|© 2016 Black Swan Telecom Journal||•||protecting and growing a robust communications business||• a service of|
|Email a colleague|
Revenue assurance organizations have been a mainstay at operators for a decade or more, yet to this very day, the mission of RA departments is often not fully understood.
Too many telecom executives decide their revenue assurance department’s budget and staffing solely on how well RA identifies, stops, and recovers actual revenue leaks. Meanwhile, the all important preventative role that RA plays goes unappreciated.
I’d like to illustrate this problem through a short tale:
The City of London elected a new mayor. And on her first day in office, a fire broke out in Piccadilly Circus which tied up traffic and disrupted the London Underground for a couple hours.
So the mayor made it her first order of business to assess the effectiveness of the City’s fire department. She dispatched her staff secretary to collect statistics on the recent firefighting capability of the department. How quickly did firemen respond to fires? How many lives were lost? How successfully were the fires contained to minimize collateral damage?
Armed with this information, she had the Fire Chief report to her office. The Fire Chief was a calm and intelligent veteran (in the mould of a Winston Churchill). He had held the Fire Chief post for 6 years and he was unruffled by the fact that the grim-faced mayor had called him to her office at short notice. Just as the mayor was about to reprimand him over yesterday’s fire, the Chief politely interrupted:
“Ms. Mayor, yesterday’s fire began in an old warehouse that’s been known to be a fire hazard for years. If you check the facts, you’ll see that we arrived at the fire quickly and handled it with minor disruption to the City. Fortunately, no one was hurt. To be honest, firefighting is only one aspect of our job. A good fire department prevents fires from starting in the first place and that’s where we spend most of our effort when we are not actually fighting fires. ”
“Now as you know, Ms. Mayor, the fire department has no authority or money to install alarms and sprinkler systems in individual homes and businesses, but the fire department does conduct frequent safety inspections throughout the City and we regularly take code violators to task for their negligence.”
At that point the Chief unrolled a large color-coded map of the City showing the well protected areas and those where additional fire prevention investments needed to be made. The Chief also presented to the Mayor the Fire Department’s budget and his latest fire safety report documenting all the areas of risk and justifying requests for additional fire prevention work.
Seeing the resourcefulness of the Fire Chief, the mayor changed her frown into a smile for she now realized the fire department was in good hands. It seems the department was not only good at firefighting, but also had an active, well-documented prevention program tied to budget priorities. Pleased with the Chief’s work, the mayor awarded the Chief a public service medal at the afternoon press conference.
And after the press conference the Mayor and Chief resolved to improve fire prevention planning and to meet monthly to review safety enforcement, fire alarms/sensors, fire-fighting performance, and the public education needed in specific boroughs of the City.
I hope you liked my little story. As you can see, there are many parallels between the mission of a city’s fire department and that of a revenue assurance department. There are three lessons I’d like to draw from this analogy:
cVidya has recognized the need for greater focus on preventative techniques for a long time. And that should come as no surprise because our most mature RA customers have developed methodologies and home-grown tools to assess revenue risks.
And recently, several companies came up with ideas for prevention assessment. Those ideas were further developed into an industry model through the contribution of several vendor and carrier experts. This work resulted in a TM Forum standard (document GB941E).
In turn, cVidya has gone one step further by implementing the model into its ProactiV product.
I’d now like to briefly walk you through the methodology behind our ProactiV software so you understand it at a high level.
First of all, since a key objective of our assessment is to make the subject of revenue risk management familiar to senior executives, we decided to adopt the terminology of operational risk management.
So in ProactiV we use three conventional measures of risk:
Shortly I’ll discuss how these different risks interact with each other, but first let’s first focus on “inherent risk”.
The steps involved in estimating the state of inherent risk is where most of the real intelligence enters the ProactiV system.
That’s because inherent risk tabulates the opinions of your company experts through a series of guided questions and assessments recorded by write-in and multiple choice answers.
Who should fill out the assessment? Ideally it’s done by the experts in the various different lines of your business (mobile, fixed, broadband, etc) and operational areas such as billing, ordering, provisioning, etc.
Three types of questionnaires are involved — organization-wide, line of business, and business process.
For instance, in the line of business areas, you have fairly straightforward questions like:
Clearly, the more your resident experts get involved in this phase, the better the final assessment will be. But let me stress something important here: this assessment is not a one-time exercise. Later on, you will get input from your controls and revise the answers to the inherent risk questions to keep them up to date.
The business process questionnaire is where much of the deep functional expertise is recorded. For example, questions are presented where the expert is asked to assess the likelihood and severity of risks in “order entry and provisioning”. The expert can also access “guiding questions” that present questions such as “How often in the last 3 years were you hit with order delay problems?”
