revenue assurance, risk and maturity presentation to the 4 th iir global forum on telecoms internal...
TRANSCRIPT
Revenue Assurance, Riskand Maturity
Presentation to the 4th IIR Global Forum on Telecoms Internal Audit, Risk Management and IT Controls
9th May 2007
Eric Priezkalns ACA MSc BARevenue Protect Limited
Copyright © Revenue Protect Limited 2007
2
Copyright © Revenue Protect Limited 2007
Introduction
Over 10 years of industry experiencespecialising in revenue assurance
Head of Revenue Assurance Controls at Cable & WirelessRA & Billing Best Practice Manager at T-Mobile UKBilling Integrity Manager at Worldcom UKConsultant and Financial Auditor at Deloittes
Set up Revenue Protect Limited to• Offer freelance consulting• Found the Independent Practitioners of Revenue Assurance• Establish an on-line revenue assurance community
Read more at revenueprotect.com
3
Copyright © Revenue Protect Limited 2007
Revenue assurance is
“Data quality and process improvement methods that
improve profits, revenues and cash flows without
influencing demand.”
Why talk about methods instead of goals?
How do methods about data differ to those about process?
Why are the financial goals stated vaguely in this definition?
Why exclude “influencing demand”?
What Is Revenue Assurance?
Source: TeleManagement Forum Manual TR131
4
Copyright © Revenue Protect Limited 2007
Revenue Assurance BasicsThe 4 C’s
Revenue Assurance focuses on each of these areas in order to detect leakage, correct or fix the issue and then ensure that changes are made to prevent that same issue from occurring in the future.
As RA develops other areas of leakage are identified throughout the metering and billing process. Using a mix of data analysis and process improvement techniques RA is able to move through the levels of maturity by striving for continual improvement.
Data analysis is focused upon a known leakage or area of leakage and offers quantitative results that the team can monitor over time. At this point the process improvement team are used to identify the root cause.
Process improvement considers the end to end process. Through this end to end understanding of the hand offs between processes potential revenue leakages are identified using risk analysis techniques. These areas are then handed over to the data analysis team to gather quantifiable results.
Capture Conveyance
Monitoring and Reporting
Detect EnsureCorrect
Collection
Calculation
The underpinning principle for the processing of data for metering and billing follows four logical steps:
Capture – recording the supply that is made
Calculation - the calculation of the charge due for the supply made
Conveyance – the transmission of data from the point of recording the supply to the point of presentation to the customer.
Collection – the collection of the charge due from the consumers of the service.
5
Copyright © Revenue Protect Limited 2007
Revenue Assurance and Risk
Revenue Assurance is concerned with internal operational risks
Per Basel II, operational risk =
“the risk of loss resulting from inadequate or failed
internal processes, people and systems, or from external
events”
More specifically, tends to be associated with losses related to execution, process and delivery management
Depending on the remit in the particular telco, may also cover some or all of• internal and external fraud• business disruption and system failures
6
Copyright © Revenue Protect Limited 2007
Execution, Delivery and Process:More from Basel IIThe following Basel II events correspond reasonably well to the
typical scope of revenue assurance
Transaction Capture, Execution & Maintenance
MiscommunicationData entry, maintenance or loading errorMissed deadline or responsibilityModel / system misoperationAccounting error / entity attribution errorOther task misperformanceDelivery failureCollateral management failureReference Data Maintenance
Monitoring and Reporting Failed mandatory reporting obligationInaccurate external report (loss incurred)
Customer Intake and Documentation
Client permissions / disclaimers missingLegal documents missing / incomplete
Customer / Client Account Management
Unapproved access given to accountsIncorrect client records (loss incurred)Negligent loss or damage of client assets
7
Copyright © Revenue Protect Limited 2007
Predictability of Risks Associatedwith Revenue AssuranceMost telcos invested in revenue assurance as a means to
• address known or suspected recurring problems• with obvious financial implications• where there was a lack of suitable and available resources
(manpower, tools, data) in the business to address them
The implications
• may lead a Revenue Assurance department to be treated as a profit centre
• high-probability, low-impact risks get most attention• low-probability, high-impact risks may get little or no
attention• perceived drivers for risk management (governance, external
scrutiny) may be different to drivers for revenue assurance (higher revenues, improved cash collection)
8
Copyright © Revenue Protect Limited 2007
Problems With Embedding RA InEnterprise-Wide Risk ManagementPersonnel may not recognise that revenue assurance is an element of enterprise-wide risk management
• little or no training or awareness of risk management• poor demarcation of responsibilities between the different
teams addressing risk
“our scope is undercharging, not overcharging”
Confused or conflicting priorities, either within or between departments, are not resolved
• reliability of financial reports vs. generating returns• prevention vs. detection• control environment vs. quick fix/win mentality
“we cannot afford to spend time addressing root causes”
“The RA department is a control; controls do not apply to us”
9
Copyright © Revenue Protect Limited 2007
The Dangers ofPiecemeal Risk Management
“While many firms have invested in enterprise risk
management, few adequately manage risk
interdependencies. Most firms manage risk in ‘silos,’ often
leaving them blind to relationships between risks.”
