Fraud in Telecoms

Sources of operational risk

© E.O’Connor – May 2008

DEFINITIONS
 Definition of Fraud varies by jurisdiction but a fair summary is:
“a deception deliberately practiced in order to secure unfair or unlawful gain.”

 The Telecoms Management Forum defines Revenue Assurance as the:

“data quality and process improvement methods that improve profits,
revenues and cash flows without influencing demand.”

 Together the revenue losses from RA and Fraud can be significant

2
A FEW RA & FRAUD ISSUES
Revenue Assurance Fraud
Internal systems B Employees
& processes
Invoicing Number porting
accuracy Product mix
complexity Metallic
number resale
Profitability
“Goodwill” credits
Incorrect
pricing tables Passing on of
Real-time vs customer details
batch processing Box breaking
Internal
Channel D Call & port
incentivisation forwarding
Pricing signals Theft SIMs ,
driving behaviour handsets &
Slamming
subscriptions
Process
Accuracy of interfaces SIM Gateways
data flows
Roaming
Accuracy of customer
information at touchpoints Bad debt & Credit
worthiness
External
3
FRAUD
Fraudulent activities tend to fall into one of 7 categories:

 Voice – threat of impersonation for malicious or profitable motives

 Subscription – use of a legitimate subscriber’s network access for malicious or profitable
motives
 Data – removal, inspection or insertion of data onto a network for malicious or profitable
motives
 Internal – abuse of access to operator data by an employee for malicious or profitable
motives
 Interconnection – exploitation of operator interconnection agreements for malicious or
profitable motives
 Roaming – exploitation of operator roaming agreements for malicious or profitable
motives
 Technical – use of counterfeiting or other technologies to duplicate, infiltrate or manipulate
a mobile network for malicious or profitable motives

4
EXAMPLE OF FRAUDULENT ACTIVITIES
Subscription fraud Roaming fraud (I)
 Call selling using GSM conference calling  Where operators have roaming agreements
feature where fraudster acts as an ‘operator’ Operator A must pay Operator B for the time
setting up calls between parties and then used by their customers on Operator’s B network
dropping out to set up another regardless of whether Operator A is paid for the
 GSM call forwarding where fraudster sets call time
forward to required number. Caller calls the  Principle problem is the time it takes for billing
fraudster’s phone and is transferred. Caller only from Operator B to Operator A - used to be 72
pays for the call to the fraudster’s phone number. hours now down to 24 hours using EDI
 Fraudsters using a gateway to provide an  GSM MoU states that any user exceeding 100
international ‘call box’ from shops Special Drawing Rights (SDR) must be billed
within 24 hours
Internal Fraud  But, when is collection actually made?
 Mobile markets are very competitive with
operators subsidising handsets to entice new Roaming fraud (II)
customers to subscribe. Dealer or gangs often  SIM cards are taken out of phones acquired with
sell these handsets on to overseas buyers. And false identities and sent abroad where they are
of course pre-paid handsets can be unlocked used in call selling fraud. Call lengths of over 10
and used on any network hours typical

5
THE CHALLENGE
 The ‘natural’ order of tasks for revenue assurance is to:
 monitor for evidence of loss
 investigate where & why there is loss
 resolve the problems so loss does not occur again

 However changing nature of business relationships means

 not clear where boundaries lie & hence where operational risk may arise
 process design & data integrity becomes even more important

Service Provider
Content
 Collaborative methods of working Services

Enterprise

Customer
Gamma Telecom
Virtual Contracting End-user
Network party

Fixed Operator
are essential to mutually assure Carrier
Services
Enabler

data, revenues & costs

Mobile Operator
Bearer
Services

6
SUMMARY
 The major sources of revenue  Follow the cash
loss continue to be:  Understand the processes
 Fraud  Audit rights with partners
 Credit management
 Strength & enforceability of
 Least-cost-routing errors commercial agreements
 Interconnect / partner-payment
 Traceability of products in the
errors
distribution chain
 Poor processes & systems
 Integrity of interfaces – human &
automated
 All adds up to a loss of
 Training & culture
customer confidence in your
business…  Who has access to customer
data?

7
TECHNIQUES FOR AUDITING
Track-Back Approach The Grid Approach
 Audit works backwards from a  The key mobile revenue streams &
convenient point, such as the logical operations for each stream
customer invoice, to the first source are identified and set out in a grid
of data capture (e.g. voice, sms, interconnect streams versus
switch, mediation, rating, invoicing operations)

 Allows the detail of how the data

flows & is manipulated to be  Offers a useful visual framework to
help identify common processes &
understood and data integrity /
enable a high-level understanding of
leakage risks quantified how the processes work, the controls
and checks, known leakages and the
 Can be a time consuming process confidence that all leakages / fraud
risks have been identified

 The issue is that this approach may

not capture sufficient detail nor show
the commonality of operations
between revenue streams