Email a colleague    

April 2015

Protecting 900+ MVNOs around the Globe from IRSF Fraud Pirates

Protecting 900+ MVNOs around the Globe from IRSF Fraud Pirates

Telecom fraudsters behave a lot like electricity: they follow the path of least resistance, gold being their favorite conductor of electrons.

And when it comes to International Revenue Share Fraud (IRSF) — a fraud that robs telecoms of a cool $4 billion a year — that new path of least resistance is the MVNO, the 900+ mobile operators who generally own no mobile networks, but sell mobile service virtually — reselling the facilities of a network operator.

That’s the analysis of Colin Yates, a foremost consultant and authority on fighting IRSF fraud, and he’s here to tell Black Swan readers all about this new threat — and explain what MVNOs should do to protect themselves.

Dan Baker: Colin, what’s the scoop?  What’s changed to make MVNOs more susceptible to IRSF?  And maybe we should change the meaning of the term MVNO to “Massively Vulnerable Network Operator”.

Colin Yates: Dan, the MVNOs definitely are massively vulnerable.  Without fraud management domain knowledge, training, and tools, you’re an easy target to be picked off by IRSF fraudsters.  Data I’ve collected suggests that in the last 3 or 4 months there has been a gradual shift toward fraudsters attacking MVNOs more and more.

I think that’s a conscious decision by the fraudsters.  Mobile and fixed operators have suffered IRSF attacks for 7 or 8 years now, but over time they have become skilled at putting in controls for prevention and early detection.

Big damage has already been done.  Last month I spoke to two MVNOs who suffered losses of around $500,000 each.  And neither of them had any effective controls.  One of those MVNOs missed out entirely on the required knowledge transfer and intelligence around IRSF.

Now the mobile networks have got their education networks in place such as the GSMA Fraud Forum, but many MVNOs are outside that information loop.  So they are hiring guys like me to come in and do fraud reviews to bring them up on industry best practices.

MVNO Treasure Hunt

What are these MVNOs doing wrong?

They basically don’t understand the fundamentals of fraud management.  For example, in near real-time roaming data exchange, they often don’t look at those records because they don‘t understand their importance.  Many are not even aware that IRSF exists.

Now the ‘Light’ MVNOs are probably in a bit better shape because their traffic is going through a large network operator who has the necessary fraud defenses in place.

Those ‘Full’ MVNOs who have their own core network are probably more exposed because most have not implemented any fraud management tools.  Then the other thing that works against MVNOs is that their operations are very lean and they make their money on volume and low prices.

Sure, they treat telecoms as a no-risk commodity to offer, like selling cinema or lottery tickets.  Some of these MVNOs are grocery store chains.

Yes, most of the emphasis is on acquiring customers.  Even if the MVNO appoints someone to be a fraud manager, that function often gets low priority.

They also don’t realize that they can get into a fraud management system for a reasonable price these days.  Some excellent tools are available that run around $100,000.  The days of million dollar fraud systems for small to medium operators are gone.  And some of these suppliers are offering 24/7 fraud monitoring via a managed service.  The managed service is a good fit for a medium-sized MVNO because it’s not efficient for them to employ dedicated people to look at fraud records.

So what do you prescribe for these MVNO organizations?  What do you consider they need to do?

Well, I think the actions they need to take generally boil down to five steps:

  1. Fix accountability — Assign someone in the organization to be responsible for fraud management.  They may not be big enough to appoint a full-time fraud manager, but someone needs to be accountable.  At some MVNOs whoever answers an incoming call about a fraud issue is responsible for handling it.  That sort of policy is too loose and doesn’t take the risk seriously.  Your average person has no idea how fraud occurs.
  2. Make an investment in training — Whoever is appointed to the job needs to spend some time learning the basic principles of fraud management, at least.  They must learn what’s required to bring their organization in line with industry best practices for their smaller shop.  Because people don’t have the background in fraud, they end up being purely reactive.  A solid fraud program needs to be proactive — and it’s best to develop a two or three year strategy for implementing programs they need to build.
  3. Invest in Automated Tools. — It’s not practical for MVNOs to put people behind a desk 24/7.  They have got to look at an inexpensive and automated fraud management system with the ability to send an email or text message to alert someone when the system identifies likely fraud.  About 90% of all IRSF happens between Friday night and Monday morning.  No one in the organization is working during that period so you must cover that period with an automated system.
  4. Do a Full Risk Assessment-- It’s worth having someone like me come in and do a fraud health check to see where their risks are and what controls should be in place.  In every fraud risk audit I’ve done, the organization was surprised at the level of risks they were exposed to.  CFOs are giving fraud management a low priority, but that’s because they don’t understand the risks.  Actually the damage could be anything from $1,000 a week to $500,000 a week.
  5. Enlist the Aid of the MNO Supporting Them — Another key thing is to look over their agreements with their MNO supplier.  One of the surprises is the contracts in many cases date back before the time when IRSF was an issue, so fraud management doesn’t even appear as a line item. 