• Because revenue assurance tends to be directed at high-
probability, low-impact risks there may be a temptation to
assume that there is no linkage with low-probability, high-
impact risks• But consider the relationship between the accuracy of
transaction processing and reputation
Source: Deloitte “Disarming the Value Killers: A Risk Management Study”
10
Copyright © Revenue Protect Limited 2007
From Tiny Acorns...
“Companies need to go beyond risk management in silos to
create an integrated, organization-wide risk management
function.”
• But how do you build such a function, without stifling
invention, without compromising other priorities, without
creating a monolithic structure, whilst allowing room to utilise
the knowledge and initiative of individuals to counter risk?• Need a method that has this end goal in mind, but is realistic
about stages of development and enables people to retain a
sense of purpose and direction at all times• And can be applied to individual “silos” like revenue
assurance
Source: Deloitte “Disarming the Value Killers: A Risk Management Study”
11
Copyright © Revenue Protect Limited 2007
Assessing the Maturity ofRevenue Assurance
The RA maturity assessment and benchmark was developed in
collaboration with a number of TMF members including
• Cable & Wireless• cVidya• Ernst & Young• IBS• SubexAzure• Telenor• Telstra
12
Copyright © Revenue Protect Limited 2007
Revenue Assurance Maturity:Goals
• Provide a simple standard assessment for service providers
that can be completed in less than 90 minutes• Avoid quantitative measures of performance that may not be
readily available or which prejudge priorities in each business• Give a simple scoring mechanism and enable benchmarking
between service providers• Applies equally well to all types of service provider
13
Copyright © Revenue Protect Limited 2007
Revenue Assurance Maturity:Principles
• State a model of growth that treats the silo as a transitional
stage during development but not as the ultimate conclusion• Assess the business as a whole, not just the people responsible
for revenue assurance• Address all relevant aspects of business performance• Give a strategic roadmap which clarifies what the next series
of ambitions should be• Structure borrowed from the Carnegie-Mellon SEI CMMI• Based on a Deming-like model of improvement, where
performance follows a pattern of being increasingly• repeatable, then• measurable, then• predictable
14
Copyright © Revenue Protect Limited 2007
Revenue Assurance Maturity:5 Stages of Maturity
5. Continuous improvement via feedback. Decentralised, holistic ownership.
4. Leakage quantitatively understood and controlled.
3. Standardised approach developed. Designing-in control commences.
2. Basic project/process management. Repeatable tasks.
1. Ad-hoc, chaotic. Dependant on individual heroics.
15
Copyright © Revenue Protect Limited 2007
Revenue Assurance Maturity:5 Aspects of PerformanceThe assessment is divided between 5 distinct aspects:
• Organisation• Influence• People• Tools• Process
Each is assessed separately• To consolidate improvements in one aspect, the others must
also mature, for example
• Cannot make use of good tools without right people• Influence degrades if organisation wrong• May not be able to quantitatively measure the success of
process improvements without adequate automated tools• All aspects must be aligned to avoid a silo mentality
16
Copyright © Revenue Protect Limited 2007
Key Maturity Thinking
The maturity assessment started as an academic exercise, capturing past experiences of the individuals involved
But the thought experiment generated interesting and unexpected results on the future of revenue assurance
• Being more mature does not mean having a bigger revenue assurance department
• Leadership in revenue assurance involves giving credit for relevant controls and monitoring performed in a wide variety of business functions and trying to align them into a common approach
• Daily operational monitoring and other revenue assurance controls can and should be exported to the relevant operational department even if developed/prototyped by the revenue assurance team first