REVENUE ASSURANCE

ANANDA

07020541001.

Revenue leakage is often considered a hidden and uncontrolled cost of doing business in the telecom

industry. In addition to fraud, reasons for revenue loss include network provisioning, mediation and

CDR errors, billing and interconnect inconsistencies, loss of data and corrupted files, fragmented

support systems, incoherent databases, and manual or ill defined business processes. According to

various Revenue Assurance (RA) research reports, the degree of exposure lies in the range of 3% to

15% of the Communications Service Providers’ (CSP) gross revenue depending on factors such as

networks and services type, geography, carrier type, and Revenue Assurance maturity level.

In the context of Revenue Assurance - the main question for any business is how much leakage is

acceptable and how to improve the operations and systems that will minimize those leakages. An

effective RA process must ensure the integrity and synchronization of both data and processes across

all the disparate systems and the network itself, in order to sustain operational and financial efficiency.

RA provides analysis of the relationship between network resources, services, customers, and

generated revenue, and enables the CSP not only to detect revenue leakage (e.g. un-billed customers,

mis-billed customers), stranded assets, and operational inefficiencies, but also to understand the

reasons for these undesired occurrences.

This Guidebook originates from TMF Revenue Assurance Technical Report 131, a technical report on

RA issued by TMF in 2004, and leads the reader through different facets of RA, collecting the

experiences of various professionals.

In its evolution from a technical report to a guidebook, the Guidebook aims at broadening the target

audience from the original group of RA technical practitioners to a broader set of business

stakeholders including other contributing, influencing or benefiting organizations in a CSP.

Additional topics have been investigated; others that were only outlined in TR131 have been further

expanded.

In particular, the Guidebook deals with the following topics, each one covered in a separate chapter:

SID and eTOM models’ support for RA, according to the recent proposal of TMF Modeling team to

integrate RA into the SID and eTOM

View at Regulatory Compliance through the prism of RA, addressing Sarbanes-Oxley (SOX) and

regulation in general.

Linkages between Fraud Management and RA, a section in which several options of how to

effectively address RA issues are recommended to CSPs.

RA for Content Services, giving recommendations and highlighting some of the new challenges

currently posed to CSPs by the delivery of new advanced content-based services.

Business Scenarios in which RA becomes significant, providing an insight of perceived root causes

and a classification of main areas affecting RA

In conclusion, a technical Appendix introduces the reader to the Telecom Fraud topic, ending with

taxonomy of possible frauds.

A background section follows, to briefly highlight some the key aspects of TMF TR131 which may

be considered a starting point for this work: Traditional RA approaches, drip tray model, RA maturity

model, and RA best practices.

Background

Revenue Assurance is a well-known challenge in the Telecommunications sector, mainly

rooted in the Telephony world as a set of techniques and methodologies to identify and fix revenue

leakages and/or prevent or detect errors resulting in unbilled or uncollected revenues of the CSP.

Today’s accelerated growth in the data, IP and real-time services market introduces additional

complexity and exposure for RA due to dynamically evolving technologies, continuous demand for

new services, more complex business processes, new value chains, additional external partnerships,

new business models and an every increasing and more complicated operational and business systems

infrastructure.

The above factors, coupled with the tumultuous economic climate that started with the slowdown in

2001 and the revitalization in 2004-5 and the current regulatory environment, provide evidence and

compelling need for RA in more and more CSPs. This need, in turn, together with the

acknowledgement of the strategic significance of RA for CSPs, resulted in the formation of

organizational units to ensure the accuracy of financial reporting and revenue recognition. Given

increased regulatory and competitive pressure and in order to remain competitive and profitable, CSPs

are continuingly restructuring their organizations according to new business targets and priorities.

These structural change and the response to market conditions suggest the benefits of the acceptance

of a holistic RA process to optimize the business process, the usage of existing assets, the data

integrity and as a result - maximizing revenues and in parallel - reducing costs and increase

profitability.

Up to 2004 no CSP emerged as credible industry leader, nor was a unique definition available to

comfortably align RA practitioners from different business domains. This situation may be understood

since RA evolved from several organizational units (Finance Control, Network Operations, Fraud

Management, Billing Operations, etc.) each of which has a different perspective, approach to RA and

own priorities.

