HOW A TELECOM FRAUD SOLUTION CAN PROTECT YOUR PROFITS

In 2017 alone, the CFCA estimated that US$29 billion was lost due to telecom fraud. Telecom fraud is four times larger than credit card fraud, yet it’s less often discussed in the media. Telecom companies need to protect themselves through the use of reliable telecom fraud management solutions, if they want to avoid costly surprises for their customers. Most telecom companies will see some level of fraudulent traffic – whether they are able to identify this traffic will depend on the tools at hand.

The True Cost of Telecom Fraud

Telecom fraud occurs when malicious attackers take advantage of the telecommunications system to complete calls or transactions that benefit them financially. Methods of telecom fraud vary considerably across the world, though scams are most often perpetrated by highly organised criminals, operating either alone or in gangs.

For instance, a malicious attacker may entice customers to return a “missed call”, without the customer realizing that the number is a toll or premium number that will charge a significant amount of money to their bill or prepaid account. This is called a “Wangiri” fraud, a Japanese term that literally means one (ring) and cut.

In a security attack known as “phishing”, a fraudster will get access to a customer’s personal details to make purchases using their account, and subscribing to services without the customer’s knowledge. As individuals spend more time on their phones, using voice and data services, they become more vulnerable to these types of threats.

At a corporate level, malicious attackers may hack VoIP PBX systems to make long- distance calls, again to premium-rate numbers. The attackers could also take advantage of quirks in a telecommunications system to make it seem as though calls did not go through (by recording a false disconnection notice), while still charging for completed calls. Calls can be routed and transferred incorrectly, all of which lead to artificially inflated charges.

When telecom fraud does occur, someone has to pay – and often, that someone is the telecom company itself. Telecom companies can also lose money through wholesale interconnect charges, customer refunds, investigations, and additional customer support hours. Telecom companies may also eventually lose the faith of their customers, leading to fewer new customers and fewer customers retained.

Luckily, there are answers. Companies can reduce the cost of telecom fraud – and thereby improve their profitability – by avoiding telecom fraud altogether. This can be done with the help of an advanced telecom fraud management solution.

Mitigating Your Threats With a Telecom Fraud Solution

Using a telecom fraud management solution, your telecom business can prevent a significant fraud from taking place altogether — therefore potentially saving millions. A telecom fraud solution is able to automatically detect suspicious activity, making it easier for the organization to mitigate it before the damage is done. Some newer solutions are able to learn from past behaviours, identifying even threats that haven’t been seen before.

Many telecommunications businesses now use self-learning algorithms to identify the patterns on a customer’s profile. This is similar to fraud detection used for credit cards. With these patterns, the company can identify activity that seems strange for a customer, blocking suspicious payments and costly subscription fees. The smarter these algorithms are, the less likely they are to produce disruptive false positives.

Improving Profitability With a Telecom Fraud Solution

As discussed, telecom fraud itself is expensive, and a telecom fraud solution can help you mitigate threats. In so doing, telecom fraud solutions improve profitability in three major ways:

1. Mitigating direct costs:
There are direct costs of telecom fraud. Telecom companies will often need to audit and review their systems, and update their software, hardware, and business processes. Companies may also find themselves needing to reimburse customers for fraudulent charges, or absorbing costs that were fraudulently relayed across their system. All of this is going to lead to additional expenses.

2. Customer retention and brand reputation: 
If a telecom company experiences enough fraud, it will get low marks from its customers and may not be able to retain customers. Customers will not trust a company that often falls prey to fraud, and they will not want to continue using a company on which they have experienced fraudulent transactions or charges.

3. Reduced labour and troubleshooting costs:
Telecom fraud management solutions are able to automatically enforce many security protocols, thereby reducing the amount of time that administrative personnel and IT teams need to spend tracking down and mitigating threats. Telecom companies may be able to reduce their internal IT staff by using automated fraud detection solutions for mundane and routine tasks.

