APPLYING THE 80/20 RULE TO TELECOM FRAUD

Also known as the Pareto Principle, the 80/20 rule can be roughly applied to virtually any business need. In the 80/20 rule, organizations are able to get eighty percent of their results using twenty percent of their resources. In sales, 80 percent of all sales may be completed by the top 20 percent of employees. In fraud management, 80 percent of fraud can easily be detected and mitigated with 20 percent of the effort. Many business owners believe that they can’t afford fraud management, when in fact, most fraud can be managed affordably using the right solutions.

The Biggest Risks in Fraud Management

With the advent of services based on the Internet of Things or Mobile Money for instance, the opportunities available to fraudsters are growing. Many organised criminals now have access to virtually limitless resources, which they can use to target businesses until they find a vulnerability – the so-called “weakest-link” within targeted organisations. They are using known exploits to narrow down the businesses that are least likely to be protected. This is where the 80/20 rule to fraud management becomes important.

Small- to mid-sized businesses may feel as though they cannot invest in state-of-the-art fraud management solutions, or consulting and training. And they may be right: it might not be cost-effective for them to do so. However, they can easily afford a solution that will substantially reduce their risk. Though very little can stop dedicated attackers even using best-in-class equipment, a solution that is at 20% of the cost of a tier-one industrial system can stop 80% of the attackers and attacks. Using the 80/20 principle, businesses can manage and mitigate risk without having to invest more than is prudent.

The Importance of Telecom Fraud Detection

Fraud can cost an organisation millions of dollars. Wide-scale fraud can lead to the theft of airtime resources and even financial and personally identifiable information, ultimately leaving a company to not only recover its direct damages but also to revamp its own internal security solutions and policies.

Luckily, most fraud threats are known and can be prevented. Many fraud threats are either already well understood by telecom fraud solutions providers, as they bear certain hallmarks, such as specific behaviours and activities. By applying the 80/20 principle, telecom operators are able to identify and mitigate fraud attacks as they arise, therefore saving themselves potentially millions or even tens of millions of dollars.

Once fraud has occurred, it becomes far more difficult to mitigate. Money that is lost is often gone forever, as it can disappear without a trace. Once information has been breached, there’s often no way to pull it back. A single incidence of fraud can easily spell doom for a company: there are many companies that have shut down entirely in the months following a major fraud attack.

With as many fraudulent attacks as there are each day, businesses need to be vigilant and they need a solution that can automatically detect incidences of fraud. Telecom fraud solutions providers are able to substantially reduce the number of fraud threats that go unnoticed, without increasing the amount of resources and administrative time that the business needs to use day-to-day.

There’s No Guarantee in Security

Even the best, next-generation fraud detection solutions cannot guarantee complete security. There is no system that offers 100% fraud detection, as fraud detection is becoming too advanced. Though a business can invest in the best fraud management solutions available, they may still become the victim of fraud. Not only that, but they will have wasted a substantial amount of money trying to protect against that last 20%. Security is truly a matter of risk management.

Fraud is extraordinarily costly to telecom operators. Not only does it cost the business in money and time, but it can also result in damage to the company’s reputation. By investing in telecom fraud solutions that are fit for purpose, businesses can reduce their exposure and therefore their risk. 

IRSF IN 2018 – SAME OLD FRAUD BUT NEW DESTINATIONS

We have always been aware that while, as an industry, our Fraud and Risk Managers are performing risk reviews, and planning and sharing intelligence to try and stay one step ahead of the fraudsters, those we are planning strategies against (ie. the fraudsters), are doing the same to try and stay ahead of us.

Fraudsters know when a CSP has improved its prevention and detection techniques, and so will move on to an easier target. Eventually they will find it difficult to keep finding easier targets, so will be forced to change their operating methods to counter the defence mechanisms being implemented.

For years, committing International Revenue Share Fraud (IRSF) has been based on targeting destinations where the call termination rates are highest, to maximise the fraudster’s earnings. However, the industry generally has become a lot more effective at identifying inflated traffic to these high-paying destinations, and in most cases, IRSF to them can be detected early and blocked.Start editing the text…

This is causing fraudsters to re-think their strategy, and many are now directing their IRSF calls to destinations that have traditionally been considered low risk. Their view is obviously that it is now in their interest to focus on lower-paying destinations in the knowledge that the originating carrier will, in most cases, take longer to detect this activity. So these fraudsters will continue to make reasonable money.

Read the white paper on this topic and learn more about this change in the fraudster’s modus operandi, and what you can do as a CSP to keep a step ahead of the game once again.

HOW A TELECOM FRAUD SOLUTION CAN PROTECT YOUR PROFITS

In 2017 alone, the CFCA estimated that US$29 billion was lost due to telecom fraud. Telecom fraud is four times larger than credit card fraud, yet it’s less often discussed in the media. Telecom companies need to protect themselves through the use of reliable telecom fraud management solutions, if they want to avoid costly surprises for their customers. Most telecom companies will see some level of fraudulent traffic – whether they are able to identify this traffic will depend on the tools at hand.

