Risk management has evolved since its inception, where risk was assessed and mitigated in silos. With the rise of IoT, 5G and B2B2X business models, CSPs now need a broader, more continuous approach to risk management that addresses new applications, business models and partnerships. This requires a deeper understanding of distributed value chains so that the right risk management ‘controls’ can be designed and implemented within risk management tools. And today’s approach to risk management is not just about access to data, but the insights and ability to deliver governance, risk insights, and compliance across disparate teams. So, how do risk teams address this broader approach to managing risk? Enter the closed-loop process of risk management.
What is closed-loop risk management?
A closed-loop approach to risk management provides the means for an organization-wide perspective that is not solely about technical problem-solving. More importantly, it enables true cross-collaboration of data modeling and governance. For example, if you are focused on performing revenue assurance for charging and billing IoT services, you will need to have a process in place to repeatedly audit the new services that are being developed or redesigned. This information may be within different internal teams- or sometimes it might even reside within another company. To get this information, a CSP would need to establish an agile approach to risks and controls that would need to be established and tracked by accessing data within and/or outside the organization.
Revenue Assurance emerged as a set of Continous Control Monitoring (CCM) technologies that allow operators to automate processes and continuously monitor business functions to reduce losses and increase operating effectiveness.
Initially, risk teams needed to follow the flow for risks and then design controls within their organization - and leverage data from outside as well, to help implement revenue loss prevention mechanisms. For example, risk teams could look at controls that sit on top of data and answer questions in real-time such as, “is this a real fraud scenario or a network issue?” With a closed-loop process in place, risk teams could, for instance, drill down into data on the network using revenue assurance and fraud tools and proactively – and automatically – do root cause analysis for risk prevention and remediation.
What’s needed to close the loop on risk management?
Risk management has evolved since its beginnings when the sole focus was ensuring that calls were connected. Now it involves the wider digital landscape, eventually including IoT, Industry 4.0, and connected cars. To deliver the real-time monitoring required for a deeper understanding of these distributed value chains, communications service providers need to close the gap that currently exists between risk mapping and the organization’s processes, technology, and people. To support this new digital landscape, on the technology side, risk mapping, machine learning and rule-based controls need to be delivered under a single platform.
As we have seen in the past, it doesn’t stop at mitigating risk across the network and finance side. To ensure that the customer experience meets expectations, risk teams now need a tool that integrates audit, risk, and continuous control monitoring to empower strategic decision-making and strengthen business resilience.
To truly close the loop on risk management, the team’s skill set now needs to expand and be complemented with data scientists, auditing, and IT specialists. But this is unrealistic under one single resource. Moreover, we need to acknowledge the global skills shortage that makes it impossible to find a person (let alone a team of people) that encompasses all these skills. As we embark on our digital transformation journeys, revenue assurance and fraud management teams need a tool that can, in a single location, maintain an audit trail of activities between risk assessments and controls running on top of data.
Mobileum’s Active Intelligence Platform for Risk brings the agile approach required to move risk management from simple transaction-based controls to supporting comprehensive ‘portfolios’ of risk. It does this by providing an integrated view of risk across a distributed value chain, with access to data for real-time monitoring, and a multi-disciplinary team for support and collaboration.
CSP risk management efforts should no longer focus solely within the domain of revenue assurance. Instead, new telco-enabled value chains that span activities that easily see which controls apply to a specific risk, and which are covered by different controls will use rules or machine learning.
If you are ready to take the next step in reducing risk across every area of your organization and want to know more about advancements in risk management, contact us today. Also, if you are attending Mobile World Congress in Barcelona, feel free to schedule a meeting to understand more about the concept.