SAFECHAIN™ PUBLIC INQUIRIES
SAFECHAIN™ EVIDENCE REPOSITORY™
PUBLIC INQUIRIES | Evidence Repository Hub 5: Public Inquiries
safe-chain.org | samantha@safe-chain.org
POST OFFICE HORIZON INQUIRY
Category: Statutory Public Inquiry
Jurisdiction: England and Wales
Chair: Sir Wyn Williams
Established: 1 September 2021
Status: Ongoing — Interim reports published; Final report in preparation
Repository Reference: EVIDENCE-REPOSITORY-INQ-002
INTRODUCTION
The Post Office Horizon Inquiry is examining one of the most significant miscarriages of justice in UK legal history — the wrongful prosecution and conviction of more than 700 sub-postmasters between 1999 and 2015 on the basis of faulty evidence from the Fujitsu Horizon computer system. Sub-postmasters were prosecuted for theft, fraud, and false accounting based on apparent shortfalls in their branch accounts that were, in many cases, caused by bugs in the Horizon software. The Post Office knew — or had every reason to know — that the Horizon system was unreliable, yet continued to prosecute sub-postmasters, defend civil claims, and deny the system's faults for over a decade.
The Inquiry is directly relevant to the SAFECHAIN™ programme because it provides the most detailed documented example of deliberate institutional intelligence suppression in the UK evidence base. The governance failures it examines — the active concealment of known system failures, the use of institutional power to silence those with relevant evidence, and the governance culture that prioritised institutional reputation over justice — are the extreme expression of the governance drift indicators that the SAFECHAIN™ INTEL-001 framework is designed to detect before they reach this scale.
PURPOSE
The Inquiry's terms of reference require it to examine the implementation of the Horizon IT system by the Post Office and Fujitsu; the actions and practices of the Post Office in relation to sub-postmasters who raised concerns about the system; the approach of the Post Office to investigations, prosecutions, and the defence of civil claims; the role of central and devolved governments and Parliamentarians; and the experience of sub-postmasters and their families.
WHAT IS IT?
The Horizon Inquiry has produced a series of interim reports and is examining evidence across multiple phases covering the technical failures of the Horizon system, the Post Office's response to complaints from sub-postmasters, the conduct of prosecutions, the Post Office's engagement with government and Parliament, and the adequacy of the remediation schemes introduced to compensate wrongly convicted sub-postmasters.
KNOWN SYSTEM FAILURES AND SUPPRESSION
The Inquiry has documented that bugs, errors, and defects in the Horizon system were known to exist from the earliest period of its operation, that these were systematically logged by Fujitsu, and that both Fujitsu and the Post Office had access to evidence of the system's unreliability that was not disclosed to prosecuted sub-postmasters, their legal representatives, or the courts. The suppression of this evidence was an active governance decision — not a passive failure to share information but a deliberate choice to withhold intelligence that would have undermined the institutional position.
POST OFFICE GOVERNANCE CULTURE
The Inquiry has documented a governance culture at the Post Office that placed the institution's financial interests, its reputation for system reliability, and the prosecution of sub-postmasters it believed to be criminals above its obligations of fairness to the people it was prosecuting. Senior Post Office figures dismissed or failed to properly investigate concerns raised by sub-postmasters. Legal teams failed to disclose relevant evidence. And the organisation's board and senior management were either aware of or should have been aware of the Horizon system's reliability issues and the implications for prosecutions.
ACCOUNTABILITY ARCHITECTURE FAILURE
The Inquiry has documented how the Post Office operated without the accountability architecture that would have made its governance failures visible — internally or externally — before they reached the scale they did. The governance oversight mechanisms that should have detected the pattern of sub-postmaster complaints as a signal of system failure — rather than a pattern of employee dishonesty — failed to function as designed.
WHY DOES IT MATTER?
The Horizon case matters for governance beyond the Post Office because it demonstrates what happens when the accountability architecture of an institution is designed to protect the institution rather than to make its failures visible. The SAFECHAIN™ programme's argument — that accountability architecture must be designed to surface uncomfortable truths as well as evidence of compliance — finds its starkest evidential support in the Horizon case. An accountability architecture designed for institutional self-protection produced institutional self-protection at a catastrophic cost to the individuals the institution was supposed to serve.
