From time to time, talkRA invites distinguished guests to contribute a guest blog.

This months LTT by Arun Rishi Kapoor was won by Abhijeet Singh from Subex for providing the first correct answer.



Congratulations to all those who took part in this months quiz. The next LTT will be published on Monday 16th December.

Bookmark and Share

Welcome to this month’s LTT by Arun Rishi Kapoor.

Crossword Challenge

LTT11 - 1


1 Call me if you have enough money for fun and games (3)
2 An insider’s con (8,5)
3 Micro is bigger brother of mini and nano (3)
4 Default passwords may brings this to you (3,7)
5 High speed data (3)
6 If two operators A and B are not ________ partners then it would not be possible for a customer of Operator A to communicate with a customer of Operator B (12)
7 Committed to fighting mobile Industry crime (4)
8 Use me to bypass phone company and its charges (4)
9 Technologies that have reduced the amount of power and time necessary for information to be communicated (3)
10 Control & supervises the Base Transceiver Stations (3)
11 Transfer of identity. Recall Mi2 (7)


8 Roaming network (4)
9 Part of IMSI to identiy the country (3)
12 A database of all subscribers (3)
13 Internet Protocol (2)
14 Causes interconnect termination revenue loss (6)
15 A tool to detect & prevent crime (3)
16 Optic fiber technology  of a broadband network architecture (4)
17 Largest mobile telephony in US (4)
18 Aim to optimize a service providers operational and process infrastructure (3)
19 Geographic position (4,4)
20 Local loop on which origination and termination of call happens (4)
21 Fraud occurs mainly where credit checking procedures are tightly controlled and fraudster uses another persons ID (5)
22 Happens when services are delivered but not billed (7)


5 Police services for Telecommunications (3)
10 Creditor’s loss (3,4)
23 Consists of fiber optic, telephone, cellular networks and comms satellites. Even consists of undersea cables interconnected by switching centers (4)
24 A third generation mobile cellular system developed by 3GPP (4)


25 Expert opinions for communication providers (4,2)
26 An act to steal (5)

Please send your completed answers in this file to

Bookmark and Share

This month’s LTT by Arun Rishi Kapoor was meant to illustrate that operational performance can be enhanced by fine tuning the alarm rules, to eliminate unnecessary false alarms. This would then allow the RA-FM team to also concentrate on alarms coming from the new roll out of 4G/LTE and Mobile Money services, without the need to recruit more staff.  

The CFO wanted to know the following:

Which network was contributing to the most number of false alarms?

You need to create a pivot on the (LTT_10_Alarms.xls) file to find the maximum number of false alarms.

LTT10 pic1

The correct answer is Network F.

What configuration entities can be fine tuned in the Industry Alert Violation rule to lower the number of false alarms in the FMS?

Based on the statistics of the pivot on the (LTT_10_Alarms.xls), the following recommendations can be given.

  1. As most of the false alarms are coming from Networks A, B, D, E & F, it would be better to create a separate rule for these Networks. In the extreme case, we could consider turning the alarms off for some of these Networks altogether but this is not advisable for extended periods of time.
  2. Since all of the fraud is being generated in Network C, but is also contributing to some false alarms (41), the Fraud Manager could expand the rule from the first 7 digits (cc+4 digits) to 9 digits (cc+6 digits) to make the rule more accurate.
  3. Out of the 1780 countries in the industry alert dump file, fraud alarms are only found in 15 countries (see table below).

 LTT10 pic2

Thus the three configuration entries – network, country and called number prefix is causing lots of false alarms and requires fine tuning.

How many calls were made to numbers in the Industry Alert Dump File?

  1. In the (LTT_10_xDRs.xls) file, take the NEW CALLED NUMBER field - 7 digits (cc+4 digits) and then copy them into a new column named [CALLED NO (first 7 digits)].
  2. Now do a vlookup of this new column to the column – [Range (cc + 4 digits)] in the (LTT_10_Industry_Alert_Dump.xls) file.
  3. For the B number ranges matching, these are the calls made to the Industry Alert dump.

The correct answer is 2410 calls and can be found in this file.

Congratulations to three times winner, Michael Lazarou, and Deepak Chand for providing the correct answer. The next LTT will be published on Monday 18th November.

