Business Assurance is a Goalkeeper

Some events are so memorable that people will always recall where they were, when they experienced them. I will never forget where I watched Germany’s 7-1 World Cup semi-final victory over Brazil. It was in a seafood restaurant in Portugal, accompanied by Tony Poulos, international telecoms personality extraordinaire, and Sérgio Silvestre, WeDo’s Chief Marketing Officer. We had spent the day at WeDo’s Braga office, discussing their product suite and development plans. At the end of our work, I commented that the semi-final was that night, so it would be good to eat somewhere with a TV. That evening, as the goals flew in, our jaws dropped, and I found myself applauding the Germans along with the other diners. Whilst the screen was filled by the shocked faces of Brazilian fans, my sympathies were mostly with Brazil’s goalkeeper, Júlio César. He had been a hero in earlier games, blocking penalties and keeping his team alive. But he was overwhelmed by the German tide. It was oddly appropriate to watch that game in the company of two of the best advocates for business assurance. That is because business assurance is to telecoms what the goalkeeper is to football.

In football, the goalkeeper is the last line of defence. When everything else has failed, he is tasked to make the save. And when the ball finds the back of the net, it is easy to blame the goalkeeper, saying he has not done his job. But when the ball finds the back of the net seven times, it becomes clear that the goalkeeper is only one player in the team. He can influence the result, but is not responsible for it. The same is true for business assurance, and leads to the greatest mistakes when setting targets for a revenue assurance or fraud management function, and the worst foolishness when measuring their performance. Was Júlio César responsible for Brazil’s defeat? No. A different goalkeeper might have made another one or two saves, but the Germans had so many chances they would still have won. So why measure a business assurance department according to how much the telco leaks, or by how much the department saves? When it comes to leakage, we are measuring the performance of the whole business, not of one section. And the business will most reliably win if it has a strategy to prevent leaks occurring, not by depending on an incredible goalkeeper and expecting him to make a series of miracle saves.

Even the worst goalkeeper will make saves, if his team allows enough shots on goal. At the same time, no goalkeeper is good enough to save every shot. So the best defensive policy is to not allow the opposition any opportunity to shoot. By the same token, the best policy in telecoms is to prevent the mistakes that lead to leakages. However, this requires something more than a goalkeeper. It demands a strategy for how to defend, and for the whole team to play their part in executing that strategy.

A goalkeeper is expected to react to whatever comes his way, whichever direction it comes from. I have often said that assurance is the goalkeeper of telcos, and the metaphor reflects the realities of how most telcos approach assurance. However, the problem with the analogy is that it emphasizes the passive aspects of assurance. It suggests that business assurance is there to make saves at the last moment, by leaping this way and that, without having any plan or design. Goalkeepers respond to events on the field of play. As the Brazilian team showed against Germany, energy and passion are not substitutes for organization. Brazilian players ran around without discipline. They had no sense of what their defensive responsibilities were, or how to work together to impede the Germans and win the ball back. The German team, in contrast, showed how effective a team can be when everybody understands what they are meant to do, and how they will work towards their common goal. Good defence requires more than the individual brilliance of the goalkeeper or the desire of outfield players to make as many tackles as possible. Defence requires leadership. The same is true for business assurance.

Goalkeepers can be leaders on the field of play. A good goalkeeper will talk to his teammates, telling them what they should be doing. If he needs to rapidly bark instructions to a fellow player, it is understandable that he may sometimes be loud and abrasive, and might temporarily upset his colleague. But that is better than having a goalkeeper who is too timid, and who leaves the outfield player unaware of the risks around him, leading to a goal being conceded. Assurance functions need to be respected, when they give directions to others. If nobody else can see the gaps in the defensive line, it is vital that business assurance speaks up, and is heard. Sometimes it needs to shout. Being in a unique position thanks to the data they receive, business assurance must tell others what they see, and how this should be translated into definitive steps that will improve the company’s defences.

