20.5k unique visitors in the last 3 days

South African Risk Association Demands Simbox Ban

A new report from the Communications Risk Information Centre (COMRiC) outlines a potential national strategy for risk, resilience and security.

The Communications Risk Information Centre (COMRiC) is a nonprofit association that describes themselves as “South Africa’s frontline defence against telecommunications crime” and its leadership team includes Chief Risk Officers and other leading executives from all of the country’s largest telcos. So it is worth paying attention to the findings in their first Telecommunications Sector Report, which was issued recently. The report includes contributions from all of South Africa’s major comms providers, including MTN, Telkom, Liquid and CellC. Vodacom’s contribution described the publication of the report as “a significant milestone”.

One observation that will also stir debate in other countries is the demand that simboxes be tackled by introducing a nationwide ban and import controls, as already established in some other African countries and adopted by the UK earlier this year. The report praises the extent to which Tanzania and Ghana have reduced fraud by targeting simboxes. The message from COMRiC CEO Thokozani Mvelase to the Independent Communications Authority of South Africa (ICASA), the national comms regulator, could not be any plainer.

We are also urging ICASA to enforce a ban on sim box modems, many of which are smuggled in without regulatory approval. These devices threaten network security, intercept messages, and bypass lawful surveillance systems. Their continued use undermines national efforts to protect digital infrastructure.

The association offered many other valuable insights and recommendations, several of which are also relevant to other countries. Here are five other takeaways from their report.

1. SIM swap fraud enables a lot of financial crime

In 2024… nearly 60 percent of mobile banking fraud [was] linked to SIM swap crimes.

2. Network security requires investment in human beings too

Workforce-related risks are emerging more clearly in 2025. Burnout in cyber teams, skills shortages, and resistance to AI integration have become more prevalent compared to 2024.

The problems that telcos have with recruiting and retaining cybersecurity professionals reflects a more general problem with the availability of suitable staff.

Many cybersecurity jobs are not being filled. 63% of roles remain open because there aren’t enough trained people.

3. Attacks on physical infrastructure reflect wider economic factors

Copper theft remains strongly correlated with global commodity prices, while lithium battery theft surged during load shedding.

4. There is a need for a nationwide sense of priorities that crosses boundaries between silos

Financial institutions, retailers, law enforcement, and regulators all have a stake to secure digital infrastructure. COMRiC continues to foster public-private collaboration models that cut across silos. We advocate for enabling legal frameworks to share actionable fraud intelligence while respecting privacy law, and we support harmonised regulation that addresses the rising use of OTT services…

Cross-sector collaboration is not only essential for mitigating current and emerging risks, but also for reinforcing the strategic role of the telecommunications sector within the national economic ecosystem.

5. South Africa should have a national strategy for security and resilience

A section of the report entitled “The Urgent Need for a National Cybersecurity Resilience Plan in South Africa” presents a manifesto for change. It begins:

COMRiC calls for a National Cybersecurity Resilience Plan (NCRP) to unify government, business, law enforcement, and cybersecurity experts.

Urges urgent and coordinated action to strengthen South Africa’s cybersecurity infrastructure.

Welcomes government focus on cybercrime, AI-driven fraud detection, and digital infrastructure investment but stresses need for faster implementation and integration.

And More…

The 42-page report also touches upon issues of specific relevance to South Africa, such as recent arguments over whether there should be exceptions to Broad-Based Black Economic Empowerment (BBBEE) rules for satellite comms businesses like Elon Musk’s Starlink. On this particular point, it was notable that an association of traditional telcos was sympathetic to the disruption caused by satellite comms because of the economic growth that would be released by connecting more of the rural population to the internet.

COMRiC’s report is not perfect, and sometimes falls into the trap of repeating international statistics that have little credibility. The report is otherwise a good step forward for cooperative risk management in South Africa. It argues cogently for changes that would benefit the whole of South Africa and not just its existing comms providers. Other national associations should use the report as a template for bringing together and expressing the views of senior risk leaders working within the comms sector. Many of the recommendations also deserve consideration in other countries.

You can read the report here.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email