Friday 21 December 2007

Disconnected

Disconnected
The question posed:

Is HMRC fit for purpose?

Judging from the conclusion of "The Capability Review" the answer would appear to be "No!".

The Capability Review was undertaken by the cabinet secretary, and head of the Home Civil Service, Sir Gus O'Donnell. He reported that HMRC will meet its efficiency savings, but will miss seven of its ten service-level targets.

Middle managers are unclear about senior management's vision for the department's future. Only 17% of middle managers think senior management is effective at leadership.

Quote:

"The department needs to address a disconnect..about the ability of HMRC to set direction."

The report notes that a restructuring of HMRC's management lines and responsibilities is required.

A complicated 'matrix-management' structure at the department and extensive use of sub-committees has 'diffused accountability', leading to an increase in risk of errors being made further down the organisation.

Basically, no one knows that they are doing or meant to be doing.

It is hardly surprising that HMRC lose things!


www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Thursday 20 December 2007

Sauce For The Goose

Sauce For The Goose
This being the season of goodwill to all, it is refereshing to see that the HMRC is being served a generous portion of sauce for both the goose and the gander.

Dave Partridge, the Chief Operating officer from the Revenue and Customs prosecutions office, has been fired following concerns that his wife had been employed by the department as a consultant.

Partridge had his contract terminated in August after an inquiry into the employment of his wife, Michaela.

Britain, being such and open democracy, is only now learning of the story as a result of questions being asked in parliament. Richard Bacon, a Conservative member of the House of Commons public accounts committee (PAC), said that Mrs Partridge or her company had been paid £97,907 since her husband was appointed in September 2005.

The RCPO is in charge of prosecuting tax fraud and other major criminal cases, including drug smuggling and money laundering.

Bacon has called for MPs to investigate the RCPO accounts, and to look into propriety at HM Revenue and Customs after new figures suggested that the department was responsible for almost half of the fraud committed across all government departments.

It seems that 190 cases of fraud were reported in HMRC in the last financial year. They were worth more than £1.75m, 45.4% of the value of all departmental fraud.

Kind of ironic isn't it?

www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Wednesday 19 December 2007

Fuckwits

HMRC
As Oscar Wilde once wrote, almost:

"To lose one set of discs is careless, to lose seven is downright fuckwitted!"

It beggars belief, but the fuckwits in HMRC have announced that yet another set of data has in fact been lost.

This time the "professionals" in Her Majesty's Revenue & Customs have admitted losing the personal details of over 6,500 people claiming pensions.

The details were lost at an office of HMRC in Cardiff, after a data cartridge went missing in September. The cartridge had been sent to the Cardiff office by Countrywide Assured, a life assurance and pensions company.

Details on the cartridge included names, addresses, national insurance numbers and pension contributions, according to Graham Kettleborough, chief executive officer of Chesnara, the parent company of Countrywide Assured.

The cartridge was signed for when it reached the office, but was subsequently mislaid. However, the spokesperson insisted that, because the information on the data cartridge can only be accessed by a mainframe computer, the risk to the individuals involved is "very low".

Oh, so that's alright then!

These fuckwits have no idea what the hell they are doing.

Why have then not been fined and sent to trial for negligence?

HMRC said in a statement on Tuesday:

"We are taking this loss extremely seriously and have done everything possible to locate the data cartridge. We would like to apologise to all those affected."

As I have said before, a class action should be taken out against HMRC by all those who have had their personal security compromised by HMRC's negligence.

www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Tuesday 18 December 2007

A Serving of Fudge

A Serving of Fudge
Alastair darling served MP's up a generous portion of fudge yesterday, when he outlined the results of the Poynter review into the HMRC "Datagate" fiasco.

Seemingly the review is not yet finished.

How convenient!

"Let us wait and establish the facts rather than jump to conclusions."

Was Darling's response to detailed probings from MPs.

In the meantime, Poynter has come up with a few urgent recommendations.

HMRC will need a new organisational structure, simpler one with accountability at executive level.

A fair point, the trouble is "simplicity" and Gordon Brown simply do not go together.

