Hopefully they'll go through all billed invoices with a microscope. My guess is that this will reveal outright fraud from the consulting firm(s), in the form of overbilling in hours.
Even if they bill $500/hr, and they billed 24 hours a day, that would come out to $4.38m / year for each consultant. That's a 11 member team billing 24 hours a day, all year round, for two years straight.
And if they billed more realistic hours, said team would blow up by many multiples. But of course, billed hours is not the only thing consulting firms will charge.
EDIT: For comparison, the website www.yr.no/en, has I believe 10 - 12 devs working. Maybe they've grown since the past years.
Analysis using BuiltWith shows that the site is coded with PHP, Perl and Java. Smells like real enterprise decisions right there. I’m no expert but I’d be guessing that the Perl is likley the remains coming from the old code base. That’d be fair yeah? Haven’t heard of many people coding websites with Perl in 2025.
> "It is unbelievable a private consultancy was paid $78 million to redesign the website," Mr Littleproud said.
This is the crux of the issue. If you have outsourced software engineering competency, yet one of your core missions is maintaining a large pile of software, then this is the inevitable result.
Honestly, with an LLM, I can do it by myself for $96,000 - maybe less. I had a brief look at the website.
Downvote me if you want. But I just built a small business website for a relative in about 5 minutes using Vercel's v0. All I did was upload the logo design, gave it some details about the business and it spit out a fantastic professional looking website in about 1 minute. Made some changes to it and pressed a button to publish with a custom domain and it went live. The entire process took 5 minutes.
I'm sure I can make a weather website with a map for $96k.
This is the type of thing that requires everybody who signed off on this and their bosses to be jailed for fraud. Also, the billing company names involved in the billing should be jailed for fraud too. Jail them for five years each by setting them as an example.
It's extraordinary how far departments (even large companies) will go to avoid in-sourcing work. $AU96M is a small team of developers hired, paid and pensioned for decades.
Anyone rubber-stamping that sort of invoice deserves jail time.
I keep saying this to a state department that has several dozen software developers, plus their managers, PMs, testers, BAs, etc... That's a decent sized software company right there, yet they act like they've only just heard of this new fangled internet thingie that they'll get around to getting real soon now.
FROM
https://www.abc.net.au/news/2025-11-24/bom-website-approved-...
"... "The $96.5 million that we're talking about was not just the front end of the website, the tip of the iceberg that the public sees, but the back end, which sees data flowing from tens of thousands of pieces of equipment in the field, to the supercomputer that does all the modelling, right through to systems that actually forecast the weather and put it through to the website," he said.
"So every bit of that chain had to be hardened and made secure to stop a future attack taking down the whole website."...."
I guess some of the endpoints could be supplying critical data . Interference via hackers to these endpoints data could have serious consequences. I have no specific idea actually, but with experience as electronics engineer / embedded programmer .... there probably be some such scenarios .... hence endpoints would need security upgrades .... But I really have NO IDEA about any specifics ...
There's a few comments speculating about fraud, but they're way off on the timeframe. I was approached about this project like 7-8 years ago. It's probably been in development the whole time.
1k * 250 * 8 * a team size of 20 is about 40 mil in salary for engineering, could be low, add on their $12M testing, $4.1M just for the design (vintage Deloitte), some cloud cost blowouts and a bunch of dickhead managers and scrumlords, plus the putrid enterprise-grade 3rd party map/data system they've gone with, I bet that wasn't cheap. All up it's in the right ballpark for a typical well-intentioned trainwreck consulting project.
Wouldn't be the first project to blow out because of a bunch of enterprise Typescript, Java and C# devs that can't deliver anything.
how much money did corner petrol stations make in profits around the country in one day ? How about the refineries and distributors of Oil and Gas ?
Regarding the entire project -- you cant change what you don't measure? media poking fingers at the expenses of anti-climate pollution projects seems to be a political move these days
when will someone find the $300M bill to update the FAAs NOTAMs website which consists of a giant database with some simple web pages on top?
google pso + cgi federal overloaded the migration with 300+ people and 4 layers of subcontractors to deliver a sub-par infra stack in order to make some media splash before DOGE (rip) could derail it - yes that is why they shifted the db choice last minute to ship quicker versus ship best practices.
NOTAMs is the most important tool used daily by airlines, pilots, airports, the military, and every other industrialized nation in the world. and its now a rube goldberg hodgepodge to avoid an audit from a team that just got canned....
disclosure - i am a pilot who also worked on the migration before being canned for vocally pushing back against the infra architecture decisions that will result in hackable, or offline NOTAMs, halting air traffic worldwide.
I remember that a, few years back the phrase "They have not yet realized that they're a software company now." was used to describe the necessary change in perspective for many companies.
