The National Communication Authority (NCA) of Ghana has announced it will conduct revenue assurance audits based on CDRs provided by the country’s six telecoms operators; you can read more from ITWeb Africa. NCA’s motive is straightforward: they want to check the government is receiving all the tax that should be levied on international calls. Joshua Peprah, Director of Regulatory of Administration, showed the diplomatic skills we have all come to expect from a public servant:

“We are working with a consultant over a three-year period and the analysis we have done so far indicates that over the three years the state can make $200 million in taxes from inbound international calls…”

“…if the records a telco presents does not tally with our audit records the respective telco is in trouble.”

In other words, the regulator thinks the telcos are run by liars. It seems that nobody has told Mr. Peprah that some consultants are liars too.

This move by Ghana’s NCA links to their attempts to force the installation of real-time monitoring of international gateway switches, though this is being fought by operators. Similar arguments are taking place in Malawi, where customers are concerned about the dangers of Malawi’s regulator infringing their privacy. At least the Ghanaian regulator deserves some credit for realizing that you can do an audit before implementing real-time monitoring, though it remains to be seen if they will drop the real-time monitoring plans if the audit gives a clean bill of health to Ghana’s operators. However, Ghana’s operators are not just giving in. Vodafone Ghana’s Revenue Assurance and Risk Manager, Ashley Radcliffe, denied there was a need to install equipment that he said could interfere with quality of service and customer privacy. Radcliffe also said:

“As far as we are concerned, we check the number of minutes of international calls at several and various levels to ensure they are absolutely accurate before we present them to the NCA so we are not perturbed by any audit to be carried out by the regulator.”

Dan Baker, telecoms researcher and good friend to talkRA, has launched a hotly-anticipated online magazine, the Black Swan Telecom Journal, dedicated to the topic of business assurance. Packed full of content, the journal promises to concentrate on professional learning through case studies, how-to advice, and commentaries about industry trends and practices. Dan is stepping into a sizeable gap in the market, and I expect he will quickly attract a significant readership. Black Swan provides professional content from a wide range of authors, with the articles comparable to those you might find in medical or technical journals, though written in straightforward business language. As you would expect from a journal about business assurance, the articles cover revenue assurance, fraud, cost optimization, risk, analytics, security, and more besides. But do not take my word for it – I recommend you read the journal yourself, now available at bswan.org

The name Black Swan is taken from the title of Nassim Taleb’s book about the limits of knowledge, overconfidence in prediction, and the tendency to rationalize about the failures of data analysis and forecasting. I was thrilled when Dan asked me to contribute an article to his journal, and being a huge fan of Nassim Taleb myself, I could think of no better subject than to take Taleb’s maxims about robustness and give them a telecoms twist. My article, ‘From Risk to Robust’, can be found here.

Most of you will have heard of the US Government. As an organization, they are responsible for decisions like how much to spend on stopping other countries from invading the USA, deciding how much to spend on preventing deaths from industrial pollution, and deciding how much to spend on public infrastructure that will be used by private sector businesses and private citizens. As such, the US Government is intimately concerned with a topic that also interests the typical reader of this website: how to assess risk, and hence how to compare the costs of various current and potential activities to the uncertain benefits that will flow from them. Put like this, the US Government is the biggest risk management organization in the world. When considering the theory of how to do risk management, I like to keep the US government in mind as a practical example of how risk management works in practice. I do this for four reasons:

• The US Government is big. They have a lot of money, spend a lot of money, and can do work to a degree of sophistication that is unrealistic for other, smaller, organizations.
• The US Government is transparent, at least when compared to private sector businesses and many other governments.
• The US Government is the culmination of democratic processes that permit its primary stakeholders (American citizens) to provide very extensive and open feedback about risk priorities.
• It makes lots of mistakes.

Do not get me wrong. Every organization makes lots of mistakes, so I have no intention of criticizing how well the US Government is managing risk in practice. To do that fairly, I would need as much data as the US Government has, and whilst I admit to being opinionated, and to having quite a good memory, I will not claim to have as much data as the entire US Government. Also, I could make only a negligible contribution to the total sum of criticism that the US Government receives all the time. I review their mistakes so I can learn from them, based on the principle that it is cheaper to learn from somebody else’s mistakes, rather than from your own. And being so extensive in scope, the US Government deals with a much more extensive ‘universe’ of risk than any other organization, meaning that when their risk management suffers from a general and systematic error, it occurs at a level of generality that most closely approximates to the level of generality found in international risk management standards like ISO31000 and COSO. After all, not many organizations have divisions as diverse as the Federal Reserve, which deals with mortgage underwriting risk (oops), like NASA, which aims to send people into space and bring them safely back again (err…) and the Environmental Protection Agency, which many Americans accuse of doing too much.

