Not many people have had as much influence over the evolution of revenue assurance and fraud management as Vinod Kumar. He joined Subex in 1997, becoming one of the executives who pioneered the development and sale of off-the-shelf software for identifying anomalies within data and managing the risks of communications providers. Subex rode the crest of a wave, with revenues that ramped up dramatically as worldwide interest in fraud management and revenue assurance exploded. They set a precedent within the communications industry by arguing every telco needed a Revenue Operations Center, the metaphorical equivalent of a Network Operations Center, with their recommended controls becoming the blueprint for most of the work still performed by revenue assurance functions today. They also set a precedent by showing that an Indian business could successful sell software products to a global market. After spending the last five years as Chief Executive, Vinod announced he would step down from day-to-day management of Subex this year, though he will remain as a member of Subex’s board of directors. I asked Vinod to reflect on the experience he has gained whilst at Subex, as captured in this abridged version of our conversation.
Eric: I wanted to do this interview as a kind of thank you for your years of service whilst at Subex.
Vinod: Thank you very much. Kind of you to say that, Eric. Just so that you’re aware, while I am in a transition from an operational role standpoint, I will continue as a member of the board of directors. So while I’m operationally not going to be involved in a month from now, but I would be a part of the strategic decision-making as part of the board.
Eric: You’ve done some tremendous service. I didn’t want it to just pass without any remark.
Vinod: Thank you. I think I have also been very pleased with the fact that as a part of this whole journey, it was a constant learning for me. And one challenge after the other. But I guess that I always had a learning and growth associated with that, so I enjoyed every bit of my journey at Subex.
Eric: Not many people spend a quarter of a century with a single business these days. Thinking about how Subex has progressed since it was founded, what makes you most proud?
Vinod: I think if we look at how Subex started, particularly in the software part of the journey, it started during the 1999 timeframe where you probably remember the Y2K issue. And just about everybody in the country, in India, was jumping onto the software bandwagon. But at that point in time, Subex did something very different than most of the others. And that is us logging into the product side of the journey, whereas most of the others were doing the services side.
It was a very bold move at that point in time because, by then, it was established the software services capability of India was quite established. But the product side wasn’t. In fact, Subex is one of the first software product companies that came out of India.
A lot of things that we have done was ground-up learning by ourselves. When you look back, it’s a lot of fun. But at the point in time, it was more challenges than fun. So I think that legacy will continue to be with us for a long, long time.
But subsequently, we also had lots of ups and downs. And I would say that one thing that is remarkably standing out is the resilience of Subex as an organization. And I mean, probably, you know, that they’ve been many times in the past where we have been driven off and they have gone to a very, very difficult period of time. But we have always bounced back. And now and I guess that that resilience is what I would say is the most prominent thing that that that kind of stands out to me during this long journey.
And just if I could add, under the radar for some time is our AI capabilities that we have been slowly building. If you look at that, at least from inside Bangalore, we have one of the best AI labs. It’s something that I’m very, very proud of.
Eric: Your mention learning from experience. What experiences, whilst you were at Subex, surprised you the most?
Vinod: I’ve reflected on this for a while and when you come into the organization and start moving up the ladder, you will find a there is a way things happen, and a set of people and a set of process, aspects [of how we do things] which are very, very critical to the company. When you’re in the company, or when you’re in the set up, you almost cannot think about how the company would go forward if some of those aspects were not there, or some people or some talents leave. What experience taught me is that an organization is much stronger than some of these aspects, and that constantly surprises me. We have very valuable talented people who make the company, but at the same time, there is not one person who is so indispensable.
This also came up from when we were facing the COVID crisis. It’s a one-of-a-kind that happened and probably the only difference is that the whole world faced it at the same time. But again, how we as a collective, as an organization, as a community, how we face it together is something remarkable. That’s an experience that has taught me that if you have the right mindset, the right kind of organization, and the support, we can get on with it. Today it still surprises me how things just go on and when important events happen — somebody leaves or a new merger acquisition — things go on.
Eric: Well, let’s see if it smoothly moves on as you move on from your role as CEO of Subex. I hope it does.
Vinod: I definitely think that it will do. I was reading Steve Jobs’ biography, and he says that when Tim Cook was making an announcement saying that Apple will move on, Steve Jobs did feel bad. But if you look at today, Apple is thriving.