Moreover, RA is an over-used buzzword. It often reflects the financial needs as well as objectives

related to a business problem. These needs and objectives tend to be defined differently by different

stakeholders, hence the confusion associated with the term of RA.

Dimensions to the RA problem

For the revenue stream in the usage-based billing environment (i.e. billing that is based upon data

volume, duration of sessions, etc.), a comprehensive analysis of the entire process from capturing and

recording a billable event through billing, cash collection, accounting and revenue recognition is

required. One example of an approach used by a CSP offering voice telephony services is to compare

the network’s CDRs (Call Detail Records) to SS#7 events to verify the proper ratio of CDRs to SS#7

events. An alternative technique uses test calls that are generated either manually or automatically, to

compare the generated CDRs to the record of the event from the subscriber’s perspective.

The subscription-based charging model (recurring or one-time fees) requires an inspection of the data

pertaining to the servicing network elements and comparing it to the subscriber’s billing data.

However, order management, asset/inventory management and provisioning systems should also be

part of this assessment because data discrepancies may result in the billing process not being aligned

with the number of orders, order details or services actually provisioned within the network.

Additionally, stranded assets in the network inventory (assets shown in use by the operational support

systems but no service actually utilizing the asset) can result with excessive CapEx due to

discrepancies in network capacity and orders or allocated resources.

For event-based charges (SMS, MMS, etc.) the tariff structure could be regarded as even simpler and

requiring only reconciliation. Some providers tend to tie such charges to those of content delivery

service (video, music, etc.), which include quality of service related attributes; this requires much

stricter controls to be performed.

There are other dimensions to the problem such as pre-paid and post-paid issues, wholesale and retail

differences, and so on. Each one requires particular care and may even require a distinct approach,

since the type of service or targeted customer segment influences choice of methods and priorities for

the CSP’s RA program.

Economical Perspective

Assessing costs and benefits is a required first step prior to introducing new often-complex projects

within a business. This is also the case for an RA initiative. To address this issue, TR131 includes a

detailed discussion of the outcomes of a real life example of a cost-benefit analysis performed by an

operator.

The analysis uses a drip tray model; a common metaphor used in describing the affect of errors in

processing charges, a term commonly referred to as “leakage”. The metaphor is appropriate as the

loss of water from a pipe exhibits similar properties to the loss or corruption of data as it is processed

from one system to the next.

The amount of water lost by the pipe could be measured by comparing the amount that goes into one

end of the pipe against the amount that comes out of the other end of it. Though simplistic, the

comparison of ins and outs lies at the heart of activities intended to monitor, diagnose, prevent and

measure the extent of error.

Some drip trays will lead to the capture of errors, some will lead to their capture and resolution.

Capturing errors without resolution means that errors are measured but still take place. Capturing and

In Out

error not captured

error captured not resolved

error captured and resolved

resolving errors means measurement of errors that would have gone unresolved without the drip tray.

A drip tray that captures errors without leading to resolution has a cost, but no clear attributable

economic benefit.

The analysis indicates the benefits of an effective and on-going RA strategy greatly outweigh the costs

associated with the project and the operation.

Reactive, Active, and Proactive RA

Using the following definitions for different styles of revenue assurance initiatives

Reactive – doing something as a response to existing leakages, for example a project to identify and

resolve the causes of actual revenue loss;

Active – doing something to address problems as they occur, for example by monitoring of problems

in real-time. This approach is designed to initiate corrective responses prior to any revenue loss takes

place;

Proactive - acting in anticipation, by implementing controls and other measures to prevent problems

from occurring

In general, the reduction in time required to respond to a problem is the basis for the shift from

reactive to active RA. The goal is to anticipate what can go wrong and prevent it. This “pre-emptive”

approach is the basis for proactive RA.