I guess while some companies have caught up, most nation states still have to make this realization.
I’ve worked on major website redesigns, and there’s so much more to it than just refreshing a few screens. A big redesign is kind of like making a 90min film that costs over $100 million. What you see on the surface is only a small part of the effort. Behind every large website there are teams of experts and consultants. $96 million sounds like a lot, but so is the amount of work required to build or rebuild a site at that scale. It’s easy for people who aren’t familiar with the process to guess what it "should" cost, but without understanding the complexity, those guesses are usually way off. And of course, technology and tech workers are expensive. Sometimes even the initial consulting can run close to a million+ dollars.
Every now and then, we see a post on HN where someone claims they've recreated a well-known website in a short time. But they really haven’t. What they’ve done is copy a handful of screens and maybe a couple of data flows that work for a few test users with no fault tolerance, security, or scalability. Building or updating a hardened, website is far more difficult and far more expensive than anything a small team can spin up quickly. It's expensive and time consuming. Was there some small waste? Yes, I almost guarantee it. But fraud? $96m is a lot of money but without understanding the work that's gone into it, there's no way to know if there was fraud in the cost.
25 comments
[ 3.3 ms ] story [ 42.1 ms ] threadSurely someone can request to see where this went? Even the original figure of $4.1m is insane.
Even if they bill $500/hr, and they billed 24 hours a day, that would come out to $4.38m / year for each consultant. That's a 11 member team billing 24 hours a day, all year round, for two years straight.
And if they billed more realistic hours, said team would blow up by many multiples. But of course, billed hours is not the only thing consulting firms will charge.
EDIT: For comparison, the website www.yr.no/en, has I believe 10 - 12 devs working. Maybe they've grown since the past years.
https://builtwith.com/bom.gov.au
This is the crux of the issue. If you have outsourced software engineering competency, yet one of your core missions is maintaining a large pile of software, then this is the inevitable result.
Downvote me if you want. But I just built a small business website for a relative in about 5 minutes using Vercel's v0. All I did was upload the logo design, gave it some details about the business and it spit out a fantastic professional looking website in about 1 minute. Made some changes to it and pressed a button to publish with a custom domain and it went live. The entire process took 5 minutes.
I'm sure I can make a weather website with a map for $96k.
> launch and security testing cost $12.6 million
What are the challenging security concerns for a weather website? And why would testing alone cost $10+ million?
The old site provided with HTTPS: https://reg.bom.gov.au
Anyone rubber-stamping that sort of invoice deserves jail time.
I don't know why. They have seemingly no problem keeping their accounting department in house, even though they're not an accounting firm.
If a core part of your business is software, you are a tech company. Congratulations. Yes banks, that means you too.
"So every bit of that chain had to be hardened and made secure to stop a future attack taking down the whole website."...."
1k * 250 * 8 * a team size of 20 is about 40 mil in salary for engineering, could be low, add on their $12M testing, $4.1M just for the design (vintage Deloitte), some cloud cost blowouts and a bunch of dickhead managers and scrumlords, plus the putrid enterprise-grade 3rd party map/data system they've gone with, I bet that wasn't cheap. All up it's in the right ballpark for a typical well-intentioned trainwreck consulting project.
Wouldn't be the first project to blow out because of a bunch of enterprise Typescript, Java and C# devs that can't deliver anything.
Welcome to the Aussie tech industry.
Regarding the entire project -- you cant change what you don't measure? media poking fingers at the expenses of anti-climate pollution projects seems to be a political move these days
google pso + cgi federal overloaded the migration with 300+ people and 4 layers of subcontractors to deliver a sub-par infra stack in order to make some media splash before DOGE (rip) could derail it - yes that is why they shifted the db choice last minute to ship quicker versus ship best practices.
NOTAMs is the most important tool used daily by airlines, pilots, airports, the military, and every other industrialized nation in the world. and its now a rube goldberg hodgepodge to avoid an audit from a team that just got canned....
disclosure - i am a pilot who also worked on the migration before being canned for vocally pushing back against the infra architecture decisions that will result in hackable, or offline NOTAMs, halting air traffic worldwide.
If you are a government procurement manager, you certainly would want to know where the biggest kickbacks come from.
I guess while some companies have caught up, most nation states still have to make this realization.
Every now and then, we see a post on HN where someone claims they've recreated a well-known website in a short time. But they really haven’t. What they’ve done is copy a handful of screens and maybe a couple of data flows that work for a few test users with no fault tolerance, security, or scalability. Building or updating a hardened, website is far more difficult and far more expensive than anything a small team can spin up quickly. It's expensive and time consuming. Was there some small waste? Yes, I almost guarantee it. But fraud? $96m is a lot of money but without understanding the work that's gone into it, there's no way to know if there was fraud in the cost.