The answer to LTT-13 was A = Yes. With relatively new products and service streams like mobile money remittance, there are a whole new set of non-traditional telecoms fraud risks. In summary, there are many types of fraud that can occur in the mobile money remittance domain that could lead to fraudulent transactions that would not be detected by the three controls proposed by the RAFM manager, namely:
- Handset theft
- Digital value smurfing
- Fraudulent credits
- Identity / Subscription fraud
- Network employee collusion
- Bank/Agent employee corruption
- Mobile malware
- Social engineering / Impersonation
- Phishing / Smishing / Vishing
- SIM swaps
- Cashing out process.
Congratulations to Arun Rishi Kapoor and Herbert Galiano for providing a correct answer. The winning response came from Daniel Peter in India, with the following explanation:
Yes. It is possible to commit fraud as the mentioned controls — A daily cash-in reconciliation, A daily eWallet reconciliation and A daily balance reconciliation – only checks the completeness of the transactions.
The below list of frauds can still be committed when the mentioned 3 controls are in place:
- Money Laundering: the process of making criminal assets appear legitimate. For example: proceeds from drug deals/ terrorists appear legitimate hence making the detection of the origin of these criminal money difficult for the law enforcement agencies. There are a few stages to money laundering — Placement, layering and integration — where black money at first gets placed into an account without arousing suspicion, later moved around from account to account reducing the funds into smaller amounts by using different people disguise its original source, finally the same is put back into the legal financial system and appears to be legitimate funds or assets. Controls are required for these kind of frauds
- Registration / KYC fraud: Illegitimate customers get to register for MM transactions. Customers can provide fake documents to register for the service or the agent can also fraudulently let an illegitimate customer register
- Fraud during MM transaction such as unauthorized person receiving the money. This type of fraud is possible when the SMS is possessed by an unauthorized person
- Agent deducting excess charges – over and above the rate published by the MNO — from the customer, and also paying lesser cash to the customer by claiming commission when they were not supposed to. Agent here takes advantage of consumers’ lack of education and ignorance about MM
- Not repaying the outstanding amount to the customer on disconnection of service
- Agents and consumers colluding together to defraud the system. For example: The agent can claim commission from MNO for adding subscribers whereas the added subscriber does not have any intention to avail the service but only to help the agent gain commission
- Customers can also defraud the agent by obtaining access to an agent’s account and sending SMS messages to initiate cash-out transactions.