Richard Hughes has resigned as chair of the Office for Budget Responsibility, after the UK fiscal watchdog accidentally leaked its analysis of Rachel Reeves’ Budget before the chancellor delivered it.
The announcement of Hughes’ exit came shortly after an OBR review of last week’s market-moving error found that the same failures had allowed early access to the Spring Statement in March, raising concerns that earlier Budgets could also have been compromised.
In a letter to Reeves and the House of Commons Treasury select committee on Monday, Hughes said he was quitting to help the OBR “quickly move on from this regrettable incident”.
In what Hughes described as a “technical but serious error”, the OBR had uploaded Budget documents on to part of its website without the necessary protections to prevent early disclosure.
Monday’s report described the episode as the “worst failure in the 15-year history of the OBR”.
Hughes’ resignation comes at a moment of high tension between the Treasury and the fiscal watchdog.
Reeves and Prime Minister Sir Keir Starmer are facing accusations of misleading the public after Hughes wrote to MPs on Friday to reveal that OBR forecasts for the public finances had been healthier than the chancellor suggested earlier in the autumn.
Hughes was due to testify about the Budget tomorrow at the Treasury select committee, but he will now not appear at the hearing. The OBR will be represented by the remaining members of its Budget Responsibility Committee, Tom Josephs and David Miles.
Senior economists said Hughes had been a firmly independent and effective head of the OBR who would be a difficult chair to replace.
“He leaves big shoes to fill in the UK fiscal framework,” said Ruth Curtice, the head of the Resolution Foundation and ex-head of fiscal policy at the Treasury.
However, MPs said there was no doubt that the OBR’s reputation had been hit badly by the premature data release.
The OBR is meant to release its economic and fiscal outlook (EFO), which contains market-sensitive economic forecasts, policy costings and judgments on the government’s fiscal rules, once the chancellor has presented the Budget to MPs in the Commons.
But last week’s OBR assessment was released nearly an hour before Reeves began speaking, sparking sharp movements in bond markets as investors digested the nearly 200-page document.
Investors were initially unsure whether they could trust the news flashes ahead of the scheduled release. “It’s one of those moments where you have to do double, triple, quadruple takes,” said James McAlevey, head of global aggregate and absolute return at BNP Paribas Asset Management.
The report found that the OBR routinely uploaded its documents before publication time to facilitate “immediate and widespread access” to them at the appropriate time. But it wrongly assumed that it had configured its website, which it managed using WordPress software, to prevent early access.
On the morning of the leak last Wednesday, the first online evidence of the report being prematurely available was when Reuters began sending headlines on its contents from 11.41am — well ahead of the intended start of the Budget speech at 12.30pm — according to the report.
The first successful request to access the document had been at 11.35am — from an IP address that had made 32 previous unsuccessful attempts over the course of the morning.
Ciaran Martin, an Oxford university professor who advised the review, told the Financial Times that the large number of attempts to access the document from one address raised concerns that the person or people may have been aware an early upload was possible.
“It is reasonable for people to infer that the address which tried 32 times belonged to someone who believed the document would be uploaded early,” he said.
Between 11.35am and 12.07pm, there were 43 successful attempts to access the URL assigned to the report, from 32 unique IP addresses, the report said. From 11:50am “images of and facts from” the EFO began appearing widely online, the report said. At 12.08pm the PDF was taken back offline.
It was not the first time that someone would have been able to see the contents of a chancellor’s fiscal statement ahead of time, the report added.
“It is very likely that the weaknesses that caused the premature accessing of the November 2025 EFO were pre-existing,” according to the OBR report.
Referring to Reeves’ Spring Statement in March, it said: “The logs show that one IP address successfully accessed the document at 12:38, five minutes after the chancellor had started speaking and nearly half an hour before publication.”
“There are some indications the IP address may be linked to accounts within UK government and/or other public authorities within the UK,” it said.
It is now “essential” that a more detailed forensic digital audit of some of the most recent fiscal events is undertaken, the report added. James Murray, chief secretary to the Treasury, described the report’s findings as “very serious indeed”.
However, Oxford university’s Martin said establishing how long the OBR’s processes had been in place “might be difficult” as he was unsure how long the logs were kept.