Here are some his other recommendations, the pharse "bleeding obvious" springs to mind:
  • A reminder to all staff from the Chairman of HMRC of the importance of data
    security with some specific guidance


  • The appointment of a senior official to the new post of Director of Data
    Security


  • The appointment of Data Guardians in each area of HMRC


  • The imposition of a complete ban on the transfer of bulk data onto removable
    media without adequate security protection such as encryption


  • The disabling of the download function on all personal and laptop computers
    in use across HMRC to prevent their use to download data onto removable
    media


  • The utilisation of secure couriers and appropriate tamper proof packaging in
    the transport of bulk data stored on removable media
The full verdict on the failure HMRC's data procedures is due "in the first half" of next year. A standard ploy by government, designed to ensure that by then everyone will have lost interest in the subject.

Here is the Poynter Review in full (all 6 pages of it).

A nice little earner for the consultants!

By the way, let us be perfectly clear, the report is complete shite and a waste of our money (anyone who uses the phrases "world class" and "HMRC" in the same sentence is clearly out of his depth).

www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Monday 17 December 2007

Lost

Lost
Oh dear, the poor old HMRC does seem to be having trouble keeping track of things.

As if losing the data records of 25 million people was not bad enough, HMRC have now managed to lose a stash of coke and some fake passports.

Seized drugs, worth £80K, and other goods went missing from a "secure" HMRC store at Coventry Airport. Detectives are investigating if the items were stolen or have been lost.

Way to go lads!

www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Friday 14 December 2007

Spin

Spin
The Chairman of PricewaterhouseCoopers, Kieran Poynter, will publish an interim report into the IT failures at the HMRC on Monday. It had been scheduled for today, unaccountably it is being delayed until the final week in the run up to Christmas.

I wonder why?

Coincidentally, or maybe not, Chancellor Alistair Darling is to announce measures on Monday that will in his view prevent a repeat performance of "Datagate". He will also call a halt to the police search for the missing discs.

The search was downgraded last week from 47 detectives to 32.

Needless to say, HMRC and the government continue to blame a junior member of staff for the loss.

How convenient!

This blame game continues to be played out, despite the fact that the CDs were sent unencrypted three times and the HMRC ignored a request to send only part of the information rather than the complete database.

A pretty lousy way to deflect blame, and to spin the story, but this is what we have come to expect from this government.

www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Thursday 13 December 2007

The Dead Hand of The HMRC

The Dead Hand of The HMRCHMRC just can't seem to get anything right these days, aside from losing the personal data of 25 million people it is now trying to force through new tax rules that at best is regarded as "sloppy".

The new rules relate to the practice of "income shifting" that "husband and wife" firms use to reduce their tax bills.

The Treasury proposes to stop business owners paying less tax by shifting part of their income to a co-owner, spouse or family member who is subject to a lower tax rate.

This practice was used by Geoff and Diana Jones, owners of IT contractor company Arctic Systems, and subsequently endorsed by the House of Lords.

However, the government refuses to accept this ruling, saying Mr Jones had deliberately lowered his earnings so that Mrs Jones could get some of that income as dividends.

It now says that someone in a company or partnership who passes their income, as dividends or partnership profits, to a "connected" person just because that person pays a lower rate of tax is "unfair."

Well, life is unfair but what are you going to do about it?

The ICAEW is quite rightly unimpressed, and warns that:

"This will lead to yet more uncertainty for many entrepreneurs, who are likely to have to spend much more time looking over their shoulders to see if HMRC will attack their structure."

They go on to add:

"We are very disappointed that this is yet another instance where relatively brief legislation is being supplemented by lengthy HMRC guidance, which has no place in law."

One of Brown's old tricks, when he was chancellor, was to present a nice neat headline during his budget speech; which, when detailed by the Treasury and interpreted by HMRC, turned out to be a real can of worms.

As already noted on this site, the most effective way to cut the costs of HMRC and to save taxpayers' money is to simplify the tax system.

