand." 15 Is that "Rod" you? 16 A. I think so, yes. 17 Q. What involvement did you have in this issue, 18 then? 19 A. I don't know. Tony Utting reported to me at 20 that time. 21 Q. Sorry, I missed that? 22 A. Tony Utting reported to me at that time. 23 Q. Yes. 24 A. So the Post Office was undergoing one of several 25 headcount reduction exercises at the time. 76 1 I would have been talking to Tony about if 2 a reduction that -- it says 20 per cent 3 reduction here, if we've got to reduce our 4 headcount by 20 per cent in the investigations 5 team, how do we structure ourselves to being 6 able to best do the job that the team is there 7 to do? How do we structure ourselves in the 8 context of a 20 per cent reduction? 9 I guess, as you've said here, Tony's -- 10 looks like he was beginning to take on some more 11 work but he can't take the work on if he hasn't 12 got more heads and he certainly can't take the 13 work on if he's got less heads. So he must have 14 escalated that to me to talk to Peter Corbett 15 about. 16 Q. That's the reference to Peter C? 17 A. That will be Peter Corbett, yeah, so he'd be my 18 boss, the Finance Director, and we'd have been 19 having a conversation about, "Well, is it in the 20 wider business interests that that headcount 21 reduction target applies at that level to this 22 team?" 23 Q. Were you in favour of security taking on this 24 additional role? 25 A. I think I probably would have been. I think the 77 1 sense of if a team is experienced in collating 2 court files, then why wouldn't such a team with 3 that experience ensure consistency across other 4 functions? Now, I would always have the civil 5 law team and the criminal law team taking the 6 lead on what's, you know, guiding what needs to 7 happen in there but, as somebody looking at 8 process improvement in the organisation, if 9 there's -- in simplistic terms, if there's 10 an opportunity for something that sounds 11 similar -- two things that sound similar to be 12 done by the same team, that sounds like 13 a sensible thing. 14 Q. Was it the case that you viewed civil claims and 15 criminal prosecutions as really two sides of the 16 same coin, namely debt collection? 17 A. No. I think the thing here was that, as Tony is 18 saying, the compilation of the evidence, there's 19 a similar collation process to be done. So this 20 wasn't about debt recovery at all and, like the 21 previous point, where you said the two things 22 that kind of overlap, the concept of 23 investigations and how one conducts it is going 24 to lead to the creation of and the 25 identification of a debt situation. It's not 78 1 going to -- that's not going to collect the 2 debt. 3 Q. Can we go over the page, please, to page 88. 4 I think this is the reply. In fact it 5 pre-dates it. It may be that the earlier email 6 was a reply to this one. In any event, Mr Cole 7 says to Messrs Utting and Baines: 8 "With regard to the provision of an analyst 9 to deal with civil litigation cases, could you 10 confirm this is appropriate to your department 11 ... The steer from the ..." 12 Is that Executive Committee, the "EC"? 13 A. Yes. 14 Q. "... is that they are sympathetic to additional 15 resource being provided ..." 16 Can you recall whether this went up to the 17 Executive Committee? 18 A. No, I can't. I mean, this indicates that it 19 did. I can't recall whether it did, but it 20 looks like I would have been speaking to Peter 21 Corbett about it and he was a member of the 22 Executive Committee. I don't know whether 23 this -- I don't know what happened about how 24 this went to the EC. 25 Q. Was, again, this all part of a drive by the Post 79 1 Office to recover more money from 2 subpostmasters? 3 A. No, this was about how a case is collated. 4 Q. Can you recall a phrase in this period, namely 5 "ARQ data"? 6 A. I can remember the phrase, yeah. 7 Q. What did you understand ARQ data to be? 8 A. My understanding is that I think ARQ data was 9 a -- some sort of extract of transactional data 10 summaries at a branch level, that would, 11 I think, be -- in a Post Office branch you could 12 run a balance snapshot report and you could see 13 something that showed sort of transactions 14 there's been in a week and what cash and stock 15 you were left with at the end of the week. 16 I think an ARQ report was a way of interrogating 17 the system centrally to sort of recreate the 18 same audit trail of what transactions had been 19 done. 20 Q. In broad terms, were you aware that the branch 21 data store only retained data for a limited 22 period and it was sometimes necessary to obtain 23 that from outside that period from servers which 24 retained it? 25 A. Yeah, I think so, yeah. 80 1 Q. Can we look, please, at POL00039154. This is 2 an email chain. It's from much later, outside 3 of the period. It's got the subject line 4 "Re: East Ham", and then there's a FAD, a branch 5 code. It includes email exchanges between 6 Andrew Winn and John Dutton. Broadly speaking, 7 without going through the weeds of it, Mr Winn 8 wanted to procure some ARQ data in respect of 9 a transaction. There are some delays in the 10 process and John Dutton sought from advice from 11 Mr Winn. 12 Can we look, please, at that top line. It 13 says, from Mr Winn to Mr Dutton: 14 "It looks like I am going to have to spend 15 some money to get the evidence. I need to talk 16 to Rod." 17 Would that be you? 18 A. Yes, I think so, yeah. 19 Q. Back in 2003 to 2006, did you have any role in 20 authorising the expenditure of money to obtain 21 ARQ data? 22 A. I don't think so. I think I became aware that 23 there was a limitation on how much ARQ data 24 could be pulled. I don't know if it was when 25 I was doing investigations or when I'd got in 81 1 the FSC. At some point, while I was there, 2 I know the issue arose that that the contract 3 with Fujitsu, I think, limited how much ARQ data 4 could be pulled and that, if an additional 5 request that went over and above that limit was 6 submitted, the Post Office was going to have to 7 pay for that. I can't remember when that -- 8 when I became aware of that but, certainly 9 during my tenure there, at some point I found 10 out and heard of ARQ and, at some point, became 11 aware that there was a limited access to it. 12 Q. So it would have been outside the period when 13 you were Head of Risk and Compliance? 14 A. I'm not sure. I don't know whether it was in 15 there or not. 16 Q. Did you understand that there were divisions of 17 data, some being obtainable from a system called 18 Credence, some called standard ARQ data or just 19 ARQ data, and some called enhanced ARQ data? 20 A. I was aware there was Credence. I don't recall 21 enhanced ARQ as opposed to ARQ. But, certainly, 22 I know Credence was different. Credence was 23 a separate system. 24 Q. What did you understand to be the difference 25 between data obtainable from Credence and ARQ 82 1 data? 2 A. I think that ARQ, I think, would have had -- was 3 going into the Horizon data store and would have 4 got all of the information that it could 5 interrogate in there, whereas I think Credence 6 was the same totality of transactional data 7 harvested from the Horizon System and put into 8 a separate database but I think it was more 9 about the transactional data, rather than the 10 balances of cash and stock on hand. So I think 11 Credence would have been something that -- 12 I think then genesis of it was more about sales 13 MI data, sales management information data, and, 14 therefore, I think it was more about 15 transactions. 16 So if Andy had had a query from 17 a subpostmaster that he was looking into, that 18 would have been a query, most likely, that would 19 have involved the possibility of it being about 20 the transactions and a possibility of it being 21 about cash and stock on hand. So he would have 22 wanted the totality of it and it's possible that 23 Credence didn't have that whole dataset in it. 24 Q. Was there a written policy for those conducting 25 audits and investigations which set out when and 83 1 in what circumstances they should obtain ARQ 2 data? 3 A. I don't know. 4 Q. Was it the case that ARQ data was obtained in 5 all cases of an audit in which a subpostmaster 6 disputed that a loss was due to their conduct? 7 A. I don't know but I would have thought it would 8 have needed to be because of the time period, 9 given that there were -- if there was local data 10 only held for a certain period on the store 11 within the counter, before it all went on to 12 online onto the central system. So if there was 13 a limitation on the time period when data was 14 held at branch level, then I would have thought 15 that the -- a conversation about understanding 16 the situation at the branch could well have 17 begged questions going back days or weeks before 18 the period that was still on hand there. 19 Q. So would you agree that, if ARQ data was not 20 obtained and interrogated in all cases in which 21 a subpostmaster said that a loss was not 22 attributable to their conduct, one could not 23 confidently respond "The loss is due to you"? 24 A. I think if the -- and I can't remember how long 25 the data period -- but, say, if it was 100 days 84 1 of data that was held locally in the branch 2 still, if the subpostmaster said or the 3 colleague in the Crown Office said, "This issue 4 happened two weeks ago", that would be within 5 the 100 days of data that was held in the branch 6 and, therefore, there wouldn't be a need to pull 7 ARQ data from preceding period because the 8 colleague in the branch was challenging a more 9 recent period. 10 So I don't think I'd expect that ARQ data 11 would have to be pulled in every case but, if 12 there was a lack of clarity about when 13 an alleged issue had happened or if a colleague 14 in branch said "This thing has been going in for 15 a year", then I would have thought that ARQ data 16 would need to be obtained for that earlier 17 period. 18 Q. So the answer my question was: it would need to 19 be obtained if the relevant transactions 20 occurred in a period only covered by ARQ data? 21 A. Yes, I would think so, yeah. 22 Q. Was that, to your knowledge, the approach: that 23 in all audits and investigations, it was so 24 obtained? 25 A. I don't know. That's what I'm thinking should 85 1 have been the process. I wish I could say that 2 I knew but I don't. 3 Q. Is that because of the frailties of memory or 4 because it was not something that you would have 5 involved yourself in at the time? 6 A. Could have been either. I don't know, I can't 7 remember. 8 Q. Can we move forward within this period. Ernst & 9 Young were the group auditors of Post Office 10 Group at this time, yes? 11 A. Yes. 12 Q. Therefore, they were the auditors for Post 13 Office Limited? 14 A. Yes. 15 Q. What liaison did you have in this period 2003 to 16 2006 with Ernst & Young? 17 A. In 2003 to 6, I think I would have met Ernst & 18 Young to share the information that was coming 19 from, say, talking them through the Compliance 20 and Risk Committee. I think if there has been 21 a management letter point that related to things 22 within my teams then I would have met Ernst & 23 Young about that. And I think I probably 24 attended -- quite possibly attended the audit 25 planning meetings, which would have been ahead 86 1 of the audit starting, and the audit closing 2 meeting at that time, I think. 3 Q. Were you the key contact between Ernst & Young, 4 as Head of Risk and Audit and Compliance? 5 A. No. So although I'd worked for Ernst & Young 6 before, the key contact for the audit, which 7 I think would be standard in most companies is 8 sort of the equivalent of a financial controller 9 type role, who is somebody who is responsible 10 for the financial processing. That person was 11 typically the person who has got the lead role 12 with the external auditors. 13 And so I wasn't managing a processing team 14 and I wouldn't have been the lead person on the 15 audit relationship, no. 16 Q. As well as financial auditing, did Ernst & Young 17 produce service audit reports that concerned the 18 Horizon processing environment? 19 A. Ernst & Young would have done some testing of 20 the IT environment in totality, which would have 21 included -- Horizon would have been part of 22 that. 23 Q. Was that in each of the years 2003 to 2006? 24 A. Well, I think they would have done that in any 25 audit, in any year. 87 1 Q. You said some testing of the IT as a whole, 2 I think. 3 A. Yes. 4 Q. What testing did Ernst & Young do of the IT as 5 a whole? 6 A. The IT as a whole would include the central 7 finance system, which has got accounts payable 8 and accounts receivable going through it. So 9 the testing would be of that. The testing, 10 I think, would be things like what are the 11 change control documentations for things that 12 have happened in the year, and I think they 13 would request the ability to run what would be 14 called -- and apologies that there's many 15 different things that get called audit, but 16 I think in a system you'd usually have an audit 17 log where you could say what things have 18 happened to that system during the year. 19 The auditors could then look at that audit 20 log and say, "Ah, there was a software upgrade, 21 there was an accounts payable module, for 22 example, was added to the system", and where the 23 auditors -- so if the audit log said "There's 24 been no changes to the system in the year", the 25 auditors might say, "Well, we tested the system 88 1 last time there was a change, given that the 2 audit log says there hasn't been any changes 3 this year, there isn't a need to test something 4 because there hasn't been a change from what we 5 tested last time". 6 But if there are things that have changed in 7 the system, then they would look at some of the 8 documentation around how was that change 9 deployed in a controlled manner? 10 Q. You said in that that they would look at change 11 control? 12 A. Yeah. 13 Q. Would that include occasions on which Fujitsu 14 had changed financial data within branch 15 accounts? 16 A. Well, I understood that wasn't happening at the 17 time. I think the audit process by change 18 control wouldn't have been about that. Now, if 19 they'd been aware of it then they may have 20 chosen to test it, but change control would have 21 been about a change to the software script was 22 being done, and they would have been looking at 23 the change controls, as I say, around the system 24 has had a new module attached to it, or the 25 system has been upgraded to Windows 10 instead 89 1 of Windows 9, or something. Those are the kind 2 of changes that would be the changes to the 3 system. Not changes of -- as in a transaction 4 being entered in a system. 5 Q. Would you expect this element of the audit to 6 have established the extent to which Fujitsu had 7 remote access to branch accounts? 8 A. I guess I'd expect that security and permission 9 controls would be something that would be looked 10 at and so -- to understand. So I think one of 11 the audit management letters that was issued did 12 talk about SAP_ALL access, for example. That's 13 in the central SAP system, not in the Horizon 14 system, but a user who has got SAP_ALL access, 15 there'd be a log that says who are the people 16 who have got SAP_ALL access and then you might 17 ask well is it appropriate that anybody has got 18 SAP_ALL access? And if they have got it, what 19 are they using it for? And let's run an audit 20 looking of what things have been done under that 21 profile in the year. 22 So I think there would be an element to an 23 information systems assurance review that would 24 look at what types of profile of user are there, 25 and what is the extent of -- 90 1 Q. Their permissions? 2 A. Permissions, yes. 3 Q. That document can come down from the screen, by 4 the way? 5 Was there a standard which Ernst & Young 6 conducted this audit against, ie a measure, 7 whether a domestic or international standard? 8 A. Yes, so auditors are subject to audit standards. 9 So there are -- 10 Q. I'm thinking about specifically this aspect, 11 whether there was a standard of assurance for 12 financial processes or processes with 13 a financial risk for an organisation? 