Eric: That’s a very interesting way to look at it. Subex doesn’t just provide its products and services to communications providers, but Subex’s broad international clientele means you have been watching the changes in the communications industry for a long time and you’ve had access to a lot of data pertaining to how businesses perform. What has the communications sector done well during those 25 years? And where does it currently need to improve?
Vinod: Particularly coming from an emerging market, what the communication industry has done is sort of remarkable.
Whatever you look at in a society, on an ongoing basis, you will find friction for everything. Even for small, small things, you have friction. You will see that very, very clearly when you come to some of the emerging markets. The friction depends upon your status in the society. Higher up, you have less friction, but the lower end of the society, the friction is enormous for the day to day aspects of life.
So to me, this whole digitization that has happened, both connectivity and digitization, has reduced the friction across the board. And that is phenomenal! That’s valuable, this whole reduction of friction across the board. I would say that today, we, as a society, we are living a much more, let’s say, easier life because of the digitization and the connectivity that we have.
Obviously, it has created a new set of issues that requires addressing, but the core, some of the core aspects, the voids that we had, institutional voids that we had, slowly but definitely the digitization is fixing those voids. This was impossible to solve until a few years ago. If you come to India and see how payments etcetera are handled — it’s magical today, right? Can you imagine in a country like India, we don’t carry cash anymore. We just can do just about anything, just by using our mobile payment across the board, with street vendors, everyone. So that’s been remarkable.
Where I think that probably, the communication industry could have done better, is I always thought that the communications industry would play a much more active role in the digital commerce that it helped to create. And consistently, it has not happened, maybe because of the inertia. Telcos are very huge organizations. Agility is required to create some of these commercial things.
I hope that with 5G there is yet another opportunity for telcos to be on the front foot, and play much more aggressively, and have a larger share of the commerce that connectivity helps generate. At least I’m seeing some signs of telcos moving in that direction, but compared to some of the other sectors, telcos are still too slow.
So that’s the way I put it. The communication industry has been enormously beneficial to society by enabling digitization. At the same time, it fell short of obtaining a sufficient part of the economy that it has created because of the lack of agility within the telcos.
Eric: Yeah, I think it’s a very well-made point there about enabling others. It really comes home when you answer the extent to which changes have been enabled in a country like India where, as you say, people no longer carry cash like they used to. Perhaps the transformation is greater in a country like India than in other countries because there’s a willingness to change, there’s a desire for change. And as a result, the change can be even more dramatic because people see the benefits and they accept the benefits more readily than they would do in other places. So that’s fantastic. But you also make a good point there that enabling change doesn’t mean that you’re always leading change. Sometimes the change has been enabled by the communications providers, but they haven’t been the ones to go out and actually change the way that they provide services and look to be different in terms of differentiating from each other in the marketplace.
If you could, is there anything you would go back in time and do differently?
Vinod: Okay, look, I will probably answer that in two ways. One, from an organization standpoint, and second from the standpoint of the larger domain.
From an organization standpoint, I think that some of the transitions that we have just started, transitioning to a more AI-based, subscription-based transition, that is something probably we should have started much earlier. So if that is something that I would want to go back and do that, I would have created that transformation maybe five earlier. That would have helped us to deliver enormous value to our customer, more than what we have delivered in the past with our conventional approach.
From a domain standpoint of revenue assurance and fraud, there are two things that are still unsolved. One is the complexity that we have created, more with respect to the revenue assurance side of things. I somehow feel that it need not be so complex. And I guess it evolved in a particular way, kept on evolving, evolving. And I think if you look at the innovations that we have been able to bring about, it’s been very marginal there for whatever reason because of the complexity, the way the whole thing has sort of evolved. So that’s something which I would go back and look at saying that, can we do things much more simply?
On the fraud management side of it, we have had fraud for a long time. We have been fighting fraud for a long time. Even after 20 years, we have not made sufficient progress. And that’s because of lack of intellectually honest cooperation between various operators. Vendors should have facilitated that.
If I could go back, I would simplify revenue assurance a lot, compared with how it is being done today. And on the fraud side, I would somehow try to create the collaboration where, as an industry, we can come together and eliminate many of the frauds.
