The Police Database retreat

Our reflections on the Home Office's decision to abandon the Police National Database cloud migration, as reported in The Register. 

The number that matters 

The headline figures from Permanent Secretary Gareth Davies's letter to MPs are striking enough: £35.1m spent, eighteen months late, a further £26m needed to finish, and a retreat to a Home Office datacentre at £20.3m. The number that should give every transformation lead a small chill is buried halfway down: the programme expected 80% of the existing code to be reusable. The actual figure was 20%. 

A 60-point gap on the single most important input to a cloud migration plan is not a discovery surprise. It's a discovery failure. 

This is not really a cloud story 

The framing of "cloud migration stalled" does the analysis a disservice. Cloud was the chosen outcome, not the cause of failure. The PND went live in 2011 on Oracle databases and bespoke middleware, was placed on "keep the lights on" funding from 2016 while the parent NLEDP programme stalled and was eventually reset (with PND quietly dropped from its scope), and the replacement programme set up in 2021 did not actually commence until January 2024. By then the codebase was a fourteen-year-old artefact that nobody had asked hard technical questions about. 

Three failure modes are worth naming, because they recur: 

The incumbent grading its own legacy. CGI built the system in 2009, has run it since 2011, and was the supplier on the transformation. The incentive structure is wrong. Was CGI really the best party to assess the code, given it wrote it and maintains it? An 80% reuse number is exactly the kind of figure that emerges when nobody really wants to be the bearer of bad news. 

Discovery deferred until after commitment. The gap from programme setup (2021) to commencement (2024) is striking, but the more telling gap is between contracting and the point at which somebody ran proper static analysis, dependency mapping and an honest non-functional assessment of the live system. By the time those answers landed, the cost envelope, timeline and target architecture were already locked. Discovery became the moment the plan broke, not the moment it was shaped. 

One strategy where there should have been a portfolio. Legacy modernisation is not a binary cloud-or-not decision. The 7Rs (retire, retain, rehost, replatform, repurchase, refactor, rebuild) exist because no real estate of code resolves to a single answer. A component-level assessment, module by module, tested against fitness-for-cloud, regulatory constraint and replacement cost, would have produced a mixed plan. A single 80% reuse assumption tells you one strategy was being applied to all of it. 

The tactical retreat is sound. The strategic question isn't. 

Pulling the service into the Home Office datacentre at £20.3m to buy 5-10 years of stability is, on its merits, the right call. It stops the bleeding, restores predictability, and keeps a system the police forces rely on every day running at the 99%+ availability the letter quotes. The wider repatriation trend we explored in Beyond Cloud First makes this less of an outlier than it would have looked five years ago. 

What it doesn't do is answer the question that triggered the transformation: how does a 2011-era criminal intelligence platform meet the operational, regulatory and analytics demands of policing in 2030? That question will resurface, probably with a different acronym, a different supplier, and an uncomfortably similar set of slides. 

Where an independent voice changes the outcome 

The PND story has several inflection points at which a senior, objective, independent provider, with no codebase to defend and no downstream service revenue to protect, would have changed the calculus. Not by being cleverer than the incumbent, but by being structurally free to ask different questions. 

Before commitment: an evidence-based pre-transformation assessment. Treat the legacy as a black box that has to earn its right to be migrated. Static analysis, automated dependency graphs, real measurements of non-functional behaviour against live workloads, test-data fidelity, and an honest read on what was actually built versus what the documentation claims. The output is a reuse percentage that has been measured, not estimated, and a 7R recommendation per component, costed and risk-rated. (We've made the broader argument on long-standing suppliers becoming a constraint rather than an enabler in Are your IT suppliers holding you back?) 

At sourcing: a competed transformation, with the incumbent ring-fenced. Where the incumbent is genuinely the best transformation partner, that emerges through competition. Where it isn't, the client hasn't foreclosed the option by accident. The same logic underpins independent technical delivery management once the programme is running. 

Through delivery: stage-gated funding against evidence, not plan. The £26m additional ask landed as a binary: more money or stop. A staged model offers earlier off-ramps, each materially cheaper than the one eventually taken. 

Final thought 

The lesson from the £35m write-off is not that cloud migrations are risky, or that public sector procurement is hard, or that Oracle middleware is unforgiving (though all three are true). It is that transformations led by assumptions rather than evidence, and by incumbents rather than independent assessors, fail in entirely predictable ways. The opportunity, on the next attempt, is to do the upfront work properly, while it still costs hundreds of thousands rather than tens of millions. 

Refractis is one such independent provider. If you're staring down a similar piece of work and would rather not learn this lesson on your own budget, we'd be happy to talk.