14 A. No, I think -- I'm not sure what phrase to use, 15 the regulatory body for auditors in general has 16 got particular themes of things where it would 17 say objectivity, or IT systems assurance, here 18 are principles that one should follow in there. 19 So there would be some, if you like, industry 20 standards that would apply to any auditor who 21 was looking at something to bear in mind in how 22 they conducted an assurance review of an IT 23 system. 24 Q. Were you the recipient of the annual report that 25 Ernst & Young produced? 91 1 A. Yes. So I think in my -- in that initial role, 2 the first three years, I think I would have 3 received the whole audit report for that. When 4 my role became more specific in Product and 5 Branch Accounting, I don't think I did receive 6 the full audit management letter because some 7 bits were irrelevant to me, such as an element 8 about payroll was nothing to do with me. 9 Q. Can we move forwards, please, to when you took 10 over as head of Product and Branch Accounting in 11 2006, September 2006 onwards. 12 A. Yeah. 13 Q. What did the role of Head of P&BA involve when 14 you took it over? 15 A. It involved the leadership of a team whose 16 responsibilities were to ensure that a central 17 ledger was maintained to pay Post Office clients 18 the correct amount of money or claim from them 19 the correct amount of money in respect of 20 transactions that had been conducted in Post 21 Office branches and through Post Office online 22 services. 23 So my team was about -- so there'd be an IT 24 infrastructure that would feed Horizon data and 25 website transactions through to what at one 92 1 point in time was called the POL-FS system, and 2 I was responsible for making sure that my team 3 was using the POL-FS system to settle the right 4 amounts to clients on time. 5 Q. What was the structure of P&BA? 6 A. I think I had either five or six direct reports 7 at different times during my tenure there. 8 Q. What were they called: managers? 9 A. Yes, they'd be senior managers in the -- in my 10 team, yes. So I -- 11 Q. How many people, as a whole, worked in P&BA? 12 A. I think when I joined there was round about -- 13 I think when I took it over in 2006, I think 14 there were about 240 people. 15 Q. When you arrived in P&BA, it was just as the 16 IMPACT project was rolling out through what we 17 know as release S90; do you remember that? 18 A. There were lots of Ss, I can't remember which, 19 there was S80 and S90, I can't remember which 20 one was which, but I think when I joined it 21 I think IMPACT had been deployed and I was 22 joining some months after IMPACT had happened. 23 Q. So never mind the release number. 24 A. Yeah. 25 Q. You remember that when you joined it was just as 93 1 the IMPACT programme was being rolled out? 2 A. Yes, yeah. 3 Q. The Inquiry has heard from a witness saying that 4 this project led to "a lot of issues flying 5 around", and Product and Branch Accounting, 6 which was based in the same building as him, he 7 was aware that there was a lot of stress coming 8 from there that needed resolving, concerning 9 feeds from branches, things falling into the 10 wrong accounts and the accounts not functioning 11 as planned. 12 Does that ring any bells to you of the 13 situation when you arrived in P&BA? 14 A. Yes. 15 Q. Did it go beyond what that witness, Mr Winn, has 16 identified? 17 A. Well, I think he's referred to that in about 18 2009 or 10 in his transcript. I -- so IMPACT 19 was deployed in 2005 or 2006. I think we had 20 a lot of issues that ran right through that 21 whole period and the -- sort of the genesis of 22 the issues at the start of it were you've got 23 a load of files that you're loading to the 24 system. So we'd got -- there was an old system 25 called CBDB and Class, I think it was called. 94 1 We put this SAP system in. The data out of 2 the old system needed transferring into the new 3 system and it was an enormous amount of data and 4 then continuity of the interfaces from branches 5 needed to continue, such that we'd got all the 6 stuff out of the old system migrated over, and 7 knew that the branches were going to be plugged 8 in from Day 1 for their information feeding into 9 the system. 10 I think that when -- on the day that system 11 IMPACT migration happened, I think there were 12 file load issues that meant the whole of the 13 data out of the previous system was put in and 14 then it had to be pulled out again and then it 15 have to be put in again, and there was 16 a constant issue for Product and Branch 17 Accounting that the enormity of the data that 18 was coming out of the whole of the Post Office 19 Network meant that you'd got to -- you had to 20 stay on to be of processing a day in a day, and 21 it was a heck of a lot of data that you were 22 processing in the day, in respect of yesterday's 23 transactions. 24 There was a lot of anxiety about, if we've 25 got to keep backing out data files and putting 95 1 them in again, that itself adds to the overnight 2 cycle of things that get on, and so we don't 3 want to get in a position where we're not going 4 to be able to continue processing a day in 5 a day's data, as well as sorting out the 6 migration stuff. 7 So that caused a lot of headache at first. 8 The migration data was put into the system, 9 a day in a day data was managed, so I think we 10 did manage to avoid getting in a position of not 11 being -- having two day's data to process and 12 never catching up, but the POL-FS system, when 13 it went in, users were finding it quite slow. 14 So there was an enormous amount of data. 15 An individual in my team might have 16 responsibility for a particular product. So you 17 might go into a Post Office branch and do 18 a savings product, for example, there'd be 19 a ledger centrally for that savings product, and 20 people were looking at egg timers, they were 21 trying to interrogate something and they just 22 couldn't interrogate it because of egg timers. 23 So we were livid with the kind of IT environment 24 of the egg timers that we'd got on there. That 25 was causing a lot of angst in the team that Andy 96 1 would have seen and heard amongst his colleagues 2 in the team. 3 And in the following years, we continued. 4 We were receiving an enormous amount of data, 5 an enormous load of individual files from 6 branches and cash centres every day, and from 7 corporate clients who were sending us files. 8 Sometimes the IT interfaces got slowed down and 9 a particular file somehow didn't come in and 10 there would be an alert that would tell us that 11 file hadn't come in but, if a file didn't come 12 in, we couldn't do all our normal processing on 13 time, we'd have to wait until that file was, in 14 order to be able to match transactions which 15 might lead to a conversation with the branch 16 about transaction correction. 17 So we were frustrated that sometimes there 18 were file load timing issues, there were cases 19 that some of the documents in the witness packs 20 refer to about files loading the wrong way 21 round, that was a frustration, and there was 22 a controlled way to back the file out and put 23 the file in again. But, frankly, my team, we 24 were tying to be up to date for real -- for as 25 much as we could possibly do it, as close to 97 1 realtime conversations with subpostmasters as we 2 could, and having prompt and reliable settlement 3 arrangements with our corporate clients, and we 4 were furious that we were having issues in the 5 infrastructure that were slowing down our 6 ability to do those routines, and that's the 7 sort of stuff that Andy was -- the vibes he was 8 feeling from members of my team, including me. 9 Q. Did you draw, from all of that basket of serious 10 concerns, any views as to the competence and 11 professionalism of Fujitsu? 12 A. My view from the correspondence that I had with 13 Fujitsu was that they took seriously each topic 14 that was coming forward and were responding in 15 a -- what seemed like a sensible manner to the 16 particular issues that we identified. However, 17 there were too many of them. So I'd a concern 18 that there were too many file load issues that 19 were going on, each one of them, I think, was 20 handled in an appropriate manner, but why does 21 this keep happening? 22 Q. What did you answer that question with: why does 23 this keep happening? 24 A. Well, so I asked -- we had several different 25 heads of IT during my tenure of being there but, 98 1 at some points during that, I would have, and 2 I did, say "This is impairing the ability of my 3 team to do its job on a timely basis, we'll do 4 it right and we'll give a certain time period 5 delayed in doing the job correctly but it's got 6 good enough that we're being delayed by 7 technology issues". 8 But I understood at the same time that the 9 Post Office was going through an enormous IT 10 transformation, so it was reinventing its 11 network, working with different people to run 12 the network, going online. It was entering -- 13 it had entered financial services, entered 14 telephony, broadband, home phone, a lot of new 15 products being deployed through branches and 16 through its websites. It was deploying an IT 17 tower strategy that I don't understand the 18 detail of it but going from a kind of a layered 19 IT architecture to a verticalised one which was 20 enormous. And it was going to lead us to 21 a situation of being able to -- if we needed to 22 remove an IT supplier and put another one in, 23 I think the tower strategy was going to take us 24 to a place where you could change your IT 25 suppliers more easily because, every four or 99 1 five years you probably do need to change 2 suppliers sometimes on things, but I think the 3 enormity of the all of the transformations that 4 were going on across the whole of the IT estate, 5 meant that there was limited resource to kind of 6 respond as fast as you'd like to some of the 7 issues that were going on. 8 Q. So you didn't draw any negative views as to 9 Fujitsu's competence and professionalism? 10 A. No, I don't think I -- no, I don't think I drew 11 negative views about their competence and 12 professionalism. I was frustrated about 13 capacity. 14 Q. I'm going to turn now to a report that you wrote 15 in August 2010, the so-called Ismay report. Can 16 we look at it, please? It's at POL00026572. 17 We can see that it was written by you. We 18 can see that from the top right-hand side "From 19 Rod Ismay, Head of Product and Branch 20 Accounting". 21 A. Yes. 22 Q. We can see the date of it, it's 2 August 2010, 23 and it's, I think, 36 pages long. 24 A. This -- the additional bundle that I've received 25 has got the page settings right on it so it's 100 1 20 pages long. We had a Microsoft Windows 2 upgrade at some point, which threw out the page 3 numbering of all the documents that had been 4 written pre-that Windows upgrade. So this looks 5 like an untidy version of it. The actual 6 version which is in the additional bundle is 7 20 pages long and the page flows much more 8 sensible. 9 Q. I understand who commissioned you to write the 10 report? 11 A. Dave Smith. 12 Q. What was Dave Smith's job at that time? 13 A. He was Managing Director. 14 Q. Of? 15 A. Of Post Office Limited. 16 Q. What were the terms of reference for the writing 17 of the report? 18 A. I don't think there was written terms of 19 reference for it, but the terms of it were to 20 understand the reasons why Post Office should be 21 able to take assurance about the Horizon System, 22 what are all those reasons of positives? So 23 this was obviously an ongoing situation where 24 some allegations were being made about Horizon. 25 Dave, I think, was relatively new to Post 101 1 Office. I think he was only Managing Director 2 for about a year. I think he came from 3 somewhere in Royal Mail and went back to 4 somewhere in Royal Mail. 5 In the period that he was there, I think 6 that, given the comments that he was hearing 7 allegations, this was a question to me to say, 8 "Well, you know, what's the counterargument to 9 this?" 10 Q. You would have understood that the task you were 11 being asked to perform was a very significant 12 one, wouldn't you? 13 A. Yes, yes. 14 Q. Why were the terms of reference for it not 15 reduced to writing? 16 A. Well, they should have been, in hindsight and 17 I've commented in my witness statement on some 18 things that, in hindsight, should have been 19 different. I think -- 20 Q. Why does it take hindsight to realise that the 21 writing of a report of very great significance 22 ought to have written terms of reference? 23 A. I think, sadly, because, in the heat of the 24 moment, there was a need to construct this 25 report and it was quite clear -- it was quite 102 1 clear to me that they were saying "What are the 2 reasons to take assurance?" and that, in itself, 3 was, you know, a pretty simple scope, "What are 4 the reasons to take assurance?" And that's what 5 I've listed out, having had conversations with 6 lots of people, I've listed those out on the -- 7 on most of the pages of the report. 8 Q. You said it was constructed in the heat of the 9 moment. How long did it take you to write the 10 report? 11 A. I think it was couple of weeks. 12 Q. Was it hot during all of that two weeks? 13 A. It was hot because there was so many things 14 going on in the Post Office. So we were 15 probably on another precursor to gearing up for 16 Royal Mail privatisation. I'd got lean process 17 improvement reviews going on in my team, the 18 business was always restructuring, I'd got 19 headcount reduction targets, I'd got all the 20 file load issues that were just alluded to in 21 the previous session. My job was red hot with 22 lots of things going on in it and this was 23 a hugely important piece of work in the context 24 of a really challenging period of all sorts of 25 organisational changes going on. 103 1 Q. But it was done in such a rush that there wasn't 2 time to reduce the terms of reference to 3 writing? 4 A. Well, that seems odd in hindsight, I realise. 5 But, no, I think I felt at the time that the 6 question was quite clear, "Please can you list 7 out the reasons for assurance?" And, to that 8 extent, I'm not sure if that needed terms of 9 reference of beyond it. What are the reasons 10 for assurance? Well, I've listed them out. 11 Q. So you weren't given free rein to write what you 12 wished, you were directed only to include 13 reasons that gave reassurance? 14 A. Yes. Yes. So I appreciate that, looking at 15 this document cold, it could look imbalanced -- 16 Q. But that's the task you were given? 17 A. The task I was given was what are the reasons 18 for assurance? I wasn't given the task of what 19 are the allegations and can you investigate 20 them? That was not the remit of this. 21 Q. You were only asked to present one side of the 22 coin? 23 A. Yes. 24 Q. If we just scroll down, please. 25 SIR WYN WILLIAMS: I don't wish to be crude but some 104 1 people call that a whitewash. Do you think 2 that's what you were engaged in? 3 A. No, I think they -- allegations had been made, 4 but somebody like Dave coming into the 5 organisation wasn't hearing -- and he was 6 finding his feet in the organisation -- 7 SIR WYN WILLIAMS: But just telling him one side of 8 the story was hardly educating him, was it? 9 A. Well, that was what he asked for. 10 SIR WYN WILLIAMS: So that's why I was a bit blunt. 11 Was he asking, in effect, for information which 12 would allow him to bat away the criticisms of 13 Horizon? 14 A. I think he was asking for information in order 15 that he could get a balanced view because -- 16 yeah. 17 SIR WYN WILLIAMS: All right. 18 MR BEER: You told us that you were asked to write 19 a report that gave reassurance and that 20 presented one side of the coin. Can you see in 21 the third paragraph on the page there it reads: 22 "This paper has been compiled as 23 an objective, internal review of POL's processes 24 around branch accounting." 25 A. Yes. 105 1 Q. If you were asked to present only one side of 2 the coin, in what sense was the report 3 objective? 