The UK Post Office has awarded Accenture a £269 million five‑year contract and OneView Commerce a £141 million deal to retire the faulty Horizon system. The new cloud‑based platform will run on AWS‑compatible infrastructure, bring modern ePOS and customer‑engagement tools, and must meet GDPR, UK Data Protection Act 2018, and Public Services (Social Value) Act compliance requirements.
Accenture and OneView Commerce win £410 million contract to replace Horizon
The Post Office announced on 21 May 2026 that it has selected Accenture and OneView Commerce to deliver a complete replacement for the Horizon point‑of‑sale and finance platform that has been at the centre of a decades‑long miscarriage of justice. The procurement, valued at £410 million, splits into two distinct contracts:
- Accenture – £269 million for a five‑year “Walk‑In‑Take‑Over” service, with two optional one‑year extensions. The scope includes stabilising existing services, migrating data, and delivering a phased migration to a new Software‑as‑a‑Service (SaaS) environment.
- OneView Commerce – £141 million for a cloud‑hosted retail‑technology suite that will provide ePOS, mobile sales, self‑service kiosks, and analytics capabilities.
Why the contract matters
The Horizon system, built by Fujitsu beginning in 1996, was responsible for accounting errors that led to the wrongful prosecution of 736 sub‑postmasters between 1999 and 2015. A statutory inquiry launched in 2021 concluded that both the Post Office and its suppliers knew about critical defects. The fallout included 13 suicides linked to the prosecutions and a continuing redress process that has cost taxpayers hundreds of millions of pounds.
Replacing Horizon is therefore not just a technology upgrade; it is a remedial action mandated by the UK Public Contracts Regulations 2015 and the Data Protection Act 2018. The new solution must demonstrate:
- Data security and privacy – full compliance with GDPR and the UK DPA, including encryption at rest and in transit, regular penetration testing, and a documented data‑subject rights process.
- Public‑sector procurement standards – adherence to the Public Services (Social Value) Act 2012, meaning the contract must deliver measurable social outcomes, such as improved access for rural post‑office users.
- Continuity of service – a transition plan that avoids any interruption to essential postal and financial services, as required under the Civil Service Continuity Guidance.
Key compliance requirements and timelines
| Requirement | Regulation / Standard | Deadline / Milestone | Responsible Party |
|---|---|---|---|
| Data‑processing impact assessment | GDPR Art. 35 | 30 days after contract award (June 2025) | Accenture (lead) |
| Cloud‑service security certification | ISO/IEC 27001 & UK Cyber Essentials | By Q4 2025, before go‑live | OneView Commerce |
| Public‑value reporting | Public Services (Social Value) Act 2012 | Annual report, first due 31 Mar 2027 | Joint governance board |
| Service‑level agreement (SLA) for uptime | Civil Service Continuity Guidance | 99.9 % availability from go‑live (expected Q2 2027) | Accenture |
| Migration of legacy data | Data Protection Act 2018, Section 170 | Complete transfer by 31 Dec 2026 | Accenture & OneView Commerce |
The procurement notice specifies that the migration must be completed no later than 31 December 2026, with a full SaaS rollout targeted for Q2 2027. Both suppliers are required to submit a Data Protection Impact Assessment (DPIA) within 30 days of award and to obtain Cyber‑Essentials Plus certification before any production workloads are moved to the cloud.
Technical overview of the new platform
- Infrastructure – The solution will be hosted in an Amazon Web Services (AWS) or equivalent environment that meets UK‑Sovereign requirements. Compute will run on EC2‑type instances with auto‑scaling groups; storage will use encrypted S3 buckets and RDS for transactional data.
- Application layer – OneView Commerce’s SaaS suite is built on a micro‑services architecture, exposing RESTful APIs for POS terminals, mobile apps, and kiosk interfaces. The platform supports custom business rules through a low‑code workflow engine, allowing the Post Office to adapt pricing, discounts, and reporting without code changes.
- Integration – Accenture will deliver an integration hub based on MuleSoft (or an equivalent ESB) to connect the new SaaS to legacy banking, HR, and logistics systems. All data exchanges will be secured with TLS 1.3 and signed JWT tokens.
- Analytics – A unified data lake will aggregate transaction logs, enabling real‑time dashboards for fraud detection and customer‑insight analytics, built on AWS QuickSight or Power BI.
What this means for the Post Office and its customers
- Restored public confidence – By moving to a transparent, auditable cloud platform, the Post Office can demonstrate that the systemic errors which led to wrongful prosecutions are no longer possible.
- Improved service – Modern ePOS terminals, mobile checkout, and self‑service kiosks will reduce queue times and expand service hours, especially in rural branches.
- Regulatory alignment – Ongoing compliance reporting will be automated, ensuring that the Post Office meets its statutory duties under the DPA and the Public Contracts Regulations.
Next steps
- June 2025 – Accenture and OneView Commerce submit DPIAs and security certifications.
- July 2025 – December 2026 – Phased migration of legacy data, parallel testing of the new SaaS, and staff training programmes.
- Q1 2027 – Final acceptance testing and sign‑off by the Post Office’s governance board.
- Q2 2027 – Full production cut‑over to the new cloud platform, with a 12‑month warranty period for post‑deployment support.
The £410 million contract marks a decisive step toward ending one of the longest‑running IT scandals in UK public service history. By adhering to strict data‑protection and public‑value standards, the Post Office aims to rebuild trust while delivering a modern, resilient retail‑technology ecosystem.
Comments
Please log in or register to join the discussion