The True Cost of Telecom Fraud

Telecom fraud occurs when malicious attackers take advantage of the telecommunications system to complete calls or transactions that benefit them financially. Methods of telecom fraud vary considerably across the world, though scams are most often perpetrated by highly organised criminals, operating either alone or in gangs.

For instance, a malicious attacker may entice customers to return a “missed call”, without the customer realizing that the number is a toll or premium number that will charge a significant amount of money to their bill or prepaid account. This is called a “Wangiri” fraud, a Japanese term that literally means one (ring) and cut.

In a security attack known as “phishing”, a fraudster will get access to a customer’s personal details to make purchases using their account, and subscribing to services without the customer’s knowledge. As individuals spend more time on their phones, using voice and data services, they become more vulnerable to these types of threats.

At a corporate level, malicious attackers may hack VoIP PBX systems to make long- distance calls, again to premium-rate numbers. The attackers could also take advantage of quirks in a telecommunications system to make it seem as though calls did not go through (by recording a false disconnection notice), while still charging for completed calls. Calls can be routed and transferred incorrectly, all of which lead to artificially inflated charges.

When telecom fraud does occur, someone has to pay – and often, that someone is the telecom company itself. Telecom companies can also lose money through wholesale interconnect charges, customer refunds, investigations, and additional customer support hours. Telecom companies may also eventually lose the faith of their customers, leading to fewer new customers and fewer customers retained.

Luckily, there are answers. Companies can reduce the cost of telecom fraud – and thereby improve their profitability – by avoiding telecom fraud altogether. This can be done with the help of an advanced telecom fraud management solution.

Mitigating Your Threats With a Telecom Fraud Solution

Using a telecom fraud management solution, your telecom business can prevent a significant fraud from taking place altogether — therefore potentially saving millions. A telecom fraud solution is able to automatically detect suspicious activity, making it easier for the organization to mitigate it before the damage is done. Some newer solutions are able to learn from past behaviours, identifying even threats that haven’t been seen before.

Many telecommunications businesses now use self-learning algorithms to identify the patterns on a customer’s profile. This is similar to fraud detection used for credit cards. With these patterns, the company can identify activity that seems strange for a customer, blocking suspicious payments and costly subscription fees. The smarter these algorithms are, the less likely they are to produce disruptive false positives.

Improving Profitability With a Telecom Fraud Solution

As discussed, telecom fraud itself is expensive, and a telecom fraud solution can help you mitigate threats. In so doing, telecom fraud solutions improve profitability in three major ways:

1. Mitigating direct costs:
There are direct costs of telecom fraud. Telecom companies will often need to audit and review their systems, and update their software, hardware, and business processes. Companies may also find themselves needing to reimburse customers for fraudulent charges, or absorbing costs that were fraudulently relayed across their system. All of this is going to lead to additional expenses.

2. Customer retention and brand reputation: 
If a telecom company experiences enough fraud, it will get low marks from its customers and may not be able to retain customers. Customers will not trust a company that often falls prey to fraud, and they will not want to continue using a company on which they have experienced fraudulent transactions or charges.

3. Reduced labour and troubleshooting costs:
Telecom fraud management solutions are able to automatically enforce many security protocols, thereby reducing the amount of time that administrative personnel and IT teams need to spend tracking down and mitigating threats. Telecom companies may be able to reduce their internal IT staff by using automated fraud detection solutions for mundane and routine tasks.

Whether your telecom company is large or small, it’s probably already the target for malicious attackers. The time to begin protecting yourself and your business is now. 

PROTECTING THE CFO – THE SIMPLE SOLUTION TO REVENUE LOSS THROUGH FRAUD

Irrespective of a communication providers’ size, a CFO or Finance Director’s nightmare is to have to explain to his executive team, to his shareholders, to his/her own customers, even the general public in some instances, why they didn’t detect an ongoing financial loss or couldn’t prevent a sudden fraud hit.

The increase in scale and complexity of fraud types around the world creates situations of genuine uncertainty for operators and in turn, their financial controllers. No operator wants to constantly face the threat of being attacked by fraudsters and of having hundreds of thousands or even millions of dollars wiped off their bottom line in a single incident.Yet we see this happening, a lot.

But what price is worth paying to stay protected from financial losses?

Smaller Operators more at risk

Losses directly attributable to fraud and revenue leakage can range from 0.5% of gross revenues all the way up to 15% in certain cases, according to a Gartner report. International Revenue Share Fraud, the deadliest of all fraud types, costs the industry in the region of $6.1bn a year, roughly 20% of all estimated communication fraud.

Although the types of financial risk to which operators are exposed are essentially the same, owing to the global nature of telecommunications, the smaller operators are at a clear disadvantage when it comes to managing risk and preventing major losses. They simply don’t have the experience, the maturity, or the resources to get losses fully under control.

Whether traditional MNO, VoIP, fixed-line carrier or MVNE/MVNO, the price point at which they should seek to acquire loss prevention technology or related services is a critical deciding factor. So, the case for simple and cost-effective tools to de-risk their business becomes a compelling one. There has never been a better time to promote a low-cost technology proposition to the global telecommunications market, even for incumbent operators seeking to drive down supplier costs.

