Request a demo

Can digital vetting technology solve current Police and Government vetting issues?

Author: Julie Hewitt
Date: February 2023

Vetting is big news right now. From the Metropolitan Police’s handling of David Carrick to the National Audit Office’s criticism of the backlogs at UK Security Vetting, it seems there are many issues blighting vetting. In this blog, I take a look at the recommendations in these vetting reports and ask how things can be resolved.

Two sides of a coin – Police and Government

Police – The HMIC report

The HM Inspectorate of Constabulary and Fire & Rescue Services (HMICFRS) report reviewed hundreds of police vetting files and found cases where individuals should not have been allowed to join the police force, had criminal records, links to organised crime, or presented a risk to the public. They made 43 recommendations that sought to provide minimum standards of checks, improve vetting processes, decisions, and risks, and improve how police deal with misogynistic behaviour and counter corruption.

HMICFRS has made 5 areas for improvement and 43 recommendations which include:

  • updating minimum standards for pre-employment checks;
  • establishing better processes for managing risks relating to vetting decisions, corruption investigations and information security;
  • improving the quality and consistency of vetting decision-making, and improving the recording of the rationale for some decisions;
  • extending the scope of the law on police complaint and misconduct procedures;
  • strengthening guidance for forces on vetting processes and relationships and behaviours in the workplace;
  • understanding and defining what constitutes misogynistic and predatory behaviour;
  • improving how the police collect corruption-related intelligence; and
  • improving how the police assess and investigate allegations of misconduct.

Dissecting these “improvement areas” my interpretation is that, in many cases, forces had not taken steps to mitigate risks or assessed the risks too leniently when they had chosen to grant vetting clearance to individuals with “criminal convictions, or whose family or friends have convictions, or where concerning information is held”. In these cases, forces did not have enough people within their counter corruption unit or vetting units to mitigate the risks, presenting a “significant corruption threat” for those forces.

Renewals are “too long”, they concluded. The standard seven years between Management Vetting (“MV”) assessments and ten years for Recruitment Vetting (“RV”) assessments leaves ample time for individuals who were of no risk to the force to have become radicalised, unwell or otherwise of more risk than when they first joined.

In my opinion, it is only through the ability to routinely check individuals at least yearly that we will be able to mitigate the risks presented. Any intelligence or untoward actions noted should immediately trigger a review, in addition to routine re-evaluations.

Government – The NAO report

UK Security Vetting (UKSV) was established in January 2017 following a merger of previous vetting services by the then Foreign & Commonwealth Office and the Ministry of Defence. Since 2018-19, UKSV has received an average of 164,700 CTC and SC clearances, and 17,900 DV clearances per year.

The Cabinet Office took on responsibility for the delivery of national security vetting in 2020 following a sustained period of poor performance. UKSV’s record in delivering timely clearances continues to be poor.

The delivery stabilisation plan UKSV introduced in January 2022 was a tactical solution to focus on

  • prioritisation of certain clearances, increasing capacity (short-term),
  • increasing productivity and
  • automating/enhancing existing IT systems.

However, by prioritising the new DV clearances over aftercare checks, this carries additional security risks. Capacity is running at 23% under resourced – that’s 877 FTE headcount needed. They are using 163 contingent labour and temporary staff to man the checks. UKSV is relying on “efficiencies and automation …coming out of its delivery stabilisation plan” to meet the remaining shortfall of 160 FTE.

Built in 2014, the National Security Vetting System (NSVS) is unreliable and UKSV has been seeking to replace it since 2018. The system lacks capacity, is slow and requires many manual workarounds. These factors, together with regular outages, slow down the whole vetting process and user satisfaction is extremely low.

That contract was due to expire in 2020 but has been extended to 2024 (at a cost of £10.2m for 2022-2024). NAO describes how the Cabinet office had to write off £2.5m in its 2021-22 accounts due to a “failed IT upgrade”. The IT system used by UKSV “to process cases is old and unstable, with regular outages that slow down and stop the clearance process for extended periods”. Despite the stabilisation plan to focus on “automating and enhancing existing IT systems” the NAO pointed out that UKSV has had “multiple attempts to modernise the vetting system and does not currently expect to complete its reforms until 2024-25 at the earliest.”

