The UK's HM Revenues & Customs (HMRC) has committed to replacing its Customs Handling of Import and Export Freight System (CHIEF) by June 2024.

The CHIEF service was first introduced in 1994 and was managed by BT until 2010. Following that, it was taken over by a collaboration between Capgemini, Fujitsu, and HMRC called Aspire until 2017, when HMRC took over management in-house.

HMRC headquarters
– Thinkstock / mikeinlondon

HMRC has been attempting to replace the system since 2017, originally planning to move all traders to a Customs Declaration Service (CDS) in January 2019.

CHIEF has been extended several times, including a then £168.8 million ($213.1m) contract awarded to Fujitsu to keep the system running until 31 March 2021.

According to HMRC, the CDS will be taking over from June 4, 2024. Until then, there will be a transition period where both CHIEF and CDS will be functional.

CDS has had more than 100 million declarations submitted since it commenced operations in 2018. Capgemini was awarded the contract, valued then at £30m ($37.87m), to work on the CDS between January 2022 and 2024.

HMRC told Computing: "The Customs Declaration Service is the UK's new single customs platform, a modern, secure IT platform supporting businesses to make import and export declarations into and out of the UK. All other customs-related systems have been integrated into CDS and will function as they did with CHIEF."

The issue of legacy IT in the government, and HMRC specifically, has long been known. The TaxPayers' Alliance, through a series of freedom of information requests in June 2023 found that many systems were so outdated they were no longer supported by Microsoft.

A former civil servant turned whistleblower who used to work on cybersecurity while in Whitehall told the TaxPayers’ Alliance: “The ongoing use of legacy systems in government is a disgrace and completely inexcusable. We move at such a slow pace that it seems only to get worse.

“In secure bits of the private sector like banks, heads would roll until all legacy systems were patched or replaced. These legacy systems mean the public simply cannot have confidence that [the] government is protecting their personal data. These legacy systems are ancient, with a poor user experience too, so there’s every reason to change them.

“The problem is so bad that some of these systems could be taken down by an enthusiastic child – the vulnerabilities are publicly known, and pre-made malware is readily available. It keeps me awake at night worrying that at any moment, a key HMRC system or a hospital might get taken down because we have not got the most basic protections in place."

HMRC began looking to migrate to the cloud in 2021, signing contracts with Microsoft and Amazon Web Services. In February 2022, the department signed a deal with IBM to help it exit its three Fujitsu data centers, and in September 2023 a $5.5m deal with Kyndryl for mainframe services.