Joseph Nderitu

Joseph Nderitu is a consultant working in revenue assurance space. He was previously Internal Audit Manager in charge of auditing several functions at Airtel Africa's 17 countries, where he led reviews of RA, Customer Service and Sales & Marketing functions. Prior to his stint at Airtel, he worked as RA manager at Safaricom in Kenya serving in various roles in revenue assurance - Product Assurance Analyst, Senior Billing Assurance Analyst and Billing Assurance & Network Integrity Manager. Joseph's career started in IT Support/Programme Management at British American Tobacco. He holds an MSc Degree in Information Systems. He has dedicated his life to finding new ways of eating the hole in the doughnut. In his spare time, he hopes to identify ways of doing revenue assurance better.

In March 2006, I resigned from British American Tobacco (BAT) to head into a new job in a new industry (as a product assurance analyst at Safaricom Ltd, the leading telco in Kenya).  This was after having applied for different positions at Safaricom for what seemed like a million times. Then, as now, securing a position at Safaricom was pretty much a dream-come-true for a recent graduate. After a few days of vacation, I found myself at Safaricom, wearing an ill-fitting suit, a heavily starched shirt and an even more uncomfortable tie.  The second day on the job was most trying. I was sent to a project meeting where the agenda was launch of an international gateway. For somebody who had just come from manufacturing industry, international gateways, points of presence, spectrum, bandwidth, throughput, transit, carrier services all sounded so strange. I could recall some concepts from my undergraduate studies but hardly enough. In other meetings there were of course the usual acronyms that color the telco parlance – MSISDN, IMSI, HLR, LCR, UAT, SIT (nice pillow talk for those who have spent time in telco but horror story for a newbie). I knew I had either made a very good decision and the rest of my life would be extremely interesting or I had made the biggest blunder. My bets were, of course, on the second scenario. Confusion increased with each additional meeting I attended and I was sure I should have stuck to selling cancer sticks. I mean, a cigarette is a cigarette by any other name and smokers who are craving their nicotine dose do not have the patience for acronyms – I have no proof but I suspect this is what keeps the tobacco industry fairly straight-forward.

Things only got worse. Product assurance analysts were supposed to perform risk assessments as part of pre-launch procedures for all products.  A new product was coming. M-PESA. It was a product that few people in the company believed in especially during much of its pilot phase in 2006 before launching in 2007. It was highly experimental, sounded very much like the stuff of dreams, very much the kind of thing that folks like Nick Hughes and Susie Lonie, seated in nice air-conditioned Vodafone offices in London, would be toying with but hardly something that would work.  Transfer money through a phone? In Kenya? Seriously? Why would anybody ever want to do that? Who would even trust such a service? The rest of the risk management team was busy with more important and “realistic” products (e.g. VoIP, bundles and Missed Call Alert).  How unlucky could one get to be assigned this product? It would seem I had wronged my ancestors in a big way. As if joining a crazy industry was not enough, here was a crazy product.

For M-PESA, there was no precedence to this kind of product, no data to analyze and no graphs that we could plot. The entire business proposition was shaky. My line manager (Alfred Kiteme, now Director of Business Assurance at Etisalat Afghanistan) and I were stuck, trying to think of the risks around this thing. Alfred had an idea. Since we do not have all the info (ahem, we had nothing), why don’t we just talk to as many people as possible and ask them what they foresee as the things that may go wrong? It is possible that people (at least the ones who hang around after scoffing) will tell us stuff that we would never think of, by ourselves. My bewildered self was only too willing to give this a try.

That is how we found ourselves in Nairobi CBD, taking to a number of Safaricom GSM dealers – these dealers would now start being the main M-Pesa agents. We walked into one dealership and the lady told us that she was sure the product would do well, as long as the dealers were making money from it. She paused, sipped her tea, contentedly and gave us a stern look. She repeated, “as long as dealers are making money from it”.

