Instead of the usual stories about making money and corporate machinations, today I thought I would point to to the personal story of an ordinary revenue assurance Joe Shmoe.
Archive for January, 2007
There is a debate about whether telecoms fraud falls within the remit of revenue assurance, or has anything to do with revenue assurance, or is something that needs to be managed differently. I never could understand those arguments. Businesses should organize themselves in the way most efficient for their circumstances. Sometimes that will mean linking the management of fraud with revenue assurance, sometimes keeping them separate. It all rather depends on what frauds and revenue losses the business is likely to suffer from and how it deals with them. Here is a very good synopsis of the various kinds of fraud from Geoff Ibbett of SubexAzure. Stephen Tebbett of Ernst & Young has an awesome list of all the kinds of revenue loss that I would give you the link to, except it is not on the web yet, so come back soon as we will be hosting it here in the near future. Though the causes of the losses on Geoff’s and Stephen’s lists are quite different, many of them revolve around similar weaknesses or gaps in monitoring, and there is a lot of overlap in the indicators of fraud and revenue loss. Of course, in the real world lots of questions about who does what job are decided by internal politics and power struggles. But if you want to think about the question solely on the basis of efficiency and effectiveness, here are the three factors to consider when deciding whether to link the management of fraud and revenue assurance.
1) Human Resources, Staff Time and Communications
Will there be pre-launch analysis of risks for both fraud and revenue assurance? If so, could this be performed by the same individuals? Can the training of fraud and revenue assurance analysts be combined to improve effectiveness and reduce overheads? If fraud and revenue assurance staff were in the same function, would they have improved promotion prospects making it easier to retain good people? Are losses due to fraud and revenue leaks reported using a consistent format? Are they both presented to the same executives? Could they be collated and reported by the same person? Are they calculated in a consistent way?
If the answers to the questions are “yes”, linking fraud and revenue assurance will provide efficiencies in terms of human resources, communications and the time of senior staff. If the answers are “no”, it is still worth asking why. Why not have the same person trained to identify fraud and revenue assurance risks? Why not calculate losses in a consistent manner and present them to the same execs?
2) Incident Management and Process Improvement
Are there overlaps in the way fraud and revenue assurance weaknesses are addressed? Is there a similar scope for the systems and processes reviewed and monitored for both fraud and revenue assurance purposes? Is same the documentation used to understand internal processes and system performance and hence to identify weaknesses? Are there topics like information security or business continuity where both fraud and revenue assurance considerations are often addressed in the same way? Do improvements related to reducing fraud often have benefits for reducing revenue loss and vice versa?
If the answers are “yes”, there is a good case for trying to resolve issues and fix bad processes using a common approach with common prioritisation. Where the understanding of technology and product is much the same for preventing or identifying weaknesses for both fraud and revenue assurance, duplication of effort can be reduced by linking the goals.
3) Monitoring Systems and Processes
Is the same source data used for both fraud and revenue assurance monitoring? Are alarms that indicate possible fraud sometimes set off by accidential revenue leakage? Are checks for accidental revenue leakage sometimes evidence of deliberate fraud?
If the answers are “yes”, there should be cost efficiencies in implementing systems and processes able to identify and react to both deliberate frauds and accidental revenue losses. Exploitative customer actions like use of SIM boxes, or internal frauds where some customer bills are suppressed, may not be picked up by classic monitoring focused on looking for certain pre-defined types of customer fraud, but may get identified through generalised RA checks. Likewise, monitoring for unusual customer activity or for internal frauds may highlight an accidental error by the business or one of its partners as well as identifying genuine frauds. If there is a high degree of overlap in the recurring checks that would counter both fraud and revenue loss, then it is more efficient to combine the monitoring strategies and to reuse data where possible.
I like the idea of democracy. I think there is something to be said for sharing authority between a large group of people rather than giving it to an elite. That is why I like blogs. Why listen to one person’s view when you can listen to many? Check out this blog about user-centric revenue assurance, which started me thinking about revenue assurance and democracy. I always enjoy listening to points of view which are more sophisticated than the usual “buy this stuff and it will fix all your problems” marketing blurb.
The problem with democracy is that if you give responsibility to many, you may find nobody takes responsibility. Revenue assurance is like a public good. For a start, revenue assurance is something that benefits everybody (unless you actually want to work for an unprofitable and wasteful business that makes lots of mistakes). However, measuring and allocating responsibility is virtually impossible to do. Many revenue assurance big-shots would no doubt choke, or laugh, after reading that last sentence. But that is because they like to take all the credit for any successes, and take no responsibility for any failures. Holding an RA department responsible for revenue assurance is like holding environmental activists responsible for global warming, making the Police responsible for crime, or holding a doctor responsible for the health of the community. Sure, they have some role to play, but they do not cause the problems they deal with, and many of the solutions are outside of their control. So if things get better, they may deserve some credit, but much of the credit must go to other activities too (think about the impact when people recycle, or take better precautions to prevent crime, or exercise regularly). The same is true of revenue assurance. Spending money on a revenue assurance department so it can employ people or implement tools is like putting your faith in centralised solution to the problem that people make mistakes. I say people, because systems do not make mistakes – only the people who choose them, design them, implement them, and use them make mistakes. There are lots of ways to avoid mistakes, live emphasising simplicity in design, taking a modular approach, or being thorough with testing. Encouraging people to avoid mistakes, or to identify and correct mistakes, is like encouraging people to recycle or to exercise. It would be a bad doctor who wants his patients to be unhealthy just so he can then give them expensive treatments. But it is very hard to measure the benefits of preventative medicine, and hence to reward it, either in terms of the doctor’s efforts, or of the community as a whole. Hard though it is, a service provider must remember the importance of collective action, or else he will end up with very expensive doctors trying to cure a sickly business that never gets well. So revenue assurance is not the problem of the RA department, it is everyone’s problem. That means the first step is the same as with any public good: educate the public. If people do not know what the problem is, they will never start to work on the solution.