Eric: It’s a fascinating answer. If you don’t mind, I’d like to go through each of them in turn. So artificial intelligence — it seems a little bit hard on yourself to be saying that you should have been doing artificial intelligence sooner. It doesn’t seem to me as though you’ve been behind others in doing artificial intelligence. So let me ask a slightly different question about artificial intelligence. If you had started doing artificial intelligence, working with artificial intelligence sooner, what would be the difference that we would see right now?
Vinod: [It would be] more accurate and simpler. I’ll give an example. We dealt with a kind of a handset fraud, which is a major issue in Europe. First of all, the customer had their own solutions. We replaced their solution with our rule-based solution, which was significantly beneficial, about 90% more accurate. But then, with the AI model that we have put in place now, it is a different order of accuracy and prevention that we are getting. With respect to the competition, we are definitely ahead. But my view is that we should have started five years earlier, even though the customers would not have backed us. Obviously, we see now with a lot of appetite for testing AI. But I think we could have started five years back from when we did.
Eric: Okay. It’s a difficult thing because you still have to sell it and people have to believe there’s some value. So you would have been very far ahead of the game if you had done that. You mentioned about making revenue assurance simpler. And it sounds as though you’re talking about having more influence over the way people do their job. So do you wish that Subex had more influence over the way people do their job?
Vinod: Yeah. So I think if you look at the whole control mechanism, how the controls have evolved, I would say it’s more academic, or rather it’s been predominantly academic rather than practical in approach. And I think that people are taking a much more closer look at the return of investment that they are getting from various controls, etcetera. Most of the requirements we are getting, it’s a kind of collection of all the requirements they have found from different customers, different RFPs [requests for proposal]. Then we get this huge list of controls that need to be delivered. And there are very few people who are able to reflect on what is required and, based on the priority and the exposure, what controls need to be automated, and what can be covered by an audit, a one-off audit.
But I think the easiest way for a customer to handle revenue assurance is just to push everything into an RFP and ask the vendor to deliver everything. And because of this highly competitive nature, we fight with each other and try to comply with all the specs. And once you agree on the specs, then it’s all about delivery and the delivery takes forever. And at the end of the day, we rarely understand whether some of these controls are really adding value.
And when we start this sort of discussion with the customer, there’s always a resistance because everybody wants to go by-the-book. There have been some changes. I mean, there are some mature operators who are seeing things differently and they would want to look at killing some of the controls which are not very beneficial. There is some appetite at the senior levels, at the exec level to look at this again. But when it gets to the operating level, they are much more comfortable to cover the base by saying they want all the controls.
Some of the other industries have done it [revenue assurance] very, very differently. I think, for example, the new things that we are seeing in the gaming industry, those are areas where I think there are a lot of leakage issues, but they’re approaching it very, very differently. They are asking where the exposure is very high, what can be controlled, what cannot be controlled, where you need to do a process change and when you don’t have to worry about doing the same checks again.
So I guess we have to look at a much more pragmatic, simple approach rather than implementing control after control. In fact, it’s hard for me to say this, some of the very experienced professionals, working in the segment of switch to mediation to bill, they put so many, so many controls in place and automate them when one would question what is the return on investment from having all these automated controls.
There is a simpler way. If there is a problem, can we evolve a way to quickly go and check what the problem is, rather than checking everything?
Eric: So you are characterizing revenue assurance as being too focused on lists of objectives to be fulfilled and lists of controls to be implemented. Perhaps we might even say revenue assurance is tending towards a bureaucratic mentality in terms of controlling this predefined, this historic list of goals, and is maybe not sufficiently focused on where the most value would be found. Too much effort is going into making sure there are no gaps — you mentioned switch to bill — that there are no gaps from switch to bill. But perhaps we are not looking to add as much as value as could be added elsewhere because there’s too much focus on some small things that were considered important a long time ago, but there is an inability to step back and identify where more value can be added if we were being more open-minded about work.
Vinod: We need to move into a smart way of detecting anomalies and investigating them, rather than putting in all the checks. I’m definitely seeing it happen, if you look at some of the new fintechs, they’re doing it very smart. They are able to looking at anomalies and investigate rather than looking to see if the KPIs are right. So that transition is already happening.
