Axiom Kinetic - Enhanced Utility Bureau Service

The aim of Axiom's Enhanced Bureau Service is to put in place a comprehensive and proactive cloud-based solution to utility management, and give access to utility data in real-time.

Axiom expands the "usual" role of the utility-bureau so that data capture, processing and validation integrate with improved reporting across cost-consumption-carbon.


  • Automate resource-intensive bill processing to payment workflows with RPA technology.
  • Built‑in utility data completeness checks, QA, and invoice control measures.
  • Automatic invoice collection, direct from the retailer into the platform.
  • Immediately accessible client portal with reporting history and audit-grade data.
  • Comprehensive accruals & budgeting automation to drive accuracy/plan better.
  • Automated tariff reviews and analytics providing savings opportunities.
  • A fully-digitized procurement platform, with unmatched savings capabilities.
  • Proactive, dependable data management via instant-parsing, validation and storage.


  • A single digital platform across all functions (accruals/payment/budgets/reporting/sustainability).
  • Effortlessly digitise your manual Utility Bill Lifecycle Management.
  • Increased speed and accuracy of utility bill management.
  • Decrease risk by eliminating mistakes caused by manual UBM processes.
  • Reduce the FTE's required to manage the category/improve savings.
  • Access to validated data, that stakeholders can trust is accurate.
  • Anytime access to historical utility data to easily create/revise budgets


£1.95 to £9.95 a unit

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

6 0 8 2 0 1 9 4 1 1 9 2 4 7 6


Telephone: 07989563336

Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
System requirements
Our portal is entirely viewed and hosted on the web.

User support

Email or online ticketing support
Email or online ticketing
Support response times
Monday - Friday 9-5pm - within 4 hours of e-mail ticket being raised
User can manage status and priority of support tickets
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Each customer is given a named account manager, through which all queries regarding either cloud support or technical energy support will be directed.

All queries will be acknowledged immediately and a ticket issued.

For those not paying for enhanced support, tickets will be dealt with within a 2 working day period.

For enhanced support customers (cost 50p/utility meter/month) the SLA for support is for all queries to be dealt within 1 working day from submission
Support available to third parties

Onboarding and offboarding

Getting started
During the mobilisation period Axiom arranges for the collation of copy bills for all supplies backdated to cover one year’s historic data (pdf bills and consumption data AMR & HH). This will include the required access to supplier billing portals and the incumbent water supplier where Axiom will
collect invoices from on a weekly ongoing basis. Historic invoices can be imported spanning more than 1 year and Axiom can also import data from incumbent energy-management software products to ensure complete history within Axiom's system.

In-order to meet administrative requirements a mobilisation meeting will include the provision of login details to the portal for all users and confirmation of their participation i.e. finance team, energy team, payment file recipients etc, followed by fortnightly meetings to update on progress and meet our three stages of mobilisation. A schedule of monthly meetings will be agreed along with the issuing of our telephone helpdesk number that will be available throughout the service.

Axiom will mobilise the service in three key phases: -
1. Set-up Phase - gathering, validating, and importing data
2. Bureau Shadow Phase - providing full-service shadowing incumbent bureau (if applicable)
3. Commencement of Full Service – following cessation of incumbent provider
Service documentation
Documentation formats
End-of-contract data extraction
At the end of the contract all user accounts will be deactivated within 4 hours and deleted within 48 hours.

When the contract ends we will provide the data to clients in an excel format if requested during the first 30 days from the termination of the contract free of charge.

At the end of the 30 days the data will be archived for a 12 month period; if the data is requested during that period there will be a charge for data recovery.

At the end of the 12 months the client data will be deleted.
End-of-contract process
When the contract ends we will provide the data to clients in an excel format if requested during the first 30 days from the termination of the contract free of charge.

At the end of the 30 days the data will be archived for a 12 month period; if the data is requested during that period there will be a charge for data recovery.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
Desktop web interface has been optimised for mobile use
Service interface
User support accessibility
None or don’t know
What users can and can't do using the API
At the moment our approach to using the API has been on a client specific basis and as such we have not placed any limitations on what a client can do.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Users can customise the visualisation of the energy data.

All reporting functions can be customised so that each user see the reports pertinent to them.