Whether your telecom company is large or small, it’s probably already the target for malicious attackers. The time to begin protecting yourself and your business is now. 

6 STEPS OPERATORS CAN TAKE TO AVOID TELECOM FRAUD IN SUMMER

August is known to be the busiest month out of the year for telecommunications fraud, as criminals take advantage of summer plans and holidays. This summer is likely to bring with it a host of new exploits and attacks – and you must assume that your company will be targeted. This summer telecom operators should spend their time bolstering their security efforts, through the adoption of increased technology and awareness training.

Roaming Fraud is on the Rise

Telecommunications fraud is not isolated to any particular network or country. Telecommunications services are now truly global, with new regions continuously opening up – and with them, new avenues for fraud. Telecom operators are already preparing for changes in EU data roaming rules and higher-risk roaming, additional telecommunications services, increased numbers of telecommunications devices, and seasonal increases of telecommunications fraud along with declining revenues due to the impact of other disruptive technologies such as OTT.

The Internet of Things has substantially changed the landscape for telecom service providers, with a multitude of devices now having the ability to initiate or facilitate fraudulent and malicious attacks. As network activity increases overall throughout the world, so too does the number of fraud attempts, and the number of telecommunications fraud vectors. Changes in roaming rules are already responsible for increased levels of fraud as consumers become less vigilant about managing their own charges and fraudsters exploit the new fraud opportunities these changes have provided them with.

But that’s not all – telecommunications fraud also tends to go up during the holidays and summer. With more people traveling and being active, there are more opportunities for fraudulent charges. This is especially true when customers are abroad or making plans to go abroad. Many known fraud attempts involve connections on an international level, and these can be some of the most costly to contend with.

With all that in mind, how can telecom operators combat the rise of telecommunications fraud? By creating a comprehensive telecom fraud management strategy. Telecom providers need to prepare now for the risks that are certain to come.

Taking Steps to Minimize Telecom Fraud

Telecommunications fraud is frustrating to the consumer and costly for the service provider. Telecom operators must take steps to minimise fraud if they want to protect their revenue and provide the best customer experience.

A solid telecom fraud management strategy consists of two parts:

An automated fraud solution: All operators must have a comprehensive fraud solution, which will automatically detect and mitigate the signs of fraud across their network. It is not always possible for a human agent to identify these signs, and consumers will often be unaware that fraud has occurred on their account until well after. Automated fraud solutions are able to do the work of many people, automatically scanning for and identifying potentially malicious actions. Even better, these fraud solutions are able to scale up easily, thereby allowing the telecom service provider to grow without an increase in security risk

Improved training and awareness: Telecom service employees must be trained to properly identify the signs of fraud and to escalate to a supervisor when needed. Though many fraud attempts will be detected by the automated fraud solution, there are types of fraud that can occur at the service, customer, and employee level. These types of fraud are often “social engineering” attempts, which employees must be able to recognize and respond to.

Some actionable steps telecom operators can take to avoid fraud this summer:

1. Reduce the lag between when calls are made and when these time stamps are logged, to combat International Revenue Share Fraud (IRSF) in particular – a type of fraud that involves generating traffic to expensive international revenue share numbers.

2. Broaden the scope of the fraud monitoring function. Fraudsters adapt their own modus operandi to counter common prevention and detection strategies that they know telecom operators will implement. A good example is country or range blocking. In February 2017, 42% of all International Premium Rate (IPR) test numbers advertised related to the top 10 fraud destinations. In July 2018, the top 10 destinations only account for 23% of the IPR test numbers advertised. There are now over 220 countries and territories being advertised as revenue share destinations, so monitoring only high-risk destinations is no longer effective.

3. Install an early detection service for Wangiri fraud (“one ring and cut”) – particularly fraud that diverts traffic illegally or “cons” users into returning missed calls to high termination rate destinations.

4. Implement and maintain a detection service for SIM Box Fraud, which is a type of fraud that involves using the internet to terminate calls on local SIM cards to sell international minutes.

