The national crime intelligence commission’s management of its doomed biometrics project was “deficient in almost every significant respect” and no milestones were met despite more than $34 million being spent on the project, a scathing audit has found.
The Australian National Audit Office (ANAO) released its report on the Australian Crime Intelligence Commission’s (ACIC) administration of the Biometric Identification Services (BIS) project with NEC Australia on Monday, criticising – sometimes severely – nearly every aspect of the project and every party involved.
NEC Australia won the $52 million contract to replace the ACIC’s National Automated Fingerprint Identification System (NAFIS) with a “multi-modal biometric identification” service incorporating fingerprints, footprints and facial recognition in early 2016.
But the project soon fell behind schedule and over budget, and was ultimately terminated in June last year.
While the ACIC late last year claimed that $26 million had been sunk into the failed project, the auditor’s office found that as much as $34 million of taxpayers’ money had actually been spent, including a near $3 million “goodwill” payment made to NEC Australia when the two parties reached an “impasse” late last year.
The Opposition said the ANAO’s report was a “damning indictment on the dysfunctional and incompetent Morrison government”, and that Home Affairs Minister Peter Dutton must be held accountable for it.
The audit found that the contract between the two parties overlooked “two critical requirements”, that no milestones were met, and that management and oversight of the project was severely lacking, making the ACIC unable to determine how much was being spent or if key milestones were being achieved.
This mismanagement continued until the project was terminated last June, the report found.
“The stipulated contract process by which progress against milestones and deliverables was to be assessed was not followed at any stage and ACIC thus had no way of assuring itself that it got what it paid for. ACIC was unable to advise definitively how much they had spent on the project,” the report said.
While the project quickly fell behind schedule, the ACIC agreed to more than $12 million in additional work that “may have been unnecessary” and other work that was already covered under the existing contract.
The contract outlined 17 milestones, with NEC Australia to invoice the government for the work completed once it received a certificate stating that the goal had been met.
But this process was not followed at all by either parties, the ANAO found, with not one certificate being issued.
“As far as I know neither party followed the agreed process outlined in the contract of certifying that a milestone had been reached; rather we seem to have simply paid off an invoice,” the ACIC told the audit.
The audit concluded that “no milestones were ever actually fully completed”.
Despite the ACIC late last year claiming that $26 million had been spent on the project before it was terminated, the audit found that more than $34 million had been lost. This included a $2.9 million “goodwill” payment made to
The ANAO found that the $2.9 million “goodwill” payment made to NEC when the two parties were at an “impasse” was not linked to any milestone being achieved, and the ACIC was “not able to explain how the quantum of this payment was calculated”.
Along with the $34 million lost, the government is now paying twice as much as previously to run the legacy system needed because the biometrics project was scrapped.
Costs to run the legacy Morpho system annually have increased by 140 per cent from 2011-12 to this year, due to “ACIC’s weak negotiating position with Morpho in ensuring continuation of NAFIS”.
The audit also found the government’s Digital Transformation Agency’s role in overseeing the project to be ineffective, with the agency receiving six bimonthly reports from ACIC across the project’s life.
But during the project, the DTA made “numerous unsuccessful attempts to meet with ACIC to verify the challenges reported by ACIC”.
“The DTA advised that it is not a regulator and has no mandate to direct entities. It advised ACIC to ‘self-report’ the BIS project to the Digital Transformation and Public Sector Modernisation Committee,” the report said.
NEC Australia went through three project managers for the biometrics program in just over a month at the start of 2018, all of who left their positions “abruptly”.
The relationship between ACIC and NEC “deteriorated” so badly that PwC was called in to conduct “turnaround workshops” to “reset the relationship” and “build trust”.
This didn’t work though, with NEC staff escorted from the building in June after the contract was put on hold, as InnovationAus.com reported.
Weeks later the contract was officially terminated, with the ANAO engaged earlier in the year to begin its audit.
In a statement, the ACIC said the audit was “thorough and comprehensive”.
“It has revealed significant failures in the management and delivery of the project, and has identified opportunities for the ACIC to refine its practices in order to improve its delivery of information and intelligence services to law enforcement and national security agencies in Australia,” the statement said.
In a joint statement, shadow attorney-general Mark Dreyfus and shadow digital economy minister Ed Husic said the audit is a “damning indictment” on the government.
“Peter Dutton, as the minister responsible for ACIC, must be held responsible for this botched project. He must explain how he let this project collapse after he took on the Home Affairs portfolio, why he failed to adequately resource and staff the project and whether the Morrison government is still committed to providing law enforcement with this capability,” the joint statement said.
The ACIC produced a “lessons learnt” document about the project in September last year, with 27 key lessons and a set of recommendations.