Bookmark and Share

This month’s LTT comes from Arun Rishi Kapoor, who is a Consultant at Subex with 6+ years experience in Telecom Fraud Management Operations & Consulting. As a Fraud Consultant, he is responsible for supervising & establishing best practices in Telecom Frauds, data analytics, requirement gathering & business scoping activities.  Arun has worked with more than 15 telecom Operators across the globe along with onsite assignments in APAC and MENA region. Arun graduated from Jaypee University of Information Technology (Himachal Pradesh, India) with a Bachelor of Technology in Computer Science Engineering.

The challenge

You work for a Telco which is about to launch 4G LTE & mobile money services. The CFO has asked you to check the feasibility of decreasing the existing alarm count but not at the cost of fraudsters bypassing the evaluation rules. This is required to let the Fraud team work on new alarms coming from 4G LTE and mobile money, thus saving to recruit new employees. The CFO asks you to report back to him after lunch.

You glance at the monthly alarm statistics and find the rule “Industry Alert Violation” contributes to 75% of the false alarms.

You have the following information available to help you:

1. The alarm information over the last month detailing the status of each case.

2. The call details of the subscribers who may violate the rule ”Industry Alert Violation”.

3. The ”Industry Alert Violation” rule generates an alarm in the FMS if the caller makes any call with the following paramters:

  • Called party number (called_number) having  prefix matching with the “Range (cc + 4 digits)” column of the Industry Alert Dump file
  • If the call is outbound
  • If the call is voice
  • If the network of the caller belongs to A, B, C, D, E or F
  • If the call duration is > 2 seconds
  • If the call is cross border.

4. The Industry Alert Dump file is simlar to that of the GSMA’s FF hot B-number database. It contains a list of all reported B-numbers used in fraudulent activities. 

The CFO would like to know the following.

  • Which network is contributing to the most number of false alarms?
  • What configuration entities can be fine tuned in the Industry Alert Violation rule to lower the number of false alarms in the FMS?
  • How many calls were made to numbers in the Industry Alert Dump File?

Please email your answers to

Bookmark and Share

Today’s guest post is by Michael Lazarou of MTN Cyprus. In recent weeks, talkRA has run a debate about the relationship between risk and control, and the extent to which revenue assurance and fraud managers should place their work in the context of enterprise-wide risk management. Michael continues the debate, expressing his views on the family ties between risk management and RA.

The difference of risk management and revenue assurance could be summed up in one sentence by defining RA as an actual risk mitigating activity and NOT a risk managing function. Revenue assurance activities or controls are implemented exactly to reduce the risk of revenue leakage within a system that is both dependent on human interactions/communication and a complicated technical system that has to be properly configured to record and pass on information until it is billed. It is NOT managing risk, it is an ACTUAL implementation of the solution for a specific risk.

Therefore, my understanding of what Eric is saying, but also my personal belief, is that RA is one of many ways of dealing with one of many risks within a specific business (telecoms). It is indeed true that risks vary and can be dealt with in many ways – from taking out burglary insurance to enhancing your product portfolio. These are definitely not part of RA, although there is a wealth of information available within RA to aid the decision making (i.e. for products – usage, trends, credit controls etc). The point that is made is that RA has the quantification and the analysis of this can offer a lot of information to the business. Behind the numbers might be a problematic system, lack of resources or a cry for a process improvement. This is for management to see and decide upon.

Obviously a breakthrough in the industry can make most of RA controls completely irrelevant. This is why a good analyst is not the one who can fool around with an expensive toy but one that can take the information, dig in and analyse it. Analyse the issue and propose a solution. If not even this is available to RA then it is limited to donkey work. After the data and analysis is presented it is again clearly management’s call to decide where to allocate resources.

Being a hybrid function, with a demanding skill set required to do well (and in addition a high level of telecoms required) RA does seems to be very limited in both the type of work and its impact within the organization. As Eric alluded to, sometimes RA personnel might feel that it is a natural progression to general risk management – when, in fact, the relationship is not so strong. It is in the interest of RA to avoid this misinterpretation and to focus on delivering the best checks that it can. However, something has to give; RA should be involved in the product development, sign off product notes before they launch, it has to have a simple BI tool to present some information more effectively, it should be guaranteed reliable and complete data and allowed to make suggestions for process improvements. RA does not want any part in risk management, but it should be more than running a script and escalating exceptions. The infant grows into an adult whether the parent likes it or not – each stage has its benefits and drawbacks – but the parent needs to be involved and understand his/her child in order to help it along and allow it to express its full potential.

Bookmark and Share