When Fraud Belongs With Revenue Assurance

There is a debate about whether telecoms fraud falls within the remit of revenue assurance, or has anything to do with revenue assurance, or is something that needs to be managed differently. I never could understand those arguments. Businesses should organize themselves in the way most efficient for their circumstances. Sometimes that will mean linking the management of fraud with revenue assurance, sometimes keeping them separate. It all rather depends on what frauds and revenue losses the business is likely to suffer from and how it deals with them. Here is a very good synopsis of the various kinds of fraud from Geoff Ibbett of SubexAzure. Stephen Tebbett of Ernst & Young has an awesome list of all the kinds of revenue loss that I would give you the link to, except it is not on the web yet, so come back soon as we will be hosting it here in the near future. Though the causes of the losses on Geoff’s and Stephen’s lists are quite different, many of them revolve around similar weaknesses or gaps in monitoring, and there is a lot of overlap in the indicators of fraud and revenue loss. Of course, in the real world lots of questions about who does what job are decided by internal politics and power struggles. But if you want to think about the question solely on the basis of efficiency and effectiveness, here are the three factors to consider when deciding whether to link the management of fraud and revenue assurance.

1) Human Resources, Staff Time and Communications

Will there be pre-launch analysis of risks for both fraud and revenue assurance? If so, could this be performed by the same individuals? Can the training of fraud and revenue assurance analysts be combined to improve effectiveness and reduce overheads? If fraud and revenue assurance staff were in the same function, would they have improved promotion prospects making it easier to retain good people? Are losses due to fraud and revenue leaks reported using a consistent format? Are they both presented to the same executives? Could they be collated and reported by the same person? Are they calculated in a consistent way?

If the answers to the questions are “yes”, linking fraud and revenue assurance will provide efficiencies in terms of human resources, communications and the time of senior staff. If the answers are “no”, it is still worth asking why. Why not have the same person trained to identify fraud and revenue assurance risks? Why not calculate losses in a consistent manner and present them to the same execs?

2) Incident Management and Process Improvement

Are there overlaps in the way fraud and revenue assurance weaknesses are addressed? Is there a similar scope for the systems and processes reviewed and monitored for both fraud and revenue assurance purposes? Is same the documentation used to understand internal processes and system performance and hence to identify weaknesses? Are there topics like information security or business continuity where both fraud and revenue assurance considerations are often addressed in the same way? Do improvements related to reducing fraud often have benefits for reducing revenue loss and vice versa?

If the answers are “yes”, there is a good case for trying to resolve issues and fix bad processes using a common approach with common prioritisation. Where the understanding of technology and product is much the same for preventing or identifying weaknesses for both fraud and revenue assurance, duplication of effort can be reduced by linking the goals.

3) Monitoring Systems and Processes

Is the same source data used for both fraud and revenue assurance monitoring? Are alarms that indicate possible fraud sometimes set off by accidential revenue leakage? Are checks for accidental revenue leakage sometimes evidence of deliberate fraud?

If the answers are “yes”, there should be cost efficiencies in implementing systems and processes able to identify and react to both deliberate frauds and accidental revenue losses. Exploitative customer actions like use of SIM boxes, or internal frauds where some customer bills are suppressed, may not be picked up by classic monitoring focused on looking for certain pre-defined types of customer fraud, but may get identified through generalised RA checks. Likewise, monitoring for unusual customer activity or for internal frauds may highlight an accidental error by the business or one of its partners as well as identifying genuine frauds. If there is a high degree of overlap in the recurring checks that would counter both fraud and revenue loss, then it is more efficient to combine the monitoring strategies and to reuse data where possible.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.