The 97% problem – why legacy is holding public services back

AI strategies. Cloud roadmaps. Digital transformation programmes with ambitious timelines and compelling business cases. The energy in those conversations is real, and the ambition is often genuine, but there's a number that tends to sit quietly in the background of almost all of them, rarely named, and even more rarely confronted directly. 

Ninety-seven percent. 

That's the share of the annual £2 billion policing technology budget in England and Wales that goes on maintaining legacy systems, according to the National Audit Office. Not on transformation. Not on AI. Not on anything that features in those ambitious roadmaps. Just on keeping the lights on. 

It would be easy to treat this as a policing problem. It isn't. Across central government, major departments spend as much as 75 to 80% of their technology budgets on upkeep rather than modernisation, with estates running to thousands of legacy applications, many of them ageing, siloed and expensive to maintain. This is a problem that plagues public sector as a whole. 

What strikes me about this isn't the scale of the spending. It's what it reveals about the nature of the trap. 

Legacy technology is rarely described accurately 

Legacy tech tends to get framed as a backlog – something that accumulated through neglect or short-term thinking, that can be addressed given enough time and budget. That framing is too forgiving. Legacy is better understood as a risk profile. It is operational fragility: systems that can't be changed quickly when services need to adapt. It is cyber exposure: end-of-life platforms that suppliers no longer support and that represent known vulnerabilities in critical infrastructure. And it is inertia – the gravitational pull that makes every new initiative harder, slower and more expensive than it should be. 

The consequence of carrying that risk isn't always visible as a single dramatic failure. More often it looks like this: a promising AI pilot that succeeds in a controlled environment and quietly dies when it meets the reality of the systems it needs to integrate with. A digital transformation programme that delivers something technically functional but operationally marginal. A workforce that has learned, over years, to work around the tools rather than with them. 

This is what I would describe as the vicious circle of legacy. Weak foundations constrain what innovation can actually achieve. Innovation stuck in pilots doesn't deliver the returns that would justify further investment. Fragmented delivery erodes confidence. And so, the proportion of budget consumed by maintenance stays stubbornly high, because there's never quite enough left over to change it. 

How legacy becomes normalised 

In a recent piece, Technology change – hitting the target but missing the point, I drew parallels between what I’d learnt about the Agricultural Revolution in the book Sapiens, and why technology change initiatives often fail. The author, Yuval Noah Harari, wrote about how humans adopted agriculture not because it was better, but because it was possible – and by the time the consequences were clear, there was no easy way back. I think about that argument a lot in the context of legacy technology. Many of these systems weren't bad decisions at the time. They were adopted because they were the best available option and they became load bearing before anyone had fully considered what it would mean to replace them. The problem isn't that they exist. The problem is that we've collectively developed a habit of planning around them rather than confronting them. 

The question I rarely hear asked, but think matters most, is not whether to modernise. Most leaders I speak to accept that something needs to change. The harder question is whether the organisation has an honest picture of what it's actually dealing with. How much of the estate is genuinely end-of-life? Where are the real risks concentrated? What would it take to change things, and in what order? What exists outside the formal estate – the locally-built tools and unsanctioned applications that teams have quietly come to depend on? 

Until those questions are answered clearly, the 97% will keep compounding quietly, regardless of what the roadmap says. 

This is the first in a series on tackling legacy technology, so stay tuned for more. And if you want to join the conversation now, sign up for my webinar on Tuesday 23rd June: Unlocking productivity in legacy systems: a safe path to AI adoption.