    While an MVNO is expected to manage its own fraud risk as far as acquiring customers and offering products and services, it’s important that the MNO agrees to remove their margin in IRSF rather than profiting from it.  The MNO should at least be stopping the fraud once it’s detected to minimize the damage.
Colin, when you go in and consult with an MVNO, what’s the typical procedure?

When I do get called in to consult, I get all the information I can about the organization — who they are, customers, and products and services.  Then, over a 5 to 7 day period, I’ll typically interview all of the execs from the CEO on down and any Key Stakeholders in the next level of management.

With that information I’ll have a better understanding of their products and services.  If they’ve suffered a fraud loss in the last year, I’ll review each fraud case and identify every point of failure that contributed to that fraud.

From there, I start compiling a complete risk profile for the organization, what controls are missing, and what opportunities there are.  Typically I’ll come out with 15 to 40 recommendations on where to protect their network.

So usually within 2 week’s elapsed time, they come away with a complete framework for what they need to do.  And I also leave them with documented policies and instructions as well.

Sounds like a must-have audit for an MVNO.  Thank you, Colin.

Copyright 2015 Black Swan Telecom Journal


About the Expert

Colin Yates

Colin Yates

Colin started his working life in Law Enforcement in New Zealand, then after 18 years moved to a Risk and Fraud Management role in Telecom New Zealand.

After 12 years there, he moved to Vodafone New Zealand and for the next 12 years had roles with Vodafone in New Zealand, Australia, Germany and the UK, leaving Vodafone in 2012 as Group Head of Fraud Management and Investigations, having had responsibilities for managing fraud and investigations right across the Vodafone footprint.

Colin has held Management positions in the GSMA Fraud Forum, CFCA, FIINA and Pacific Partners.

He is currently managing his own firm, Yates Fraud Consulting Limited which consults back to industry operators to review their Fraud and Revenue risk maturity.  He also manages an IPR Test Number database currently in use by some of the world’s largest operator groups.

Colin is a Certified Fraud Examiner (CFE) and is also a Fraud Adviser to PITA (Pacific Islands Telecommunications Association).   Contact Colin via