The Horizon case also demonstrates the consequences of the Leadership Disconnection governance drift indicator (INTEL-001) at its most extreme: a senior leadership team that received information filtered through management layers designed to present compliance rather than reality, and that responded to discomfort with defensiveness rather than curiosity. The result was that the governance failures continued for years longer than they should have, compounding the harm to sub-postmasters who were experiencing the full weight of institutional power brought to bear in support of a false position.
KEY FINDINGS (INTERIM REPORTS AND EVIDENCE)
Bugs, errors, and defects in the Horizon system caused shortfalls in branch accounts that sub-postmasters were wrongly held responsible for.
The Post Office and Fujitsu knew of Horizon's reliability problems and failed to disclose this to sub-postmasters, their representatives, and the courts.
The Post Office's prosecution of sub-postmasters was conducted without adequate disclosure of the evidence that the Horizon system was unreliable.
Senior Post Office figures failed to properly investigate concerns raised by sub-postmasters and in some cases actively suppressed those concerns.
The Post Office's governance culture placed institutional interests above obligations of fairness to the individuals it was prosecuting.
Government oversight of the Post Office failed to identify and address the governance failures that were producing the miscarriages of justice.
WHY SAFECHAIN™ REFERENCES IT
The Horizon Inquiry is referenced in the SAFECHAIN™ programme across three specific analytical contexts.
Intelligence suppression as a governance failure category: The Horizon case documents the most extreme form of what INTEL-001 identifies as the Intelligence Impoverishment governance drift indicator — not merely records that are long but low-quality, but records that are actively shaped to conceal the intelligence that would produce accountability. The SAFECHAIN™ IAR™ immutable audit record architecture — designed so that intelligence cannot be retrospectively altered or suppressed — is the direct governance response to the intelligence suppression dynamic that Horizon documents.
Independence of governance from preference: GOVERN-001 Principle 2 — that governance decisions are made on the basis of evidence and defined process, not on the basis of institutional preferences or the interests of powerful actors — identifies the governance principle whose absence allowed the Horizon scandal to continue for as long as it did. The Post Office's governance failed because the governance principle of independence from institutional preference was not operative: governance decisions — about disclosure, about investigations, about legal strategy — were made in the institutional interest rather than the evidential interest.
Accountability architecture design: The SAFECHAIN™ Accountability by Design™ principle holds that accountability is not an external audit mechanism but an architectural feature embedded in every operational process. The Horizon case demonstrates why this matters: an accountability architecture that depends on the institution's willingness to acknowledge its own failures — rather than being technically embedded in processes that make failures visible regardless of institutional preference — will fail whenever the institution has a strong incentive to suppress rather than disclose.
RELATED SAFECHAIN™ PUBLICATIONS
INTEL-001 — Institutional Intelligence Framework™ (intelligence suppression; leadership disconnection)
GOVERN-001 — Institutional Governance Framework™ (Independence from Preference)
AUDIT-002 — Institutional Decay Audit™ (Cultural Normalisation of Compromise)
AUDIT-004 — Remedy Integrity Assessment™
DESIGN-001 — Systems Design Principles™ (Accountability by Design; Resilience by Design)
NOM-005 — SAAF™ Audit and Assurance Framework
RELATED SAFECHAIN™ FRAMEWORKS
Accountability by Design™ — GLOSS-001; NOM-001; IAR™
Accountability Dissolution™ — GLOSS-001
Intelligence Impoverishment — AUDIT-002 Domain 4
Leadership Disconnection — AUDIT-002 Domain 5; INTEL-001 Section 5.2
Independence of Governance from Preference — GOVERN-001 Principle 2
FURTHER READING
Full text of this source is publicly available through the official publisher. Where this source is referenced in SAFECHAIN™ publications, the specific provisions or findings cited are identified within those publications.
SAFECHAIN™ Evidence Repository articles are updated periodically as sources are revised or supplemented. To suggest a correction or an addition to this article: samantha@safe-chain.org with 'Evidence Repository' in the subject line.
© 2026 Samantha Avril-Andreassen FRSA. All rights reserved.
SAFECHAINN Ltd (Company No. 12038453).
samantha@safe-chain.org | safe-chain.org
This Evidence Repository article is the proprietary intellectual property of Samantha Avril-Andreassen. The source it describes remains the intellectual property of its original publisher. SAFECHAIN™ claims no ownership over third-party sources referenced in this article. Curation, commentary, analysis, and framework connections are proprietary to SAFECHAIN™.
No reproduction, adaptation, AI training use, or commercial use of this article without prior written permission of Samantha Avril-Andreassen and SAFECHAINN Ltd.