Close to 7 years later, whenever I walk into an M-PESA dealer shop (and trust me, Nairobi is full of M-PESA dealerships), I remember that lady’s words. We can have the most innovative ideas and the grandest of dreams, the most elaborate plans on how we shall execute and we can spend all the time thinking of the risks and mitigations. Ultimately, we are all in the business of partnership. It’s a scratch-my-back-I-scratch-your-back type of world.  Well, truth be told, I still remember that the good lady did not offer us tea (!) but that’s fine. I am sure now that she is making money, if I passed by her office, she would offer me some tea.

Perhaps one of the fundamental questions that telcos should ask is: even if this is going to be great for my customers, is it going to make me money and is it going to make money for my partners. So basic, yet so ignored. I use “money” here loosely. What the partners want to know is how “it” advances their business.

We all know the story. M-PESA has become a roaring success – bagging close to 20 local and international accolades within a period of 5 years. By Mar 2012 Safaricom indicated in its financial statements that the network of dealers stood at 39,400 (close to 50% growth from 2011) and M-PESA revenue was at the USD 200Mn mark. As the revenues from voice services dip, M-PESA is standing Safaricom good stead and doing a whole lot of good for the customers and the value chain. Something that started as a trial product is going places and whilst dealers are by no means the only reason behind the success (there was a confluence of many factors in determining the uptake and growth of M-PESA), their role in this cannot be underestimated.

(We did complete the risk assessment document eventually. It was essentially a synthesis of many points of insight that we had collected as we went around “seeking help”. From that point onwards, risk assessments were not done as arm-chair type of exercises. Rather, the product assurance team would convene a workshop of diverse stakeholders from IT, Finance, Marketing, Legal etc and facilitate a brainstorming session. After all, these process-owners are the same ones who are expected to mitigate the risks, shouldn’t they be expected to have a hand in identifying the risks in the first place albeit with RA playing the role of the 3rd eye? We had realized we don’t have all the answers. Frankly, nobody expected us to have all the answers. Sometimes the solution is as simple as admitting you don’t have the solution because only then will other people be able to step in and offer the solution.)

Lastly, it is appropriate at this point to state that if anybody (either current Safaricom employee or ex-Safaricom employee) ever tells you that he/she had faith in M-PESA when it was starting or had foreseen what an impact this service would have, the strong whiff that will accompany that statement is most assuredly cow-dung!

P.S. If any of the readers wonders why I have spelt M-PESA all in caps, please wonder no more. Safaricom insists that the product is M-PESA not M-pesa or m-pesa or m-Pesa or….you get the drift.

Bookmark and Share

At a discussion panel at the WeDo user group in 2010, talkRA blogger Eric Priezkalns pointed out the value of imagination in RA. Podcast of the same panel session is here.  He also stated that when he started out in RA, he had hoped that more people would transition out of RA and go on to business leadership but that has not been the case.

Well, I also held this hope at the beginning of my stint in RA. In fact, at the time, I was sure it was a ticket to understanding business, getting a crash course in learning negotiation and persuasion skills and thinking in x dimensions where x is greater than 3. To my mind, the result would be an esteemed brigade of new generation business leaders who are well balanced and adequately exposed, having worked with all functions of the telco. These guys would have gained a level of insight that no MBA can provide and would sniff pitfalls that were miles ahead in the business landscape. They would instinctively know when to take a big risk and when to be conservative because they have been witness to horror stories and success stories.

I must say I have been equally disappointed. I can hardly count peers who have transitioned from RA into taking their “rightful” positions. I cannot help but wonder, what went wrong? Is this as it should be? So I put on my sack cloth and lay among ashes the whole of last weekend, pleading with the gods of RA to show me what went wrong. At the end of my fast, this seer came to me and showed me the error of our ways. Below please find a summary of what ails the RA fraternity.

One Track Mind

Some of the RA practitioners I have worked with were good in one area and very weak in other areas. Nature always self-balances but human beings are very poor in this. The genius kid of data analytics will demonstrate zero skills in process reviews. He may even disdain anything that requires looking at a process. The process review professor does not like getting his hands dirty with really cold and mostly ugly data. Well, I think business leadership requires people who are not afraid to engage all levers to achieve forward motion, including the uncomfortable gears. We have done poorly in this regard and we have only ourselves to blame.

