The wholesale communications business is worth $170 billion a year. Wholesale fraud, which used to be seen as a cost of business is now running at over three percent. This equates to losses of $6.12 billion a year, according to a recent survey by Revenue and Asset Assurance specialist Subex. The problem has been made worse by the growth of the industry itself.
The survey is an in-depth look at the problem and the opinions of 195 operators across the world were gathered, including a balanced cross section of Tier 1, 2, 3 and 4 carriers.
Success seems to bring with it the parasites who feed on success and such is the case here. The growing industry has brought a growing number of players and not all of them are above board. The top three fraud plays, according to the survey, are ‘False Answer’ fraud, highest at 56 percent, new operator credit risk at 51 percent and good old fashioned PBX hacking at 42 percent. False Answer fraud is the practice of billing before a call has started, billing beyond the duration of a call or directing a call to a messaging platform.
While the types of fraud listed are not new, the majority of operators surveyed believed that fraud had either stayed the same or increased over the past few years. With the current focus among operators on the bottom line and a universal drive to cut costs and maintain margins has driven the focus back to fraud. The inability to prosecute is high on the list of reasons that fraud is flourishing (73 percent).
The question is what operators are doing about this new focus on fraud. This question produces a slightly confusing picture. According to operators, the factors that are holding back their ability to tackle fraud include ‘lack of automation’ (72 percent), ‘timely availability of data’ (62 percent), ‘data mining capabilities’ (54 percent) and ‘lack of data’ (43 percent).
Given the problem and given the perceived lack of tools to identify fraud, a very small number of operators (10 percent) have a COTS solution on the case and only 24 percent has considered using one. 80 percent use ‘in-house’ tools, 62 percent rely on ‘reports’ and 40 percent use ‘manual test calling’ to address the problem. Given the expertise in the industry this makes slightly depressing reading. It seems that operators are relying on in-house knowledge, but at the same time acknowledging the growing threat.
The report paints a gloomy, rather reactive picture. Collaboration is surely the key to solving a global problem, and yet over 73 percent of the operators surveyed do not participate in any fraud forums. Only 18 percent participate in the GSMA Fraud Forum, which is the best known. Participation in other forums is neglible. Without participating in a forum, it is difficult to understand how operators expect to keep up with fraud patterns or keep up to date with best practice prevention techniques.
What would be shocking if we had not already identified a lack of sophistication amongst operators is that only 35 percent of operators have a Fraud Management department. In the face of a $6 billion problem, 38 percent of operators leave the problem to their billing team and 36 percent to the sales team. Although this is reasonably logical – billing is well placed to identify odd patterns of traffic and sales are in touch with their customers – it is not either department’s priority. To address such a problem needs focus. And a policy.
With the growth of the industry and the complexity that has gone with it, have come many new players. The newest fraud issue is about how operators deal with new partners. On the face of it this seems to be well covered. 68 percent of operators ask for pre-payments, 51 percent ask for a bank guarantee and 39 percent ask for both. Terrifyingly, 15 percent ask for nothing.
This may be fine but one of the oldest tricks in the book is to agree to pre-payments. You then become a ‘model customer’ and increase your use of your new partner’s service. You build trust, you then migrate to a post-paid agreement, or ask for a one-off credit as business is booming but cash flow is tight. Then you make off into the sunset with the cash. Equally, a bank guarantee is generally fine in the same country as the company asking for it. But is a bank guarantee from a small bank in a small country worth the paper it is written on?
Encouragingly, the vast majority of operators (87 percent) perform due diligence on new partners. The most common form of due diligence (74 percent) is a request for public documents including audits and web sites, followed by use of credit bureaux (51 percent) and a check of M&A history. Only 20 percent work with Fraud Forums.
On the face of it, it is also encouraging that overall there is a formal policy to handle fraud cases in 66 percent of operators surveyed, with 83 percent of Tier 1 and 82 percent of Tier 2 companies having formal processes and 71 percent having ‘standard dispute channels.’ Almost all operators block traffic from fraudsters.
Defending against fraudulent behavior is about collaboration and sophistication. Although 45 percent of operators share ‘blacklists’ only the most sophisticated operators have a fraud policy, a charter as Subex calls it.
The goal must be to go from a reactive or ‘piece meal’ approach to formulating a fraud management strategy and creating a set of policies, procedures and controls. Then these must be operated, pro-actively and vigorously, and continual improvements should identified and implemented. In addition to a robust policy collaboration is critical and forums such as the GSMA’s should be investigated as a priority. Tackling a $6 billion problem in isolation is too much to ask, while collaboration, even a crowd sourcing or using a social media model is gaining traction as a hugely effective way of fighting fraud.