The expert is also free to customize the questions. In addition the expert can add sub-risks to the model.
I think you can see from this one example the depth of revenue assurance knowledge that’s imbedded in the tool. I can tell you that arriving at the underlying business process questions required tapping into the knowledge of dozens of industry experts.
Once the initial assessment is complete, we’re now ready to produce reports and actually putting the tool to work. The dashboard below shows how the risk assessment rolls up.
In the diagram above, the inherent risk (orange), residual risk (green) and risk appetite (purple) are graphed for each line of business on a 5-point scale where 1 = no risk and 5 = maximum risk.
Where the residual (current) risk is too high above the risk appetite (target) risk, the risk exposure is too high requiring more controls or other preventative action to reduce the risk. There’s a caveat, of course: the cost of the implementing the control must be less than the benefit it delivers.
Likewise, if the residual risk falls below the risk appetite, it means we are spending too much money or resources trying to perfect this area beyond what it’s actually worth to the business.
The whole idea here is to understand priorities -- where should you concentrate your investments in controls and people resources to make a particular business process less risky.
The model is not static. Leakage reports are automatically entered in the system and as an analyst finishes an assessment of leakage loss, he sends that over to the ProactiV system.
Now in any sort of exercise like this where factors are being weighed on qualitative judgments, controversies will arise. And at one point or another senior execs will challenge the risk assessment.
This is perfectly fine. Resolving the issue is usually a matter of seeing what the controls say. For instance, if RA estimated that a certain area is leakage-prone but your controls don‘t find anything, then something is happening that needs a further explanation.
An important aspect of implement controls is weighing the cost of the control versus the benefit it’s expected to deliver. This cost/benefit analysis is not included in the current version of ProactiV, but we plan to introduce that feature in the next version.
ProactiV does not load mass of data such as detailed CDRs or customer information. It focuses mainly on which controls are running in the organization and on leakage reports.
As such, cVidya has rolled out ProactiV as a cloud based solution, providing the following benefits:
We’re pleased to say that the ProactiV’s approach I’ve just described is no longer theoretical. The tool has been adopted by a large EMEA mobile operator who we’ll call ProMobile. Here’s a high level description of their revenue prevention program, showing how ProactiV fits in.
Over the last several years, the ProMobile’s business has great expanded. The company continues to add new services, try new business models, and approach new types of customers at a fairly rapid pace. In turn, the greater complexity of their business has exposed them to higher risk.
Buttressed by its mature revenue assurance practice, ProMobile has several hundred controls in place already. Most of these controls are implemented in cVidya’s revenue assurance system, but not all. There are also many in-house managed RA controls, third party-developed RA controls, and controls that operations has implemented.
One of ProMobile’s chief goals today is to introduce controls to manage the many new services being deployed. But the challenge they face is it’s hard to understand which area should be made priorities. In other words, where should ProMobile spend its next dollar in RA controls?
Now complicating that question, of course, is that the areas where lots of leakage occurs are not necessarily the most critical in terms of where greater prevention steps need to be applied. So this is one of the chief benefits of risk assessment — getting a wider perspective on risk problems so informed decisions can be made.
In the beginning, ProMobile managed its prevention program on a large Excel spreadsheet. But as the number of RA analyst grew to twenty, it became unmanageable to update a single spreadsheet.
This fact and the opportunity to make the RA team more productive ultimately led ProMobile to adopt the ProactiV tool. Today, ProMobile has connected ProactiV to the underlying RA system. They are streaming the leakage reports directly from cVidya’s MoneyMap.
What’s more, ProMobile has now developed a well-structured process of revenue risk assessment and reporting to executive management. Risk reviews are coordinated monthly for all teams under the CFO’s control.
To summarize, the era of prevention and risk assessment in revenue assurance is upon us!
Several of the mature operators of the world have developed their own methodologies and it’s now time for industry standards and commercial products to enter this critical area.
The purpose of a prevention program is two-fold. First, it’s a useful tool for setting internal priorities and ensuring the large picture of operational risks is understood and our longer-term decision-making is not based on a sudden surge or decline in a particular area month’s leakage. A solid prevention program is desperately needed at a time when the breath of services has exploded and RA needs to set priorities.
Second, a prevention tool and program becomes a great way to explain our value creation to senior management. We can use it to educate executives on the things that matter to us. And by laying out a thoughtful assessment of revenue risks and drawing logical recommendations from it, executives can better appreciate our problems and keep RA budgets adequate to continue our vital work.
Copyright 2012 Black Swan Telecom Journal