Safe until Senility

When you know one thing, you want to keep doing it and getting better at it. Do we ever think of taking the risk of changing how we do it? This, in my view, is possibly the one major reason a number of people who started out in RA still work in RA. We may all profess the love of RA…oh, how we don’t do it for the money….it’s the adrenalin rush that comes with catching the big one and plugging it…blah blah blah. But perhaps we are just afraid of venturing out into the uncharted waters. Meanwhile, the cowboys from Marketing are beating us to the pie (no offence to all the good folks who work in esteemed Marketing functions).

Bearers of bad news

We seem to have perfected the art of ferreting out where the business is losing. And this is good – somebody needs to speak up when the company is losing. Trouble is, when people only know you as the corporate whiner who walks around with the smell of revenue losses following him, it becomes very difficult to see you in another role except that of a glorified janitor. It becomes laughable to see you as a leader in any form. A chap who is an undertaker by profession will always have few friends however affable he may be – undertakers who read this blog will testify to this. Is it time we packaged ourselves as the evangelists of solutions rather than being harbingers of horror and havoc? Even more than that, proactive prevention of leakages may provide an opportunity for us to show the business the way rather than waiting until the big $ is lost.

The Chase of the CDR and the Relish of Relics

Mike Willet once asked us to spare a thought for the poor CDR. I agree that we should also spare a thought for our fascination with the CDR. This has gone on for too long. Technology has changed (and will change even more), scenarios have changed, margins have become more important, cost management is assuming more importance but we are still in the chase of the CDR.  Not too many years ago, I was in college and we used to impress girls by walking around wearing trousers that were almost falling off our waists, chewing gum 24/7, speaking in the most contorted of slang,  keeping long hair and listening to Walkmans and Discmans. This would prove you are “with it”.  In my father’s day, I suppose they walked around with gramophones. (To be honest the kind of girls impressed by such stuff were often a tad dumb and you would find out after some time. However, the point is: it was working). I cannot hazard a guess as to what tricks today’s youngsters have up their sleeves but I do know they must have changed tack. But in our domain most of us are too stuck tinkering with RA tools, doing UNIX scripts and spotting the odd pattern. We thus never look up. And in the meantime, business swiftly moves on.

Bookmark and Share

I received an interesting email recently. It came from a well known vendor in the RA and Fraud Management space and was titled “Are Fraud Management Systems the centre of gravity for telecom fraud?”

So much food for thought, I said to myself. I like questions. Of course answers would be even better.

Inside the email was a quote from GRAPA (no doubt intended to be some sort of endorsement).

“The return on investment (ROI) on a FMS is fantastic and it’s always the backbone and a core competency of every fraud department.”

Please read that again. Allow me to highlight a few things.

“The return on investment (ROI) on a FMS is FANTASTIC and it’s ALWAYS the BACKBONE and a CORE COMPETENCY of EVERY fraud department.”

I nearly fell off my seat but quickly re-established my centre of gravity, with great difficulty.

For one to make such wild claim, I can only think of several scenarios.

(1) The person has never worked in a telco revenue assurance/fraud management team
(2) The person wishes to sell FMS and is willing to pull any amount of wool over unsuspecting CSPs
(3) This is a person reading a dictionary that has a very unusual way of defining “fantastic”, “backbone”, “core” and “competency”

Of course somebody who is depending on GRAPA for insight would likely fall in any of the above categories.

I have nothing against tools. I think a CSP that consciously evaluates, plans and project-manages an automation project is doing a wise thing and perhaps the naturally logical thing. Tools exist for a purpose. They make work easier. They help us out. They can put fun in the work. That happens when they are deployed sensibly. Otherwise, they also have the capacity to achieve the exact opposite of what I have just outlined above!

But I have a problem with anybody who wishes to make people believe that a tool is some fantastic thing which is ALWAYS the backbone of this or that. If you think a tool is the backbone of your revenue assurance and fraud management program, you deserve a good kick on your backside.

I have therefore taken liberty to correct the statement made by GRAPA.

