01 September 2017
Many wholesalers are investing more than ever in fraud prevention and revenue assurance, writes Peter Kirwan. The complexity of virtualised networks suggests more of the same will be required.
Declining revenues, squeezed margins, industry
consolidation: these are the circumstances in which adding a
percentage point (or two) to revenues can make a lot of
Hence the increasing amount of thought operators are giving
to revenue assurance and fraud detection
Both are the cause of significant revenue leakage. The
US-based Communications Fraud Control Association (CFCA)
surveys carriers worldwide biannually: its most recent report,
published in 2015, suggests that fraud losses amount to 1.7% of
global telecom revenues (approximately $38 billion).
Non-fraudulent revenue leakage is a similarly-sized problem.
According to a 2016 survey conducted by TM Forum, this kind of
leakage -- which carriers typically combat using revenue
assurance techniques -- amounts to 1.5% of the average
If we elide those two numbers, what emerges are average
annualised revenue losses of over 3%.
This would be significant in any industry: it’s
the kind of variance that makes the difference between a
career-limiting quarterly bottom line and a world-beating
Of course, it pays to be wary of the headline figures.
Variations between operators can be substantial. Some of the TM
Forum numbers for revenue leakage may contain fraud losses
(around half of the RA professionals responding to the survey
said their RA organisation also handles fraud
It’s also true that of the 1.5% revenue leakage
identified by TM Forum’s survey, around half is
recovered by proactive revenue assurance methods. Then again,
the numbers for revenue leakage cited here are based on
incidents that have been identified. Almost certainly, there
are additional unidentified losses out there, of the kind that
Donald Rumsfeld would have described as "known unknowns".
Two things are clear. First: revenue assurance and fraud
detection have a higher profile inside many carriers than ever
before. Second: the threats and challenges can only grow more
complex in an IP-based world.
Historically, it was always easy for wholesale carriers to
pretend that they really were just dumb pipes, carrying traffic
from A to B.
Ravi Palepu, global head of telecom solutions at consultancy
and system integrator VirtusaPolaris, sees the same defence
being played out on occasion, even today. "If a bank wants
connectivity in 22 countries, you end up working with six or
seven wholesalers as a partnership channel," he says. "So the
person who is at the forefront of the relationship pays the
penalties. But this doesn’t always get translated
into suppliers and partners paying the penalty as well, for not
providing the service. Suppliers get away with a lot, while the
wholesaler who signs the end contract takes all the blame from
the customer. And that’s where the leakage
happens," he adds.
Change is happening, however. Other observers tend to weigh
in which telcos at the retail end have raised their game,
pressurising wholesalers into adopting a more proactive
"Let’s say Vodafone UK as a service provider
uses BT as a wholesale carrier," says Joseph George, senior
vice president of revenue assurance and fraud prevention at
Mobileum. "If fraudulent traffic is being pumped to a specific
website, there will be an expectation that the wholesaler will
monitor and alert their retail partner. Both of them will need
to collaborate and share the risk. Wholesale providers will be
pushed to share the risk to a very large extent: they will need
solutions in place. Vodafone does have a choice among
providers: if I can keep my tunnels fraud-free and loss-free, I
become attractive in business terms."
Katia Gonzalez, head of fraud prevention operations and
services at Brussels-based wholesale carrier BICS, has watched
the transformation from a ringside seat: in addition to her day
job, Gonzalez was a co-founder and remains chair of the
anti-fraud working group at i3forum. She identifies 2011-12 as
the point at which attitudes started to change.
"We started to hear the mobile operators complain louder,"
says Gonzalez. "Their margins were declining. This was also the
point at which retail mobile operators had started to sell
unlimited bundles, which offered fraudsters a particularly
"At one end, you have a retail operator, and at the other, a
retail terminator. This is an end-to-end ecosystem, and
wholesalers sit in the middle. So it seemed to us that either
we work on this problem, or the chain breaks."
Wholesalers have much to contribute, she says. "Large
wholesalers are able to take an overview of traffic volumes. We
can see changes in traffic patterns that retail cannot. We know
what the traffic patterns for a typical weekend look like. We
know how Diwali ordinarily affects traffic patterns. So we are
in a good position to work on pattern recognition."
What has changed is the size of the addressable market that
sits in front of fraudsters and hackers. At the crossroads of
digitisation and globalisation, the risks are multiplying. Take
roaming fraud, for example. Since the advent of mobile
networks, it’s been a problem. It’s
much more of an issue today precisely because people are
travelling more often.
In addition, as networks shift toward IP, the chances of
cross-fertilisation between communications fraudsters and the
underworld of IT malware only increases.
"The same methods keep on running forever," says [Katia].