Eric: I hear you. Now, it’s interesting what you said about fraud and exchange of information collaboration between the different telecommunications providers, because I think you could argue — I would argue — that artificial intelligence has come out as the reason not to exchange information. Artificial intelligence gives you the hope, the belief, that you can take the data you already have and you can extrapolate from the data, the artificial intelligence will see a pattern. So the artificial intelligence will do the things which maybe previously you could only do if you had other information from other sources. That at least is how artificial intelligence is sold a lot of the time for fraud management.
So, is it now impossible to go back and to have greater collaboration in terms of fraud management for communications providers, because we are now in this phase of using artificial intelligence to solve the problem? And if there was not enough incentive to work together to reduce fraud before, artificial intelligence means there will be even less incentive now.
Vinod: Look, I think you’re right in the sense that with AI you have the ability to, you know, get much accurate systems with relatively low set of data and training them over a period of time, like for example, international revenue share fraud. For international revenue share fraud, my team’s view is that we don’t need any more the databases of fraudsters etc. But that said, Eric, we can still ask what is the disincentive for fraudsters to not do fraud? Now, that is something which we have still not addressed, right?
Now, robocalling is another thing which probably we could have easily addressed if, let us say, all the operators and all the players were coming together.
With the kind of digitization that we are seeing, identities are available at a throwaway price, so even my identity can be bought in the market for as low as two or three dollars, you know. To prevent that, it’s a different ball game altogether and a lot more work needs to be done. And I think it’s a huge opportunity for any company in the fraud space.
In digital commerce, the free flow of funds has stopped and everybody is asking, investors are asking for profits to be shown. Fraud reduction, which will directly flow into the bottom line, has become important.
But I’m sure that if the industry comes together, then we will have a lot more information to prevent some of these fraudsters coming in the first place. I don’t think that anti-fraud technology by itself will be a disincentive. Regulators can do a part of it. Vendors like ourselves can be a part of it. But I think some, like RAG and the GSMA Fraud Forum, can also play a different role, a kind of enabler role for the work that will disincentivize fraudsters.
Somebody has to do something there, Eric. If you look back 20 years, still we have not had an industry-wide way of approaching, cooperating, collaborating on preventing this.
Eric: I hear you. Just reflecting upon the relationship between communications providers and law enforcement, and what it’s been like over the last quarter of the century, it occurs to me that there has for the last 25 years been a very clear relationship between communications providers and law enforcement in the sense that law enforcement asks for data when law enforcement wants data from the communications provider. So they identify what crimes they want to investigate. They start to look for mobile phone data, who called who, what time, what location people are. That has always been there. What hasn’t occurred is that there has not been any successful push of data from communications providers to law enforcement to say, look, here are some crimes that we, the comms providers, are suffering from.
There are criminal activities that are taking place. We would like to give data to the police. Telcos have not been doing that because there’s been the belief that law enforcement will do nothing with it. The problem is that it is seen as a corporate crime and the only victims are businesses, therefore, it’s not a priority for law enforcement. But I think that that’s now come back to haunt us all, because the attitude that those criminals would only stay focused on stealing from businesses, that they’d only steal from communications providers laid the foundation, became the enabler for so many other things going wrong in society. Those same criminals have become more diverse and found more ways to exploit what they had already learned about the communications industry. So they’ve been studying, they’ve been learning, they’ve been getting stronger, they’ve been getting more resources because they’ve been profiting from crime. It’s only now that it has started to affect very many ordinary people that law enforcement has begun taking an interest. But the shame has been that for 20 years, 25 years, nothing had been done to essentially tackle the build-up of these criminals. So I don’t know what we in this industry could do differently.
You’re supporting the RAG Fraud Blockchain in terms of making it available to your customers so that they can exchange information efficiently. You have your user conferences where you bring a lot of people together. You attend all the meetings, you’re supporting all these institutions, including RAG and the GSMA. What else could have been done differently by you? What else could have been done differently by me? What should we have done differently over the last 25 years?
Vinod: So, Eric, my view is that I don’t have all the answers there. But let me give you a sense of what has been done in India.