Seen from this perspective, the US democratic process is the greatest human process for deliberating and deciding risk appetite. The resulting appetite for risk has global influence on the climate, world trade and security. So, given that I referred to mistakes, what are they doing wrong? Well, they suffer the same problem as everyone else. They suffer from bias. Or at least, they suffer from bias at recurring intervals; I will avoid commenting on whether the decisions reached today are more or less biased than decisions reached in the past or which may be reached in future. It is sufficient to note that bias is evident in how the US Government assesses risk, just because risks that seemed severe when one kind of politician is in charge are considered less severe when another kind of politician is in charge. Perhaps that is not surprising, but bear in mind that, at a fundamental level, the US Government follows the same ‘objective’ approach to compiling a cost-benefit analysis of risk as the paradigms presented in ISO31000 and COSO. The conclusion to be drawn is that following an ‘objective’ process is no guarantee of an objective decision. Even processes designed to promote objective thinking about risk will be prey to (conscious or unconscious) manipulation because of subjective judgements about what data is considered relevant and how to calculate its significance.

The point is illustrated by a recent article in The Economist. It gives examples of how, since Barack Obama became President, government agencies perform the same kind of calculation about risks, but have tended to include more benefits, and fewer costs, when evaluating when to take action. Similar observations were made in a 2011 article for the New York Times. The latter focuses on the rise in the ‘value of a statistical life’, which is effectively the dollar value that US Government agencies use in their equations when deciding how much to spend on preserving a human life. Evidently your cost-benefit conclusions will be different depending on whether you value a life at $2M or $10M. So whilst the process can be considered objective – you gather data on costs, you gather data on benefits, then do a subtraction and see whether you are left with a plus or a minus – this superficial objectivity can be easily undermined by subjectivity in what data is used and how it is used. A cynic would observe that Republicans always reach objective conclusions on the value of a human life that lead to fewer regulations, whilst Democrats always reach objective conclusions on the value of a human life that lead to more regulations. I will not pick a side in a political debate, but merely want to observe that whenever people work backwards from the amount of regulation desired to the ‘objective’ data they select for the cost-benefit calculation, then they have already biased that calculation and hence undermined the purpose of performing it.

(more…)

WeDo, the Portuguese revenue assurance vendor, has announced the purchase of Connectiv Solutions, US providers of cost management and network efficiency tools; see the press release here. The purchase price was not disclosed.

Although details are limited, WeDo’s intentions are clear: they will consolidate their position as one of a few truly global players in the evolving business assurance market. Acquiring a US firm obviously strengthens WeDo’s foothold in North America – a region which is especially important but challenging. The idiosyncratic nature of North American telecoms has left many an international vendor perplexed about how to get traction in that vital part of the world, even whilst they find their software is selling well on every other continent. Connectiv’s website states their customers include 4 of the top 5 service providers in North America. WeDo’s top priority will be to increase sales to Connectiv’s existing customer base. We should also monitor how well WeDo can leverage Connectiv’s products for managing costs and efficiency; intelligent ways to reduce expenditures should be an attractive pitch for telcos in other saturated markets.

Every month sees new battles waged over who owns the intellectual property rights to new technologies. Now it seems like the the battleground might extend to revenue assurance. This April, US vendor FICO (the rebranded name of Fair Isaac Corporation) obtained a US patent for ‘revenue assurance analytics’; see here. The description of the patent is broad enough to raise questions about whether other vendors have established products which may infringe FICO’s patent. The patent covers such general activities as a two-feed reconciliation of data records, profile-driven metrics relating to reconciliation, and scoring the severity of issues found.

FICO’s revenue assurance analytics patent was originally filed in 2007, and the vendor has a track record of securing patent rights. Taking a look at the full list of their 69 patents, a number of them have implications for rivals in the revenue assurance and fraud management sphere. As well as several patents covering methods to detect fraud, I noticed this one regarding a ‘network assurance analytic system’. This patent begins by discussing causes of revenue leakage, and goes on to describe a system “configured to monitor telecommunications networks, detect errors or fraud in those telecommunications networks, and provide solutions to resolve the errors or reduce the fraud”.