"But we’ve now got many more entry points. We used
to have PBXs that were TDM-based and harder to access. But
nowadays with IP technology anyone can try to breach
infrastructure anywhere in the world. We have globalisation of
fraud: the playground is very big."
In a similar way, the gradual shift from physical to virtual
poses an even more stark set of challenges for revenue
"On a circuit-switched or GSM network, we know what the
challenges are," says Joseph George of Mobileum. "If you ask me
what are the likely problem areas between switch and billing, I
can list a whole number of things.
"The issue with IP networks is that everyone out there is
struggling with the question of where the problems are, and
where the control points should be, from a revenue assurance
perspective. You also need systems that are architected to
handle very high volumes of data in real-time, with analytics
on top. And in the increasingly hybrid world, you also need to
be able to marry the data from traditional networks with the
data from pan-IP networks."
Volume, variety and velocity: it’s a classic
big data problem. "You need a platform that can identify
unknown problems," says George. "You feed the machine with
traditional experiences, and then construct the algorithm to
look for unusual patterns."
Ravi Palepu of Virtusa foresees an additional challenge for
revenue assurance among wholesalers, which we might describe as
consumerisation. "We’re moving away from a world
in which you say to your customers: 'Here’s a
12-month lease, here’s the infrastructure
we’re providing and you have to pay this
much.’ The logic of cloud services -- whether
it’s metered or subscription -- is coming to
As a result, says Palepu, wholesalers will start to do
business in a way that looks like retail: "If a situation
requiring resilience occurs, you pay for the solution and once
the situation is back on track, you stop paying for the
Like retail telcos, wholesalers will also use bundling as a
marketing technique: "So you buy cloud hosting and connectivity
for a certain price and if you buy unified comms on top of it,
it’s 'x’ minus 'y’." And
much of this will start to occur in real-time, or
near-real-time, as the flexibility with which carriers can
adopt and discard commercial models increases rapidly," he
"At the retail end of the industry, marketing is very
aggressive and their pricing models can become very complex,"
he says. "A lot of these offers are driven by the marketing
organisation. Now they really don’t care much
about the management of operations, the conversion of invoices
Wholesalers may yet find themselves grappling with a similar
kind of complexity as they become increasingly virtualized and
In an on-demand world, services are switched on and off as
required, and complexity means that trust is harder to verify.
One possible solution has emerged out of left field:
blockchain, the technology that underpins virtual currencies
such as Bitcoin.
Blockchain effectively acts as a distributed ledger: each
member of a supply chain possesses a verified copy of the
transactions between the parties, associated SLAs, and a
permanent record of performance. Potentially, the technology
can be deployed in a highly automated way, using so-called
smart contracts as the basis for pre-programmed purchasing of
network services from supply chain partners.
Yes, all of this is still in the realms of R&D. And yes,
significant technical challenges remain to be solved. But
there’s no doubt that carriers are interested:
among others, AT&T, BT, Orange, Softbank, Sprint and
Verizon have all been linked with trails of, or investments in,
blockchain during the past two years.
"In the UK, we are doing two proof of concept exercises with
two wholesale operators," says Palepu. "In the US, we are
involved in one of the discussions there. I would say 30-40% of
operators have started to realise that blockchain could make a
Of the eight or nine use cases that exist for blockchain in
the communications industry, two are of particular interest
carriers: network management and smart contracts. "NM is not
only about managing your network effectively. It also enables
analysis of the charges the suppliers are posting on to the
CSP. And how we can correlate that data point to make sure
we’re paying the right bill, and that the
suppliers are penalised if they’re not providing
the right service."
Indeed, blockchain may yet also become relevant to
anti-fraud efforts. One of the more high-profile early use
cases to have emerged is roaming fraud, which blockchain could
significantly reduce by hosting and distributing public keys to
mobile users roaming abroad.
In many ways, an increased focus upon revenue assurance
looks like one of the hidden costs of the agility enabled by
virtualisation. As digital transformation rolls on, carriers
may well need to make significant additional investments in
order to ring-fence and protect the revenue that’s
Palepu, for example, talks about how today’s
approach to revenue assurance is "always very reactive",
often coming into play "when the customer shouts that something
is incorrect, or a supplier says you have not paid me for this,
or you need to pay a penalty under the terms of an
Something similar applies in fraud departments. Gonzalez at
BICS is clear that a large proportion of telco fraud -
including many of the more serious exploits costing $500,000 or
more - occurs during the two days of the week when surveillance
is weakest: Saturday and Sunday.
She explains "You need to be a big operator to afford a
dedicated anti-fraud team. We have a team working 24/7. But the
truth is that many operators cannot afford that kind of