5. Only resell minutes to reputable parties to combat “arbitrage,” the practice in exploiting settlement rates between countries for a profit.

6. Use monitoring equipment to detect more complex types of fraud such as OTT hijack attacks, or hacks into VoIP systems.

Though fraud attacks are going to be increasing through the summer, they aren’t going to go away once the holidays are done. Due to the IoT, new regulations, and the general increase in global traffic volumes, fraudulent attacks are going to be an ever-increasing threat. Businesses must take action now if they want to prepare themselves and prevent the possibility of a costly fraud attack.

If you want to learn more and minimize your fraud risk, reach out to XINTEC today.

PROTECTING THE CFO – THE SIMPLE SOLUTION TO REVENUE LOSS THROUGH FRAUD

Irrespective of a communication providers’ size, a CFO or Finance Director’s nightmare is to have to explain to his executive team, to his shareholders, to his/her own customers, even the general public in some instances, why they didn’t detect an ongoing financial loss or couldn’t prevent a sudden fraud hit.

The increase in scale and complexity of fraud types around the world creates situations of genuine uncertainty for operators and in turn, their financial controllers. No operator wants to constantly face the threat of being attacked by fraudsters and of having hundreds of thousands or even millions of dollars wiped off their bottom line in a single incident.Yet we see this happening, a lot.

But what price is worth paying to stay protected from financial losses?

Smaller Operators more at risk

Losses directly attributable to fraud and revenue leakage can range from 0.5% of gross revenues all the way up to 15% in certain cases, according to a Gartner report. International Revenue Share Fraud, the deadliest of all fraud types, costs the industry in the region of $6.1bn a year, roughly 20% of all estimated communication fraud.

Although the types of financial risk to which operators are exposed are essentially the same, owing to the global nature of telecommunications, the smaller operators are at a clear disadvantage when it comes to managing risk and preventing major losses. They simply don’t have the experience, the maturity, or the resources to get losses fully under control.

Whether traditional MNO, VoIP, fixed-line carrier or MVNE/MVNO, the price point at which they should seek to acquire loss prevention technology or related services is a critical deciding factor. So, the case for simple and cost-effective tools to de-risk their business becomes a compelling one. There has never been a better time to promote a low-cost technology proposition to the global telecommunications market, even for incumbent operators seeking to drive down supplier costs.

At XINTEC we can help de-risk a business in a very simple and cost-efficient way with a suite of products that are flexible, adaptable, quick to install, and able to deliver measurable results fast.  

REVENUE ASSURANCE: ENOUGH WITH MANUAL WORK!

Getting tired of trawling through Excel tables, spreadsheets, etc.?

What inevitably spikes the interest of a Revenue Assurance (RA) analyst is uncovering evidence of revenue leakage somewhere in the organisation. This is what will drive him or her to expand the scope of an investigation and get to the vera causa, or true cause, of a problem.

The lesser exciting part of RA, if you ask the same analyst, is having to manually reconcile volumes of data located in different systems and in different formats. This is assuming the analyst knows what he or she is looking for in the first place!

And whereas the Switching and IT teams might occasionally be happy to offer help on a one-off basis with pulling data from their respective systems, they won’t have the resources to do this on an on-going basis.

In a maturing organisation, RA operatives will inevitably reach a limit to their ability to continually wade through reams of such data. Searching for discrepancies and mismatches to pinpoint revenue leakages within the business can be an ungrateful and oftentimes frustrating endeavour. And there is nothing more dispiriting for an RA operative than to find that, after all their hard work in finally identifying a source of leakage, that management decides it’s unworthy of collection. As perhaps too complex, too old, or too time consuming.

So probably not a very sustainable approach to RA.

But when there are clear wins, especially at the earliest stages of an investigation, the RA function has the potential to grow to new the levels of maturity by striving for continual improvement. This usually means moving towards timelier and more frequent reconciliations, which points to several options:

  • The CSP can choose to stop the RA activities and schedule another one-off RA review, perhaps next year, when the resources from the other teams are more likely to be available;
  • The CSP can ask the RA team to keep working with the hand-built system, relying on the goodwill of the other teams to support them, recognising that this can cause the deterioration of inter-departmental relationships;
  • The CSP can talk to an RA solution vendor about getting help.

