27th February 2013
Over 4 years has now passed since the 1 October 2008 date when all GSM operators were expected to implement NRTRDE and reduce the deadline for shifting the roaming fraud loss liability from the HPMN to the VPMN (down to 4 hours). Regrettably there are still many operators who are not NRTRDE compliant. Some of these may be technically compliant, however have not re-signed the AA14 documents with their roaming partners to initiate the 4-hour reporting period, preferring to retain the longer period as a way to manage their liability for fraud losses as the VPMN, for late reporting.
There is little doubt that NRTRDE has been responsible for a reduction in ‘roaming related’ fraud losses for many of those operators and their roaming partners who are fully compliant, and who have invested in the systems, processes and resources to effectively manage and analyse the NRTRDE files received. We still hear of some operators who are fully NRTRDE compliant, however have the incoming files dropping into a ‘black hole’ during out of hour working periods. A recent evaluation of International Revenue Share Fraud (IRSF) impacting 3 European operators’ found that almost 80% of this fraud occurred between Friday night and Monday morning when the Fraud team were out of the office. This was not by accident – the fraudsters had done their homework and were aware of this ‘opportunity’.
The industry is being impacted more and more by consolidation and cost cutting, which is translating to increased staff cuts, many in the Fraud, RA and Revenue Risk areas. 24 x 7 monitoring functions are often those that suffer from these re-organisations so it is important to replace any reduction in this monitoring activity with cost effective automated fraud or RA tools.
NRTRDE was not designed to be a short term fraud management initiative. Roaming related fraud (particularly IRSF) continues to be a major fraud risk, and NRTRDE is the most effective detection mechanism to identify incidents before losses grow.
Bilaterally, two roaming partners can agree to transfer roaming records between each other by any means they chose, and no-one can interfere with that. The GSMA have never had the authority to enforce the implementation of NRTRDE, only to recommend this as an industry standard. It is up to the industry operators themselves to enforce NRTRDE compliance and some of the bigger operators perhaps already do this by using ‘preferred’ roaming partners who are fully NRTRDE compliant.
The NRTRDE initiative was developed out of concerns at the growing fraud losses resulting from IRSF. To a certain extent it has been successful at that considering that the number of IRS number aggregator websites has increased by over 140% since 2009. The IRSF, and associated fraud risk, remains and until the industry become fully NRTRDE compliant, and put in place the resource or infrastructure for 24×7 monitoring of these roaming usage records, high fraud losses will continue.