4 A. It was objective about the processes and 5 controls that were in place there but it was 6 incomplete in that it didn't tackle the 7 allegation areas. But I think it was 8 an objective assessment of the areas where there 9 were positives. 10 Q. Do you understand "objective" to mean based on 11 real facts, not influenced by personal beliefs 12 or feelings, or not constrained by 13 a pre-determined set of criteria? 14 A. Yes, yeah. 15 Q. This report was none of those things, was it? 16 A. I think it was a -- an objective conversation 17 with people about processes, controls, 18 recruitment, training, opportunities to cold 19 call centres. The report doesn't comment on the 20 effectiveness of those. It wasn't an audit. So 21 it's an objective list of things that each team 22 said were the reasons to take assurance. 23 It is incomplete in that it doesn't have the 24 negatives but I wasn't asked to collate those. 25 But I think it is an objective, assess -- 106 1 listing of the other arguments. 2 Q. Can we look, please, at page 31 of the report. 3 This is one of the appendices to the report and, 4 in this printed version, it's a four and a half 5 page document produced by Gareth Jenkins; can 6 you see that? 7 A. Yes, I can, yes. 8 Q. You relied on this report from Mr Jenkins in 9 order to reach your conclusions, didn't you? 10 A. Yes. So I don't think I spoke to Gareth during 11 the course of putting this report together. 12 I think I spoke with colleagues, and so I've 13 named people on the front of it, and I spoke to 14 people within the Post Office who were part of 15 their teams, and somebody has provided this as 16 part of that. 17 Q. In what sense did you think that asking the 18 person responsible for designing and maintaining 19 the system, whether the system that he had 20 designed and maintained had integrity was in any 21 way objective? 22 A. Because -- I understand what you're saying 23 there. 24 Q. Can you answer the question, then? 25 A. Yeah, I'm just thinking how to answer the 107 1 question there. So the people separate to 2 Gareth who I asked the question of were telling 3 me that it was reliable. So people within our 4 own IT team. Gareth is saying the same here. 5 Short of doing an audit, I don't know what else 6 I could have done, other than take those 7 assertions from individuals. Now, I think the 8 report should have said these are untested 9 assertions, as in untested by me during the 10 course of collating this report, and my report 11 doesn't say that. 12 Q. Why not? 13 A. It should have done. 14 Q. Yes, but why didn't it? 15 A. Because I was so busy putting the thing 16 together. At the end of a report there's always 17 things that you think in hindsight "I could have 18 done that in it", and at the time it didn't 19 occur to me that it needed to have got that 20 statement in it. 21 22 23 24 25 108 1 A. No, it didn't. It didn't, no. 2 Q. You tell us, if we just move to paragraph 39 of 3 your witness statement, please, which is on 4 page 10, you say, "Regarding" then you give 5 a character string, which is the document we're 6 looking at, that's the report: 7 "Regarding [the report] I confirm that I did 8 write this report, after being asked by David 9 Smith to conduct a review in light of the 10 challenges being made about the system. It was 11 a summary of existing conclusions ..." 12 Yes? 13 A. Yes, yes. 14 Q. If we can go back to the report, please. 15 POL0002 -- thank you, and then look at page 1, 16 three paragraphs in. Where here does it say, 17 "This report is restricted to being a summary of 18 existing conclusions, not a fresh 19 investigation"? 20 A. It doesn't. 21 Q. Why not, if that's the task you were being asked 22 to perform? 23 A. Because, at the time when I wrote this, 24 I thought that was -- as I thought through what 25 have I collated here, that was what I felt at 109 1 the time was the description of the report that 2 I'd compiled. 3 Q. You've rebadged the report up in your witness 4 statement as just a collation or summary of 5 existing documents, haven't you? 6 A. Well, it is. 7 Q. Why doesn't it say that in the report itself, 8 "This is just a paper exercise of writing down 9 what's already known"? 10 A. It was a paper exercise of writing down what was 11 already known but which had not been collated in 12 a form that the managing director had got any 13 kind of summation of all those reasons. So, 14 yes, it was a paper exercise but, given that 15 nobody had put together such a list before, at 16 the time it was considered quite helpful to have 17 collated that list of things there. 18 Q. It says something different, doesn't it, in this 19 third paragraph: it's been compiled as an 20 "objective, internal review". That reads as if 21 you've applied your mind to it, doesn't it? If 22 you were just gathering bits of paper together 23 you wouldn't need to say that, would you? 24 A. No, so that's the wrong wording, yes. 25 Q. Were you trying to give the wrong impression 110 1 there -- 2 A. No. 3 Q. -- to a reader? 4 A. No. 5 Q. How long did it take to write the report itself? 6 A. I think it was going on over a couple of weeks. 7 Q. Was that separate from the time it took you to 8 review material and gather material, or was the 9 whole process a two-week process? 10 A. I think the whole process was a couple of weeks, 11 yeah. 12 Q. Did anyone assist you with the task of 13 undertaking the review? 14 A. No. I met and talked to lots of different 15 people and some things in here, like there's 16 some tables towards the end of the document, and 17 Gareth Jenkins' report, some of the pages in 18 there are copies and pastes of things that 19 people sent to me. I have then pasted them into 20 this document and it's only me that's typed the 21 things that's in this document but that came out 22 of lots of conversations with lots of other 23 people. 24 Q. So we should understand, other than when you've 25 cut something in to the report, whether by way 111 1 of table or appendix, that these are your words 2 and your words alone? 3 A. That is my typing alone but it will be phrases 4 that may have come from some of my conversations 5 with the people that I've talked to in collating 6 it. 7 Q. But you take responsible for what's in here? 8 A. I take responsibility for having typed what's in 9 here. If I've typed something that was 10 a statement given to me by somebody else, 11 I don't take responsibility for the veracity of 12 what that individual has said to me but I take 13 responsibility for having asked them a question, 14 they've given me some answers, and -- 15 Q. And you've typed it up? 16 A. I've typed it up. 17 Q. Are you reducing your role to that of a typist? 18 A. No, because I think I had lots of questions that 19 I asked people in order to be able to put 20 together and structure something in a sense of 21 looking at control systems, escalation 22 processes, there's a kind of structure to this 23 document. But then that collates lots of 24 information that other individuals have given to 25 me. 112 1 Q. Can we look at the paragraph headed "Executive 2 Summary". In the second sentence, it says: 3 "We remain satisfied that this money was due 4 to theft in the branch -- we do not believe that 5 the account balances against which the audits 6 were conducted were corrupt." 7 Can you see that? 8 A. Yes, I can. 9 Q. You've used the word "we" twice in that 10 sentence, haven't you? 11 A. I have. 12 Q. Who's the "we" in that sentence? 13 A. That is me speaking as we, the Post Office, and 14 we, the Post Office, being represented by the 15 individuals that I've talked to being a voice 16 from different functions and, collectively, that 17 "We" of all those people were remaining 18 satisfied, as it says here. 19 Q. Does the fact that you've written in this way 20 reflect a desire to set out a corporate 21 position? 22 A. It was setting out to Dave a "we" that reflected 23 that all the teams that I worked with to collate 24 this were satisfied. So it was an assurance to 25 Dave, who had asked for "What, of all those 113 1 reasons are positives", I'm saying "I've talked 2 talk those other people and we, being all these 3 people and me, are feeding this back to you, we 4 are satisfied. Here, Dave, is that summary". 5 Q. The people you spoke to had various fingers in 6 the pie to do with systems, processes, controls, 7 IT, network, audit, security, legal. 8 A. Yes. 9 Q. Did each and every one of them say to you 10 "I remain satisfied that all of the money 11 missing is due to theft in the branch. I do not 12 believe that the account balances against which 13 the audits were conducted were corrupt"? 14 A. No, that phrase is my summation of all of the 15 conversations with people. 16 Q. It's you speaking there? 17 A. That is me summarising what all those different 18 teams have said to me. That exact wording is 19 not something that each team out there used. 20 However, all of the teams that I spoke to said, 21 in whatever different types of words it was, 22 that they were happy that Horizon worked. So -- 23 SIR WYN WILLIAMS: So that I'm clear, every single 24 person whom you consulted remained satisfied 25 that money was due to theft -- money missing was 114 1 due to theft in the branch and every single 2 person you consulted was of the view that the 3 audits were not corrupt? 4 A. Right, I'll break that down. So it's a subset 5 of a "Yes", this answer here. So when I spoke 6 to people in the IT team, they'd be satisfied 7 that Horizon worked. Somebody in the IT team 8 wouldn't be able to take a view about was it 9 external theft or internal theft or money that 10 had gone down the back of the drawer. So the IT 11 people wouldn't be able to take a view about was 12 it theft, but the IT people would say, "I was 13 happy about the system". 14 Whereas another team that I spoke to, who 15 might be a colleague in the Network team, they 16 wouldn't be able to take a view about was the 17 system robust because they're not the IT team, 18 but they would have a view from the audit 19 evidence that had come out that would say "Well, 20 we're satisfied it looks like theft". 21 So different people that I spoke to would 22 have got assurance about a different piece of 23 this jigsaw but, collectively, that whole jigsaw 24 distills into this phrase here. 25 MR BEER: The way to write it, then, if that's the 115 1 truth, is to say, "I've consulted with disparate 2 parts of the organisation, aggregating the 3 information that they've given me. I am 4 satisfied that the money is missing due to 5 theft", et cetera, isn't it? 6 A. I could have structured it to say "I've 7 consulted these organisations and, based on what 8 they're saying, I'm satisfied that, 9 collectively, all these teams are assured about 10 this". I don't think I could have said 11 something that says, "I am satisfied" because 12 I've placed some reliance on what another person 13 has said about the area of their expertise in 14 there. 15 Q. If you didn't test what any of the people were 16 telling you, you personally couldn't be 17 satisfied in any way at all, could you? 18 A. I haven't audited it. This wasn't an audit, no. 19 Q. No. You couldn't vouch safe for anything they 20 told you? 21 A. So perhaps the phrase "we remain satisfied", 22 perhaps there was an alternative to "we" -- 23 Q. Maybe "they" should be the phrase? 24 A. Well, they. 25 Q. "Some people I've spoken to, they are satisfied 116 1 that ..." 2 A. Yeah. 3 Q. So why did you write it this way? Are you not 4 trying here to set out a corporate position, to 5 give reassurance to the reader that the entire 6 organisation is satisfied that this loss of 7 money is down to thieving postmasters and is 8 nothing to do with data integrity? 9 A. No. 10 Q. That's what you're doing, isn't it? 11 A. No, it's not. 12 Q. Why did you use these words? 13 A. Because it's very easy to look at a report in 14 hindsight and think that could have been worded 15 differently but, at the time, that felt like the 16 right -- 17 Q. This isn't playing with words. This is 18 examining the natural meaning of what you wrote, 19 and I'm asking you: why did you write it in this 20 way? 21 A. Because that was how -- that felt like the right 22 wording for the assurances that I was getting 23 from all of the teams at the time. 24 Q. Why were you picked to write this report? 25 A. I think because the nature of my role in Product 117 1 and Branch Accounting meant that I'd got quite 2 an overarching view of lots of things in 3 different teams, not necessarily having the 4 expertise in lots of different teams but a level 5 of understanding of what was going on in 6 different teams. And I think because Dave went 7 out to different parts of the organisation to 8 meet people, as he joined, as part of his 9 welcome and introduction. He came to 10 Chesterfield at some point. I think because we 11 would have talked about branch accounting and 12 client accounting then, he probably sensed that 13 I'd got a breadth of understanding in order to 14 be able to work with people to collate this 15 report. 16 I don't know why he didn't ask for an 17 auditor or somebody else to do it but -- 18 Q. I'm going to come to that in a moment, probably 19 after lunch. 20 A. I'm sure, yeah. 21 Q. Do you know whether any directors were involved 22 in the decision to pick you? 23 A. No, I don't know. 24 Q. Do you know whether your selection was discussed 25 at board level? 118 1 A. No, I don't. 2 Q. Can we look briefly before lunch then at to whom 3 the report was sent and go to the top of the 4 page, please. There's a distribution list with 5 14 names on it. 6 A. Yeah. 7 Q. There are three direct addressees and 11 on the 8 CC list. The three direct addressees first. 9 Mr Smith, David Smith, the Managing Director. 10 Was this report sent to him because he had 11 commissioned it? 12 A. Yes. 13 Q. Was he therefore the main addressee? 14 A. Yes. 15 Q. Was there any discussion between you and him 16 before the report was written as to what he 17 would do with the report -- do with the report, 18 once it was written? 19 A. No, I don't think so. I think I -- my 20 recollection is that this was about he needed 21 a collation of the counterarguments and 22 I thought this was part of his gathering and 23 understanding of that. 24 Q. Did you not know the use to which it might be 25 put? 119 1 A. No, I didn't. So when I -- let's see. I think 2 probably I came down to London one day and 3 Angela took me round to meet some different 4 people in the organisation. 5 Q. By that you mean Angela van den Bogerd? 6 A. Yeah, I went and I think we'd got some new 7 people who had joined in London and -- 8 Q. Who were they? 9 A. The Chair, so Alice Perkins. So she'd got this 10 report and I wasn't aware that -- I hadn't 11 expected that that was going to be another 12 audience for the report. 13 Q. Why didn't you expect that it would go up to 14 board level? 15 A. Well, I probably should have. 16 Q. Why didn't you but now realise that you should? 17 A. Because I was focused on producing something for 18 the Managing Director who'd requested that. 19 I was working on how do I best summarise all 20 this to respond to the question that he's asked. 21 Yeah. 22 Q. Does not the audience for which you're writing 23 the report and the use to which it might be put 24 condition the task that you undertake? 25 A. Yes, it should. Yeah. 120 1 Q. If I'm writing a memo to Mr Blake, I might write 2 it in one way. If it's to Sir Wyn, I might be 3 more careful. 4 A. Yeah. 5 Q. Did that cross your mind? 6 A. No. I think what I -- the way in which I've 7 constructed this, I didn't think about who else 8 it might go to but I would always seek to write 9 something in an objective manner and, obviously, 10 understandably you're question how objective it 11 is, but I would always seek to write something 12 in a way that would I be happy if somebody else 13 read this? Well -- 14 Q. Are you happy now? 15 A. No, I'm not. I'm not happy now. No. And I've 16 said in my witness statements things -- that 17 I think it should have had a terms of reference, 18 it should have had attribution of things in 19 there. Some of the phrases that I've used 20 like -- you're probably going to ask about the 21 phrase "compassion" that's in there. 