The vendor will be able to build the extraction, transformation and loading (ETL) tools to take data from different sources automatically and at a frequency that suits the business, therefore not overloading other departments.

Together with the RA team, the vendor can build the reconciliation, reporting and analysis tools that are needed to identify the issues quickly, giving the RA team more time to investigate the root causes and implement corrective actions.

The vendor may even be able to run and operate the system as a managed service, leaving the RA team with the time to investigate and recover the money.

Choose a vendor with care, though. CSPs should be looking for one that can support a business of the CSPs size. Too big a vendor and the CSP will not get the dedicated focus from the vendor’s team. Too small and they may not be able to support the CSP if other clients are experiencing problems.

Telecoms is a fast-moving environment, where new products and functionality are being launched on a regular basis. Being a market leader means getting new products out there first. But the CSP will want assurances that these new products aren’t creating leakages or losing money. The CSP needs RA tools that can be implemented at the right pace for the business, keeping key systems in check, and supporting an ecosystem where RA operatives can thrive in their job.

Why not talk to us, and see what we can do to help?

THE VALUE OF NRTRDE-OUT RECORDS IN THE FRAUD DETECTION PROCESS

Roaming revenues have been declining for several years now, and some CSP’s have realised that being accepted as a preferred roaming partner in their home country can generate important revenue to replace that lost through declining outbound roaming settlements.

A HPMN will normally have a choice of several VPMN’s in most countries their customers will roam to, and they have the ability to steer their customers towards a preferred VPMN when roaming. The decision on which roaming partner will be selected as their preferred VPMN will be based on a number of factors, for example NRTRDE compliance, network quality, inter-operator tariff (IOT) discount agreements, etc.

In most countries now, the services provided by all VPMN’s is reasonably consistent, so a service differentiator should be explored to provide an additional level of service not offered by the other in-country CSP’s. A relatively simple value add is to evaluate NRTRDE-OUT records for visiting roamers and provide immediate advice to the home network of any obvious fraud or misuse. While it is accepted that (in most cases) NRTRDE records will be delivered to the home network within 60-90 minutes, the earlier suspicious activity is notified, the sooner financial loss can be avoided.

The opportunity to add value in this way will be limited as more operators implement VoLTE. Since VoLTE is an all IP Network, the VPMN has no visibility of voice traffic originated via S8HR VoLTE roaming. While there are only an estimated 600 operators currently fully operational with VoLTE, it will take some years before there is a full transition from Circuit Switched (CS) to VoLTE.

Offering roaming partners some additional value now by reviewing their NRTRDE-OUT records is a sound strategic move to establish a trusted relationship which could then continue as the networks transition from CS to VoLTE and secure ongoing roaming revenues.

THE HIDDEN VALUE IN REVENUE ASSURANCE TOOLS

A good Revenue Assurance software platform will play a key role in mitigating risk within a business.It can provide assurances in relation to the accuracy and completeness of the billing process; it can address regulatory concerns; it can be used to manage customer complaints; it can help reduce customer churn; it can assist in identifying network issues, etc.

Revenue Assurance solutions have been around for many years now, and the discipline of Revenue Assurance itself has reached a measurable level of maturity in many organisations. But the experts believe there is a lot more hidden value in these tools, to the extent that they can even be the drivers of a risk management culture within an organisation.

For instance, in the event of an unexpected incident which may incur a financial or reputational loss for an operator, teams are tasked with effecting changes within their departments to avoid a reoccurrence of this incident. In doing so, they are encouraged to collaborate and think about other potentially significant risks to the business. These could be as far reaching as losing the licence to operate, major network failures, significant system failures, data breaches, losing key customers, etc. 