Independence of resources
Axiom monitors resource usage across its infrastructure to manage capacity and to provide alerts on servers which will be investigated by SRE. When assessing the use or development of new systems, capacity management is considered at the design stage and is incorporated in the build specification.

Our platform is hosted in AWS. Utilising multiple auto-scaling web servers behind a load balancer. The web servers connect to AWS Aurora database with Multiple Availability Zone replica sets to maintain high availability and resiliency. We also utilise AWS S3 for file hosting


Service usage metrics
Metrics types
End user usage stats are provided in real time and can include the following;
Time spent on portal
areas visited
export logs
query logs
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Bill Identity PLC

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users can export their data by selecting the data files they want and clicking export. Small files will download straight from the app. Large files will be emailed directly to the requesting customer in their chosen format.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • PDF
  • EDI

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Our service is hosted on AWS, and as such, guaranteed uptime is 99.99%.

Where we do not meet that availability we will offer clients a 25% credit on the daily charge
Approach to resilience
This information is available upon request.
Outage reporting
Email alerts and through API

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Access rights to the network are controlled by role using group policy in order to prevent unauthorised access to information held in application systems. Systems and applications which are used by Axiom are documented to show which systems are required by each user and their required level of access. User accounts are administered by our IT team and are set up using a least-privileged account for day-to-day operations.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
Covers everything
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications
Any other security certifications
ISO22301 Security and Resilience

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Technical reviews of business-critical applications take place when there are large-scale changes to related operating platforms. We determine business-critical as any system/application enabling us to deliver services to customers. These systems may have dependencies also categorised as business-critical.

Operating platform updates occur monthly with development and testing systems being updated prior to production systems to ensure there is no adverse impact on operations or security. Prior to conducting operating platform changes, systems are taken offline before customer-critical servers are updated. Once done, the required systems are brought back online. If there were issues these would be found at this point.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We have measures to detect/prevent malware being introduced into our systems, using endpoint-security-protection and system-monitoring tools to create alerts which are promptly investigated.

The schedule/scope of these scans are detailed/maintained by our IT department. Full antivirus/malware scans are run weekly on all devices. All downloaded files/software will be scanned by endpoint-security-protection software.

The email system scans incoming email for malware and quarantines if necessary.

Axiom has business-continuity plans to follow to contain a virus outbreak. Security patches are applied within 14-days of updates release. Microsoft updates are handled via Windows update. Third-Party Updates are handled via dedicated patch management software.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Axiom has several methods to ensure it obtains and reacts to technical vulnerabilities:

Subscription to a Cloud-based Vulnerability Management Platform;

Antivirus Solution is pushed out - weekly scheduled scans take place;

Windows updates are pushed out to information assets;

Monitoring of assets to ensure latest version updates and patches installed;

Notifications from Special Interest Groups;

Annual Penetration Testing;

Monitoring of media - television/radio/internet/social media.

Incidents are raised, triaged and remediated as soon as we are aware. We have a dedicated incident-response team responsible for investigating and managing the incident through to resolution, including communicating with the company, customers and stakeholders.
Incident management type
Incident management approach
We have an internal process for raising and managing incidents. Users would report incidents by raising a ticket in the customer case management system. For every incident we conduct a root cause analysis and if this warrants that a report be provided to the customer it will be after resolution, corrective action and closure of the incident, however most customer issues are resolved whilst in dialogue via the case management system.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

Axioms cloud service provides collation of all your organisations utility consumption and associated carbon emissions data providing concise tracking of cost, consumption and carbon. Our cloud software provides notification of periods of over consumption, waste and enables progress to be tracked in reducing consumption and emissions against your targets. Our service also checks the validity of all your invoices and their associated charges, ensuring that your organisation pays only what it should and ensuring that your budget can be optimised for use in investing in energy management initiatives, replacing inefficient products or simply spending time making sure people turn things off.
Covid-19 recovery

Covid-19 recovery

Axioms cloud service provides access to end users via their web browser, tablet or smartphone, supporting working from home and flexible working. The portal also enables analysis of energy consumption during lock down and provides users the ability to identify excess consumption during unoccupied periods, enabling users to rectify building controls and timers for the future.


£1.95 to £9.95 a unit
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.