This will not happen as long as Brown is in government.

www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Wednesday 12 December 2007

The Accident Waiting To Happen

The Accident Waiting To Happen
It should come as no surprise whatsoever to learn that the government was warned, nearly 4 years ago, that the "Datagate" fiasco at HMRC was an accident waiting to happen.

Auditors warned the government in March 2004 about a series of potential dangers in the way that HMRC staff used a database containing 25 million child benefit records.

Specifically the auditors warned that the system was open to fraud.

Did the government or HMRC do anything to address the issues raised by the auditors?

Did they fuck!

HMRC and the government, because of their negligence and incompetence, have jeopardised the personal security of 25 million people for the next 20 years.

The 25 million people affected should sue the government and HMRC, via a class action, for negligence and incompetence.

Despite "Datagate", it seems that the governement still hasn't learnt its lessons from this fiasco:
  • Two computer discs with details of more than 7,000 Northern Ireland motorists have been lost in the post after being sent to the DVLA in Swansea


  • Confidential personal details of dozens of prisoners, including their criminal records, have been delivered to a private company instead of going to Norfolk Police


  • Personal details of 1,800 Merseyside health-authority staff, including their salaries and pension details, have been accidentally sent out to a number of private firms
The government, and its organs of state, cannot be trusted with the private details of its citizens.

The only way to make this government take security of personal data seriously is to make a class action against it, using the HMRC case.
www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Tuesday 11 December 2007

Brown Rewrites History

Brown Rewrites History
Gordon Brown, architect of HMRC, apparently is not averse to employing the "Orwellian" strategy (as espoused in "1984") of re writing history to suit his own ends.

The difference between the Brown's method, and that detailed in "1984" is that Orwell assumed that a reasonable period of time would elapse between an event happening and the state adjusting history. Brown wades in within minutes of an event and rewrites it, especially if that event concerns his beloved HMRC.

When HRMC's acting head David Hartnett revealed last week that there had already been seven significant data losses at HMRC, he was asked directly if it indicated systemic failure at HMRC.

Hartnett said:

"I think ... it may well do."

That is a matter of public record.

However, Gordon Brown was asked about it a few hours later and flatly denied that Hartnett had ever made the comment.

Quote:

"I don't accept that that is what the chairman (Hartnett)...said..."

Rumour has it that Brown will soon be saying that the HMRC did not lose the personal data of 25 million people.

With people like this running the country we are well and truly fucked!

www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Monday 10 December 2007

Wanted Dead or Alive

Dog The Bounty Hunter
Following on from the "Datagate" fiasco, the ever "on the ball" and "alert" directors of HMRC have "sprung" into action and offered a reward for the return of the missing discs that contain the personal details of 25 million people.

Now the data on the discs, were it to fall into the wrong hands, is estimated to be worth around £1.5BN on the black market. Therefore only a substantial reward is likely to encourage the more nefarious elements of society to hand these discs over.

How much then are HMRC offering as a reward?

-£1M?

Lower!

-£500K?

Lower!

-£100K?

Lower!

-£50K?

Lower!

Give up?

HMRC value the data at a mere £20K maximum. That means that they believe that the data, and by definition the security of the individual tapxayer, is worth no more than 0.008 pence per head.

That is how little they value their "customers", no wonder they treat security with such a cavalier attitude!

The search by the police has proved fruitless, and they have issued an appeal to all HMRC, the National Audit Office and the Treasury to check at work and "other locations" for the discs.

I wonder if HMRC know where all these "other locations" really are?

A pathetic response to a fiasco that should never have happened in the first place.

Send for Dog The Bounty Hunter!

www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Friday 7 December 2007

Saying Sorry

Saying Sorry
You know how that saying sorry can be a very painful and troubling process for some people?

Well, that's not the case for the good old boys from the HMRC.

As soon as it was reported that they lost the data records for 25 million people, and put those people's personal security at risk for the next 20 years, HMRC were on the case immediately with an apology letter.

Over 7 million were sent.

Great!

Apart from the fact that their apology letter was a breach of security, and some of those letters have got lost.

However, let us not dwell on uncomfortable realities such as those.

The important point was that a letter was sent, and everybody knows that HMRC is really sorry.

Oh, one small point...

