This opportunity is closed for applications

The deadline was Friday 24 June 2022
National Crime Agency (NCA)

Data Exploitation, Data and Technology Delivery Partner

25 Incomplete applications

19 SME, 6 large

29 Completed applications

13 SME, 16 large

Important dates

Published
Friday 10 June 2022
Deadline for asking questions
Friday 17 June 2022 at 11:59pm GMT
Closing date for applications
Friday 24 June 2022 at 11:59pm GMT

Overview

Off-payroll (IR35) determination
Contracted out service: the off-payroll rules do not apply
Summary of the work
The Supplier will provide teams with requisite skills to;
design/build Analysis tools,
Platforms and services.
Development and replacement of end of life systems (SARs). Services required cover 4 main areas:
A. Data Exploitation;
B. Tools development, including Discovery and Alpha
C. Data acquisition and management;
D. Support and Maintenance.
Latest start date
Thursday 1 September 2022
Expected contract length
2 years
Location
London
Organisation the work is for
National Crime Agency (NCA)
Budget range
N/A

About the work

Why the work is being done
NDEC is a strategic enabler for the development and deployment of data driven capabilities to help cut serious and organised crime (SOC). NDEC delivers data driven products and services that will underpin greater access to, and an understanding of, intelligence relating to SOC. The SARs Reform programme is enhancing Government’s response to financial crime. Volumes of reporting are increasing and the current systems used for reporting, processing and analysis are reaching end of life. New systems are therefore required.
Problem to be solved
The Authority needs support to develop its capability with greater scale, pace of delivery and innovation. This requirement is for a Supplier to provide resources with the requisite skills and specialist services to support NCA in the designing, building of tools and platforms and, supporting services, up to and including SECRET GSC. The NCA also requires the replacement of end of life applications which, couple with improved ways of working, will make them more effective and efficient at tackling economic crime A Discovery and Alpha phase are the next stages in this process to determine the road map,
Who the users are and what they need to do
The users are NCA Officers and Law Enforcement partners (for example, Police Officers). in addition the systems will interact (for SARs) via API with financial institutions, through a portal (5000+_ reporters) and disseminate to law enforcement and other government departments (77 in total). Support staff include data managers and auditors to ensure a high level of adherence of data compliance.
Early market engagement
N/A
Any work that’s already been done
NCA has ongoing Programmes for capability build and deployment. There are existing platforms and applications to work on as well as creation of new interfaces and tools.
Existing team
Technical teams comprise a range of multi-disciplinary delivery teams consisting of: data engineers, data scientists, software developers, business analysts, project managers, and, solution architects working alongside operational officers working alongside enterprise teams including enterprise design authority, assurance, security, live service/service wrap and architecture.
Current phase
Not applicable

Work setup

Address where the work will take place
The Services are required to be delivered onsite at Authority locations at Units 1 - 6 Citadel Place, Tinworth Street, London SE11 5EF and other Authority sites located and South West of England.
Working arrangements
NCA will work with the winning Supplier taking an agile approach, it's envisaged the Supplier Team will be working in an integrated way with Authority : a) Build tools and capability b) Provide services including data science and engineering c) Complete Discovery and Alpha phases. A mixture of face to face Authority site or supplier site, remote collaborative working is expected. Development will take place in Authority environments. Resources will be located locations based on security classification, team setup, services deployed. Expenses only payable if travel outside the M25 and payable in accordance with the NCA Travel (no Subsistence) policy.
Security clearance
SC clearance as a minimum. Enhanced SC clearance is required for a number of roles. The Authority will support these Security Clearances where required Supplier will be required to submit a range of team members for enhanced clearance to provide resilience and ensure no loss of delivery momentum.

Additional information

Additional terms and conditions
The following additional terms will be sent to shortlisted suppliers;
Security Terms
FOIA terms (NCA not subject to FOI requests)
The winning supplier will;
Agree a Security Aspects letter
Complete Security Assessment form.

Shortlisted suppliers will be required to utilise Bravo. Evaluation will be on a scale of 0 to 5: with a minimum score of 3 to pass on Essential Skills
Score Description
0 poor standard, no confidence
1 little confidence
2 clear strengths but giving some concern
3 degree of weakness outweighed by strengths
4 strengths clearly outweigh any minor weakness
5 Robust and fully comprehensive proposal