The Reactive, Active and Proactive approaches to RA are complementary approaches. A good RA

practice must always include Reactive controls, to identify leakages and create the case for the Active

and Proactive controls. Active controls are required to discover problems in near-real time, and to

correct their outcomes before they cause a real damage. Proactive controls are the ultimate goal. These

controls help preventing the problems from occurring in advance and normally do so by being

addressed in the design and deployment phases. That said, it is a bad practice to rely only on

Proactive controls since, as a result of the significant complexity of the operations and business

systems and processes of a CSP, some problems may not be able to be detected proactively

Data Quality & Data Integrity vs. Process Improvement

An approach pursuing Data Quality & Data Integrity focuses on improving the quality of data to

ensure accuracy of revenue. This normally involves the extraction of data, from one or a number of

systems and/or the consistency validation of the data when moving from network to billing.

Process Improvement is normally undertaken by a review of the business processes supporting the

generation and management of revenue generating events (e.g., Order to Cash processes). The aim is

to ensure that processes are designed properly and performed as expected.

In this type of audit style approach, RA tends to identify where potential areas of risk exposure might

exist: within system functionality, handoff between systems, as well as supporting business processes

and interaction between the processes and systems.

Both approaches are complementary and we recommend combining them. There are RA problems

that will be detected only by one of the previously mentioned techniques. For example, an automated

provisioning process that generates many errors and needs human intervention, may end with

successful provisioning and complete data integrity, but cause revenue leakages (the customer will

start to use the product later) and subsequently increase the CSP’s costs (the cost of the human

intervention). This problem will be detected only by using Process Improvement techniques and not

by Data Integrity techniques.

Best Practices

Best practices have been constituted to ensure that comprehensive strategies include network element

configuration data, OSS service activation data, usage data, mediation rules, and customer account

data from order entry, billing and CRM.

Best practice in RA represents a dynamic striving for optimization rather than the static delivery of a

particular series of methods, controls and tools. RA best practice itself shall be subject to perpetual

review and shall not be considered as a static process.

For an RA strategy to be considered effective it is mandatory to include all of the following

components: technology, people and processes.

Technology component includes identifying data discrepancies and prioritizing the correction efforts,

which is a daunting task, and needs the support of software to be carried out. eTOM and SID, to some

degree inherently provide for improved benefits of technology integration that reduce some, but not

all of the potential fallout associated with technology components that do not interface without a

global standards adoption.

People component includes the necessary quick investigation of suspicious data by RA analysts and

subject matter experts, intended to determine the validity of threshold violations when abnormalities

occur.

Process component refers to the solid understanding of the complex interdependencies among

network infrastructure, B/OSS environment and business processes in CSP’s operations that the

expert should have. eTOM Layer 0 – 2 processes establish some of the interdependencies and

cooperation across business units, departmental approaches and various company objectives.

RA systems should be designed to support data acquisition from network elements, provisioning

systems, mediation platforms, billing systems, order management systems, asset management

systems, intercarrier exchanges, partner relationship management, etc., according to the specific

business scenario. Beyond data access capabilities, RA systems should also implement key functional

features to perform appropriate detection techniques (monitoring, reconciling, correlation and so on)

and include reporting tools such as dashboards, tracking and correction panels, case management

tools and enterprise controls visibility across all business functions, especially given the new financial

regulatory environment such as Sarbanes-Oxley.

RA Maturity Model

TMF Revenue Assurance Technical Report 131 (TR131) also sets forth five successive stages that

characterize the RA level of maturity within a CSP. Not only does this scale give CSPs a benchmark

to measure their progress against other CSPs, but it also lays out a road map for other RA operations.

Five steps of maturity have been identified, with the fifth step an ideal to be reached.

Initial, when no RA process has been established and only arbitrary ad hoc reactions to circumstances;

Repeatable, when RA processes are developed at the level of individual projects, products and

implementations. Flaws are identified and remedial action is taken. Defined, when RA processes are

developed for the whole organization. Organizational priorities for revenue assurance are understood

and guide proactive deployment of resources. Managed, when RA processes provide consistent

quantitative measures. Measures drive planning and control. Optimized, when the measures, planning

and controls implemented in order to improve the business themselves become the subject of

continual improvement.

