FRAUD AND REVENUE RISK CONSULTING
Revenue Leakage in the Telecom industry is 1% to 11% of gross revenues (source: TM Forum). In an organisation where the Revenue Assurance function is quite limited in capability and resources, it would be reasonable to assume that at the lower end of this scale, at 3-4%, the opportunity to avoid considerable losses through improved processes, procedures and systems is significant.
The situation is similar with Fraud losses, which are often in the region of 1 to 5% of gross revenues. While occasionally fraud losses could be considered simply unpaid use of an organisations network and services, most do result in a direct impact on the organisations bottom line. These losses could be in the form of out-payments to interconnect or content partners, loss of incoming interconnect or termination revenue or simply the loss of return on the investment required to provide services.
More and more telecom operators have come to appreciate the importance of assuring all available revenues and conducting regular fraud and revenue risk reviews is now common. We are now in an operating environment where we are experiencing eroding margins, increased cost pressure and an increasingly competitive marketplace. The realisation that every dollar recovered from leakage , or prevented from becoming leakage flows directly to the bottom line, makes the argument for implementing effective Fraud and Revenue Risk processes and tools more and more compelling.
Many start-up’s, whether they are an MNO or MVNO, will frequently concentrate their activities on establishing their business to a stage where they can offer services and establish their customer base. This often results in basic risk management initiatives, including Fraud, Revenue Risk and Revenue Assurance controls being overlooked, or as issues that can be dealt with at a later time, once the business is more established. This strategy has resulted in many start-up operations suffering fraud or other avoidable losses that have almost destroyed the business, and generally result from some control or fraud prevention/detection weakness that would not have existed had even a basic fraud risk review been completed before, or shortly after launch.
The cost of completing a fraud and revenue risk review, and implementing basic controls to prevent, or at least minimise losses, is typically less that what could be lost in half a day if a fraud attack on the organisation was successful, and could have been prevented. Recent Fraud reviews completed by YFCL following IRSF attacks where losses suffered were in the region of $US200,000 to $US400,000 found control weaknesses that would have been identified during a fraud review, and could have limited losses to nil or under $US5,000. A similar situation exists with Revenue Assurance reviews where costs of the review are recovered many times over in the first month following the implementation of a planned and coordinated RA Strategy that identifies many areas of revenue risk that had previously been ignored. However any avoidable direct financial losses that are likely to result from poor risk controls often become insignificant when compared to the impact an 'avoidable' event can have on the organisations reputation, customers and staff moral which will typically result in a much higher financial impact overall.
The purpose of a Fraud and/or Revenue assurance review (or Health Check) is to assist a CSP (MNO, MVNO, Fixed Line of other Communications Provider) to establish a robust, effective and tested Fraud Management and Revenue Assurance function across the business. This includes a review of existing functions, policies and procedures to identify any control weaknesses, providing the opportunity to recommend changes, improvements or new policies and procedures to be implemented where considered necessary. If the review is requested following a significant fraud attack, then the review will look at all control weaknesses or other points of failure that contributed to this fraud, and recommend control or operational improvements to mitigate these risks. Reviews are also completed for long established CSP’s who simply want confirmation that their existing Fraud Management and RA functions are in line with industry best practice, or require some changes to bring them up to that standard.
A Fraud and Revenue Risk review is considered a 'must do' for any new or immature Communications Provider, especially MVNO’s as there is clear evidence that MVNO’s are currently being targeted by some organised International Revenue Share Fraud (IRSF) fraudsters. It is known that since January 2015, some IRS Fraudsters have been targeting MVNO’s with the understanding that while MNO’s have been battling IRSF for a number of years, with many now having quite effective controls in place to prevent and detect IRSF, MVNO’s are still quite immature in their Fraud Management capabilities, along with their knowledge of fraud such as IRSF and Wangiri Fraud.
Other recommenations typically arising from these Fraud and Revenue Risk reviews can include;
- Fraud and RA reporting methodology
- Development of KPI’s
- Policy Development –documenting any of the various Fraud and Security Policies and operation manuals as required
- Investigations – completing, assisting with, or reviewing internal and external fraud investigations
- Interim Management if required
- Identifying other areas of revenue risk, such as lost revenue opportunities, Fraud and RA strategy, Internal Fraud Investigation, Information Security and any other issues that become known during the review that could result in any financial, brand or negative customer impact.
Contact Colin Yates (firstname.lastname@example.org) if you are considering a Fraud or Revenue Risk review or Health Check, and we will try to have a full proposal returned to you within 48 hours, outlining the methodology used, deliverables, benefits and estimated costs.