22 I certainly wouldn't kind of use that phrase 23 again, that was in there but, at the time, with 24 many, many different things that I was working 25 on, this, which -- I burnt the midnight oil to 121 1 summarise this after all the conversations that 2 I had with people, this felt like a suitable 3 wording that I would have been content if it was 4 shared with somebody else. But I didn't think 5 through who else might it go to. 6 Q. Did you expect it to go to the board? 7 A. No, I expected to go to Dave. It's probably -- 8 I'm not surprised it's gone to the board. 9 I didn't think through, is it going to go to the 10 board, but I'm not surprised it went to them 11 they. 12 Q. The second person on the direct distribution 13 list is Mike Moores, the Finance Director. Why 14 did you send it to him? 15 A. Well, he's my boss. I think he should be 16 a recipient of something that I'm producing, and 17 I think he was involved when Dave asked for it. 18 I think Mike would have consented to my time 19 being redirected to the collation of this, given 20 the number of other things that I'd got going 21 on. 22 Q. Was Mr Moores involved in setting the terms of 23 reference for the piece of work that you 24 produced? 25 A. No. The unwritten, really short terms of 122 1 reference, which was list out the reasons, was 2 something that Dave asked for and I presume Mike 3 was happy that that was an appropriate thing to 4 ask for. 5 Q. So he was only involved to the extent in giving 6 consent for the abstraction of your time? 7 A. Yes, and I think -- Mike, again, I don't think 8 had been in the Post Office Limited for long at 9 that time. So whilst the report has included 10 him as a "To" in the circulation list, he wasn't 11 somebody who'd got, you know, sort of direct 12 input to make on this because he was relatively 13 new to the organisation as well, I think, at 14 that time. 15 Q. The third direct addressee is Mike Young, the 16 Chief Technical and Services Officer? 17 A. Yes. 18 Q. Why was the report sent to him? 19 A. So he -- I did speak to him during the course of 20 collating this, and he and I did talk about the 21 structuring of the document in terms of 22 controls, training, just kind of thinking -- my 23 conversations with him were about the building 24 blocks of the report of those four sorts of main 25 areas that the report structured under. 123 1 Q. Did he see a draft of the report? 2 A. Probably. 3 Q. Did anyone else see a draft of the report? 4 A. I think probably all this audience. I'd like to 5 think that I would have copied all of them in, 6 in order that they could comment if it wasn't 7 a fair summary of the things that they'd shared 8 in there. So the question that you asked 9 earlier about the "we", I think I would have 10 shared this with people before finalising it 11 and, therefore, that would add to the validity 12 of it being a "we", given that it would have 13 gone through a kind of visibility of the draft 14 of it. 15 Q. So you think there ought to exist, rather than 16 this final version we've got, a draft or drafts 17 that had been distributed to the 14 people on 18 this list? 19 A. Well, there may. 20 Q. You think there may? 21 A. Yeah. 22 Q. That would have been their opportunity to say, 23 "No, we disagree", and that therefore justifies 24 you writing up "We are satisfied that"? 25 A. Yes. 124 1 Q. Is that what you're saying? 2 A. Yes. 3 MR BEER: Thank you, sir. That's an appropriate 4 moment. I've got about another hour on the 5 document, so can we break until after lunch, 6 please? 7 SIR WYN WILLIAMS: Yes. 8 Obviously you may have lunch with whoever 9 you choose but, if it's with someone who knows 10 about the evidence in your case, don't discuss 11 your evidence. All right? Thank you. 12 THE WITNESS: Thank you. 13 (1.00 pm) 14 (The Short Adjournment) 15 (2.00 pm) 16 MR BEER: Thank you, sir. 17 Good afternoon, Mr Ismay, can we pick up 18 where we left off at POL00026572. We were 19 looking at the distribution list on the front of 20 your report. Can I look to the list of 21 11 people to whom it was cc'd. Mark Burley, the 22 Head of Projects in IT; Mike Granville, the Head 23 of Regulatory Relations; Lesley Sewell, the Head 24 of the IT Group. Does that mean Head of Group 25 IT? 125 1 A. No, that's because the page breaks have gone 2 with the -- 3 Q. Okay. 4 A. Yeah, so it's actually "Group" is attached 5 "RM" -- 6 Q. For Rob Wilson -- 7 A. Yes. 8 Q. -- head of Criminal Law, Royal Mail Group? 9 A. That's correct, yes. 10 Q. Andy McLean, Head of Service Delivery; Mandy 11 Talbot, Principal Lawyer (Civil); John Scott, 12 Head of Security; Keith Woollard, Head of 13 Compliance; Lynn Hobbs, GM Network Support. 14 What does that mean? 15 A. General manager. 16 Q. Michele Graves, Executive Correspondence 17 Manager. Who was Michele Graves, whose office 18 was she in? She was the Executive 19 Correspondence Manager. 20 A. She'd either have been in Legal or general 21 secretarial support to the Executive. 22 Q. To the Executive Team? 23 A. Yeah, yeah. 24 Q. Sue Huggins, head of Network Planning and 25 Change. Was that your choice of people to whom 126 1 the report should be cc'd? 2 A. No, I think that came out of speaking with -- 3 when Dave asked for the report, and I had 4 conversations with Mike about it, Mike Young, 5 I think that group of people was ones where 6 either I felt they were people who would have 7 relevant input to make or they may have been 8 suggested to me as people to speak to. I can't 9 remember whether -- I think that would have been 10 an agreement, probably with me, Mike and Dave, 11 that this was the relevant audience to ensure 12 that, if you like, all bases were covered within 13 speaking to relevant teams. 14 Q. So that's not just a list of people to whom the 15 report was cc'd, it's a list of people to whom 16 you would have spoken in order to write the 17 report? 18 A. Yes. So either those people or somebody who 19 reports to them that they suggested I'd be 20 speaking to. 21 Q. It's effectively the top slice of senior 22 managers in the Post Office, isn't it? 23 A. Yes, it is. It hasn't got, for example, anybody 24 from Marketing but, yes, it's a segment that 25 these would all be part of the senior 127 1 leadership, yeah. 2 Q. There's nobody there whose job description is 3 given as being in charge of audit, is there? 4 A. I think that the Branch Audit Team at the time 5 reported into Keith Woollard, as Head of 6 Compliance. 7 Q. Would you agree that internal auditors would be 8 a vital source of assurance within the 9 corporation? 10 A. Yes. 11 Q. It would have been their job to conduct any 12 internal investigation of this sort that would 13 justify senior managers' confidence, wouldn't 14 it? 15 A. If an audit was being asked for then, yes, it 16 would be. If somebody was asking for "Can you 17 give me some reasons for assurance?" that might 18 range from asking an individual for some reasons 19 for assurance, it might mean asking somebody to 20 collate things with a wider audience or it might 21 mean initiating an audit which, yes, would mean 22 asking the Head of Audit to do it. 23 Q. Can we look at page 19, please. Look at the 24 bottom part of the page, paragraph 4(c). Under 25 the cross-heading "Independent Review and Audit 128 1 Angles", you say: 2 "POL has actively considered the merits of 3 an independent review. This has been purely 4 from the perspective that we believe in Horizon 5 but that a review could help give others the 6 same confidence that we have." 7 You continue: 8 "Our decision between IT, Legal, P&BA, 9 Security and Press Office has continued to be 10 that no matter what opinions we obtain, people 11 will still ask 'what if' and the defence will 12 always ask questions that require answers beyond 13 the report. Further such a report would only 14 have merit as at the date of creation and would 15 have to be updated at the point at which Horizon 16 or the numerous component platforms were 17 upgraded. 18 "Ernst & Young and Deloittes are both aware 19 of the issue from the media and we have 20 discussed the pros and cons of reports with 21 them. Both would propose significant caveats 22 and would have limits on their ability to stand 23 in court, therefore we have not pursued this 24 further." 25 You say in the first sentence there "POL has 129 1 actively considered the merits of an independent 2 review". Who within POL actively considered the 3 merits of an independent review? 4 A. I think that the discussion between all the 5 representatives of the teams on the first page, 6 people within those areas at some point had 7 questioned whether a review was needed and 8 decided that it wasn't because they were 9 confident for the -- all of the reasons, as 10 stated, that one wasn't appropriate. 11 Q. So it's the 14 people on the first page have 12 actively considered the merits of an independent 13 review; is that right? 14 A. Somebody in their teams had. 15 Q. I'm sorry? 16 A. Somebody in their teams had. I'm not saying and 17 I don't know if those 14 named individuals were 18 the specific people who'd done this, but people 19 in the Post Office had considered it. I can't 20 remember who the people were specifically who'd 21 done that. 22 Q. When was that active consideration of the merits 23 of an independent review done? Was it done for 24 the purposes of writing this review or on 25 another occasion? 130 1 A. No, I think that goes back earlier than this 2 review because, clearly, the allegations had 3 been raised for a much longer time than the 4 couple of weeks that I referred to as the period 5 for this report. 6 Q. So you're referring to a process going back in 7 time, on disparate occasions, involving 8 different people. 9 A. Yeah, yes. 10 Q. Was a record made of any of those decisions on 11 a previous occasion, by any of the 14 people 12 listed on page 1 or people within their 13 departments, of the merits of conducting 14 an independent review and the reasons not to 15 conduct an independent review? 16 A. I don't know if a record was made and I can't 17 remember if a record was made, apart from one 18 email that you've shared with me, where there's 19 mention of Rob Wilson's views about that 20 situation in another document. 21 Q. Is that the only record that you are aware of 22 that records the decision making as to why not 23 to conduct an independent review? 24 A. Yes, I think so, yes. 25 Q. Who from IT, Legal, P&BA, Security and the Press 131 1 Office made the decision that's referred to in 2 paragraph 2? 3 A. I don't know who the specific people were who 4 did that but -- whether it was the people I've 5 addressed the document to or members of their 6 teams. 7 Q. You make no mention there of internal audit 8 being involved in the discussions that led to 9 the decision or the decision itself, do you? 10 A. No. No. 11 Q. Would you not want your own specialist internal 12 auditors to advise you and to contribute 13 meaningfully to a decision about whether or not 14 to engage external auditors? 15 A. Yes, probably, yes. 16 Q. Can you explain why it was important to involve 17 the Press Office in decision making but not 18 involve the internal auditors? 19 A. No, I can't. I think the Press Office were 20 receiving questions which would evolve, and so 21 I think sometimes the Press Office sometimes 22 received question A and answered question A, and 23 then question B came back, which would have kind 24 of led to the narrative in here of, if we answer 25 something, another question will come up. 132 1 So the Press Office, I think, would have 2 been involved in this because of their 3 experience of perhaps letters that were coming 4 in, correspondence, Freedom of Information Act 5 requests, perhaps. 6 Q. That explains your justification for their 7 involvement. Why not internal audit 8 contributing to a decision about whether to get 9 an audit? 10 A. Because that was a failing in the scope of that. 11 Yeah, they possibly should have been involved. 12 Q. But why weren't they? 13 A. I don't know. I think in the approach that I'd 14 opted in collating this thing, I'd looked at 15 lots of different angles and there's always 16 things one doesn't do because one does so many 17 things and hasn't got the capacity to cover 18 every angle and doesn't think of it. And I'm 19 sorry in the circumstances of everything that's 20 happened here, but I'm sure all of us have done 21 things where we've done nine things and then you 22 think "Oh, I wish I'd done that tenth thing", 23 and I hadn't. 24 And none of us would say "Well, I don't know 25 why I didn't do that tenth thing. I wish I'd 133 1 done that tenth thing". 2 Q. Might it because, if you ask the auditors, they 3 would say "Yes, it would be a good idea to get 4 an external audit in"? 5 A. No. 6 Q. Can you help us through your thought process. 7 "We need to decide whether to get an external 8 audit, shall we ask our internal auditors to 9 offer their view?" 10 "No." 11 "Shall we ask the Press Office?" 12 "Yes." 13 What did your mind do to lead you to that 14 chain of logic? 15 A. I don't know. 16 Q. The purpose of such an external review, would 17 you agree from the second sentence of the first 18 paragraph there, you seem to be suggesting that 19 the purpose of any independent investigation 20 would be to seek to persuade others of Horizon's 21 reliability? 22 A. Yes, that's what I've said, to give others the 23 same assurance that the organisation felt it had 24 got. 25 Q. So it would be an exercise in convincing others 134 1 of its reliability, rather than actually seeking 2 to establish whether Horizon was reliable? 3 A. I think in the process of assuring others as to 4 why it worked, one probably would go through 5 what things possibly don't work and why is that 6 assertion wrong or what is being done to fix it, 7 if there was something came out that was proven 8 to be a problem? 9 Q. But you'll agree that the way this is written 10 doesn't suggest you approach the question of 11 external review from the -- from a position of 12 "Let's actually find out whether it's reliable"? 13 A. No, and that goes back, I think, to the concept 14 of this whole report being commissioned from 15 a point of view of, saying clearly there's 16 number of allegations being made, but what are 17 the counterarguments for assurance within the 18 organisation? And that kind of mindset has 19 probably rippled through number of things that 20 I've written in here. 21 Q. You give us the reasons why an independent 22 investigation was ruled out: two, essentially. 23 External auditors would insist on caveats and 24 then, secondly, that would limit what they would 25 be able to say in court? 135 1 A. That's what I've written, yes. 2 Q. Why would external auditors insist on caveats? 3 A. The nature of audit reports is I think always 4 that there are caveats in audit reports. 5 Q. Why is an audit report ever written, then, if it 6 always contains a caveat? 7 A. There are people who would question whether the 8 whole approach to audit reports is effective, 9 and that is an industry question that regularly 10 rears its head. 11 Q. You're saying specifically here, these caveats 12 mean that it's not worth a candle in obtaining 13 an external independent review, aren't you? 14 A. I think what this is saying is that, if 15 something was obtained and it had caveats on it, 16 that's inevitably going to lead to a question of 17 "Well, what if?" And, therefore, it wasn't 18 going to feel -- that a caveatted report would 19 not prove to conclude anything. 20 Q. They wouldn't be inappropriately assisting on 21 caveats? 22 A. It wouldn't be inappropriate, no. 23 Q. They would be inserting appropriate caveats, 24 wouldn't they? 25 A. That would be totally appropriate caveats for 136 1 an auditor to put into something but an audience 2 reading something which has caveats always 3 thinks, "Well, what is that caveat in there and 4 what does that mean about the value of a report 5 when it's caveatted?" 