India is making some remarkable progress when it comes to digitization and creating the public infrastructure over which there’s all these, you know, digital products created. The good thing is that all the data sharing, that layer is being done by government. It’s the gold standard when it comes to doing public good from the digital domain. There is a government layer to handle the consent side of things, which made things very simple. So with that consent, you can create many number of products to work using that consent and that data. They’re doing the same thing for all kinds of data, including telecom data. So what is going to happen is that, that if I give a consent to a consent provider, the telecom will have to expose the data, the telecom has no say if the individual has given their consent.
Then what happens is that there is an opportunity for a technology solution. That’s exactly what happened in UPI [India’s Unified Payments Interface]. When this UPI, the consent layer got created, all the banks had to necessarily come on it, otherwise they will become irrelevant.
Eric: I think that’s a fascinating answer. It’s also very timely. In the last two weeks, I’ve been struck by the difference in approach towards consent for India compared to the United States of America. So in the last few weeks, we’ve had the Indian regulator effectively saying there will be a common solution for the recipients of phone calls from businesses. So they will give their consent using a common approach to giving the consent. There’s a common ledger, using distributed ledger technology, to record who has given their consent to receiving telemarketing communications of all kinds — voice calls, messages, etcetera — and who is allow to contact them. So if there is a telemarketing call of any kind, from a business to an individual person, you have a record of consent that everybody can check. And because of that, it’s enforceable. Because it’s a common record, it means that if any business comes along afterwards and makes a call, sends a message, communicates with the customer in some way and the customer didn’t give consent, well, there’s nothing additional to prove because there is a common ledger. There can be no confusion as to whether the business checked the ledger for whether that customer gave permission for that communication. So it’s very straightforward. As soon as you see some business making phone calls and there’s some people who didn’t consent to them, you can go punish the businesses immediately.
That development in India contrasts with news from the USA last week, where a rule has been passed. The US Federal Communications Commission has brought in place a new regulation and the regulation requires consent to be taken, but it doesn’t say anything about a common ledger. There’s no common source of information. There is not that unifying role of having an authority in place that creates a common infrastructure that everybody can use. So the rule is that the business is going to have to take consent, but it’s not enforceable. It’s not enforceable because each and every business will be managing consent in their own way. And then who has got the visibility to actually tell whether that business did or didn’t follow the rules? So it strikes me that that’s a really clear cut example there. And this is an important example because consent for receiving a call from a business, well, this is like the opening opportunity for saying to somebody, you can or cannot communicate with me. And if you can’t communicate with me because I don’t give you my consent, then you can’t also send me a fraudulent message and you can’t scam me with an unsolicited voice call. You can’t trick me because the business can’t even get to the stage of trying to trick me without already breaking the easily enforced rules about consent.
India is ahead of a lot of other countries because of this desire to use common ledgers, built on top of distributed ledger technology. We’ve seen it with SMS messages as well as voice calls. What is it about the Indian mind frame? What is it about India’s state of economic development, which means that you’re so much more capable of implementing these solutions across the whole of society and making them work? Because it’s clearly not a case that other countries couldn’t do it on the technological level. So what is right in the Indian mindset that leads India to adopt and embrace that kind of change?
Vinod: I think this is fascinating. I guess that I’m very lucky to have played a small part in this. So what happened, Eric? And if you have not heard about it, you should look it up. It’s called the India Stack. It came about is a collaboration between the industries and the government. And the whole, the beauty of the whole India Stack is that it is pretty much open sourced, meaning anybody can get the UPI and UPI’s unified payment interface or many of the other things that we are doing and implement that. So I guess the strength came from this India Stack where the industry and the government came together, created this product. And some of the people who are involved in the creation of India Stacks have been some of the best technological brains in the world.
So they all came kind of pro bono, and worked towards, created the stack. And suddenly, I think people have started benefiting out of it. So we saw the, we had a digital, we have a digital identity based on that UPI. The next thing created is what we call as ONDC, that is an open platform for digital commerce. So this is going to take on the Flipkarts, the Amazons and the Walmarts. If this becomes popular, people will come on the platform and Amazon will have to come too, and they will lose the advantage that they have today.
The same thing is coming for telecom aggregation. Subex has just applied for the telecom aggregator license. That means that as an aggregator, if somebody provides me the consent, I’m supposed to fetch the data, the telecom data from the operator, and provide that to whosoever has the consent to use the data. So that’s opening up a plethora of opportunities. First it was with financial data, then it will be telecom data, then it will be health data.
