Despite the ever-changing methods and schemes used by fraudsters, the challenges faced by virtually every fraud department in the telecommunications industry have remained the same. Fraud departments are understaffed, stretching limited resources to provide 24 x 7 x 365 coverage. Although fraud investigator responsibilities grow as acquisitions increase and networks expand, the head count does not keep pace. The fraud department is expected to scale without being allocated additional resources of any kind.
The staffing issue is compounded because the fraud department’s function, contribution, and true worth to the organization are largely unrecognized or grossly misunderstood except by a few individuals or teams who work directly with the fraud department. Furthermore, companies don’t employ for the specific job of addressing the ongoing administration and configuration of the fraud management system (FMS), even though the trends in fraud evolve all the time. And the reality of such dynamic fraud trends translates to a daily re-ranking of priorities, which prohibits dedicating resources to develop new FMS strategies or further maximize existing FMS capabilities. Instead, each day is spent addressing customer escalations, credit disputes, network operations, or repair issues; managing daily personnel issues as well as policy violation incidents; educating the organization about fraud; and meeting administrative demands and ad hoc requests from upper management.
Given these constraints, what can you do? Most companies already have an automated fraud management system in place, whether it’s vendor-supplied or homegrown. A good FMS can detect, alarm, accommodate case documentation, and even automatically block fraudulent traffic in the switches. While that technology is good, alone it is not sustainable. To ensure continued positive results and to demonstrate new successes, you must support your fraud management system efforts. Consider the following five initiatives, which require no additional capital or development costs to implement but promise long-term gains:
Do the analysis. And do it now. A German leader, Konrad Adenauer once said “History is the sum total of the things that could have been avoided.” Collect and analyze yesterday's fraudulent activity, because that information can help you make smarter, more impactful decisions about future detection and response. Strive to review fraud cases daily for consideration of more immediate changes in detection within the FMS. Waiting until the end of month reporting to adjust system detection can cost hundreds of thousands of dollars in avoidable losses. A daily review could consist of tracking most frequently dialed numbers, including country codes or ranges of internationally dialed numbers, geographic origination, consumer product types, and/or switch names. Possible gains from such analysis include identifying a previously unknown risk associated with the implementation of a new product or switch, or gathering the evidence needed to block a specific dialed country on the network to protect your organization.
Schedule regular audits. Examine your system's existing thresholds, conditional rules; validate “hot list” entries, source data feeds, and excluded trunk groups. Review legitimately resolved cases to ensure the triggers are still worthy of fraud investigator’s time. For example, several years ago, the Middle East was the dialed destination of choice for hackers. Does the FMS still watch traffic there, though countries within Africa are more prevalently dialed today in PBX hacking incidents? Is your “hot list” being falsely populated, causing multiple and unnecessary alarms? Have there been new switches or off network sources added to the network? Are there plans to decommission traditional TDM switches and to implement new or reroute over existing VoIP switches? Armed with this knowledge, you can adjust the FMS accordingly.
Forge and maintain relationships. Intentionally foster relationships internally, externally, and with vendors. Internally, talk to the network and engineering teams, attending weekly or monthly meetings. These groups suggest and determine sources of changes in the network that will impact fraud's work. Partner with marketing to understand the risks associated with new products. Join IT security efforts to educate and communicate risk mitigation. Externally, fraud industry associations that meet regularly are huge sources of information and networking. Consider placing membership in the Communications Fraud Control Association. If already a member, consider becoming a more active and participatory member. The benefits of these relationships are incredible, not to mention the invaluable information shared by way of forums and email blasts. Finally, your FMS vendor is an obvious relationship providing not just “how to” information, but also offering educational and brainstorming sessions regarding your specific needs. Exchange information and ideas—inside and outside of the box—with the vendor's support and development teams at every opportunity; it’s advantageous for both you and them.
Engage your front line team. Share information. Investigators know what's happening in the network and are able to pick out similarities that forever question the meaning of “coincidence”. The front line team is regularly talking to customers, learning customer PBX types as well as how breaches are committed and resolved. Seek out this information, as it’s useful when conducting future investigations, educating management, and to some degree, when communicating with customers who are looking to their carrier for assistance and resolution. Invest in training so that the front line teams have confidence communicating with internal teams and customers. Implement investigator suggestions to tweak existing detection methods or adopt new policies and procedures based on practical experience. Collaboration on this level is imperative to the “we're in this together” mentality that shapes a solid, productive, and successful team.
Report on everything. Retrieve any and all available data from your system. Track it monthly. While your director or executive team may not want or need all of this information, it is necessary to provide a holistic view, which allows you to make informed decisions for the team and organization. If asked, you will have it at your fingertips. Work with management to define three metrics that you can report monthly to demonstrate the fraud department’s value. Suggested metrics include actual fraud invoiced dollar amounts and estimated avoided losses; response time to suspect activity; number of cases worked monthly; percentage of cases confirmed as fraud versus legitimate. Whatever the metrics, be sure you can control, automate, interpret, and easily visualize the information. Develop a plan of action for showing metric improvement quarterly.
The cost associated with implementing these initiatives is not more head count, more hardware, more bells, more whistles, or the purchase of additional managed services. Instead, the “cost” is a minimal investment of your time. This investment may require a critical review of your own time management and a fresh look at your team's time and task distribution in order to make these five items a priority. But, I encourage you to do so. The return on your time investment now will pay for itself exponentially by arming your organization with the information needed to prevent fraud, improve detection and reaction times, and reduce overall losses well into the future.
With 25 years’ experience in telecommunications, Mary Hochheimer is widely known and respected for her expertise in the industry, particularly for her efforts in the fraud prevention arena. For 15 of the 25 years in telecom, she managed the Fraud and Subpoena Compliance teams at PAETEC and Windstream. She has also been an active member of the Communications Fraud Control Association (CFCA) since 1999, earning her CCSP designation in 2006. Additionally, she has held several positions on the CFCA board, including director, vice president, and president. Mary’s educational background is in Organizational Management at Roberts Wesleyan College.Request a System Demo