6 Q. You're giving us, as a reason for not 7 commissioning an independent review, that the 8 public might misinterpret a caveat? Is that 9 what it amounts to? 10 A. I think that's what it does amount to, but I'd 11 also say that what's in here has come from me 12 speaking to quite a lot of people across the 13 organisation to collate this, so these aren't 14 specifically -- this is not me saying "This is 15 it", this is a collective view coming out of all 16 the conversations that I've had there. 17 Q. Did you speak to your internal auditors to 18 understand what external, independent auditors 19 would in assist on by way of caveats? 20 A. I don't think I spoke to internal auditors in 21 this, except that in the addressee audience 22 the -- whatever the scope of the Post Office 23 internal audit team at that point was reported 24 through to the Head of Compliance and, 25 therefore, the audience of this does include 137 1 a team which includes the Post Office internal 2 audit function. 3 Q. What were the caveats, the appropriate caveats, 4 that Ernst & Young or Deloittes would insist on 5 if they were to conduct a system audit? 6 A. I don't -- I can't remember what caveats they 7 would have said they would put on it but -- 8 Q. What were the possibilities? 9 A. What were the possibilities for the caveats one 10 might put on would be auditors will sometimes be 11 commissioned to do pieces of work where the 12 scope of the work will say we will be asking 13 questions but not testing, or there will be 14 a scope of work where people are doing testing, 15 and the scope of work may involve sample 16 testing, it may involve other forms of testing, 17 and there would be different scenarios where 18 a scope of work would have those different 19 parameters going on within it and an auditor 20 would caveat their report to clarify the extent 21 to which they had or had not tested something or 22 had or that not documented processes or had or 23 that not spoken to whatever range of functions 24 within an organisation. 25 Q. So all entirely appropriate things? 138 1 A. Oh, yes, yes. Those would be quite appropriate 2 things to put in, yeah. 3 Q. So Ernst & Young and Deloitte doing the 4 appropriate thing is a reason not to commission 5 them? 6 A. No, I think the view here was that those would 7 be appropriate caveats to be putting in, however 8 somebody else reading such a report would 9 inherently think, "Oh, it's caveatted", and 10 whilst we are both professionals and the people 11 in this room are professionals who have got 12 an understanding of caveats that go into some of 13 these legal documentation reports and opinions, 14 not everyone would and some people would 15 soundbite items out of it to say that 16 a narrowing of scope was for inappropriate 17 reasons. 18 Q. What were the limits on their ability to stand 19 in court? 20 A. I don't know. 21 Q. You wrote it. Please help us. 22 A. Yes, I've written that based on conversations 23 with many people and would expect that a comment 24 about limitations on ability to stand in court 25 is not something that I have got the experience 139 1 or qualification to comment on and, certainly, 2 wouldn't randomly write something. That must 3 have been from a conversation with someone from 4 a legal background who has indicated that, and 5 I don't know who that was. 6 Q. So a lawyer has told you this? 7 A. Well, in the addressee audience for the thing, 8 you can see I've got some teams there who would 9 include some lawyers, yes. So somebody has said 10 that and I have included that in the narrative 11 that's in this report, yes. 12 Q. That's not included from your knowledge as 13 an auditor at Ernst & Young? 14 A. No, from -- no, from my recollection of doing 15 audits at Ernst & Young, I haven't got something 16 in my mind that says what's going to limit my 17 ability to stand in court there, no. 18 Q. Did you pursue what that could possibly mean, 19 "If we commission Ernst & Young or Deloittes 20 there would be limitations on their ability to 21 stand in court". What does earth does that 22 mean? 23 A. Right well, as I sit here I don't know. I don't 24 know whether I asked at the time. But, in the 25 time window that I did have to collate this 140 1 report, I did put a huge amount of time in 2 within that window to collate this, and there 3 would have been lots of things that I didn't 4 have time to do and whether I failed to even 5 think of asking the question or didn't have 6 time, or had an answer and forgot what it is, 7 I don't know. 8 Q. Did it cross your mind that it might be dripping 9 in irony to say "We can't commission 10 an independent review because the person that 11 writes it has limitations on their ability to 12 stand in court, to speak to the investigation of 13 our IT system. We're using that IT system to 14 prosecute people and send them to prison"? 15 A. No, I don't think so. I think, possibly from 16 a point of view of our external auditors, who 17 were Ernst & Young there, they would have 18 conflicts of interest rules of what things they 19 could be involved in. They were clearly signing 20 off an audit report on the financial accounts of 21 the company. I don't know whether to be asked 22 to perform a piece of work like this would have 23 had a conflict of interest in it that would have 24 prevented them doing that. 25 Q. That's a reason that you don't give, ironically 141 1 enough, is it? 2 A. Well, I know -- well, I'm talking from my 3 knowledge here and you're prompting a number of 4 things that haven't come into my head, either at 5 all or for many years. So I appreciate I may be 6 saying something that wasn't in this report and 7 wasn't in my witness statement but the nature of 8 what you're doing is prompting my memory or 9 thoughts on some things in a way that I hadn't 10 had before, and that's what the purpose of this 11 Inquiry is. 12 Q. Even if that was a material consideration, 13 operative on your mind at the time, "We can't 14 ask EY to do it because they would feel 15 conflicted, given their role as standing 16 auditors to us". 17 A. Well, I -- 18 Q. The answer to that would be "Well, let's ask one 19 of the other Big 5, wouldn't it?" 20 A. Well, maybe we did, I don't know. 21 Q. Did you ask any of the other Big 5? 22 A. I don't know. 23 Q. No, did you? 24 A. No. 25 Q. Are you aware of anyone asking? 142 1 A. I think there was consideration of other firms. 2 Q. By who? 3 A. I think the Finance Director. 4 Q. Right. When did the Finance Director give 5 consideration to involving any of the Big 5, as 6 I've called them, in conducting an independent 7 audit or review of the Horizon IT System? 8 A. I think in the other document that we've got in 9 here, when we get on to Deloittes have done 10 a report at some point, there was consideration 11 of who could do that report and, clearly, 12 Deloittes were appointed to do that -- 13 Q. Yes, but I'm talking about now, by August 2010? 14 A. I don't know. 15 Q. Are you aware, by August 2010, of anyone giving 16 consideration to bringing in any of the Big 5? 17 A. Right, so in that time frame, I don't know. No. 18 Q. You deploy as another argument for not seeking 19 an independent report that it would "only have 20 merit as at the date of creation". Yes? 21 A. Yes, yes. 22 Q. You would agree that that applies to every audit 23 report? 24 A. Yes, yes. 25 Q. Would you agree, therefore, that the logic of 143 1 what you're saying is that there are never 2 grounds for seeking an independent investigation 3 into an issue or a system because the report is 4 only as good as the day it is written? 5 A. Yes and no. So the reason I say no is that 6 a lot of audit reports are issued on the 7 financial statements up to a particular point in 8 time, and it's quite appropriate that one still 9 issues an audit opinion on 31 March accounts, 10 even if you do it in September, because it's 11 an audit report on 31 March accounts. 12 This, however, was considering a system. It 13 wasn't a particular date in time for the system. 14 It was a system, so I think it's a different 15 context for different types of audit report. 16 Q. Isn't it the case that the three reasons that 17 you give here don't add up to a row of beans and 18 the real reason you didn't want to commission 19 an independent audit report is that you were 20 worried about what it might show? 21 A. No, no. The reasons -- whilst the reasons may 22 not look very good in there, those were the 23 reasons. 24 Q. Why don't they look very good? 25 A. Well, you're clearly challenging me on the 144 1 quality of these things that don't add up to 2 a row of beans. 3 Q. My opinion is neither here nor there. I'm 4 asking you: were these the true reasons -- 5 A. Yes, I -- 6 Q. -- why you didn't go and get an external report? 7 A. Yeah, yeah. 8 Q. Wasn't it that you were worried that it might be 9 disclosable in criminal proceedings? 10 A. No. 11 Q. That was not a consideration at all? 12 A. That was -- no, no. 13 Q. Can we look, please -- 14 In fact, before we come to that, can we look 15 at the bottom of the page. You say: 16 "The external audit that E&Y perform does 17 include tests of POL's IT and finance control 18 environment but the audit scope and materiality 19 mean that E&Y would not give a specific opinion 20 on the systems from this." 21 A. Yes. 22 Q. So you're making clear, there that, as at August 23 2010, Ernst & Young weren't themselves in 24 a position to offer any opinion on the 25 reliability or integrity of Horizon by reason of 145 1 the standing audit functions they performed? 2 A. Yes, I think I'm saying that they were -- from 3 the nature of the work that they'd done, they 4 were able to give an opinion on the financial 5 statements of the company, and that was the 6 scope of what they were doing. They weren't in 7 a position to comment on anything other than the 8 engagement letter of what they were appointed to 9 do and what their work had been conducted for, 10 for the financial statements. 11 Q. So the Post Office knew by this time that Ernst 12 & Young's audit could not be used as 13 a justification of the integrity of the system; 14 correct? 15 A. Yes, their statutory audits for the years 16 couldn't -- yeah. 17 Q. Equally, you would presume that Ernst & Young 18 would know the converse of that: that they 19 hadn't been conducting a statutory audit that 20 would itself examine the integrity of the 21 Horizon System? 22 A. Yes, yes. 23 Q. Can we look, please, at POL0002082. 24 POL00002082. Thank you very much. 25 This is a briefing pack raised in 146 1 preparation for a meeting with Lord James 2 Arbuthnot, as he became, and Oliver Letwin MP 3 that was scheduled for 17 May 2010, yes? 4 A. Yes. 5 Q. You recall that you were part of the POL team -- 6 A. I do. 7 Q. -- for that meeting? 8 A. I was sat in reception at Old Street when the 9 meeting happened. 10 Q. I'm sorry, I missed that? 11 A. Yes, I was in London when the meeting happened. 12 I wasn't in the meeting but I was in London when 13 it happened. 14 Q. Ah, you didn't attend the meeting? 15 A. No. 16 Q. Can we just look at page 2, please. You see 17 under "Case Review" you're listed. Did that 18 mean you got sight of these documents? 19 A. I think so. I can't remember the document 20 itself but I think, yeah, I think I would have 21 had sight of it, yeah. 22 Q. Thank you. If we go forward to page 3, please, 23 the section of the document headed "Key 24 Messages", and then if we continue on, there are 25 lots of key messages, to page 6, please, which 147 1 is one of the key messages to get across to 2 James Arbuthnot and Oliver Letwin. 3 You see that it was proposed that Alice, 4 that's Alice Perkins, should speak to this and 5 one of the key messages to get over was: 6 "We are considering commissioning 7 an independent audit as an assurance measure, 8 but in light [of the fact that] there is no 9 evidence that there is a problem we need to 10 determine if this is a good use of public 11 money." 12 Was money a factor in deciding not to 13 commission an independent audit in 2010? 14 A. I don't remember money being a topic of 15 discussion. 16 Q. The points you've listed were threefold: 17 caveats; the auditors couldn't stand in court or 18 their ability to stand in court would be 19 limited; and an audit is only good for the day 20 it is written? 21 A. Yes. 22 Q. You don't mention this, money, as being one of 23 them? 24 A. No. 25 Q. Was it ever discussed with you for the purposes 148 1 of writing your August 2010 review? 2 A. I don't remember it being discussed, no. 3 Q. Thank you. Can we go, please, to POL00106867, 4 please. Can we go to page 3. If we scroll down 5 to the email from Mr Haywood, we can see a date 6 of email of 26 February 2010. I think we can 7 see, amongst the distribution list, second is 8 you? 9 A. Yes, yes. 10 Q. The subject is "Challenges to Horizon". We can 11 see who this is from. If we just scroll down. 12 From Andy Hayward, a Senior Fraud Risk Programme 13 Manager within the Security team. Do you 14 remember Mr Hayward? 15 A. Yes. 16 Q. Was he somebody who reported to you? 17 A. No, but I think in my first role for those first 18 three years, I think Andy was part of one of 19 those teams back then, not a direct report to 20 me, though. 21 Q. By 2010 he wasn't because you'd moved on to 22 P&BA; is that right? 23 A. That's right, yes, that's correct. 24 Q. So looking back at the top of the email, then, 25 now we've seen who it's written from, it reads: 149 1 "All, 2 "Following our conference call of today 3 [presumably 26 February], below is a brief 4 summary of the agreed key activities to progress 5 the next steps in relation to the above piece of 6 work: 7 "1) AH ..." 8 Who would that be, himself? 9 A. Yes, I think so. Yeah. 10 Q. "... and MT", is that Mandy Talbot? 11 A. I think so. 12 Q. "... to provide", Sue Lowther -- 13 A. Yes. 14 Q. -- and Dave King? 15 A. Yeah. 16 Q. "... with information on past and present cases 17 with reference to the Horizon Challenges 18 (criminal and civil cases). 19 "(Note: I have asked the fraud team to 20 approximately the past two or three years' case 21 files although these challenges are of a more 22 recent nature). 23 "2) Information Security [Sue Lowther and 24 Dave King] to conduct initial investigations and 25 provide Terms of Reference outlining the remit 150 1 and requirements to carry out a full 2 investigation (including resource, timescales 3 and any associated ancillary costs). 4 "(NB agreement by all that with [Dave King] 5 and our 'banking consultant' (Paul Hallidan), we 6 have far more expertise and knowledge than 7 anyone is likely to produce for this initial 8 piece of work). 9 "3) Subject to agreement of 2 above, conduct 10 full investigations into integrity issues, with 11 conclusions/report provided. Once investigated 12 and conclusions drawn, gain external 13 verification to give a level 'external gravitas' 14 to the response to these challenges (Recommend 15 Ernst & Young as most suitable partner to 16 complete this ... [to be advised])." 17 Then I don't think there's anything else. 18 Then can we look at the response to this, 19 please, and go back to page 1. 20 I should say that email chain is forwarded 21 on to Rob Wilson, the Head of Criminal Law, and 22 this is his reply. We can see that he has cut 23 you from the distribution list, along with 24 others. Can you see you've disappeared? 25 A. I can. I can see Rebekah's name is there in 151 1 half, so I don't know whether there's 2 distribution list in the email but missing 3 from -- sometimes the Window doesn't show all 4 the addressees. So I don't know whether my name 5 is or isn't, but it's a bit odd that Rebekah's 6 name is only half there. 7 Q. I see. I understand. He says "Dave", that's 8 Dave Posnett. What role did Dave Posnett 9 perform? 10 A. He'd got a role in the security team. Not sure 11 exactly what role it was, looking back, but 12 I don't know if he was kind of a manager of the 13 investigators or commercial security. 14 Q. In an email signature block, he's called the 15 Fraud Risk Manager. 16 A. Right. 17 Q. In any event, Mr Wilson, Head of Criminal Law, 18 says: 19 "If it is thought there is a difficulty with 20 Horizon then clearly the actions set out in your 21 memo is not only needed but is imperative." 