Gazing into a crystal ball is an unreliable activity. Those of us with memories have heard many predictions that proved false, and even risk managers are prone to making guesses that are inconsistent with the data they possess. I am on safer territory when reviewing the events of 2017, but this is the start of a new year, and there is no value in looking back if we do not learn about the likely future. My forecasts also have the novelty value that comes from being different to those offered by so many other
salesmen people. So here are five forecasts to watch for during the year ahead.
1. SIM Swapping Speeds Up
Crimes like SIM swapping, which aim to hijack a phone or intercept the subscriber’s messages, will become more prevalent. Like any novel crime, it becomes more widespread as thieves and malcontents learn the techniques from each other. Corporations that place excessive reliance on security methods like the sending of one time passwords by SMS will steadily increase the rewards for those criminals who perfect their methods. This will lead to an increase in the number of bank accounts that are ransacked, and an intensification of the arguments about who should compensate the customer.
The issue of SIM swapping will receive more public attention as naughty people integrate phone hijacking into more sophisticated scams that target powerful individuals, including CEO frauds and political dirty tricks. Confidence in telcos will hence fall amongst the section of the public that already has a low opinion of the sector.
2. The Revenue Assurance Rebrand
2018 is the year that people look at the RA training certificates hanging on their walls and realize they did not guarantee the riches previously promised. The leading vendors have already repositioned themselves as suppliers of much more than revenue assurance, and the career pathfinders have started to secure different job titles which encourage them to adopt a broader range of responsibilities within their telco.
The phrase ‘revenue assurance’ is already in decline in Western countries, and this will accelerate. Whilst some in the developing world will believe they will succeed by offering a cheaper copy of methods developed elsewhere, they will find they have less room for maneuver than the first wave of the expat army who addressed the problem of competition for jobs by moving to telcos in countries where RA was still in its infancy. However, the trend may not be obvious because there is a lack of consensus over the name to be given to RA’s successor, and so there will be an increase in the diversity of job titles given to former RA managers and analysts.
3. Data Protection Generates Heat, but Not Much Light
The European Union’s adoption of the General Data Protection Regulation (GDPR) will provide a short-lived boom for consultants and vendors who positioned themselves to take advantage. Telcos will be amongst the leading spenders on compliance, not least because they want to turn the data they collect into a source of profit rather than just a burden they manage on behalf of the state’s surveillance bodies. The effects will ripple beyond the EU, due to the way the regulation mandates the same effective requirements be imposed on any business with a contract that involves processing data of EU citizens.
However, a lot of talk about the enormous potential fines – up to 4 percent of a business’ total worldwide annual turnover – will be disconnected from reality. Lax enforcement and subjective rules will make it politically difficult for really large fines to be imposed unless backed by public support; this will make justice dependent on trials in the court of public opinion. At the same time, the average data protection practitioner will focus on trivialities where the rules are comfortingly straightforward, such as the need to provide a timely response when somebody asks what data is held about them. They will consequently neglect the areas where abuse should merit a huge fine, such as handing over data to government spooks who lacked the legal authority to demand it. Interest in GDPR will hence fizzle out, just as the original data protection laws lost traction due to poor implementation. An opportunity will be lost, and data protection will return to being a career backwater until rebooted by another legal revamp in 20 years from now.
4. African Telcos Show How to Manage Risk, Whilst Their Regulators Do the Opposite
The most innovative African telcos will continue to expand their business interests into ancillary areas like finance, travel and entertainment. This will increase the risks they face in an already harsh environment where they already deal with crime, corruption, and limited public infrastructure. They will also be conscious of the need to reassure potential investors. These challenges already force African telcos to take a more comprehensive and realistic stance on how to implement enterprise risk management (ERM) and maximize the benefits it yields to the business, and African telcos will continue to make more rapid progress with ERM than their Western counterparts. However, common prejudices will blind some people to the truth about which telcos are real leaders in this domain.
Although African telcos will be motivated to make best use of their capital, and to encourage more investment, cash-strapped African governments will continue to raid telcos and their customers for money. This will lead to more national revenue assurance audits and monitoring systems. The heavy cost of national RA programs will encourage their supporters to make unrealistic promises about the financial benefits that can be realized. However, the African governments that purchase them may save face by repositioning the audits and systems as providing consumer protection from overcharging. Some in the public will worry that national RA programs are a disguised form of surveillance. Though not all of their fears will be justified, they are right to be concerned about the potential for extensive data gathering to be used for goals unrelated to telco revenues or tax bills.
5. AI as the Enemy of the Analyst
RAFM vendors have long maintained an unspoken alliance with users within the telco, where each new system purchase also creates jobs for the analysts who push buttons and read reports. Even if the number of jobs remains static as a result of updating a system, the expenditure generates a degree of job security because somebody needs to perform the role of user. This win-win relationship will be threatened by vendors boosting flagging sales by offering increasingly autonomous machine learning. AI will be increasingly pitched as a substitute for human imagination. Machines will be tasked to identify anomalies that previously could only be spotted by people. Managers will be somewhat protected from automation, not least because they will influence the purchasing decision. AI poses more of a danger to analysts who perform repetitive tasks on a daily basis.
As ‘robots’ take on the more mundane aspects of data processing the human workforce can justify their jobs by being adaptable, and refocusing on areas of leakage that involve less data crunching and where machines will be less productive. This will be problematic to those RAFM roles that originally concentrated on crunching data. Soft skills will rise in value relative to technical skills like the writing of queries. At the same time, analysts also face a separate threat from the consolidation of similar skills to theirs within a general-purpose ‘data science’ team. The key to preserving roles for specialized RAFM analysts is to ensure they understand the intimate detail of how the telco works, having learned about it by talking to their colleagues.