How much did it cost to send over 7 million letters?

From the perspective of HMRC, absolutely nothing at all.

How is that?

Well, HMRC of course use our money (taxes to be precise) to pay for their costs; it's a win win situation, if you are HMRC.

The cost to the tax payers of them paying for this letter?

Oh, a mere £3M.

Money well spent!

The funny thing is that HMRC have been very reluctant to tell the taxpayers how much they were charged for sending a letter of apology.

Why would that be then?

Are HMRC ashamed of themselves?

Or is it that they don't believe that the taxpayer has the right to know what HMRC is doing with taxpayers' money?

By the way, one other small point, at a "hotseat" briefing just after Chancellor Darling admitted to the loss of data, acting chairman David Hartnett answered questions from staff through the HMRC intranet.

He was asked how much the costs of the apology letters were going to be.

He answered £2M.

Yet the reality is £3M.

How embarrassing for him, a member of HMRC who can't do their sums.

However, as I said at the outset, the cost to HMRC of saying sorry is nothing; they don't give a stuff, so why should they be bothered to get their sums right?

www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Thursday 6 December 2007

Systemic Failure

Systemic FailureQuell surprise!

David Hartnett, the director general of the HMRC, has admitted that there have been other HMRC blunders that have led to data loss.

You know I wonder why people don't just take a class action against these idiots for negligence and incompetence, as their actions have placed the personal security of millions at risk over the next 20 years.

Hartnett has admitted there have been seven other significant data losses in recent years.

He told the Treasury select committee that there had already been seven instances of data loss, classified internally as "of some significance", since the Inland Revenue and Customs & Excise merged in 2005.

Why are we only hearing about these losses now?

Rather embarrassingly for Chancellor Alistair Darling, these revelations contradict his claims that the recent loss of data was an isolated incident.

Hartnett agreed with committee chairman Michael Fallon when he asked:

"If you have had seven serious security breaches in the two-and-a-half years since you were set up doesn't that indicate systemic failure?"

Among the cases of lost data, admitted to by Hartnett, was the case in Nottingham where "confidential waste" literally fell off the back of a lorry.

In another incident a lap top with the information of 15,000 Standard Life customers on was lost by the HMRC.

In May a number of letters with tax credit information on were sent to wrong addresses.

These are just the cases that HMRC are reluctantly prepared to admit to.

What else is going on that they haven't yet admitted to?

Clearly the HMRC is not fit for purpose.

Paul GrayI would also ask this, if HMRC is not fit for purpose and the head of HMRC has publicly admitted that there has been systemic failure, why is it that Gray (the ex head) is still being paid £200K for doing sweet FA?

A class action is what is need here. Lawyers such as these in the US would be ideal for such an action Milberg Weiss.

www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Wednesday 5 December 2007

A Question of Security

A Question of SecurityThere has been much "hoo hah" in the media and parliament recently about the HMRC data loss debacle.

That is hardly surprising given that the personal security of 25 million people has been put in jeopardy for the next 20 years or so.

However, when such large numbers are involved, it is sometimes easy to forget that these security lapses affect real people with real families and real lives. It is also worth remembering that this is not the first time (or, I suspect, the last) that HMRC has placed the security of individuals at risk because of its cavalier attitude to its "customers" and their personal data.

Here is one example of lax security, sent to me by Graham:

"Mr Peter Edmondson

Complaints Manager
HM Revenue and Customs
Debt Management and Banking
Complaints and Redress
Victoria Street
Shipley
West Yorkshire
BD98 8AA

C.C. Richard Summersgill,
Director,
Tax Credit Office,
Preston,
PR1 0SB.

28 November 2007.

Reference 1 : xxxxxxxxxx
Reference 2 : SAR ref: xxxxx

Dear Sir or Madam,

I am writing to complain about a most serious occurrence. This becomes even more serious when one takes into account the current publicity about the data protection fiasco that exists not only within HMRC, but throughout Government departments as a whole.

Yesterday I received some of the data requested in my Subject Access Request of 21 October 2007, in the form of a two-inch stack of A4 sized paperwork. Sometime after sealing, the package had been opened and then deposited inside a clear polythene bag, secured with a plastic tie-wrap, by Royal Mail.