Lately there has been a lot of talk about Enterprise Risk Management (ERM) – an approach to risk management in which all such risks are looked at. More than just Revenue Assurance or Business Assurance (which covers revenue assurance, cost assurance, margin assurance and partner assurance, or basically wherever one set of data can be reconciled against another),

ERM provides a framework for risk management which typically involves identifying risks and opportunities, assessing their potential impact, and determining a response mechanism which will ultimately protect and create value for stakeholders.

A good risk management strategy should recognise the value and importance of an effective Revenue Assurance solution in supporting the business in reaching this end. If a Revenue Assurance solution is used to its full potential, it should encourage Revenue Assurance operatives and senior management to think outside the box when it comes to mitigating risk, and to taking a risk-based approach to managing the enterprise, such as ERM.

5 REASONS WHY SMALLER TELECOM OPERATORS SHOULD LOOK TO TELECOM FRAUD MANAGEMENT PROVIDERS

In September last year, the CFCA published the findings of its latest fraud loss survey revealing that Telecom Fraud has cost the industry an estimated $29.2bn in 2017, which comprises 1.27% of total global telecoms revenue. The good news is that while this is a better result than the previous 2015 survey, the bad news is that fraud remains one of the biggest revenue risks to operators globally, with IRSF in particular remaining the most prevalent type of fraud attack experienced.


What is also becoming clear is that the smaller Tier 2 and Tier 3 Operators and MVNOs suffer the greatest threat from fraudsters, and in many cases are at an even greater risk of fraud than their larger competitors.

Why is this?

Well, reported incidents consistently show that even over short time periods fraud attacks can result in losses of hundreds of thousands, or in extreme cases, millions of dollars to an Operator or MVNO. While fraud losses at this level are significant for any Operator, many larger Tier 1 players can manage the impact of them. However, an incident on a similar scale targeting a smaller Operator is likely to result in a more serious financial impact, sometimes taking years to recover from.

This is where third-party providers can play a crucial supporting role in helping smaller Operators build a stronger resilience against fraud and greatly reduce the impact that fraud attacks are having on their revenue and reputation. We have outlined the top 5 reasons why our customers are now looking externally for telecom fraud management in tackling fraud across their network.

1. Costs

Traditional fraud systems for Tier 1-type operations have been designed with large databases and complex network infrastructures and as such are normally expensive, difficult to install and maintain and requiring resource intensive support.

Smaller Operators and MVNOs do not generally have the infrastructure, resource or available skills sets to manage such solutions, and although scaled down options are being made available; these often still have high total cost of ownership (TCO) impacts.

2. OperationsEstablishing an effective and efficient fraud operation within a small Operator can be a challenging task. Smaller providers tend to be restricted in the number of resources they can make available and even then, often lack sufficient skilled expertise in the Fraud and Revenue Assurance area. Without access to fundamental knowledge of the Telco operational architecture, data structures, services and operational threats, it is almost impossible to implement an effective operational infrastructure to provide adequate protection against fraud.

Secondly, due to the constantly changing technology environment we work in, our industry risk profile is changing almost month on month. So many of the outdated and manual approaches to revenue risk management are simply no longer practical. Similarly, many in-house developed systems which may have been ‘fit for purpose’ for specific revenue risk management issues when implemented, will have become difficult to maintain and adapt to today’s constantly changing risk environment.

3. Technology

The issue of technical architecture is one of the biggest challenges for smaller Operators wanting to establish effective risk management practices. Advancing technology in a competitive marketplace can present obvious difficulties for smaller Operators and MVNOs competing with the larger providers, but it also presents an internal challenge in establishing optimal operations.  

4. Functional Capability

If the Operator decides to self-build an operational solution capability, there are many factors to consider, and significant risks to take into account.

Firstly, finding the appropriate resource internally to create and manage any reporting or alerting infrastructure is difficult, especially with clashes of priorities and responsibilities. Even in situations where this resource is available, development of the appropriate controls, monitoring or reporting can be limited due to lack of knowledge of the issues or understanding of the mechanisms needed to achieve the goal.