Martin added that “less than a week” was a “very short period of time” for a probe into such an incident, and that further findings may be uncovered in due course.
“It would not surprise me if aspects of the technical picture [such as the number of times the document was added] were modified or changed in the course of subsequent investigative work,” he added.
The OBR review, led by Laura Gardiner, the watchdog’s chief of staff, cast blame at the Treasury and Cabinet Office for failing to fix flaws in the OBR process but found that the “ultimate responsibility” for the leak lay “with the leadership of the OBR”.
In his letter, Hughes said he had “decided it is in the best interest of the OBR for me to resign as its chair and take full responsibility to the shortcomings identified in the report”.
“I want to thank Richard Hughes for his public service and for leading the Office for Budget Responsibility over the past five years,” said Reeves in a statement. “This government is committed to protecting the independence of the OBR and the integrity of our fiscal framework and institutions.”
Additional reporting by Ian Smith in London
The OBR’s account of leaking the Budget
05:10
OBR staff [notified] that server modification to accommodate higher website traffic at the time of the economic and fiscal outlook’s (EFO) publication was complete.
05:16
Website activity logs show the earliest request on the server for the URL https://obr.uk/docs/dlm_uploads/OBR_Economic_and_fiscal_outlook_November_2025.pdf. This request was unsuccessful as the document had not been uploaded yet. Between this time and 11:30, a total of 44 unsuccessful requests to this URL were made from seven unique IP addresses.
09:00 onwards
The web developer set up web pages (no PDFs, Excel spreadsheets or other documents were uploaded during this stage) in draft form in the content management system, creating IDs for all the downloads to be used across the website.
11:02
PDF documents were emailed to the web developer, including the EFO document.
11:03-11:35
The web developer began uploading documents to the draft area of the OBR website (which was understood by all involved to be not publicly accessible), including the EFO PDF.
11:35
The first successful request to the internet address (URL) https://obr.uk/docs/dlm_uploads/OBR_Economic_and_fiscal_outlook_November_2025.pdf was made. The IP address of this first successful request had made 32 previous unsuccessful attempts at this URL over the course of the morning. There were a total of 43 requests to this URL that were successful between this time and 12:07, from 32 unique IP addresses.
11:41
The first evidence online of the EFO being publicly available, via a Reuters news alert entitled “UK OBR ECONOMIC AND FISCAL OUTLOOK: BUDGET TAX RISES RAISE 26.1 BLN STG BY 2029-30”.
11:43
An OBR staff member was first made aware by a (non-Reuters) journalist that Reuters was flashing extensive forecast details.
11:43
OBR staff attempted to rule out the OBR website as the source. Not knowing that the URL for the EFO PDF was accessible even if known or guessed, the focus was on whether the relevant parts of the website had been pushed live accidentally, or whether there had been a leak of the document not connected to the publication process. OBR staff found no evidence via the front end of the website that web pages had gone live.
Around 11:50 onwards
Images of and facts from the EFO began appearing widely online from many people (suggesting the PDF had been widely downloaded and/or shared by other means after download).
11:52
Senior OBR and Treasury officials telephoned each other to discuss the breach. These Treasury officials made OBR staff aware of the URL leading to the PDF of the EFO that was accessible.
11:53
OBR staff and the web developer attempted to pull the PDF from the website, and also to pull the entire website (eg via password protection) but struggled to do so initially due to the website being overloaded with traffic.
11:58
An email was received in the OBR press inbox from a Reuters journalist confirming that Reuters had published details of the EFO and asking for comment.
12:07
The EFO PDF was renamed by the web developer.
12:07
The EFO PDF appeared on the Internet Archive. This means it was, at that precise time, visible entirely generally on the open internet via search engines. It is assumed that this happened very briefly in the rush to remove it.
12:08
The EFO PDF was removed from the website’s content management system, taking it offline.
12:08
The OBR Chair and staff drafted a statement setting out briefly what had happened and confirming that the OBR’s website was the source of the error.
12:15
This statement was posted on the front page of the OBR’s website and on X (formerly Twitter).
12:34
The chancellor’s Budget statement began, opening with a reference from the chancellor to the early release of the OBR EFO.
13:38
The chancellor’s statement ended and the EFO and supporting documents were immediately pushed live.