The bag contained no communication from Royal Mail that the package had been damaged in transit. The opening on the “jiffy-bag” seems to have been made with a knife or other sharp implement of some description – I believe that it is too neat to have been an accidental opening.

The package was sent by second class, untraceable, mail and the postmark was not dated. The accompanying letter had a date of 20 November 2007, and I received the package on 27 November 2007. There therefore exists the possibility that the extensive data contained within the package could have been open to scrutiny, by the unscrupulous, for several days.

Also, because I had not received an acknowledgement from HMRC to my SAR request, I did not know whether to expect this information or not – and was, in fact, about to write another complaint letter on that very subject; it seems I have been pre-empted. To make the package even more attractive to interception, the return address that was printed on the address label informed the reader that this was from the SAR department – an open invitation for prospective data thieves.

The data printouts contained in the package included:

My address, my previous addresses, my NI number, my telephone numbers, details of my employer and MY BANK DETAILS.

My current partners’ address, NI number, telephone numbers, details of employer and her BANK DETAILS.

My former wifes’ NI number, details of employer and BANK DETAILS.

It is known, although not yet widely, that both internal and external fraud are major problems at the Tax Credit Office. The details, outlined above, are sufficient to pass your current security checks when talking to HMRC Tax Credit Officials or contracted Operatives on the telephone.

HMRC, unfortunately, are in the position of being Trustees of my personal and vulnerable data. I was in the Royal Navy Submarine Service for twenty years, working on Diesel, Fleet Nuclear, Polaris and Trident submarines and know quite a lot about security, security policies and data security. I, therefore, never leave things to chance:

With immediate effect, please issue me with a new NI number.

I will be contacting my bank to ask if it is possible to issue me with a new account number. I have held this account for 33 years! I demand that any costs incurred in changing my bank account number be reimbursed by the relevant Department within HMRC.

I am not in contact with my former wife. HMRC are to inform her of this probable breach of her personal details, and the possible dangers.

My current partner will be contacting you independently.

I have contacted the Police, and they have advised me to contact Royal Mail Investigations. I shall. This, however, will only deal with the probability that my package was intercepted within the postal system. The onus of the content and the method by which it was sent will fall on HMRC.

It is also worth highlighting that this complaint has implications for every communication that HMRC send, from the simplest letter, to award notices and beyond. As the bare minimum, everything should be sent by some traceable means.

Please note that I am forwarding a copy of this letter to my MP, other influential Politicians and The Information Commissioner, as well as several newspapers. I am also the WebMaster for Tax Credit Casualties and will be publicising it to their ever-growing membership.

I will, however, remove my vulnerable details before doing so!!

Yours Sincerely
..."

I wonder how many more of these cock ups are out there, yet to be discovered?

http://www.blogger.com/www.hmrcisshite.com is brought to you by http://www.kenfrost.com/ "The Living Brand"

Tuesday 4 December 2007

The Comeback Kid

The Comeback Kid
Question:

-When is a resignation not really a resignation?

Answer:

-When you are a senior member of the HMRC.

As proven by the very curious case of the recently "resigned" ex head of HM Revenue and Customs, Paul Gray. Gray "fell on his sword" (temporarily it would seem) over the fiasco of the loss of data belonging to 25 million people.

At the time, when Gray "resigned", one could have had a degree of respect for the man for actually taking such prompt and swift action to demonstrate that he took responsibility for this mother of all fuck ups.

Unfortunately any feelings of respect for him have been somewhat short lived, as he has now made a stunning comeback (after only 13 days) on a salary of £200K per annum.

Not bad for someone who put the security of 25 million people at risk for the next 20years.

Gray has taken up a position under Sir Gus O'Donnell, the Cabinet Secretary.

Here's a few more questions:

-What is his new role?

-Something important?

-Something worth £200K per annum?

Well, not exactly.

He is now involved with "special projects to develop civil service skills".

The Civil Service bullshit their way through this "jobs for the boys" appointment as follows:

"..for contractual reasons, he remains a senior civil servant. He will be leaving the civil service at the end of this year.