At XINTEC we can help de-risk a business in a very simple and cost-efficient way with a suite of products that are flexible, adaptable, quick to install, and able to deliver measurable results fast.  

THE VALUE OF NRTRDE-OUT RECORDS IN THE FRAUD DETECTION PROCESS

Roaming revenues have been declining for several years now, and some CSP’s have realised that being accepted as a preferred roaming partner in their home country can generate important revenue to replace that lost through declining outbound roaming settlements.

A HPMN will normally have a choice of several VPMN’s in most countries their customers will roam to, and they have the ability to steer their customers towards a preferred VPMN when roaming. The decision on which roaming partner will be selected as their preferred VPMN will be based on a number of factors, for example NRTRDE compliance, network quality, inter-operator tariff (IOT) discount agreements, etc.

In most countries now, the services provided by all VPMN’s is reasonably consistent, so a service differentiator should be explored to provide an additional level of service not offered by the other in-country CSP’s. A relatively simple value add is to evaluate NRTRDE-OUT records for visiting roamers and provide immediate advice to the home network of any obvious fraud or misuse. While it is accepted that (in most cases) NRTRDE records will be delivered to the home network within 60-90 minutes, the earlier suspicious activity is notified, the sooner financial loss can be avoided.

The opportunity to add value in this way will be limited as more operators implement VoLTE. Since VoLTE is an all IP Network, the VPMN has no visibility of voice traffic originated via S8HR VoLTE roaming. While there are only an estimated 600 operators currently fully operational with VoLTE, it will take some years before there is a full transition from Circuit Switched (CS) to VoLTE.

Offering roaming partners some additional value now by reviewing their NRTRDE-OUT records is a sound strategic move to establish a trusted relationship which could then continue as the networks transition from CS to VoLTE and secure ongoing roaming revenues.

REVENUE ASSURANCE: AN INSTRUMENT OF GROWTH

Chief Financial Officers (CFOs) or Finance Directors (FDs) play a pivotal role at company leadership level, helping to make crucial financial decisions and leading the execution of those decisions.

They also know that accounting – the backbone of measuring business performance – is a black art of sorts, masquerading as a science.

By adopting a Revenue Assurance approach, they can uncover the story behind the data, sharpen their decision-making ability, and drive new growth opportunities for the company.

At this time of year, CFOs and FDs are preparing their regular financial statements and updates for their stakeholders. But how can they add more value without losing sight of the core values of the business? 
Could they make the next period’s results better?

There are several traditional areas that get looked at, such as new products or campaigns to be launched, 
or costs to be cut, etc., all of which come with some risks attached. 

New campaigns and product releases could end up cannibalising already profitable revenue streams, 
or potentially triggering price wars with competitors. Cost reductions could result in poorer operational performance, leading to increased volumes of calls to the call centre, increased complaints, not to mention potential regulatory scrutiny. All this takes resources and effort away from running the business.

We are always surprised to learn that that “improving Revenue Assurance capabilities” seldom gets mentioned, although it has proven to be a winning strategy. 

So, what is different about Revenue Assurance? 

Adopting a Revenue Assurance approach has several tangible benefits, effectively improving the accuracy of supplier invoices and customer bills, which usually results in better cash flow positions and improved financial performance. 
Leading consultancy firms suggest that the average leakage in a telco is about 2% of gross revenues. And these are organisations with an established Revenue Assurance function, even a respectable Revenue Assurance system. 
However, in the absence of suitable Revenue Assurance capabilities, leakage levels within Telco’s can quickly exceed 5% of their revenues. And let’s not be caught out: as the costs have already been incurred, the money that can be unearthed from Revenue Assurance directly impacts the bottom line. Even a 1% revenue recovery can make a significant difference to overall margins.

OK, so where do we start?

Is it difficult to get started on the Revenue Assurance journey? Not at all. The only difficulty is finding people with the right mindset to take Revenue Assurance forward within the organisation. More than just a good manager or analyst, a good Revenue Assurance operative should be of an enquiring nature, challenging assumptions, and always seeking the truth. When in doubt, asking to see the original (unprocessed) data, and checking that answers given by others are reasonable and independently verifiable. People can be taught how to use tools, but what comes naturally is the right mindset – that spontaneous inquisitiveness that challenges the information provided.

Assigning good people to Revenue Assurance is just the start though. They need the right tools to help them put their skills to best use. 
A Usage and Subscription Assurance tool would relieve them of much of the routine data gathering and processing tasks and allow them to focus on what they actually want to be doing – finding lost revenues.

In Summary

Revenue Assurance is firstly about having the right people on board, about establishing a risk management culture within the organisation, and about creating a structure and processes to support the function.
Secondly, it’s about moving from spreadsheets to tools that will crunch data automatically and that can be expanded simply and painlessly as the function grows. It’s also about making wise decisions about this sort of technology, ie. not paying for over-engineered Revenue Assurance solution capabilities that will not be used for years, if ever.

This combination of people, processes, and tools, ultimately driven from the top down by the CFO or FD, has the potential to quickly recover lost revenue and to unlock tremendous growth potential within the business.

Why not talk to us, and see what we can do to help?