In September last year, the CFCA published the findings of its latest fraud loss survey revealing that Telecom Fraud has cost the industry an estimated $29.2bn in 2017, which comprises 1.27% of total global telecoms revenue. The good news is that while this is a better result than the previous 2015 survey, the bad news is that fraud remains one of the biggest revenue risks to operators globally, with IRSF in particular remaining the most prevalent type of fraud attack experienced.
What is also becoming clear is that the smaller Tier 2 and Tier 3 Operators and MVNOs suffer the greatest threat from fraudsters, and in many cases are at an even greater risk of fraud than their larger competitors.
Why is this?
Well, reported incidents consistently show that even over short time periods fraud attacks can result in losses of hundreds of thousands, or in extreme cases, millions of dollars to an Operator or MVNO. While fraud losses at this level are significant for any Operator, many larger Tier 1 players can manage the impact of them. However, an incident on a similar scale targeting a smaller Operator is likely to result in a more serious financial impact, sometimes taking years to recover from.
This is where third-party providers can play a crucial supporting role in helping smaller Operators build a stronger resilience against fraud and greatly reduce the impact that fraud attacks are having on their revenue and reputation. We have outlined the top 5 reasons why our customers are now looking externally for telecom fraud management in tackling fraud across their network.
1. Costs
Traditional fraud systems for Tier 1-type operations have been designed with large databases and complex network infrastructures and as such are normally expensive, difficult to install and maintain and requiring resource intensive support.
Smaller Operators and MVNOs do not generally have the infrastructure, resource or available skills sets to manage such solutions, and although scaled down options are being made available; these often still have high total cost of ownership (TCO) impacts.
2. OperationsEstablishing an effective and efficient fraud operation within a small Operator can be a challenging task. Smaller providers tend to be restricted in the number of resources they can make available and even then, often lack sufficient skilled expertise in the Fraud and Revenue Assurance area. Without access to fundamental knowledge of the Telco operational architecture, data structures, services and operational threats, it is almost impossible to implement an effective operational infrastructure to provide adequate protection against fraud.
Secondly, due to the constantly changing technology environment we work in, our industry risk profile is changing almost month on month. So many of the outdated and manual approaches to revenue risk management are simply no longer practical. Similarly, many in-house developed systems which may have been ‘fit for purpose’ for specific revenue risk management issues when implemented, will have become difficult to maintain and adapt to today’s constantly changing risk environment.
3. Technology
The issue of technical architecture is one of the biggest challenges for smaller Operators wanting to establish effective risk management practices. Advancing technology in a competitive marketplace can present obvious difficulties for smaller Operators and MVNOs competing with the larger providers, but it also presents an internal challenge in establishing optimal operations.
4. Functional Capability
If the Operator decides to self-build an operational solution capability, there are many factors to consider, and significant risks to take into account.
Firstly, finding the appropriate resource internally to create and manage any reporting or alerting infrastructure is difficult, especially with clashes of priorities and responsibilities. Even in situations where this resource is available, development of the appropriate controls, monitoring or reporting can be limited due to lack of knowledge of the issues or understanding of the mechanisms needed to achieve the goal.
Secondly, if an operator does manage to establish a simple self-built control or reporting system, the lifecycle of such a system is limited, as risks change and develop over time, and constant management and updating of such solutions are needed.
5. Knowledge Sharing
As everyone knows, two heads are better than one and organisations that have both in-house and third-party fraud detection capabilities are the ones proved as being most effective at preventing fraud attacks on their networks. Third-party vendors dedicated to fraud are at the coalface of this battle, staying up to speed with the latest industry trends, and often in cases, getting ahead of fraudsters across the globe.