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Essential skills and experience
  • Experience delivering Cloud technologies to UK Government, national security or law enforcement agencies
  • Experience of delivery of user-centric projects using Agile/Lean methodologies (Scrum/KanBan) to Government Service Standards and integrating them into existing infrastructures and services.
  • Ability to implement CI/CD, DevSecOps approaches to deliver data solutions
  • Cloud native/ cloud first architecture and low-code development experience primarily in AWS and Azure
  • Evidence of leading and supporting multiple teams, with a focus on support for service transition, enabling the teams to upskill, improve and become self-sufficient
  • Proven ability to engage with different stakeholders on different levels of technical and business ability and understanding
  • Experience in the secure design, development and delivery of workflow, data tooling and data migration solutions
  • Ability to deploy teams consisting of: Data engineers, Data scientists, Software developers, Solution architects, UX design and user research, Performance analysis, Automation To support capability development
  • Proven experience delivering projects including key data science and engineering skills, including: NLP, ML (MLOps), and data visualisation.
  • Ability to provide sufficient security-cleared resource capacity across the capabilities to deliver concurrent projects.
  • Ability to complete a Discovery/Alpha phase, using technical requirements to full test the market for suitable products
  • Experience in delivering user-centric data exploitation and workflow solutions to Law Enforcement agencies
Nice-to-have skills and experience
  • Experience in regulatory and ethical issues including knowledge of data protection regulation requirements
  • Ability to conduct training and ongoing knowledge transfer to Authority staff

How suppliers will be evaluated

All suppliers will be asked to provide a written proposal.

How many suppliers to evaluate
4
Proposal criteria
  • Describe your mobilisation approach for the flexible deployment of Delivery Teams, including your approach to on-boarding and retaining key resources. What available capacity do you have within your organisation?
  • Explain how you will meet NCA’s need for skilled specialists. What internal assessments are undertaken to ensure these resources meet our requirements?
  • Please provide an exemplar delivery plan for the development of a new data service that connects to multiple sources and applies data science and engineering techniques to produce insights.
  • Describe your methodology for delivering innovative, data science projects to inform NDEC’s understanding of Serious and Organised Crime. Delivery of architecturally coherent, reusable capability and take items up TRL levels.
  • Describe how you will manage and quality assure the products and outputs from your Delivery Teams.
  • Describe your approach to service transition transferring skills and knowledge to NDEC’s in-house teams
  • Clearly show your ability to deploy resources that are SC cleared and capable of passing SC-Enhanced vetting checks. Provide systems which are cyber essential compliant if required.
  • Please confirm that NCA data/information/records would be stored securely within UK, not leave UK, not accessed outside UK, Not dependent on overseas facilities, Encrypted in transit/at rest
  • Please confirm you comply with the requirements set out in Baseline Personnel Security Standard (BPSS) and you meet the basic DBS requirement
Cultural fit criteria
  • Demonstrable ability to work with client teams across multiple sites, sharing components, reviewing each other’s work and promoting a collaborative working environment
  • Demonstrate the ability to work in rainbow teams, alongside multiple suppliers as part of a one-team approach
  • Demonstrate a clear understanding of working in an environment with tight security controls with appropriate governance and monitoring.
  • Demonstrate your ability to work in integrated teams with customers and other suppliers
  • Outline how you challenge the status quo and are able to persuade stakeholders to achieve business buy-in
Payment approach
Capped time and materials
Additional assessment methods
  • Case study
  • Work history
  • Reference
  • Presentation
Evaluation weighting