“The return on investment (ROI) on any tool is dependent on many factors. A tool can never be the end in and of itself. Rather, to have an effective revenue assurance and fraud management program, a CSP’s RA and FM program will need appropriately-skilled people, the right organizational placement and sponsorship (which depends on the specific CSP and can even be subject to office politics), flexible use of technology (including freely-available software as and when needed), good old common sense and a healthy amount of luck”.

Since the issue of centre of gravity has been raised, it is only fair that I state that a matter that is as grave as RA tools should not be left to the wild claims of GRAPA. Of course, I could be wrong, because I have only relied on my experience, which is not much. And that is why I invite GRAPA to provide statistics to back that claim.

Bookmark and Share

As the 2012 came to an end, I am reminded of those we lost along the way.

I have lost many relatives and even many more friends but I the sadness I felt at the loss of my former boss, Ivor, who was Director of Risk Management at Safaricom, until his untimely death on 13th Oct 2012, was compounded by the fact that over the months I had received news that his battle with cancer was progressing well and he had even resumed office duties after a very tough period.  News of his death were thus most unexpected. It felt as if a candle had, without warning, gone off, just after the last strong gale of a night storm has ended.  But now that he is gone, it would be good to remember a few things from his life and the ones that, in my view, directly touch on Revenue Assurance.

I will remember Ivor on 3 counts and I hope in 2013 and beyond, his lessons will stand.

(1) Listen to RA, Understand RA, represent RA and question RA
As a member of the Executive Committee, Ivor provided much needed sponsorship for RA activities. He took it upon himself to understand the issues and to drive closure. Sometimes the value of a good RA team is undone by lack of proper representation at the highest echelons of a company. I think it is fair to say, the RA team in Safaricom had the privilege of Ivor’s support. During his time, we had a monthly session where each of the RA analysts would present their portion of the Revenue Assurance KPI report – a fairly detailed report that looks at the performance of monitoring controls over the Safaricom revenue sources. Ivor was in his element, asking what he called “my dumb questions” but which provided the team with different perspectives. Too many C-suite people, especially those who have not had training or background in RA, do not take enough time to understand RA and they are not asking questions. Ivor was not one of them and he sought explanations on the work that was being done. He challenged assumptions and kept us on our toes.

The second thing I remember is attending the 2010 edition of WeDo User Group (WUG) with Ivor. He spent a lot of time asking how other RA teams are doing their assurance. Whatever new thing he learnt, he would mention it to me “Joseph, can we start doing that?” Of course over time, I started feeling as if we were engaging in copy-paste without being mindful of the specific circumstances of each operator. I mean, we could all be in the same industry but Safaricom, Claro, America Movil are all very different. But later, during de-brief in Nairobi, we came to an understanding that some things can be adapted, others can be directly copied and others can be ignored altogether. That was the kind of RA improvement that Ivor pursued. He was open to his direct reports disagreeing and so long as their arguments were rational and delivered clearly, a middle ground was available. The typical RA manager is expected to drive a lot of things, to keep so many balls in the air and to be the Ultimate Mr. Fix-It. Life is so much easier when the C-Suite guy who is responsible for RA is balanced in asking for new things and also understanding the limits of what can be done.

(2) High Standards
I recall the very first performance rating that Ivor assigned to me. It was a rating that I felt was not commensurate with the work that I had championed and I let him know as much. His response was simple. “I rated you on what you have achieved against your potential. I could have just looked at your achievements without considering what you are truly capable of and your rating would be quite high but that would not be fair to you because you are capable of much more”. Of course, I sulked for a few hours but as always, whenever Ivor noted there was displeasure in an employee, he never shied from approaching the person. Promptly at lunch time, he showed up at my desk and offered to buy lunch and I thought, “Dude, you have such cheek!” Over lunch we had a candid discussion – it did not have to be a long chat because I already knew he was right.  The lesson had been learnt – to let an employee perform at a level that is not at par with their potential is unfair to the employee. Later appraisals were of course better because I knew I had to demonstrate that all that was within my power had been done. With the benefit of hindsight, I am not surprised that Ivor was applying such high standards. He lived those standards.

