Fraud in Telecoms


Published on

What are the primary causes of telecom fraud? Identify and audit mobile fraud and revenue assurance issues.

  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Fraud in Telecoms

  1. 1. Fraud in TelecomsSources of operational risk© E.O’Connor – May 2008
  2. 2. DEFINITIONS Definition of Fraud varies by jurisdiction but a fair summary is: “a deception deliberately practiced in order to secure unfair or unlawful gain.” The Telecoms Management Forum defines Revenue Assurance as the: “data quality and process improvement methods that improve profits, revenues and cash flows without influencing demand.” Together the revenue losses from RA and Fraud can be significant 2
  3. 3. A FEW RA & FRAUD ISSUES Revenue Assurance Fraud Internal systems B Employees & processes Invoicing Number porting accuracy Product mix complexity Metallic number resale Profitability “Goodwill” credits Incorrect pricing tables Passing on of Real-time vs customer details batch processing Box breaking Internal Channel D Call & port incentivisation forwarding Pricing signals Theft SIMs , driving behaviour handsets & Slamming subscriptions Process Accuracy of interfaces SIM Gateways data flows Roaming Accuracy of customer information at touchpoints Bad debt & Credit worthiness External 3
  4. 4. FRAUDFraudulent activities tend to fall into one of 7 categories: Voice – threat of impersonation for malicious or profitable motives Subscription – use of a legitimate subscriber’s network access for malicious or profitable motives Data – removal, inspection or insertion of data onto a network for malicious or profitable motives Internal – abuse of access to operator data by an employee for malicious or profitable motives Interconnection – exploitation of operator interconnection agreements for malicious or profitable motives Roaming – exploitation of operator roaming agreements for malicious or profitable motives Technical – use of counterfeiting or other technologies to duplicate, infiltrate or manipulate a mobile network for malicious or profitable motives 4
  5. 5. EXAMPLE OF FRAUDULENT ACTIVITIESSubscription fraud Roaming fraud (I) Call selling using GSM conference calling  Where operators have roaming agreements feature where fraudster acts as an ‘operator’ Operator A must pay Operator B for the time setting up calls between parties and then used by their customers on Operator’s B network dropping out to set up another regardless of whether Operator A is paid for the GSM call forwarding where fraudster sets call time forward to required number. Caller calls the  Principle problem is the time it takes for billing fraudster’s phone and is transferred. Caller only from Operator B to Operator A - used to be 72 pays for the call to the fraudster’s phone number. hours now down to 24 hours using EDI Fraudsters using a gateway to provide an  GSM MoU states that any user exceeding 100 international ‘call box’ from shops Special Drawing Rights (SDR) must be billed within 24 hoursInternal Fraud  But, when is collection actually made? Mobile markets are very competitive with operators subsidising handsets to entice new Roaming fraud (II) customers to subscribe. Dealer or gangs often  SIM cards are taken out of phones acquired with sell these handsets on to overseas buyers. And false identities and sent abroad where they are of course pre-paid handsets can be unlocked used in call selling fraud. Call lengths of over 10 and used on any network hours typical 5
  6. 6. THE CHALLENGE The ‘natural’ order of tasks for revenue assurance is to:  monitor for evidence of loss  investigate where & why there is loss  resolve the problems so loss does not occur again However changing nature of business relationships means  not clear where boundaries lie & hence where operational risk may arise  process design & data integrity becomes even more important Service Provider Content Collaborative methods of working Services Enterprise Customer Gamma Telecom Virtual Contracting End-user Network party Fixed Operator are essential to mutually assure Carrier Services Enabler data, revenues & costs Mobile Operator Bearer Services 6
  7. 7. SUMMARY The major sources of revenue  Follow the cash loss continue to be:  Understand the processes  Fraud  Audit rights with partners  Credit management  Strength & enforceability of  Least-cost-routing errors commercial agreements  Interconnect / partner-payment  Traceability of products in the errors distribution chain  Poor processes & systems  Integrity of interfaces – human & automated All adds up to a loss of  Training & culture customer confidence in your business…  Who has access to customer data? 7
  8. 8. TECHNIQUES FOR AUDITINGTrack-Back Approach The Grid Approach Audit works backwards from a  The key mobile revenue streams & convenient point, such as the logical operations for each stream customer invoice, to the first source are identified and set out in a grid of data capture (e.g. voice, sms, interconnect streams versus switch, mediation, rating, invoicing operations) Allows the detail of how the data flows & is manipulated to be  Offers a useful visual framework to help identify common processes & understood and data integrity / enable a high-level understanding of leakage risks quantified how the processes work, the controls and checks, known leakages and the Can be a time consuming process confidence that all leakages / fraud risks have been identified  The issue is that this approach may not capture sufficient detail nor show the commonality of operations between revenue streams 8