Revenue Assurance is not yet part of the NGOSS eTOM (enhanced Telecom Operations Map) and

SID (Shared Information and Data) paradigms. The TeleManagement Forum’s Revenue Assurance

modeling team submitted a proposal about the integration of RA with the SID and eTOM. This

proposal is under review, and our expectation is that it will be accepted with minor changes in the next

few months. In this document, we present the highlights of the proposition.

The eTOM Business Process Framework serves as the blueprint for process direction and the starting

point for development and integration of Business and Operations Support Systems (BSS and OSS

respectively). The SID, as the NGOSS information model, provides an information/data reference

model and a common information/data vocabulary from a business as well as a systems

perspective. Using the SID in combination with the eTOM business process and activity descriptions,

it becomes possible to create a bridge between the business and Information Technology groups

within an organization, providing definitions that are understandable by the business, but are also

rigorous enough to be used for software development. The integration of RA into the eTOM and SID

will greatly impact the standardization of RA, permitting service providers, system integrators, and

Continuous improvement via feedback. Decentralized ownership, central control.

Leakage quantitatively understood and controlled.

Standardized approach developed. Designing-in control commences.

Basic project/process management. Repeatable tasks.

Ad-hoc, chaotic. Dependant on individual heroics.

vendors, to implement RA in a canonical way, reducing costs, and ensuring interoperability between

systems and processes.

For the sake of the RA practitioners who may not be familiar with the NGOSS, eTOM and SID

framework, we first provide a short introduction to NGOSS, eTOM and SID.

NGOSS

The NGOSS Model

NGOSS is a comprehensive, integrated framework for developing, procuring and deploying

operational and business support systems and software. 

NGOSS is the TeleManagement Forum initiative to drive efficiency in and cost out of the operation of

telecom networks. NGOSS enables service providers to change the way they think about their

business and operations.

NGOSS is a comprehensive, integrated framework for developing, procuring and deploying

operational and business support systems and software. It is available as a toolkit of industry-agreed

specifications and guidelines that cover key business and technical areas.

Through an integrated system of business and technical elements, NGOSS allows OSS/BSS systems

to become as interoperable as they have been never before.

NGOSS positions Service Providers with a repeatable process for automation of complex operational

tasks and positions vendors with the most effective open interfaces in the industry today.

Business Process Automation delivered in the enhanced Telecom Operations Map (eTOM™)

Systems Analysis & Design delivered in the Shared Information/Data Model (SID)

Solution Design & Integration delivered in the Contract Interface and Technology Neutral

Architecture (TNA)

Conformance Testing delivered in the NGOSS Compliance Tests

Procurement & Implementation delivered in ROI Model, RFI Template, and Implementation Guide

documents

The eTOM

The Enhanced Telecom Operations Map® (eTOM) is the ongoing TM Forum initiative to deliver a

business process model or framework for use by service providers and others within the

telecommunications industry. The TM Forum eTOM describes all the enterprise processes required

by a service provider and analyzes them to different levels of detail according to their significance and

priority for the business. For companies adopting eTOM, it serves as the blueprint for process

direction and provides a neutral reference point for internal process reengineering needs, partnerships,

alliances, and general working agreements with other providers. For suppliers, eTOM outlines

potential boundaries of software components to align with the customers' needs and highlights the

required functions, inputs, and outputs that must be supported by products.

SID

The SID, as the NGOSS information model, provides an information/data reference model and a

common information/data vocabulary from a business as well as a systems perspective.  The SID uses

UML to formalize the expression of the needs of a particular view.

The SID provides the common language for communicating the concerns of the four major groups of

constituents represented by the four NGOSS Views: Business, System, Implementation and

Deployment, defined in the NGOSS Lifecycle. Used in combination with the eTOM business process

and activity descriptions, SID makes it possible to create a bridge between the business and

Information Technology groups within an organization, providing definitions that are understandable

by the business, but are also rigorous enough to be used for software development.