Related Stories

Related Articles

  • Taking the Fraud Fight Directly to the Enterprise PBX: An Automated Service Does Deep Dives of PBX Data by Arnd Baranowski — Analyzing the call patterns and hacking attempts of fraud-pumping PBX machines is a new line of fraud detection.  Now a new line of enterprise fraud managed service is focused on that principle.
  • BT Americas Security Chief: Security is No Longer Just an IT Problem, It’s a Major Board Room Concern interview with Jason Cook — A global expert on security explains six key motivators that are driving enterprises and telecoms to strengthen their security protection.
  • Webinar: From Wholesale Settlement  to Global Partner Management by Dan Baker — A 40 minute webinar providing a sweeping view of the challenges and opportunities service providers face as they try to manage a far more complex wholesale and partnering scene.
  • Nine Simple Strategies for Protecting an Operator or MVNO from Telecom Fraud interview with Jim Bolzenius — An expert in telecom fraud management explains essential strategies for aiming a carrier’s or MVNO’s fraud prevention program in the right direction.
  • A Sweeping 239-Page Research Report on Fraud Management Solutions & Strategies by Dan Baker — TRI has released a comprehensive  analyst report on fraud management solutions.  The study is based on interviews with three dozen leading FM consultants and solution experts.  Download the free Executive Summary.
  • Protecting 900+ MVNOs around the Globe from IRSF Fraud Pirates interview with Colin Yates — Telecom fraudsters are seeking a new, more vulnerable path to riches.  Their target: 900+ MVNOs around the globe who generally own no mobile networks, but sell mobile service virtually.  This interview with a fraud control expert explains what steps MVNOs must take to protect themselves from IRSF fraud.
  • Solution Vendor & Integrator Partnering: The Key to Enabling an Operator to Meet its Strategic Goals interview with Kirill Rechter — Working with strategic partners is an essential component to the success of any on-going billing project.  In this interview, a billing vendor CEO explains how a software vendor, systems integrator and service provider can best work together to drive the service provider’s business strategy.
  • CABS Revenue Assurance: How Rural LECs can Recover $284 Million in Revenue Shortfalls interview with Kelly Cannon & Darrell Merschak — Independent rural LECs in the U.S. still rely on the AMA/EMI billing formats for CABS billing, even as that format has proven to be highly inaccurate as a source of inter-carrier records.  This interview includes an analysis and discussion of revenue recovery techniques ILECs can use by leveraging SS7 probes.  Also discussed are billing strategies, traffic dumping threats, and the possible fallout from the FCC’s bill-and-keep mandate.
  • Make Business Assurance Progress Every Day: How to Set Goals, Automate, and Energize Your Team interview with Kathleen Romano — Business assurance (BA) skills have wide applicability outside the revenue assurance and fraud mangement domains.  In this article, a telecom executive explains how she’s applying her BA skills in the Payments area.  In addition to discussing the key operational challenges in Payments, the interview also provides keen insights on setting goals in business assurance, leading a team, and making critical decisions.
  • Make Business Assurance Progress Every Day: How to Set Goals, Automate, and Energize Your Team interview with Kathleen Romano — Business assurance (BA) skills have wide applicability outside the revenue assurance and fraud mangement domains.  In this article, a telecom executive explains how she’s applying her BA skills in the Payments area.  In addition to discussing the key operational challenges in Payments, the interview also provides keen insights on setting goals in business assurance, leading a team, and making critical decisions.
  • Partners in Carrier Management: The Success Story Behind T-Mobile’s Fiber Rollout in Wireless Backhaul interview with Bryan Fleming — Wireless backhaul is the unsung hero of the smartphone’s success.  This interview with T-Mobile’s carrier management architect for backhaul reveals the behind the scenes game plan for one of the most ambitious wireless interconnect programs ever.  You’ll learn about: the reasons for adopting a full-scale fiber strategy; the challenge of finding carrier partners; the clever techniques T-Mobile used to simplify and cut costs; advice on building great relationships with suppliers; and the key role that analytics, assurance, and visualization software played.
  • Revenue Assurance: The Magical Market Cap Multiplier by Van Howard & Curtis Mills — Many operators today consider revenue assurance yesterday’s opportunity.  But this article shows why significant revenue and cost leakage can still go undetected, even in companies with dedicated RA departments.  Also discussed are the benefits of a broader or more “forensic” approach to revenue assurance, an approach that boosts the bottom line regardless of the automated tools already in place.
  • Telecom Merger Juggling Act: How to Convert the Back Office and Keep Customers and Investors Happy at the Same Time interview with Alan Burgess & Curtis Mills — Billing and OSS conversions as the result of a merger are a risky activity as evidenced by famous cases at Fairpoint and Hawaiian Telcom.  This article offers advice on how to head off problems by monitoring key operations checkpoints, asking the right questions, and leading with a proven conversion methodology.
  • PwC on the Business of Revenue Assurance Consulting & Mentoring interview with Tim Banks & Dan Stevens — Revenue assurance consulting firms offer a broad range of services to clients these days.  The article explains the practice of mentoring RA mangers and providing a CFO with visibility on the status of an operator’s business controls.  Perspective is also offered on the value of RA software and the opportunity to broaden the RA practice scope.
  • Is Your Company Penny-Smart and Dollar-Foolish in Auditor Productivity? by Peter Yelle — Operators who fail to automate their invoice reconciliation process could be seriously undermining the morale and efficiency of their most valuable auditors.  This article explains the many subtle ways that manual auditing process can cost operators money.  Also presented is an analysis of the typical returns achieved by CSPs with mature cost assurance programs.
  • An Automated Self-Audit Approach to Telecom Cost Assurance interview with Jim Buttafuoco — What’s the value of an automated approach to invoice validation?  This article explains the power of the SaaS model where the vendor supplies the data-processing expertise, relieves the operator of tedious manual work and boosts auditor productivity so more money is saved.