No one can deny that it has been an incredibly challenging twelve months for the UK's tax department, HMRC. Not only has it had to deal with the challenges posed by the UK's exit from the European Union, but it also has had to build new systems and distribute money to support those in need during the ongoing COVID-19 crisis.
It was recently highlighted that HMRC has fared relatively well, all things considered, as it had been building up its in-house digital capability for a number of years already - with a focus on hiring talent and working in an agile way. Clear political direction during COVID-19 and Brexit also allowed the department to execute on new systems quickly.
However, a new report released today by the influential Public Accounts Committee, which is made up of sitting MPs, has said that HMRC is still spending too much of its IT budget on legacy systems and maintenance, rather than on modernising for the future.
And whilst HMRC secured £268 million in the November 2020 Spending Review to bring its technology up to day, the Committee is concerned that this will still not be sufficient to "urgently address the long-standing issues" that the department has identified.
Commenting on the evidence provided by HMRC, Meg Hillier MP, Chair of the Public Accounts Committee, said:
Obviously, the national system of revenue collection underpins all public spending and services. As public spending balloons to unprecedented levels in response to the pandemic, out-of-date tax systems are one of the barriers to getting help to a significant number of struggling taxpayers who should be entitled to support. And the system is going to struggle, and in many cases fail, to capture or deal with those wrongly claiming it.
HMRC needs to redress the balance in its spending and use of tech, and get ahead on the basic financial and economic metrics that we need to adapt and respond to this pandemic in real time. There is also a huge question about how our customs and revenue technology at the borders is coping, and will cope in the months and years to come. There isn't really any breathing space - HMRC's out of date systems need to catch up fast."
Modernisation is essential
The Committee notes that as HMRC moves towards a fully digital tax system, which has been the agenda for a number of years now, the capability of its IT systems, particularly with regards to cyber security, will become increasingly important to the department's ability to operate effectively. HMRC told the MPs that in the past it has had to forgo operational maintenance and upgrades to secure cost savings, which means that its IT systems now constitute a significant risk.
The department said that it is important to have sufficient investment to modernise its IT estate, as well as to continue maintaining its legacy systems, to ensure they are kept up to date and are safe from cyber attacks and "catastrophic losses". HMRC added that it is in talks with the government to secure long-term funding for this plan.
The Committee said:
HMRC's experience of implementing the COVID-19 schemes showed the importance of having up-to-date technology and data in overcoming any constraints in supporting those in need. Of the extra costs incurred by HMRC on COVID-19-related work, as of 11 September 2020, the largest element was the cost of IT at £53.2 million (80%). HMRC highlighted self-employed taxes as an area where data and technology infrastructures had not kept pace with developments since they were put in place in the mid-1990s.
That being said, HMRC does believe it has made significant strides since 2015 when it set itself the target of becoming one of the "most digitally advanced tax administrations in the world". It pointed to 22 million people having an online personal tax account, as one of its successes.
The department believes that its 10 year strategy for modernising the tax administration, if it can secure the necessary funding from the Treasury, will ensure it has more resilient,agile technology, and database platforms, to support its administration of the tax system to support society.
The Committee also investigated HMRC's ability to tackle the anticipated fraud and error that has occurred in the delivery of the COVID-19 support schemes, which has been a balancing act of helping as many people as quickly as possible, whilst also mitigating risks. The department said that it has used data to enable this. The Committee's report states:
HMRC mitigated some of the risks at the design stage of the schemes by making any support contingent on the data it already held about employers, employees and the self-employed. It was also able to identify very high-risk claims in the period of approximately 72 hours between a claim being made and payments being processed. HMRC told us it had stopped about £63 million-worth of payments during that period. However, it will have to manage the remainder of any fraud and error after payments have been made, over a period of time.
The Committee has demanded that HMRC write to it by the end of March 2021, setting out what it is doing, and what it has planned, to refocus IT investment on modernisation for the future, while retaining resilience, so that it can "move on from the need to simply keep patching up legacy systems".