The report concluded that vetting is of vital important to the running of Government and delays in providing clearance can result in being unable to progress national security work. Vetting should be reviewed regularly for changes to circumstances to prevent risks with access to sensitive data. It found the same three factors from the tactical solution have now contributed to the decline in standards. UKSV has been unable to secure approval for its Vetting Transformation programme business case because the Cabinet Office is “concerned about the deliverability of the programme and its achievability”.

Recommendations

The Cabinet Office should:

  1. a) recognise the importance of modernising the national security vetting process and work quickly to design an implementation plan with key milestones in place;
  2. b) ensure that governance structures are appropriate to enable effective challenge and scrutiny of UKSV without becoming an impediment to progressing work on national security vetting;
  3. c) create a set of performance metrics that measures whether clearances are being processed in a timely and accurate way that meets customer needs and avoids perverse incentives;
  4. d) recognise, and be clear across government, that given UKSV’s agreed resources, prioritising certain types of clearances will have knock-on impacts, both on routine clearance and on delivering long-term transformation; and
  5. e) ensure that there is sufficient resilience within UKSV to react to new events that might drive increased demand for security vetting.

What do they have in common?

Resourcing….

Both reports state there are not enough staff to process the amount of checks they have to do. UKSV states they are 23% under resourced – that’s 877 FTE headcount needed. They are using 163 contingent labour and temporary staff to man the checks. HMIC stated that the increased demands made by the Police Uplift Programme (PUP) targets had found not all forces had enough staff in the vetting units to cope with the demands, and in some cases, this had caused it to be unmanageable.

Checks performed…

Both use similar data sets to conduct the checks – Credit Reference Agency (CRA) Personnel Vetting reports, Police National Computer (“PNC”) and Police National Database (“PND”) checks to name but a few.

Checks are manual – staff are logging in and out of data sets to cross check what has been provided by the applicant; using the little time left to assess any risks that may be posed if vetting clearance is granted.

Open-source data….

Both Police and Government do not make enough – if any – use of open-source data to provide a full and accurate picture of the applicant. Social media checks are now an essential part of Police vetting to see if the applicant has posted anything that would be considered a red flag for vetting. Paul Sandford, Chief Constable for Norfolk stated, “There is an expectation that we carry out an exhaustive check of an applicant or indeed serving officer’s social media with regularity,”” and … “We currently check social media activity before someone joins us, but I could employ a warehouse full of employees to check social media activity of applicants to the constabulary and not cover every single post or tweet that is being made.”

Legacy IT Systems……

I discussed earlier that the UKSV IT system is described as “old and unstable” and unlikely to be modernised before 2025. The police forces do not have a consolidated vetting platform – with many forces using different IT systems, databases, and case management tools.

Amount of applications…..

UKSV receives an average of 164,700 CTC[1] and SC[2] clearance and 17,900 DV[3] clearances per year – and from January 2022, over 100,000 Accreditation checks[4].

HMIC doesn’t disclose the total number of applications per year. However, the PUP was set to recruit a further 20,000 officers by March 2023. Provisional data[5] shows an uplift of 15,903 officers, with 560 additional officers recruited through other funding streams. That excludes the usual officer recruits, all of which require vetting, and the aftercare checks on the 144,356 officers already in post.

Funding…

UKSV’s customers are funding the transformation programme and are frustrated with the lack of progress. Customers fund both the existing service and transformation costs in proportion to their use of the service. Government policy dictates that UKSV is the provider of vetting services. Some customers complain that although they therefore have to use UKSV and to contribute to the transformation programme, they have no say in how the funding is used and do not understand what the end vision of the programme is. UKSV forecasts it will underspend by £6.5 million on the programme in 2022-23 owing to delays to the business case, progress on the plan and delays in resourcing. UKSV has redeployed a net £1.5 million elsewhere across its business and is therefore currently forecasting it will be refunding customers around £5 million in 2022-23

The Police Uplift Programme (PUP) requires that 20,00 additional officers are hired before Spring 2023, following the Government manifesto in 2019 and the cuts to frontline policing since 2010. This has caused more pressure on the vetting teams, to not only conduct their usual checks, but with extra checks on top causing backlogs in most forces.