22 I think we'd all agree with that: 23 "The consequence however will be that to 24 commence or continue to proceed with any 25 criminal proceedings will be inappropriate. My 152 1 understanding is that the integrity of Horizon 2 data is sound and it is as a result of this that 3 persistent challenges that have been made in 4 court have always failed. These challenges are 5 not new and have been with us since the 6 inception of Horizon, as it has always been the 7 only way that Defendants are left to challenge 8 our evidence when they have stolen money or 9 [when] they need to show that our figures are 10 not correct. 11 "What is being suggested is that an internal 12 investigation is conducted. Such 13 an investigation will be disclosable as 14 undermining evidence on the defence in the cases 15 proceeding through the criminal courts. 16 Inevitably the defence will argue that if we are 17 carrying out an investigation we clearly do not 18 have confidence in Horizon and therefore to 19 continue to prosecute will be an abuse of the 20 criminal process. Alternatively, we could be 21 asked to stay the proceedings pending the 22 outcome of the investigation. If this were to 23 be adopted, the resultant adverse publicity 24 could lead to massive difficulties for POL, as 25 it would be seen by the press and media to 153 1 vindicate the current challenges. The potential 2 impact is however much wider for POL, in that 3 every office in the country will be seen to be 4 an operating a compromised system with untold 5 damage to the business. Our only real 6 alternative to avoid adverse publicity will be 7 to offer no evidence on each of our criminal 8 cases. This should mitigate some adverse 9 publicity but it is not a total guarantee. 10 "To continue prosecuting alleged offenders 11 knowing that there is an ongoing investigation 12 to determine the veracity of Horizon could also 13 be detrimental to the reputation of my team. If 14 we were to secure convictions in the knowledge 15 that there was an investigation, where the 16 investigation established a difficulty with the 17 system, we would be open to criticism and appeal 18 to the Court of Appeal. The Court of Appeal 19 will inevitably be highly critical of any 20 prosecutor's decision to proceed against the 21 Defendant's in the knowledge that there could be 22 an issue with the evidence. 23 "What we really need to do is impress upon 24 Fujitsu the importance of fully cooperating in 25 the provision of technical expertise and witness 154 1 statements to support the criminal and civil 2 litigation now and in the future. 3 "Given the nature of the discussions that 4 took place on 26 February, I am staggered I was 5 not invited to take part in the conference." 6 Can we go to page 9 of this email chain, 7 please, remembering that the original conference 8 call was on 26 February. The Head of Criminal 9 Law's intervention was on 3 March. If we scroll 10 down, please, we can now see an email chain of 11 8 March, in which you're included. 12 A. Yes. 13 Q. It says: 14 "As was discussed on the conference call and 15 taking into account Rob's comments, to confirm 16 that what we are looking at is a 'general' due 17 diligence exercise on the integrity of Horizon, 18 to confirm our belief in the robustness of the 19 system and thus rebut any challenges." 20 So it seems as if there was a further 21 conference call -- 22 A. Looks like it, yeah. 23 Q. -- in the light of what Mr Wilson had said. 24 A. Yeah, that's what it says, yeah. 25 Q. The position had changed. You were now looking 155 1 to conduct a general due diligence exercise, 2 which would "confirm our belief in the 3 robustness of the system". That's what you did, 4 wasn't it? 5 A. Yeah, I guess that was listing those things for 6 Dave was -- listing out reasons for belief in 7 the robustness of the system, yeah. 8 Q. So now there's going to be no full examination 9 of Horizon integrity issues, is there? 10 A. No, looks like it, yeah. 11 Q. There's going to be no third-party involvement, 12 is there? 13 A. No. 14 Q. Instead, the exercise has as its object the 15 confirmation of the robustness of the system in 16 order to rebut any challenges, doesn't it? 17 A. Yeah. 18 Q. These are essentially your terms of reference, 19 aren't they? 20 A. I suppose it does look like that, yeah. 21 Q. And they're loaded, aren't they? 22 A. Um ... 23 Q. They tell you what your conclusion should be. 24 A. I'm not sure what my conclusion should be from 25 that. 156 1 Q. "Write a report that confirms our belief in the 2 robustness of the system in order that we might 3 rebut any challenges to it." 4 A. Well, that was the essence of what Dave's 5 request was. Dave was hearing a lot of 6 allegations against the system, "I haven't seen 7 a list of issues on the other side, so please 8 can you gather all those issues too, so I can 9 get a balanced picture of it". 10 Dave hasn't -- and I don't think Dave used 11 the words "rebut any challenges", so I agree the 12 report that I compiled was about confirming the 13 belief in the robustness of the system. 14 Q. This is essentially an early genesis of your 15 task, isn't it? 16 A. Well, I think you can see some phrases in there 17 that have fed through to my report, yeah. So, 18 in my report, I've used phrases about "staying", 19 for example, which are phrases that could only 20 have come from somebody with a legal background 21 because I don't know about staying prosecutions. 22 So there's a consistency of narrative that's 23 coming through there but whether that was 24 a separate conversation in September, December, 25 whenever -- when was it, August, that that 157 1 report was written, I don't know whether that 2 was a separate conversation or at the time this 3 same thing informing it. 4 Q. What I'm suggesting to you is that this is 5 essentially your commission? 6 A. Well, that's not a commission to me to do the 7 review that Dave asked me to do. 8 Q. You'd agree that the first paragraph is the 9 polar opposite of an independent and objective 10 analysis, the conclusions of which are driven by 11 the evidence? 12 A. Yes, that first paragraph ending with "to rebut 13 any challenges" is not a balanced -- yes, 14 I agree, yeah. 15 Q. The conclusion that you were to reach in your 16 report is written there in the first paragraph, 17 isn't it? And you duly deliver on it, didn't 18 you? 19 A. I think that was common language that was used 20 for a long time about the integrity of Horizon, 21 so yes, I've issued a report that's got that 22 phraseology in it but the phraseology about 23 reasons for assurance about the Horizon System 24 and the integrity of the Horizon, I think were 25 phrases that were used quite a lot over number 158 1 of years. 2 Q. Was that a common mindset within senior managers 3 at the Post Office at this time, "When we 4 conduct an investigation, or a review, or a due 5 diligence exercise, we should do so with 6 a preconceived and fixed belief in the outcome, 7 and we should gather evidence to support that 8 preconceived fixed belief"? 9 A. I don't think that was the mindset but 10 inevitably there's a danger that that is how it 11 manifests itself. 12 Q. Can we go back to your report, please. 13 SIR WYN WILLIAMS: Before we do, Mr Beer, can I just 14 ask a detail? 15 This email was sent to "David X Smith". 16 A. Yes. 17 SIR WYN WILLIAMS: Are there two David Smiths? 18 I don't want to confuse myself over who's who. 19 A. Yes, there are. 20 SIR WYN WILLIAMS: So which David Smith is this 21 then, please. 22 A. This is David Smith, Head of IT. 23 SIR WYN WILLIAMS: Right, so it's not the David 24 Smith who commissioned you? 25 A. No, this isn't the Managing Director. 159 1 SIR WYN WILLIAMS: All right I just want to be clear 2 that I'm not losing track of which Smith is 3 Smith. 4 A. No, it's a good point. 5 MR BEER: Can we go back to your report, that's 6 POL000256572, thank you, and look at page 19, 7 please, where we were, and go to the foot of the 8 page. We've just read the paragraph at the 9 bottom about Ernst & Young, yes? 10 A. Yes. 11 Q. Yes. Then go over the page to page 20, please. 12 You say -- I think this is what you were 13 referencing a moment ago: 14 "It is also important to be crystal clear 15 about any review if one were commissioned -- any 16 investigation would need to be disclosed in 17 court. Although we would be doing the review to 18 comfort others, any perception that POL doubts 19 its own systems would mean that all criminal 20 prosecutions would have to be stayed. It would 21 also beg a question for the Court of Appeal over 22 past prosecutions and imprisonments." 23 From whom did you get that information? 24 A. That narrative would have come from speaking to 25 somebody in the Criminal Law team, and it's 160 1 consistent phraseology with what was in that 2 email that you've just showed, so I imagine it 3 probably came from a conversation with Rob. 4 Q. Ie Mr Wilson? 5 A. Most likely. 6 Q. So did he make it crystal clear to you that any 7 independent review would need to be disclosed in 8 court? 9 A. Yes, and I think that's what he was saying in 10 that other thing that you've -- that other email 11 that you've showed a few minutes ago. 12 Q. Did you know why all prosecutions would need to 13 be stayed, because an independent review was 14 being carried out? 15 A. I didn't know the legalities of why that would 16 mean that other prosecutions should be stayed, 17 no. I was taking a message from the legal team 18 that that was their description of what would 19 happen. But I guess, as a layman, the concept 20 of, if there was an issue, then I can understand 21 why this is the outcome view of it but this 22 was -- this will be a message coming from 23 a lawyer. I'm not qualified and wouldn't have 24 written something like that without it having 25 come from somebody who was qualified to say 161 1 that. 2 Q. Did you understand why the mere fact of carrying 3 out an independent review, irrespective of the 4 conclusions that it reached, call into question 5 all past prosecutions and imprisonments? 6 A. I'm not sure that I did understand the reason 7 why. I understood that was the outcome that was 8 being explained but, again, a layman's 9 perspective, I'm not sure why commissioning 10 a review would do that but this was a clear 11 legal message that I was receiving and that I've 12 included in here. 13 Q. Why did you understand that it was permissible 14 to keep your report secret but it wouldn't be 15 for an independent one? 16 A. I'm not sure I did understand that it was 17 permissible to keep my report secret. 18 Q. So you thought that your report would be 19 disclosed in ongoing criminal proceedings, did 20 you? 21 A. I don't think that even went through my mind. 22 Q. You didn't think, again, "To whom might this 23 report be disclosed? Therefore I need to write 24 it in a way with the possible audience in mind"? 25 A. No, and that may have been a failure in how I've 162 1 gone about collating this thing but I don't 2 think I thought through that, and I think 3 I worked on a priority basis of having received 4 a request from the managing director to compile 5 a list of these reasons, which I did, and what 6 you've suggested would be a perfectly reasonable 7 challenge to have had in mind at the start of 8 it, but I don't think I did have that in mind. 9 I think I was working on: the managing director 10 has asked for this, and that is what I'm going 11 to do. 12 Q. Was it only Mr Wilson's advice that you acted 13 on, that an independent review would lead to 14 prosecutions being stayed and a question mark 15 being raised over past prosecutions and 16 imprisonments or was any other lawyer involved? 17 A. I don't know whether any other lawyer was 18 involved in there, but I think that would 19 have -- it wouldn't have come from me because, 20 as I say, that's the kind of legal narrative 21 that I wouldn't have the knowledge to have been 22 able to have written. Exactly who in Legal it 23 did come from there, I don't know, but the 24 addressee that I've got on there as the prime 25 contact was Rob, so it would either have been 163 1 him or one of his team that I would have had 2 that conversation with. 3 Q. Did you think if a review, an interpreter 4 review, comes back saying the Horizon System is 5 sound, that the data it produces enjoys full 6 integrity, that that would lead to prosecutions 7 being stayed and question marks being raised 8 over past prosecutions? 9 A. I don't know. But as I sit here and think if 10 you're asking if we had a report that said the 11 system works, would that lead to staying things? 12 Well, I wouldn't think that if a report came 13 back and said things were fine, I'm not sure why 14 that would cause things to be stayed. 15 Q. Or was instead the decision not to obtain 16 an independent review motivated by a belief that 17 it might be unfavourable? 18 A. No, I think -- I've got the three reasons that 19 I thought at the time that I've put into this 20 document, and that was the reasons. 21 Q. You and the people that you have had listed 22 thought that it was better not to enquire, 23 better not to find out and, instead, potentially 24 to secure more convictions and more 25 imprisonments? 164 1 A. No, although the thought process in hindsight 2 looks like it was the wrong process to have gone 3 through, I think me and the recipients of this 4 report and the contributors of the report all, 5 rightly or wrongly, thought Horizon was 6 reliable. 7 Q. Do you agree that this paragraph is a warning to 8 the Post Office that if it was to take certain 9 action, ie to commission a review, then the Post 10 Office may be heading in a direction which may 11 lead to the discovery that innocent people may 12 have been wrongly convicted? 13 A. Well, yes, this statement clearly is a warning 14 and, indeed, the outcome of why we're here today 15 has kind of referenced this in Justice Fraser's 16 judgment, I believe. 17 Q. If the Post Office had nothing to fear, surely 18 there's nothing to lose in securing the seal of 19 approval on that view from an independent body, 20 is there? 21 A. Well, I would agree with you that it would feel 22 like there would be no reason not to secure 23 an independent seal of approval. However, I've 24 received advice from a legal team here that says 25 it would mean that these are -- this is what 165 1 could arise. 2 Q. Was your own view, having such a high level of 3 confidence in Horizon, dependent, at least in 4 part, on the assessment by Fujitsu of its own 5 product? 6 A. Yes, in part. Yes. 7 Q. Did you realise the fallibility of asking the 8 very organisation that may have been responsible 9 for the provision of a faulty product whether it 10 assessed that its own product was faulty? 11 A. No. 12 Q. Allowing Fujitsu to mark its own homework? 13 A. No. I see what you mean but, no, that didn't 14 and I don't think that crossed a number of 15 people's minds. 16 Q. If we look at appendix 3, please, page 31. Was 17 this the extent of the Fujitsu assessment of its 18 own product that was communicated to you for the 19 purposes of your review? 20 A. Yes, I think so. 21 Q. Did you think at the time "This document has got 22 limitations to it"? 23 A. I don't think I did, and that may have been 24 a failing that -- in how I went about it but, 25 no, I don't think I did think about limitations 166 1 on it, no. 2 Q. To start with, it was written "without 3 prejudice", can you see that at the top? 4 A. Yes. 5 Q. Did you stop to think why it was being written 6 without prejudice? 7 A. No, I don't think so. 8 Q. Secondly, nowhere in Mr Jenkins' document does 9 it say, "This is the position of the company", 10 does it? 11 A. I don't know but I agree with you if it doesn't. 12 Q. No. The document isn't the company speaking, 13 "This is our formal position of Fujitsu Services 14 Limited, having taken a broad spectrum of 15 reviews and considered the position carefully"; 16 this is simply a document that Mr Jenkins has 17 written? 