(3) Avoid Illusions
Those who know Ivor will remember that how he dealt with conflict. Always with a chuckle, he would approach whoever appears displeased and ask “My good friend, what appears to be the problem?”
That is one other lesson I would like to remember Ivor for. Sometimes we think there is a problem, yet there is no problem. And sometimes we think there is no problem, yet there is a problem. As we navigate this treacherous RA field, each RA practitioner should exercise due caution in determining what is the problem and what appears to be the problem.

Today, in honor of Ivor Machio Wekesa, I ask that we all question what we do with the aim of improving it, re-apply higher standards and ensure that we are tackling real problems. Rest in peace, Ivor. The lessons remain with us.

Bookmark and Share

I have been pondering on what defines the success of an RA team. No doubt, a revenue assurance team that executes a well-informed risk-based program of controls will uncover areas of leakages or confirm the absence of the same, hence give comfort as to the wellbeing of revenue streams. The question is: when they do uncover issues, does the work stop there? Of course not, the value of knowing an issue is in deciding whether to pursue resolution (by considering such things as the cost-effectiveness of fixing it) and …eventually closing it. If it remains open, one could argue the knowledge of the issue is in itself not so important. So what happens when RA identifies more and more issues and collectively, the company keeps on closing less and less issues.

The fact is, the rest of the business is quite busy (ahem, even if they are just busy strengthening the walls of the silos that they work within) and that is precisely why RA folks are more than identifiers of issues. They need to go beyond saying what is going wrong, to engaging in fruitful discussions that lead to change. And, they must innovatively find ways to make that change sustainable so that one day, we shall not need RA folks. What is the value of a revenue assurance issue list that spans 10 pages and is just a litany of continuing leakages? To be fair, the status cannot be blamed on RA team alone but any CEO who presides over a company in which known issues of leakage remain open either has no regard for shareholders or no regard for work done by his RA team (perhaps because they lost credibility along the way?). Well, I am not aware of any company that has gone down because of leakages not being addressed but one has to wonder why we would run a company that knows money is being lost but does nothing about it.

It is possible that resolution of some issues is just not possible (at least for some time) and the business has to live with it. If so, this needs to be a conscious call and whether RA will continue to track the leakages from such continuing “known” issues is a call to be taken.

But how do we drive the rest of the business to close issues? I submit that a less-than-optimal closure rate may just be a symptom of underlying problems. Sometimes there is too much in-fighting and folks in technical departments, for example, always getting into problems for every RA report that is issued. It is difficult to justify why a CSP is losing money because some engineer somewhere incorrectly configured a system. So the RA manager who points out such errors in configurations always seems to be the snitch that gets everybody else in problems and every time he does a better job, more people get into problems.  Over time, resistance sets in.  I think it should be possible for RA team to do a better job (uncover even more issue) and at the same time have less and less people getting into problems.

Apart from identifying issues, RA teams might do well to be partners-in-solutioning and skew the final communication towards celebrating closure. This by no means amounts to glossing over issues (whatever is open must still be highlighted, adequately quantified and given enough attention). The point is to ensure that people are motivated by closure of issues as they work on remaining ones as opposed to getting whipped. This is better done by ensuring that upon identification of whatever issue, proper consultation on the causes, impacts and possible solutions is done and this needs to be done in conjunction with the people who stand to lose the most, when the news of leakage go out.  Leakages are embarrassing and nobody wants to be responsible for any and that is why discussion should be forward-looking but also back-ward looking to ensure that we don’t suffer lose the lessons of history. When this happens, then more time is spent on identifying the best solution in an atmosphere of positive engagement.

I realize that ultimately, partnering in solutions is dependent on organizational culture though. There are companies/teams where problems (not just leakages) are an avenue for teamwork and an attitude of “let’s summarily kill off this, issue, as we always do”. In other settings, problems are a welcome excuse to hang some people. But even in the latter scenario, RA has a role, in my view, to foster collaboration in resolution of issues and that is why RA practitioners need to be, first and foremost, people who have good interpersonal skills.

Bookmark and Share