Whilst goalkeepers give instruction during a game, even this form of proactive intervention is not enough to organize a reliable defence. Before the game begins, each player needs to know their defensive duties. The coach must have an effective strategy, and he must be able to communicate it to his players using language that they understand. And after the strategy is communicated, it will need to be reinforced through training. It is not enough to speak to people in abstract and theoretical terms. Asking people to be good is pointless, if they do not know how to be good. You have to show people what you want them to do. That involves making them deal with specific scenarios during their training. It also means their real-life performance should be analysed and critiqued. This is also true of telcos, where we understand that the role of the coaching team is fulfilled by the telco’s executives.

Whilst the head coach is responsible for all aspects of attack and defence, there may be other coaches with more specific focus on aspects of defence, and on how the goalkeeper plays. At the same time, the coaches should be harmonious, and work from a common understanding of how the team will play. Neither the attacking nor defending strategies will succeed, if they contradict each other. So if an executive team fails to devise a defensive strategy, or if they make demands which are contradictory, then the goalkeeper cannot be responsible for the losses that will inevitably follow. This is true even though the goalkeeper is the one who recovers the ball from the back of the net, and hence becomes the easiest person to blame.

Continuing our metaphor, business assurance increasingly needs to step up to a coaching role. Diving around and making flashy saves is not a long-term strategy for the success of the individual, or of the team. We also need to advise on the company’s strategy, as well as its tactics and operations. That is the only way to properly identify and address the defensive risks that are the root cause of leakages.

The strategic voice of assurance will never be the loudest one in the corporate team. The head coach – the CEO – needs to listen to many voices, and to determine the balance between attack and defence. The CEO needs to find ways to win games, in addition to avoiding defeat, and that will always mean taking risks in order to win new revenues, as well as taking sensible precautions to secure existing revenues. When listening to many voices, the CEO cannot avoid being influenced by the quality of the advice he receives from different quarters. If an attacking coach gives very good advice, and a defensive coach gives mediocre advice, then it is right that the attacking coach should have more influence over the team’s overall strategy.

Business assurance often has a uniquely advantageous view of how the whole team is performing. The data collected should be turned to strategic advantage, not just used to identify and fix operational faults. Like a goalkeeper, we see things that others might not. But it is not enough to have good information; we must also give good advice. That means synthesizing the information we have into realistic proposals for improving the teams’s defensive strategy, whilst understanding these improvements should not compromise the other objectives of the team. If we do that, we deserve to be coaches, and will need to make fewer saves. Otherwise, we will only influence results whilst standing between the posts, during those moments when we are the last line of defence.

By using the analogy of a football goalkeeper, I hope I have communicated some complicated points using a language that is easy to understand. In that respect, I am also trying to be a coach. Coaches succeed if players intuitively comprehend what they have been asked to do. The coach should choose his words to best suit the language understood by his players; the coach should not expect the players to learn difficult terminology or strange ideas just because that is how the coach likes to talk. The history of business assurance shows we can be very good at coaching. The word ‘leakage’ is a great example of how we have used intuitive language to express complicated ideas, and hence to successfully influence how others think and behave.

Business assurance has grown from nothing to a mainstay in telcos worldwide. The phrase ‘business assurance’ shows we are expanding well beyond the founding scope of revenue assurance and fraud management. At the same time, we can do more. If we do not keep pressing forward, we will become increasingly irrelevant, and deserve to be relegated to obscurity. It is not enough to complain that others do not understand, or that execs spend too much time talking to their marketing people. If we use the information we have, and speak to people in a language they are comfortable with, we will persuade.

We are more than a safe pair of hands, fit only to dive around and catch the ball. We also have brains, and voices, and we can help the business to organize itself and adopt winning strategies. Any CEO can imagine himself the coach of the Brazilian football team, and being in a situation where scoring a goal is meaningless, because his team is already seven goals behind. They understand that attack will not bring victories, if there is inadequate defence. But they may never have received good advice, that quantifies some of the risks faced by the business, and offers pragmatic solutions to its worst defensive frailties. We can help them. If we are good coaches, we not only succeed as goalkeepers. We will succeed as goalkeepers because we will need to make fewer saves, but we will also become more important to the whole team.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.