18 A. Well, it may have been but I would have expected 19 that a letter going from one organisation to 20 another like this would not have been a sole 21 voice, and speaking in isolation. I would 22 expect that this would have been a view that he 23 was satisfied was a representative view of his 24 organisation. 25 Q. Did you think this document had been provided 167 1 for the purposes of your review, knowing the use 2 to which it would be put? 3 A. I don't know how the -- this document -- so this 4 document is dated 2009, which is a year before 5 the report that I collated. 6 Q. Which is why I'm asking you these questions. 7 A. Right. So I don't know what the genesis was of 8 how this thing was -- well, I don't know how it 9 was that this was -- that Gareth decided or was 10 commissioned to write this. I don't know. 11 Q. Did you think, "I'm relying on a document, the 12 purpose of which I do not know, which is headed 13 'Without prejudice'", which it says in 14 paragraph 1, again it's submitted without 15 prejudice, "and therefore it may be a shaky 16 basis on which to reach conclusions"? 17 A. Well, rightly or wrongly, you've shared this 18 with me in the briefing pack, and I have looked 19 at this document a few times as part of my 20 papers. Rightly or wrongly, I've never even 21 noticed that wording at the top. It obviously 22 is at the top of the page, but where it says, 23 "Commercial in confidence", my eyes looking at 24 this document have always gone straight into 25 "Oh, it's Gareth Jenkins, let's read "Purpose" 168 1 and go down". I know that might sound stupid 2 but I have not even -- until you've said to me 3 it says, "Without prejudice" on it, I haven't 4 noticed it says "without prejudice" on it. 5 Q. Did you notice that, from the second paragraph 6 under "1 Purpose", the purpose of the document 7 is described as being, "a technical description 8 of the measures that are built into Horizon to 9 ensure data integrity, including a description 10 of several failure scenarios and descriptions as 11 to how these measures apply in each case", 12 rather than an assessment of the integrity of 13 data that Horizon produces? 14 It's a technical description of measures 15 designed to ensure data integrity. It doesn't 16 speak to whether or not such data integrity had 17 in fact been achieved, does it? 18 A. No. So I can see that doesn't say, "This is 19 an audit of the system", for example. I can see 20 it doesn't say that. Whether I saw that at the 21 time when I looked at it, I don't know, but 22 I probably would have seen that this just says 23 it's a technical description. But, in seeking 24 assurance from different parties, and me asking 25 IT, who must have provided this to me when 169 1 I asked IT, all I could do was ask different 2 parts of the organisation to explain to me the 3 reasons why they've got assurance on it, and in 4 many areas that -- and typically that would mean 5 that a team would come up with a description of 6 the processes and controls in their environment 7 or a technical description of their area. 8 I don't think anybody would have got 9 something that would come forward with -- unless 10 there'd recently been an internal audit review 11 of that particular process, I don't think 12 anybody would have got something which would 13 have met the standard that you're describing of 14 presenting something that says, "And this has 15 just been tested", for example. I think most 16 things that get shown to somebody are 17 a description of it and then there's a judgement 18 about "Right, are we going to test this or not?" 19 Q. When you read this document, did you think this 20 doesn't address any of the bugs, errors and 21 defects that we know about? 22 A. Well, I'd narrated earlier in this report the 23 four or five things that I was aware of, like 24 barcode sticking. I can see this doesn't 25 reference to those but I don't think I thought, 170 1 you know -- 2 Q. You were aware by this time about the Callendar 3 Square bug, weren't you? 4 A. I don't know. I don't know if I was of that. 5 I was aware of whatever the five things were 6 that I've listed out earlier in that report. 7 Q. You're referring to page 15, I think. 8 A. Will somebody bring that document up? 9 Q. Yeah, if we go to page 15, please: 10 "Known IT issues and their non-applicability 11 to the allegations made"? 12 A. Yes, I -- 13 Q. (a), then (B) barcode sticking, bottom of the 14 page, non-polling, over the page, file delivery 15 failures, and number 5, Horizon/POL-FS 16 differences? 17 A. Yes. 18 Q. By this time, there were ten bugs that were 19 known about. I want to understand whether you 20 knew about them: a bug called the receipts and 21 payments mismatch bug? 22 A. That's a bug that I was aware of but I think 23 that is later than this document. 24 Q. I'm sorry, I think it's? 25 A. I think that's at a later date. 171 1 Q. No, I think by August 2010 it was known about. 2 Was it known about by you by August 2010? 3 A. I think it was later than that. 4 Q. What about the remming in bug? 5 A. I don't know. What was that? 6 Q. I'm asking you whether you remember? 7 A. No, I don't, no. 8 Q. The reversals bug? 9 A. No. 10 Q. The data tree build failure bug? 11 A. No. 12 Q. You hadn't heard of any of those? 13 A. No. Well, I don't know if I -- I can't remember 14 them. 15 Q. You say, just before the break, if we can 16 examine this in your witness statement, please, 17 at paragraph 40, which is on page 11 -- sorry, 18 bottom of page 11: 19 "The report suggested that Post Office was 20 justified to assume the losses at audit were due 21 to theft. This statement was based on the 22 understanding that POL management still did not 23 have serious concerns about the integrity of 24 Horizon and so their view regarding the past 25 cases would not have changed. It was also made 172 1 in the light of the range of controls and 2 mitigations noted throughout the document. At 3 that time, the belief was that the overwhelming 4 evidence pointed to human error with respect to 5 shortfalls, that there was no independent expert 6 evidence suggesting a serious problem with 7 Horizon and that POL had invested considerably 8 in mitigations including training and support." 9 What was the overwhelming evidence that 10 problems were the result of human error? 11 A. The overwhelming evidence was the outcome of the 12 branch audits and the confidence in the system 13 itself. Clearly, this Inquiry and the 14 allegations made challenge that presumption, and 15 the allegations here clearly have challenged the 16 basis to the branch audits but I think the 17 outcome of those audits, including where people 18 were understood to have made confessions at the 19 start of an audit, even before cash was 20 counted -- and I know that's not in every 21 case -- but those sort of things were the 22 matters that were deemed to be overwhelming 23 evidence, even though now one may say "Well, 24 perhaps they weren't right". 25 Q. You give as a reason for Post Office being 173 1 justified to assume that losses were due to 2 theft, that there wasn't any independent expert 3 evidence suggesting a serious problem with 4 Horizon. You had been party to a decision not 5 to seek such independent evidence, hadn't you? 6 A. Well, yes, for the reasons that were quoted in 7 that earlier response. 8 Q. Can we go finally on this topic, then, to your 9 conclusions as expressed in the report. That's 10 back to POL00026572, foot of the page, under 11 "Executive Summary". You say in the second line 12 of the "Executive Summary": 13 "We remain satisfied that this money was 14 missing due to theft in branch. We do not 15 believe the account balances against which the 16 audits concerned were corrupt." 17 Then in the paragraph underneath that, in 18 the third sentence: 19 "Horizon Online builds on this and brings 20 benefits to running costs and change management. 21 It [that must mean the introduction of Horizon 22 Online] is not being done because of any doubt 23 about the integrity of Horizon." 24 So not only were you satisfied, is this 25 right, that any discrepancies shown at audit 174 1 were not down to Horizon, you were satisfied 2 that the money had been stolen, rather than 3 being missing through error or mistake; is that 4 right? 5 A. Yes. 6 Q. On what basis did you remain satisfied that all 7 money that was missing had been stolen? 8 A. On the basis that a provable reason as to why it 9 hadn't wasn't identified. So my understanding 10 would be that, during looking at a particular 11 incident at a branch, there would be 12 an opportunity to go back through the 13 transaction logs and query "Well, if there's 14 a transaction in here that's not appropriate, 15 which one was it?" And certainly, in one case, 16 I'm not sure which the office was, but I asked 17 to see the transaction logs for a particular 18 office and there were, what I understand were 19 provable cash deliveries of £10,000 and £15,000, 20 £20,000 to a branch. The transactions in the 21 branch were low volume and low value and, 22 therefore, the cash deliveries to the branch 23 were totally disproportionate to what the level 24 of transactional activity was in the branch and 25 when the auditors went to the branch the amount 175 1 of money that the Horizon System said should be 2 there wasn't there. 3 My understanding was that the records of 4 cash deliveries to the branch were reliable and, 5 therefore, if the system was wrong, there'd need 6 to be a significant outpayment to question in 7 there or a significant inpayment, and there 8 wasn't one in the logs there, the double entry 9 accounting balanced for it, and that was 10 an example where I asked -- the one that I asked 11 to show me that -- there was probably an ARQ log 12 for it, and that was kind of the sort of thing 13 that was giving me assurance, having looked at 14 a set of records for a branch. 15 Q. You say in the second paragraph: 16 "Horizon is robust ..." 17 Then reading on: 18 "[Horizon Online] is not being done because 19 of any doubt about the integrity of Horizon." 20 A. Yeah. 21 Q. Do those paragraphs reflect a belief of 22 certainty, or close to it in your mind, that you 23 had no doubt whatsoever about the integrity of 24 Horizon? 25 A. Yes. The first one does and the second one, 176 1 I felt, was a totally separate thing, that the 2 world was moving to Cloud-based, hosted 3 functions. Post Office had been dependent on 4 overnight drops of software to branches and 5 there was a risk that you'd have data 6 connectivity failures or other things that 7 would -- and I think it was more time consuming 8 and problematic to drop software out to a 9 branch, so the idea of setting up on an online 10 data store which branches connected to was the 11 way that many of us were working on Cloud 12 technology now, and that was the -- 13 I don't know whether Cloud was quite the 14 right word to use but the movement from whatever 15 the old system of Horizon was to the new system 16 was just in line with what many, many 17 organisations all across the world are doing to 18 go to an online process. So I didn't perceive 19 or understand the deployment of Horizon Online 20 to be anything other than that's the way that 21 all companies are going with the way that their 22 software is hosted. 23 Q. Just standing back for a moment from the detail, 24 please, Mr Ismay. You now know that the Horizon 25 System was significantly compromised by a series 177 1 of bugs, errors and defects that had been the 2 effect of causing accounting discrepancies that 3 were wrongly attributed to the criminal actions 4 of subpostmasters that led, in some cases, to 5 their conviction and imprisonment. 6 With the benefit of reflection, do you agree 7 that the decision not to commission a fully 8 independent investigation and audit of the 9 Horizon System in 2010 and, instead, for you to 10 prepare a report that had as its object to 11 demonstrate the robustness and reliability of 12 Horizon, was a crass mistake? 13 A. I think, given where we are, we should have 14 been -- that probably should have been 15 considered, yeah. 16 Q. Considered or done, because it was considered -- 17 A. Yeah. 18 Q. -- and it was rejected, for some reasons that we 19 see spread across the documents we've looked at. 20 A. Yeah. 21 Q. I'm suggesting to you, in the light of what we 22 know now, with the benefit of looking back -- 23 A. In the light of what we know now, yes. Yes. 24 Q. It was an opportunity missed to discover 25 a decade earlier than we did the flaws of this 178 1 system and the consequences for your 2 subpostmasters, wasn't it? 3 A. Yes, it was. Yes. 4 MR BEER: Sir, can we take a break, please? 5 SIR WYN WILLIAMS: Yes. 6 MR BEER: Can we say 3.30, please. Thank you. 7 (3.12 pm) 8 (A short break) 9 (3.30 pm) 10 MR BEER: Just before we proceed with my questions 11 of Mr Ismay, can we just look on the screen, 12 please, at POL00002082. I showed Mr Ismay this 13 document and you'll see it's dated on this one, 14 17 May 2010. 15 SIR WYN WILLIAMS: Yes. 16 MR BEER: Ms Leek has pointed out to me that I made 17 the same mistake that I made last time 18 I displayed this document, which she also 19 corrected and I then corrected myself, that this 20 document should be dated or should identify that 21 the meeting was scheduled for 17 May 2012, not 22 2010. 23 SIR WYN WILLIAMS: Right. 24 MR BEER: There are other iterations of the document 25 that show it was 2012 not 2010. 179 1 SIR WYN WILLIAMS: Well, it'll be on -- now that 2 you've said what you've said, it'll be on the 3 official transcript. So I don't have to try to 4 find my precise note to correct it. 5 MR BEER: Thank you, sir. Thank you, once again to 6 Ms Leek. I'll try to make a while before I make 7 it a hat-trick. 8 Can we look, please, Mr Ismay, at 9 POL00091384. Can you see this is an email chain 10 in which you're not involved but as, we'll 11 notice in a moment, you're mentioned in it. If 12 we start with the foot of the page, please. 13 You'll see that it's an email dated 3 December 14 from Lynn Hobbs. Can you recall who Lynn Hobbs 15 was? 16 A. She was the general manager in the Post Office 17 Network. 18 Q. To John Breeden, we can see who he was from his 19 signature block at the top of the page there. 20 She's forwarding something, the "Follow up to 21 BIS meeting on JFSA", and she says: 22 "John 23 "This is the last exchange I had with Mike 24 Granville about the BIS meeting. The attached 25 documents were not Mike was proposing sending to 180 1 BIS and I commented as below. I haven't seen 2 anything further but I did have a conversation 3 with Mike about the whole 'remote access to 4 Horizon' issue. This was being looked into by 5 Andy McLean and Mark Burley. The view being 6 expressed was that whilst this may be possible 7 it's not something we have asked Fujitsu to 8 provide. I don't know what the final outcome 9 was. 10 "I am also forwarding two further emails. 11 "One from Rod I see which is the final 12 report he produced as a request from Dave Smith, 13 MD, to review the whole issue of Horizon 14 integrity." 15 In fact you weren't issued to review the 16 whole issue of Horizon hectare, were you? 17 A. No, but I think the description of the report 18 that I did is described differently in many 19 places and, as you say, that is not, as in 20 people today refer to it being something much 21 wider. 22 Q. Then, if we go over the page, please. We can 23 see that she cuts into her email an email to 24 Mike and to you. The way she's cut it in 25 doesn't show its date. She says: 181 1 "I'm happy with the report and have just one 2 observation. 3 "I found out this week that Fujitsu can 4 actually put an entry into a branch account 5 remotely. It came up when we were exploring 6 solutions around a problem generated by the 7 system following migration to HNG-X. This issue 8 was quickly identified and a fix put in place 9 but it impacted around 60 branches and meant 10 a loss/gain incurred in a particular week in 11 effect disappeared from the system. One 12 solution, quickly discounted because of the 13 implications around integrity, was for Fujitsu 14 to ... enter a value into a branch account to 15 reintroduce the missing loss/gain. So POL can't 16 do this Fujitsu can." 17 The line "I found out this week that Fujitsu 18 can actually put an entry into a branch account 19 remotely", can you recall when you were told 20 that by her? 21 A. I can't, but it's clearly a really important 22 statement but, no, I can't. 23 Q. Why is it clearly a really important statement? 