And this creation of this whole core consent layer and core infrastructure by the government is allowing a lot of other companies to come on the top and create a value. Suddenly the data, access to data, which was hitherto impossible, that’s now possible through the consent. That is what is facilitating the creation of new ideas. It’s phenomenal. India Stack has created magic and the belief is that they can continue to create magic in other areas.
And they made the whole usage of that free. So that’s another thing that using the consent layer is free. If I transfer something to a peer to peer level, I don’t pay any money. So therefore, everything has gone into that mode. And if you look at the other way around, earlier I used to go into a check, write a check, take time from the banking official, but when the internet came out, you had to pay for internet-based banking. In fact, the bank was saving a lot of money with internet-based banking, but they made the customer pay extra. That in itself was wrong in the first place. So that’s what the digitization has removed. At this point in time, it is free. Brazil implemented a variant of it, which is a chargeable version; we’ll see how that works. But at this point in time in India, it has become a gold standard, this whole digitization. Hopefully we are able to create the same thing with the finance data, the health data and the telecom data. So there’s a lot of new value-creation opportunities available.
Eric: Obviously, you see it closer than I see it, but from what I’ve seen, I can believe it. And it sounds to me like it all starts with leadership. Leadership from the top, leadership from government. Not doing everything themselves, but talking about enabling, creating a platform, creating an approach, and then allowing freedom for businesses to step in and to do what businesses do well, to innovate, to build upon that platform, to create the services, to deliver the service to the customer. That starts with leadership. And perhaps that’s the thing that people should be looking to India more than they have done in the past. That is to say, they should ask how India has achieved transformation in society in ways that others should be copying.
Perhaps it’s been under-appreciated, the extent to which this is a change of the relationship between an ordinary person and the rest of society, enabled through digitization. A change that reduces friction all across society, a significant reduction of friction. What you said about reducing friction at the beginning of the interview, it now makes it a lot clearer in my mind. It’s not just about having the cables, it’s not just about having the satellite links and the radio antennae, it’s about the fact that you’re now able to use data, use information much more intelligently than you did before, exchanging it between organizations. Your take on this subject is fascinating. It’s opened my eyes.
But what comes next for Vinod Kumar? You mentioned you’re going to continue on Subex’s board of directors, but can you comment on any other activities you may be involved in after Subex or other things you’d be taking on in addition to Subex?
Vinod: So from an operational standpoint, I think I will step down in mid-July. And what I intend to take is a brief break, but I’m very, very interested in the areas of security and AI. Those are the two areas that I am very, very interested. I’m talking about security, meaning digital security and cyber digital security, because we have done a lot of work around that area. So those are the two areas which I want to contribute.
I have some thoughts on this, sort of evolving that, Eric, as we talk. So probably at the right time, I’ll let you know more.
Eric: I look forward to hearing about it. I do hope you’ll let me know, what you’re up to in terms of these new ventures.
I’ve really enjoyed our conversation. I can only thank you again for your 25 years of service and what you’ve done, not just for Subex, but for the whole professional community.
Vinod: And I want to appreciate you for the work that you have done for the industry. I think it’s not easy to kind of balance all these different ecosystem players, but you have done a phenomenal job in guiding this whole thing together, as a person, as a consultant, with RAG, with Commsrisk. You’ve done a good job in updating the team very regularly on the new areas and how previous work continued to be relevant. You’ve become an industry thought leader when you talk about revenue assurance and the risk assurance in the telecom space. You definitely come up as a thought leader and a trendsetter. So thank you again. I’m very personally very gratified that I had the opportunity to know you, work with you. And thank you again for all the support that you have given, Eric, to Subex during my time as the leader here.
Eric: You’re very kind. None of that would have been possible had it not been for individuals like you and your team in Subex, who have always been very gracious, very supportive, and have been very open to hearing the good and the bad. Because if we don’t hear the bad, we don’t improve either. So it’s a real hallmark of your leadership and your character as a leader that you’ve always been open and supportive and willing to engage me in a conversation, no matter what. Because it’s only by working together that we’re able to improve and deal with some of these problems we face in the industry and in the world today. Thank you for your time, Vinod. I really appreciate it.