It is relatively rare to see announcements from vendors relating to securing intellectual property rights for their products. With FICO establishing a track record in the long process of actively securing IPR, we could be heading for some very interesting and challenging times in the RA and FMS markets. It seems that FICO secured a head start on IPR whilst other firms were still enjoying the relative boom times for RA and FMS. Questions to now ponder include how FICO will exercise and defend their rights, and how other vendors will respond.

Open source revenue assurance? It has long been a popular discussion topic in RA circles, but there was only one problem: nobody had actually written any open source code. It was a perennial good idea where everyone was waiting for someone else to do it. Now Lionel Griache, a senior consultant in the billing and revenue assurance industry with more than 15 years of experience, has made the giant leap into offering open source RA code. After 4 years of existence, his ProactiveRA tool has been officially open source since December 2011. I spoke with Lionel to find out about ProactiveRA and why he has chosen the open source model.

Eric: Lionel, writing code takes time, and you’ve released a finished tool as open source. What was the starting point for this project?

Lionel: This project started as a custom development for a client in the Caribbean. It quickly grew and matured, to the point that it received positive reviews from international financial auditors. Its local success is not based on a powerful or secret algorithm, neither on the amount of code written. The tool is simple yet effective; its success can mostly be linked to understanding that, to be embraced, you must have an effective user interface where people can really see what the tool is about and interact with it on a daily basis.

Eric: You mention that the tool was ‘embraced’ by your client. From your perspective, why was that?

Lionel: Incorporating a professional dashboard was the first key to its success. The second key was minimizing the time it takes to deploy new control points and empowering the client to do so. And it worked beyond all expectations.

Eric: That’s great, but there’s going to be a lot of sceptical people who wonder why you’ve offered the code as open source, if it works that well. Why not just retain control and profit by selling licenses?

Lionel: We had many back-and-forth discussions about that with the initial client. What started as an internal project could easily become a golden egg for both of us, sold to other clients and partners, and generate a nice profit. But is that really our business? The answer came to us when we went back to how our relationship started. All this time, our contract wasn’t about building a tool. The core mission was about analysing data, building reports, looking for revenue opportunities and most importantly bringing a new attitude about how to monitor the business. Building the tool was a side activity to support the communication strategy and presentation of the results to management. What had most value for our customer was that someone brought this new attitude and expertise.

Eric: Are you hinting that, whilst open source code sounds exciting, software tools are not the most important part of RA?

Lionel: The source code of the tool is what it is. It helped tremendously in facilitating the daily monitoring but it will never have the value that the willingness to build a strong revenue assurance program can have. We believe this is true in most RA deployments out there, at least for Tiers 2 and Tiers 3 operators were technical challenges induced by data volumes remain easily manageable. The value of the code is minimal compared to the value of understanding and advising on how to perform RA activities. Making the code open source proves that point.

Eric: I think you’ve just become my hero. You’ve donated open source code and you’ve put the value of software into context – compare that to what we get from some so-called industry leaders! But getting back to the code, can you talk a little about how the code was written?

Lionel: The ProactiveRA solution is based on a powerful open source dashboard called Liferay. As we greatly benefited from this third party, it seemed logical to give back to the community under a similar model. Without any doubt the open source economy is extremely empowering. It gives each one of us the opportunity to join forces and build something bigger than we ever could envision on our own. Open source is an undeniable trend in the software industry. We’re betting the RA world is ready to embrace it as well and we’re proud to be pioneers in that regard.

Eric: You mention the client’s support for making the ProactiveRA code open source. What’s in it for them?

Lionel: For our main client, making the tool an open-source solution is also a logical move. By building a community around the tool, you develop contacts and confront your way of addressing revenue assurance requirements with new perspectives and opinions. This is an opportunity to take an internal development to the next level. If a strong community builds around it, it brings the potential for receiving new updates and new features without having to drive all of that internally. This is a benefit that vastly compensates for the risk of losing control over what could remain an internal development. You can focus your internal investments on what really is specific to your architecture. In general, the open source model gives a whole new audience a chance to strongly influence the future of a tool in a way that wouldn’t be achievable with existing RA solutions. There’s incredible value in joining forces and driving a common solution to new levels.

Eric: I’m confident many people will want to download the code as soon as they’ve heard of it. Where can they get it from? And will you be supporting it?

Lionel: It’s available from our website. The site also has instructions on how to install ProactiveRA. Once up and running, we trust people will find the interface is intuitive, and that it’s a useful system that will inspire them to be more ambitious in how they tackle RA. The website also has a form for people who want to contribute or have suggestions, and gives all our contact details. We’ll be glad to answer any questions.