In the meantime, he has agreed to a request from Cabinet Secretary Sir Gus O'Donnell to undertake a short piece of work on cross-government matters until Christmas.

When he resigned with immediate effect, Paul Gray's period of notice meant that he would be paid until the end of the year.

As a result, he could receive payment for no work, or receive payment for doing some work.

It was thought to be better in the public interest that he did some work. There is no additional cost to the public purse. He will leave the payroll on 31 December
."

Now that bullshit above might be plausible to those people, such as those in the civil service, who have no experience of the real world. However, those of us who have experience of the real world can use a simple but effective accounting term to describe the above reasoning.

It is bollocks!

It would be very easy to argue, were it to be taken to court, that Gray resigned because of gross incompetence and negligence. After all, if the loss of data belonging to 25 million people isn't incompetent then what is?

Were he not to have resigned he would have been sacked.

Those lower down the pecking order in the HMRC would most certainly not have been treated so well.

Based on the above, he most certainly is not deserving of remaining under contract.

In the private sector, when senior staff are sacked (for restructuring reasons, rather than incompetence) they often re-emerge as "consultants" on a higher level of pay. The nature of the reported figures means that the headcount of full time staff will appear to have fallen, even though the reality is different.

The government, Gordon Brown and Gray's chums haven't got that nice fig leaf to hide his reappointment.

One must therefore ask, what does he know that the government and his ex boss Gordon Brown are so afraid of that they are willing to taken the flack for this most absurd public appointment?

There are some very large skeletons in the HMRC cupboard just waiting to come out.

Mark my words!

www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Monday 3 December 2007

Heads in The Sand

HMRC Heads in The Sand
Much like ostriches with their heads in the sand, the people "in charge" of HMRC are refusing to learn the lessons of the recent shambolic loss of data and are still using the post to transfer people's personal details.

The Telegraph reports that details of 9 million people's investments (worth £60BN) are being sent insecurely through the post, because HMRC requires these discs to be unencrypted.

HMRC requires fund managers to submit details every year of all investors' names, addresses, dates of birth, National Insurance numbers and the amount each individual has invested in Isas and Peps.

So far so good.

However, HMRC stipulates that this data must be delivered in an unencrypted extended binary coded decimal interchange code (EBCDIC), or American standard code for information interchange (ASCII) text format.

Why does HMRC make such a stipulation?

Richard Saunders, chief executive of the Investment Management Association (IMA), believes that he has the answer:

"I assume this is because HMRC does not have systems to cope with this information in encrypted form and it may cost more for it to have systems that cope with secure data."

Mr Saunders has written to David Hartnett, chairman of HMRC, asking for this practice to be stopped. He awaits a response.

A spokesman for HMRC said:

"Sorry, we are not commenting as this falls under the terms of reference of the Poynter review."

So that's alright then!

They just don't get this security issue do they?

www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"

Saturday 1 December 2007

Fair Comment

My thanks to "Anonymous" for this comment:

"I think "hapless staff" is a bit harsh. We're discouraged from individual thought and pushed towards being 'standard', and being positive towards things that we may hate (like how we're having to conduct our business now) otherwise we fail our end-of-year reviews and don't get our less than inflationary pay rise... great conditions, I wonder how things go wrong?

And it's no fun having to try explain to someone (I'm not calling you guys "customers", you have no choice but to deal with us!!) that "Yes, we've bollocksed up again...", and suffer the abuse that sometimes follows, when really we all wanna do is a good job but certain factors prevent this.

We're not after sympathy or anything, but would be nice if people lay off us staff and direct their disgust towards the top of the tree, we're not happy about how things are, losing data, etc, makes us look bad and we're as human as you all are really...

...and we have to pay those damn taxes too!!"


To a very large extent the shambles that is HMRC is down to Gordon Brown's truly awful bodged up job of bolting together Customs and Revenue, and a remarkably inept senior management egged on by the clueless and greedy Treasury.
www.hmrcisshite.com is brought to you by www.kenfrost.com "The Living Brand"