Technical competence

60%

Cultural fit

20%

Price

20%

Questions asked by suppliers

1. A mixture of face to face Authority site or supplier site, remote collaborative working is expected.” Will the majority of the work be London based with occasion site/remote working? Do you have an expected number of days face to face vs Remote Working?
Location will depend on the sub-projects. We have teams in London and Bristol primarily. For one programme currently 70% of work is offsite. For the other programme we anticipate two or three days per week on NCA sites.
2. In the Work Setup section please can you clarify if the work is required to be delivered onsite, or if remote working is an option.
A mix of on and off site is required because of requirements to access some sensitive systems and the need to work closely with Authority users and architects. Both options therefore need to be available.
3. We have a tool, a no code, secure, Enterprise Integration Engine. We believe it may be a part solution to Lot C. How can we place this product within your tender ? Prime benefits are speed of deployment, no development costs (No-Code), Secure, Flexible with Analyst augmentation for improved scope.
This requirement is to provide the described skills rather than tools which, if needed, would be procured separately.
4. For roles requiring enhanced SC, would you be willing to start with staff holding SC while the SC checks are completed?
A subset of roles may, at the Authority’s discretion, be able to start pending enhanced checks. We have requested respondents demonstrate your ability to deploy resources that are SC cleared and capable of passing SC-Enhanced vetting checks
5. Please can you advise the estimated budget
We don’t wish to share the budget at this time.
6. Please can you clarify how many people you envisage needing enhanced SC clearance?
Over the lifetime we estimate up to 60 people. This depends on the number of concurrent product teams and the lifecycle stage of different strands of work. A sufficient number of people will need to be cleared to provide resilience to the teams.
7. Please can you clarify how many concurrent projects do you expect to be running?
The requirement is to cover capability development in three projects across two programmes. We envisage up to six product teams. The programmes are at different stages, with one needing to complete a Discovery and Alpha phase (including UX and User research) prior to progressing to development/delivery. The second will require development of existing products as well as new ones.
8. Please can you clarify what the allocated budget is?
We don’t wish to share the budget at this time.
9. Please can you clarify how many people for each role you envisage needing?
For development we envisage four or more product teams operating in parallel, each with a mix of developers (including data engineers) and testers. We will supplement the architecture teams in both programmes with up to 3 architects and some business analyst capability to provide subject matter expertise. We expect to make additional use of up to 4 Data scientists and similar numbers of user research or UX experts.
10. "You mention “Cloud native/ cloud first architecture and low-code development experience primarily in AWS and Azure”
Is it key that the chosen supplier has both AWS and Azure or will one be sufficient?
"
The requirement is for both AWS and Azure. Although we anticipate more work in AWS, we do still need the skills to develop parts of our solution in Azure.
11. Is there an incumbent supplier?
Yes there is an incumbent supplier
12. Would you please clarify whether you are looking to appoint a single or multiple delivery partners under this opportunity? For example a single delivery partner working alongside your teams, or multiple suppliers working alongside your teams?
We would look for a single contract. This could be with a single supplier or a consortium.
13. With the EOL systems to be replaced, will that be functionally like for like or will there be enhancements / changes? If changes, are the business requirements understood and documented?
The replacement for the EOL system will be an enhancement. The core business processes are well understood. An agile approach to delivery is required to iterate improvements.
14. Can you provide a high level architecture / systems design?
The requirement is to build or enhance multiple products. These all leverage standard AWS or Azure architectures based on public cloud products. The architecture of each system will need to be developed based in our standard environments, using shared services where available, using a componentised approach.
15. The EOL systems and any back end systems, are they readily available and documented API’s or will the development of any interfaces required be part of the scope of work
Development of interfaces to other systems will be part of the work
16. Can you provide the following volumetrics: total size of data, total number of records, expected transactional volume?
We don’t wish to share this detail at this time
17. Will the scope of work include the manipulation of data (data cleansing, correlation, compliance checks)?
Yes data engineering is required for products.
18. Are there any incumbent supplier(s) or existing projects to deliver these capabilities?
There is an incumbent supplier. Some of the products will be new developments, others will enhance existing products which vary from TRL3 to TRL8.
19. Please can the Authority confirm the budget?
We don’t wish to share the budget at this time.
20. With regards to DOS-Q.11, please can the Authority confirm if they have a list of products in mind or are they expecting Suppliers to provide this?
"1. A list of shared services products are already in use and additional products may be required. We will jointly assess the suitability of various products as part of this work.
"
21. Will the Authority support the use of resources at risk who have an existing non NCA issued SC whilst they undergo the enhanced NCA SC process?
2. The core team will need to received enhanced checks from the NCA before started. These enhanced checks are in addition to an existing SC which is recognised by the NCA. Some resources will not require enhanced checks based on their role.
22. Please confirm when it is expected the ITT will be released to the 4 successful Bidders?
3. The ITT is expected to be released with 2 weeks of advert closure.
23. Please confirm if the questions in the written proposal section are final and for ITT stage?
4. The proposal questions are for the ITT stage. In addition case studies and a presentation will be evaluated for the 4 shortlisted suppliers.
24. Is there an incumbent and what is the current team structure?
There is an incumbent supplier. The team structure is a based on product teams or provision of individual technical staff who work closely with NCA staff. Product teams are often mixed with supplier and NCA staff working together.
25. Has NCA adopted a cloud strategy with a preferred cloud platform (AWS, Azure, GCP and/or a combination)?
NCA have platforms on both AWS and Azure.
26. Please share the list of preferred data management tools?
Tools used are confidential for cyber security reasons.
27. Q1 – who is the incumbent ?
We don’t wish to share this detail at this time
28. Q2 – is there an expected team size ?
For development we envisage four or more product teams operating in parallel, each with a mix of developers (including data engineers) and testers. We will supplement the architecture teams in both programmes with up to 3 architects and some business analyst capability to provide subject matter expertise. We expect to make additional use of up to 4 Data scientists and similar numbers of user research or UX experts.
29. Q3 – what’s the duration between award and start (and expected time of team at start) ?
Our goal is to mobilise and start work as soon as possible after contract award
30. Q4 – Are there any particular NLP, ML tools of interest ?
A list of shared services products are already in use and additional products may be required. We will jointly assess the suitability of various products as part of this work.
31. Q5 – Support and maintenance – what are the service hours ?
Service hours are in accordance with the DOS framework