24 A. Because it's saying that something can be put 25 into the branch system which is something that 182 1 I'd said from my understanding and asking people 2 couldn't happen. 3 Q. Can you recall whether she told you this really 4 important statement before or after you had 5 finalised your report? You see she says, "I'm 6 happy with the report"? 7 A. So I can't -- there's lots and lots of 8 correspondence and there's various things 9 I can't remember and I can't remember this one, 10 certainly whether it was before or after that 11 report, but I can't remember the email. 12 Q. If it was before the report, you would have 13 wanted to take it into account, wouldn't you? 14 A. Yes, I would have, yeah. 15 Q. If it was after the report, you would want to 16 change what you'd written, wouldn't you? 17 A. Yes, yes. 18 Q. Can we go to your report, please. POL00026572, 19 at the foot of the page, you say: 20 "The integrity of Horizon is founded on its 21 tamper proof locks, its realtime backups and the 22 absence of 'backdoors', so all data entry or 23 acceptance is at branch level and is tagged 24 against the log on ID of the user. This means 25 that ownership of the accounting is truly at 183 1 branch level." 2 The email that Lynn sent you undermines the 3 last of those statements, doesn't it? 4 A. Yes. It does. 5 Q. Why is that statement in there or why wasn't it 6 changed? 7 A. On my understanding, when I compiled this 8 report, from the messages I was getting from IT, 9 is that what I'd written here was the business 10 understanding when I did this report. I can't 11 remember getting that email that you've shared, 12 that came from Lynn, but if I had got it I would 13 like to think that I would have then said that 14 there was a whole different situation now that 15 overruled what was in my report that had been 16 issued in 2010. 17 Q. Can you help us, then. If the email from Lynn 18 Hobbs had been received before you wrote this 19 entry within the report, why would you not have 20 brought into account what she said or at least 21 investigated it further? 22 A. Because I would presume it was after it but 23 I can't remember getting it anyway. 24 Q. If it was after you had written your report you 25 ought to have amended it, shouldn't you -- 184 1 revisited the August review, shouldn't you? 2 A. Yes, yeah. 3 Q. Because it was in part founded on a false 4 assertion, wasn't it? 5 A. Yes, yeah. 6 Q. In the light of what Lynn Hobbs said, you would 7 have thought "I need to undertake a chapter and 8 verse understanding here or obtain a chapter and 9 verse understanding here of what Fujitsu is 10 doing with this power that I didn't know that it 11 had", wouldn't you? 12 A. Yes, I agree, yes. 13 Q. If you received the email after you wrote your 14 report, would you have thought, "We've got 15 a duty to tell subpostmasters who have been 16 prosecuted on the basis of supposedly 17 tamper-proof branch accounts, where ownership of 18 the accounting is truly at branch level, in 19 fact, Fujitsu had a power to insert transactions 20 into branch accounts. We need to tell them 21 this"? 22 A. Yes, if I did indeed receive that email I would 23 like to think that I would have spoken to 24 probably Rob Wilson and said "Here's a change in 25 circumstances here", and then I'd have expected 185 1 the Criminal Law team to do whatever was 2 necessary as a consequence of that, which most 3 likely would be the path that you've just 4 described. 5 Q. Can you recall whether Angela van den Bogerd 6 spoke to you in December 2010 after she received 7 the email from Lynn Hobbs, and was your report 8 saying one thing and Lynn Hobbs's email saying 9 another? 10 A. No, I can't remember, no. 11 Q. If we go over the page of this document, in the 12 third paragraph, you say: 13 "When POL takes a subpostmaster to court we 14 have strong processes for the compilation of 15 evidence, compassionate factors are borne in 16 mind and we have a high success rate. This does 17 depend on ensuring that the courts focus on the 18 facts of transaction logs and not on speculation 19 about the 'what ifs'." 20 What were the strong processes for the 21 compilation of evidence for court proceedings, 22 please? 23 A. I believe that the strong processes were the way 24 in which the audit files were compiled, the way 25 in which the investigations team collated things 186 1 to provide to the Criminal Law team to take into 2 court. I don't know what all the specifics of 3 that were but I believe there were strong 4 processes within there for compiling those case 5 files and evidence that would have been taken 6 into court. 7 Q. Were those processes that you say were strong 8 written down, ie "We're thinking of mounting 9 a prosecution, this is the process that must be 10 gone through in order to obtain relevant 11 evidence to analyse it, to ensure that it has 12 integrity and to make a fair charging decision"? 13 A. I can't remember what there was there but 14 I would expect that there would have been a sort 15 of a control sheet that would be a template for, 16 if I'm compiling a case, there'd need to be A, 17 B, C and D that are included within that. So 18 I would have expected that there would have been 19 a sort of standard structure for compiling 20 a binder, or whatever the bundle of information 21 is, however that is presented into court. I'd 22 expect there'd be a template for how that is 23 compiled. 24 Q. Would you agree that strong processes for taking 25 a subpostmaster to court ought to include 187 1 rigorous and objective investigations that are 2 aimed at uncovering the truth? 3 A. Yes. I would. 4 Q. That they ought to include independent decision 5 making over deciding whether to proceed with 6 a case or not? 7 A. Yeah. 8 Q. They ought to include systems that ensure that 9 all relevant material, whether it assists 10 a subpostmaster or seeks to prove the allegation 11 against the subpostmaster, is obtained, secured, 12 and then disclosed to a subpostmaster? 13 A. Yes, I believe so. Yes. 14 Q. What did you do to discover whether those three 15 pillars of a fair investigation and prosecution 16 process, in fact, existed? 17 A. I didn't. I didn't conduct an audit or test the 18 assertions that were put in here. 19 Q. Does it amount to somebody told you "We have 20 strong processes for the compilation of 21 evidence", and therefore you wrote "We have 22 strong processes for the compilation of 23 evidence"? 24 A. Yes, I do. And in hindsight, I should possibly 25 have put -- rather than having an adjective in 188 1 front of it, I should possibly have said "There 2 are well-documented processes", or something 3 about processes but not strong, because that 4 implies -- that does imply that me, as the 5 writer of this, I'm describing something strong, 6 that was the message that was coming to me from 7 the teams I was talking to, but I don't have 8 a sample of tests to validate that they were 9 indeed strong. 10 Q. On the face of it, it looks like you're applying 11 your value judgement to the processes, doesn't 12 it? 13 A. The collective group of people whose comments 14 I gathered were, yes, and I was part of that 15 group. 16 Q. Do you know whether Gareth Jenkins or any other 17 witness called by the Post Office within civil 18 cases or criminal prosecutions was given any 19 guidance or training by POL as to what was 20 expected from them in terms of providing data 21 and documentation to support prosecutions? 22 A. No, I don't. I would expect that the legal team 23 would have got processes and guidance. Whether 24 it would be appropriate for the Post Office 25 Legal team to have talked to a witness from 189 1 a third-party organisation, I don't know whether 2 that -- I genuinely don't know whether that's 3 appropriate practice or not, so I don't know. 4 Q. What were the "compassionate factors" that were 5 borne in mind? 6 A. In hindsight, I wouldn't have used that word. 7 The "compassionate factors", I'm not sure what 8 they all were but conversations I think with the 9 Network colleagues, who I talked to in producing 10 this, were that we were compassionate but 11 I can't give you elements that would 12 substantiate and, frankly, I wish I hadn't used 13 the word in there. 14 Q. Why did you use it? 15 A. Because, at the time, that was the sense that 16 I was getting from the people I was talking to 17 collating this report. 18 Q. What did they tell you about the compassion that 19 existed in this prosecutor? 20 A. I don't know because I've not documented, and 21 it's so long ago. 22 Q. What do you think it could be? 23 A. I would have thought it would have been about 24 the way in which the audit relationship was 25 during the audit. I would have thought it was 190 1 about the relationship with the area manager or 2 contract manager for that area. Clearly, you've 3 articulated earlier that subpostmasters have 4 said that wasn't the case of their experience of 5 it. And that's just not -- that's bad that that 6 was the experience. But my understanding from 7 speaking to colleagues who were doing those jobs 8 was that they felt things were being done in 9 a compassionate manner. And, clearly, there's 10 a lot of comment that that's not the case, and 11 that's bad that that's the case. 12 Q. Were there any industry standards that you were 13 aware of against which the efficacy and 14 integrity of the Horizon System could be 15 measured? 16 A. Probably were. I'm not -- industry -- so PCI 17 standards. I'm aware that there's the card 18 industry, Mastercard, Visa, Europay, there are 19 PCI standards around the confidentiality and 20 integrity of data in order to ensure the holders 21 of credit cards and debit cards about the 22 protection of their information. So the Horizon 23 System, as a system that's connected to a card 24 processing terminal and connected to the Link 25 network, the Post Office were subject to PCI DSS 191 1 reviews, and so those are industry standards to 2 which there was, I believe, independent 3 assessment of that for accreditation purposes. 4 Q. Before you prepared this report, was there any 5 discussion amongst you or research undertaken 6 within POL to consider whether the level of 7 bugs, errors and defects that had been 8 experienced was within expected norms or outside 9 expected norms compared to other integrated 10 network systems? 11 A. I don't think so. I don't know. I don't think 12 so. 13 Q. Can we turn to a different topic -- thank you 14 that can come down -- something that was going 15 on at the same time, which was the prosecution 16 of Seema Misra. Can we look, please, at 17 POL00055100. This is an email exchange between 18 Andrew Winn, who was I think of your department 19 of P&DA -- 20 A. That's correct. 21 Q. -- and Jon Longman, we'll see that just slightly 22 further down the page, of 27 July about the 23 Seema Misra case. 24 Can we start, please, on page 2 of the 25 document. Just scroll down, please. You'll see 192 1 this is an email from Issy Hogg, she's a defence 2 solicitor, to Jarnail Singh, who was a senior 3 officer within POL's Criminal Law division, yes? 4 A. Yes. 5 Q. Ms Hogg says: 6 "Jarnail, 7 "As a result of the meeting that took place 8 between Charles McLachlan [that's a defence 9 expert] and Gareth Jenkins as directed by the 10 judge, we now need to have: 11 "access to the system in the Midlands where 12 it appears there are live, reproducible errors. 13 "access to the operations at Chesterfield to 14 understand how reconciliation and transaction 15 corrections are dealt with. 16 "access to the system change requests, Known 17 Error Logs, and new release documentation to 18 understand what problems have had to be fixed. 19 "Please ... contact me ..." 20 If we look up the page, we see, I think, 21 a forwarding: 22 "Can you please advise on the three points 23 raised below ..." 24 Then go over the page back to page 1. 25 Jarnail Singh, I think that email at the foot of 193 1 the page is just an irrelevant forwarding. Then 2 in the middle of the page, a reply to Andrew 3 Winn: 4 "Jon 5 "Rod Ismay, the head of P&BA is not happy at 6 the prospect of an open-ended invite. He has 7 asked me the question of what are the legal 8 parameters we are working within. 9 Simplistically if we refuse or impose conditions 10 do we lose the case? I think we need more 11 guidance on how something like this might 12 reasonably operate." 13 We've heard in the Inquiry from Mr Winn 14 already. He told the Chair that he understood 15 your reply -- his boss and as head of P&BA -- 16 was to seek to disclose down the disclosure 17 request as much as possible. Was that your 18 intention? 19 A. No, and I'll explain why. So there were two 20 things in here. I would expect the Post Office 21 Criminal Law team to be overseeing the 22 compilation of the -- whatever was needed to be 23 submitted and not for there to be a side 24 conversation between me, as part of the 25 organisation with the defence lawyer. I felt 194 1 that a request should be coming to me from the 2 Criminal Law team. 3 So first, I'd got a concern about whilst 4 this email chain clearly has Jarnail in the 5 email chain, Jarnail wasn't asking me and 6 telling me what was required to be submitted. 7 I was being presented by somebody else with 8 a request from a defence solicitor, where 9 I didn't know whether the Post Office Criminal 10 Law team agreed that this was something that 11 needed doing and, therefore, I wasn't going to 12 independently start a discussion about something 13 where I'm sure everybody would agree you need 14 a single point of contact who is leading for 15 an organisation in a court case, not for 16 different individuals to separately, randomly 17 start having a conversation with the defence. 18 Q. Just stopping there on that answer, if we scroll 19 to the bottom of the page, we can see that, 20 presumably, she's an administrative assistant or 21 similar, she forwards on behalf of Jarnail Singh 22 the email exchange we saw from Issy Hogg, and 23 he, Jarnail Singh, says: 24 "I enclose a copy of an email received from 25 Issy Hogg. Contents of which is 195 1 self-explanatory. Can you please be kind enough 2 to let me have your urgent instructions as to 3 the access and information she is requesting 4 ..." 5 Just pause there. 6 Sir, I'm told that we have a technical issue 7 in that we're not able to broadcast at the 8 moment and the request was for a five-minute 9 break which would have taken us to 4.00, which 10 was the time, I think, we were going to rise 11 today, in any event. 12 SIR WYN WILLIAMS: Yes. Well, I am prepared to 13 carry on when we haven't got a live transcript 14 but a live broadcast is a bit different, since 15 we're relying on it for the public at large to 16 have access to these proceedings if they want 17 access to these proceedings. 18 So what's the time now? 19 MR BEER: Five to four, or 3.55, as I would call it. 20 SIR WYN WILLIAMS: Well, you may or may not be glad 21 to hear, everyone, that I'm proposing to adjourn 22 until tomorrow and not to have a five-minute 23 break to see if this can be fixed but I'm doing 24 that on the basis, Mr Beer, that there will be 25 ample time tomorrow to finish the witness within 196 1 reasonable time. 2 MR BEER: Which there will. 3 SIR WYN WILLIAMS: Fine. Right. So we will adjourn 4 now until tomorrow. 5 I'd ask you not to talk about your evidence 6 overnight and, hopefully, we will be open to 7 public view at 10.00 tomorrow morning. 8 MR BEER: Thank you very much, sir. 9 (3.55 pm) 10 (The hearing adjourned until 11 10.00 am the following day) 12 13 14 15 16 17 18 19 20 21 22 23 24 25 197 1 I N D E X 2 3 RODERICK MARK ISMAY (sworn) ..........................1 4 Questioned by MR BEER .........................1 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 198