Leadership…..

The NAO suggested there is a need for “greater support” within the Cabinet Office and called out duplication in Governance boards causing additional risks. Too much work is falling on senior leaders due to the lack of resource, constrained by recruitment freezes.

Given the risks involved with recruiting officers at the scale and speed required by the uplift programme, it is essential that police leaders act now on our recommendations. Our report highlights that they simply cannot afford to wait any longer” [6]

Both reports suggest some work is needed to bring vetting up to the required standards, and the public lens is now firmly upon who the vetting teams’ leadership will respond to the issues identified.

Overcoming the challenges

Can these challenges be overcome? For both Police and Government?

Yes…..

With more funding UKSV could recruit the right number of people to manage the increased volumes of checks. Our work with a major police force has extrapolated some interesting figures regarding the number of checks that can be done – without increasing the number of staff –by automating the logging in and out of the different data sources and querying them concurrently. We conducted time and motion studies with live vetting teams which concluded that up to 80% of the time spent in reaching a decision and typing up a report was saved through automating the data gathering and reporting. This gave the vetting officers more time to evaluate what they have found and arrive at an informed decision

This essentially means, UKSV could swiftly work through the backlogs which currently exist, review cases more frequently and spend longer reviewing open source intelligence –as highlighted in the Jake Davison and Wayne Couzens cases.

Getting the checks to uncover vital clues to the risk of that officer/civil servant committing offences is now of the upmost importance. Vetting officers need to have the right data sources and the right training to uncover these risks.

Scout® enables them to do this easily – a platform that is pre-configured to conduct vetting checks, has all the right sources integrated – Credit Reference Agency (CRA) reports, access to Police National Computer (PNC)[7] and Police National Database (PND)[8] on one platform – allowing the user to conduct the checks, deep dive into those sources, and at the same time, conduct advanced open-source searching, uncovering social media posts, news articles and chat forums – in near real time.

HMIC suggested the police needed to record their decision making process within their report – Scout® has a free text box and the ability to drag and drop additional documents (such as the decision document) into the report before it is download in a pdf format. Additionally, Synalogik are integrating with Case Management Systems (CMS), so the reports can be created directly and saved in an auditable, compliant manner.

Summing up, both reports where quite damning and contained many suggestions. With an innovative mindset and the political will, the much needed changes can be brought about quickly and 2023 can be the year that we turn the tide on inadequate vetting checks for good…

[1] Counter Terrorist Check

[2] Security Clearance

[3] Developed vetting

[4] a new legislative requirement for those working in the airline industry

[5] https://www.gov.uk/government/statistics/police-officer-uplift-quarterly-update-to-september-2022/police-officer-uplift-england-and-wales-quarterly-update-to-30-september-2022

[6] https://www.justiceinspectorates.gov.uk/hmicfrs/news/news-feed/too-easy-for-the-wrong-people-to-join-and-stay-in-the-police/

[7] Where appropriate and license is approved

[8] Where appropriate and license is approved

 

 

 

Julie Hewitt
Julie spent 17 years working in the Public Sector, Firstly in the Health & Safety Executive, then HM Revenue & Customs, where she worked as an Information consultant, and latterly as Data Contracts manager, supporting the procurement and delivery of HMRC's Commercial Data contracts and provided commercial support and governance to the business. From there she went to Equifax for over 7 years, where she headed up the Public Sector, supporting clients across Government, Police, Local Authorities, Housing and NHS. Julie led on all strategic procurement tenders, ensuring Equifax provided solutions that were fit for purpose and in line with client requirements and budgets. Building on her 24 years’ experience, Julie is now the Head of Government Sales within Synalogik. She ensures clients get the best solution to their problem, providing the Scout® platform and the right data to support investigations, intelligence, vetting, and fraud.