In order to integrate Revenue Assurance into the NGOSS framework, and to gain all the benefits of

this framework, RA must be integrated at least into the Enhanced Telecom Operations Map®

(eTOM), which defines the business processes in the telecommunications industry, and into the

Shared Information/Data Model (SID). The integration of RA into the eTOM permits

telecommunications operators to have a better understanding of the function of RA at the operational

level and to comprehend the interactions between RA and other processes. The integration into the

SID allows identifying the common data/information model that should be followed by RA solutions,

permitting structured and easy integration between RA solutions, and between RA solutions and other

entities in the telecommunications operational map

The proposal

The TMF RA modeling team made a detailed proposal of integration of RA into the SID and eTOM.

Below is a high-level description of this proposal. The reader should keep in mind that this description

is neither detailed nor exhaustive, and that exactitude was sacrificed for simplicity.

We identified 7 RA Aggregate Business Entities (ABEs) that should be incorporated into the SID

Revenue Assurance controls,

Revenue Assurance violations,

Revenue Assurance key performance indicators (KPIs),

Revenue Assurance objectives

Revenue Assurance rules that map revenue assurance KPIs and threshold violations to revenue

assurance trouble tickets.

Revenue Assurance actions/responses

Revenue Assurance assessments

Figure RA.4 depicts the Revenue Assurance Aggregate Business Entities (ABEs) within the SID

Framework.

Enterprise (Under Construction)

Revenue Assurance

RA Control

RA Violation

RA Trouble Ticket

RA Action_Response RA KPI

RA Assessment

Enterprise

Revenue Assurance

RA Control

RA Violation

RA Trouble Ticket

RA Action_Response RA KPI

RA Assessment

RA Objective

Revenue Assurance ABEs

The Revenue Assurance Control ABE defines policy-based rules that represent the logical definition

of comparisons performed on entities to identify Revenue Assurance Violations. For example a

Revenue Assurance Control may compare pre mediation and post mediation call details records

(CDRs) to identify improperly dropped CDRs, i.e. Revenue Assurance Violations

Revenue Assurance KPIs are defined on Revenue Assurance Violations and on other revenue

assurance related entities, such as bills and CDRs. For example a RA KPI may count the number of

Revenue Assurance Violations found by the Revenue Assurance Control that compared the pre and

post mediation CDRs.

Revenue Assurance Objectives are targets whose infringement may trigger the creation of Revenue

Assurance Trouble Tickets. Examples of Revenue Assurance Objective are that the value of the

Revenue Assurance KPI that counted the number of dropped CDRs is lower than 50,000, or that the

trend of this value over a period of time is negative (the number of violations is dropping). When one

or several Revenue Assurance Objectives are violated, a Revenue Assurance Trouble Tickets may be

issued. For example if the number of dropped CDRs is higher than 50,000 a Revenue Assurance

Trouble Ticket may be issued and assigned to someone, to check the cause of the problem, and to try

to recycle the dropped CDRs. Revenue Assurance Trouble Tickets may be created as a result of the

infringement of one or more Revenue Assurance Objectives, or as a result of the finding one or more

Revenue Assurance Violations.

Revenue Assurance actions/responses reconcile revenue assurance trouble tickets, and Revenue

Assurance Violations and may bring the Revenue Assurance Trouble Tickets to closure by initiating

and performing a series of one or more activities. These activities may include corrective activities,

e.g., correcting and recycling the dropped CDRs, and other activities such as sending reports to all the

people that should be aware of the violation of the objective, e.g., sending a report to the CFO if more

than 50,000 dropped CDRs were found. Revenue Assurance Action/Response ABE entities also may

consist in root cause analysis.

Revenue Assurance Assessment ABE entities measure the effectiveness of Revenue Assurance

Controls, Revenue Assurance Objectives, and Revenue Assurance KPIs. Revenue Assurance

Assessment ABE entities include recommendations of refining controls, objectives, and KPIs.

The RA ABEs proposed are based on existing SID ABEs, for example the Revenue Assurance

Trouble Tickets is defined using the already existing SID ABE of TroubleTicket, and the Revenue

Assurance actions/responses is defined using the already existing SID ABE of Activity.

Revenue Assurance (RA) business entities support the complete RA lifecycle. These processes range

from creating RA controls, KPIs and RA objectives, identifying RA violations and trouble tickets,

resolving trouble tickets to assessing an enterprise’s RA program. RA eTOM processes are shown in

Figure RA.5.

RA eTOM processes