Secondly, if an operator does manage to establish a simple self-built control or reporting system, the lifecycle of such a system is limited, as risks change and develop over time, and constant management and updating of such solutions are needed.

5. Knowledge Sharing

As everyone knows, two heads are better than one and organisations that have both in-house and third-party fraud detection capabilities are the ones proved as being most effective at preventing fraud attacks on their networks. Third-party vendors dedicated to fraud are at the coalface of this battle, staying up to speed with the latest industry trends, and often in cases, getting ahead of fraudsters across the globe.

REVENUE ASSURANCE: AN INSTRUMENT OF GROWTH

Chief Financial Officers (CFOs) or Finance Directors (FDs) play a pivotal role at company leadership level, helping to make crucial financial decisions and leading the execution of those decisions.

They also know that accounting – the backbone of measuring business performance – is a black art of sorts, masquerading as a science.

By adopting a Revenue Assurance approach, they can uncover the story behind the data, sharpen their decision-making ability, and drive new growth opportunities for the company.

At this time of year, CFOs and FDs are preparing their regular financial statements and updates for their stakeholders. But how can they add more value without losing sight of the core values of the business? 
Could they make the next period’s results better?

There are several traditional areas that get looked at, such as new products or campaigns to be launched, 
or costs to be cut, etc., all of which come with some risks attached. 

New campaigns and product releases could end up cannibalising already profitable revenue streams, 
or potentially triggering price wars with competitors. Cost reductions could result in poorer operational performance, leading to increased volumes of calls to the call centre, increased complaints, not to mention potential regulatory scrutiny. All this takes resources and effort away from running the business.

We are always surprised to learn that that “improving Revenue Assurance capabilities” seldom gets mentioned, although it has proven to be a winning strategy. 

So, what is different about Revenue Assurance? 

Adopting a Revenue Assurance approach has several tangible benefits, effectively improving the accuracy of supplier invoices and customer bills, which usually results in better cash flow positions and improved financial performance. 
Leading consultancy firms suggest that the average leakage in a telco is about 2% of gross revenues. And these are organisations with an established Revenue Assurance function, even a respectable Revenue Assurance system. 
However, in the absence of suitable Revenue Assurance capabilities, leakage levels within Telco’s can quickly exceed 5% of their revenues. And let’s not be caught out: as the costs have already been incurred, the money that can be unearthed from Revenue Assurance directly impacts the bottom line. Even a 1% revenue recovery can make a significant difference to overall margins.

OK, so where do we start?

Is it difficult to get started on the Revenue Assurance journey? Not at all. The only difficulty is finding people with the right mindset to take Revenue Assurance forward within the organisation. More than just a good manager or analyst, a good Revenue Assurance operative should be of an enquiring nature, challenging assumptions, and always seeking the truth. When in doubt, asking to see the original (unprocessed) data, and checking that answers given by others are reasonable and independently verifiable. People can be taught how to use tools, but what comes naturally is the right mindset – that spontaneous inquisitiveness that challenges the information provided.

Assigning good people to Revenue Assurance is just the start though. They need the right tools to help them put their skills to best use. 
A Usage and Subscription Assurance tool would relieve them of much of the routine data gathering and processing tasks and allow them to focus on what they actually want to be doing – finding lost revenues.

In Summary

Revenue Assurance is firstly about having the right people on board, about establishing a risk management culture within the organisation, and about creating a structure and processes to support the function.
Secondly, it’s about moving from spreadsheets to tools that will crunch data automatically and that can be expanded simply and painlessly as the function grows. It’s also about making wise decisions about this sort of technology, ie. not paying for over-engineered Revenue Assurance solution capabilities that will not be used for years, if ever.

This combination of people, processes, and tools, ultimately driven from the top down by the CFO or FD, has the potential to quickly recover lost revenue and to unlock tremendous growth potential within the business.

Why not talk to us, and see what we can do to help?