Jack Wraith MBE (pictured) is one of the most admired anti-fraud professionals in the UK telecoms industry. Following his induction into the Hall of Fame for telecoms risk and assurance professionals, Jack gave an interview to Risk Reward Awards where he talked about telcos falling behind in their competition with innovative fraudsters. His remarks about the education and development of telco staff stood out:
When I first became involved in the world of fraud management I recall that some of the critical tools that were available to the fraud manager were the “highlighter and ruler”! Those new to the area of fraud management might well ask what? They were, of course, to assist in the analysis of call records, which back then meant pouring over pages and pages (yes, paper) to identify the patterns that indicated fraud. So yes progress has been made, however the question must be asked has it kept pace with the increased methods employed by fraudster to defraud networks and if not, why not? It is true that there has been a lot of automation in some of the basic tasks that are required to detect fraud, especially in the complex networks of today but, as with any dynamic and ever changing risk, there are always areas in which any progress is behind the curve when it comes to detection and thus prevention. Everyone accepts that fraud does and will occur and yes, we have the fraud algorithms, probes and machines to assist the fraud professional in the day to day tasks but often by the time these are put in place the fraudster has moved on to other ways which invariably leaves the fraud professionals behind the curve not ahead of it, which is where they should be if they are to be effective.
Some of this situation can be put down to lack of personal development as well as poor corporate investment in this area of the business and some down to a lack of understanding, by senior management, of the risk that fraud presents to an organisation. Whilst fraud reaches parts of the organisation that other crimes do not, it does not always reach the parts that make the funding decisions and even when it does its importance to the overall business plan often goes unrecognised. YES, there should be more personal development, YES there should have been greater investment and progress than there has been and YES there should be more recognition of both individuals as well as organisations who have contributed and continue to contribute their expertise in the fight against fraud wherever it manifests itself.
I have to agree with Jack. Spending on automation is obviously helpful, but at least it receives attention from time to time. Too many executives treat expenditure on fraud management as a box-ticking exercise; they buy a fraud management system and then choose to believe all the risks have been mitigated. Unfortunately, ignorance of fraud is a vice whose jaws keep tightening on the unwary. Telcos that believe they have already tackled fraud successfully become trapped by their own complacency, and will not spend the time and effort needed to learn about the progress being made by fraudsters as they explore new ways to commit crime.
A skeptical approach is needed, and this begins with the presumption that telcos are always suffering fraud they have not yet detected, never mind prevented. However, our industry spends trivial amounts on educating fraud managers about the unique frauds that only occur in global communications. The average person struggles to understand them, which is why regulators and law enforcement bodies have to use very simple language to explain the relevant risks to the public. However, telco execs seem to expect that a fraud manager only needs good instincts and past experience in order to anticipate the latest exploits, scams and hustles. As a consequence, too few telcos make any provision for the research and development of their anti-fraud capabilities, and some are even cutting the budgets that support informal learning and knowledge sharing with industry peers.
The founding of the Hall of Fame is a step in the right direction, showing that our community can recognize the best work done by professionals without always needing to associate it with the purchase of a fancy automated system. We also need qualifications, backed by a robust global program of intelligence sharing, and by the requirement for continuous professional education, so that box-ticking executives are given a reason to invest in developing their people as well as buying systems.
You will find the Risk Reward Awards interview of Jack Wraith here.