You are on page 1of 9

Kindergarten Justice: Malawian court fails to spot the dangers of Telecommunication Fraud and Revenue Leakage.

[Image from presentation by Rwanda UTILITIES REGULATORY AGENCY titled The strategies for preventing telecom fraud in EACO countries]

It may not be as prominent as Securities fraud or the Sub-prime mortgages scandal that led to the most recent global financial crisis, but Telecommunications fraud is a hot and tricky affair. The Communications Fraud Control Association (cfca.org) estimates that in 2009, the extent of worldwide telecommunications fraud was between $70 billion to $78 billion. Further, a report by Juniper Research found that the global mobile telecoms industry lost more than $58 billion last year - over 6% of global revenues - due to inadequate fraud management and revenue assurance processes. Among the recommendations of the report was that operators should implement automated system solutions that provide end-toend visibility of the revenue chain.

In broad terms, telecommunication fraud is the theft of telecommunication services (telephones, cell phones, computers and such like.) or the use of telecommunication services to commit other forms of fraud. In this context, it is related to Revenue leakage because revenue leakage occurs when a service is delivered but not billed, yielding into non-collection of payments for the services not having been billed. One cause of revenue leakage is telecom fraud, although there are several other causes. Recently, a case [COMMERCIAL CASE NUMBER 54 OF 2011] in the High Court of Malawi is threatening to expose telecommunication fraud of a monumental scale, with devastating consequences to certain sections of the political elite. The plaintiff is a subscriber to a number of licensed telecommunications services providers, who is seeking an interlocutory injunction from the court, on the basis that disclosure of certain information by the service providers to the telecom regulatory body of the country, is in breach of the privacy and confidentiality of his communication activities. The case began after a long running wrangle between a number of mobile Telephone Operators in Malawi and the Malawi Communications Regulatory Authority (MACRA), the countrys telecom regulator. In particular, when the Malawian government acquired a Consolidated ICT Regulatory Management System (CIRMS), erroneously referred to as 'the spy machine by many local media sources. The CIRMS machine, which was bought from Agilis International for US$6.9 million is designed to enable logging of real time call related data from telecommunications services providers known as call detail records [CDR] which includes information about who called which number; details of calls received; time and duration of calls; location of where calls were made or received from; SMS sent and

received; type of handset used and other detailed subscriber information. Ordinarily, there would be no need for such a machine if the telecom operator were able to account for the scale of losses, for example by having endto-end equipment that monitored transient data, including access to the regulators for independent monitoring. However, in practice, and as has been observed in independent studies conducted in other countries such as Ghana, CongoBrazzaville or Guinea, in the absence of independent verification by an independent party, operators have been known to declare inaccurate or false data and in some cases even withheld information regarding their revenues from the regulators. Thus, on the face of it, the CIRMS seems like a good idea because in the absence of means of verifying revenue information supplied to a regulator by telecom operators (who themselves are private entities in business to make a profit), the government would have to rely on transparency and honesty on the part of telecom operators to declare correct figures. In the eyes of one engineer familiar with the CIRMS: The government and the regulators would remain blind as to what is actually going on, on the other side. These guys are in it for profit, and it would be fair to be circumspect towards their submissions. Its the Malawian consumer who will ultimately suffer if the courts of Malawi do not see beyond the obstructions perpetrated by a handful of dubious businessmen in bed with crooked politicians On one hand, it makes sense for the regulator to insist on an independent way of monitoring data, since considering the prevalence of corruption and fraud in some parts of Africa, there are no assurances that rogue executives would not tinker with numbers and use revenue leakage as an excuse for tax evasion.

Thats why things like elections have independent monitors said another supporter of the CIRMS on a blog post. Imagine an election, where the party in power is allowed to undertake the election without independent monitoring? In this day and age, how is anyone meant to believe the results? Unfortunately across Africa and other parts of the world, this appears to be one of the first consolidated platforms so there are very few cases of implementation readily available to reference to. A further observation is that many cases of this nature have in the past often ended up in confidential and out of court settlements with the regulatory authorities concerned, greatly reducing the probability of detecting misconduct. However, one relevant case is that of Airtel, in Ghana. This case is relevant to the Malawi case since Airtel operates what they call "One Network". A further case is outlined here. On the other hand, there have been legitimate concerns of privacy and data protection and allegations that the Malawian government is in fact trying to spy on its citizens and political enemies. This view was partly fuelled by the political wrangling defining the last days of the former president, late Bingu Wa Mutharika, who died in April this year. However, there is little basis for these concerns because most people familiar with the technology insist that the data that will be monitored will be in the form of logs of numbers, and not individual names of people. This means that personal data will not be compromised since the regulator is highly unlikely to have access to names of people. Further, the regulator is a government body, and has a mandate and a duty of care to act in the national interests of the Malawian people, including ensuring that there is transparency and fairness in the industry, and that telecom operators obey the law. Surely, this duty

of care should triumph over individual interests. But, should this duty of care be breached, it would be only expected for MACRA to be answerable to the government and any misconduct duly punished. In an enquiry to a party closely associated to the case, I was told that: the way the CIRMS platform will be accessed by various personnel within MACRA will be extremely secure that users will be monitored and the monitor monitored etc. -- it will be built with chain of access control and auditing that even a search for certain information on the system by staff will trigger a log or alert To compromise the information will be extremely difficult The CIRMS is to work on Quality of Service Obligations, Fraud Management, Revenue Assurance and Spectrum Management on initial phase. Later on, EIR (Equipment Identity Register), Lawful Intercept and such like will be integrated. The problem is there is a grave misunderstanding and misinformation in Malawi on what constitutes Lawful Intercept. This is something that needs explaining in great detail. This suggests that there is quite a considerable amount of inbuilt safety designed to mitigate risk. But some opponents claim that talk from MACRA is just gloss, and the real reason is another ploy to increase the cost of international calls to Malawi, the costs of which will be passed down to the consumer. However, neither does this allegation make much sense since MACRA will not be introducing any new fees. Instead MACRA will be in a much more certain position to compare CDRs with their own logs, and even assist operators detect leakage so as to track payments which may have been inadvertently missed.

In the Court case, the judge granted the injunction, effectively restricting the regulator from independently monitoring the operators activities, until the substantial issues herein were determined to finality or until a further order of the court. One observer, who wished to remain anonymous, commented on MACRAs subsequent action to challenge the above case: Its a fix, as we speak there are background efforts to stop the case today due to personal interests, it sucks In the present case, a number of bizarre intricacies complicate things a lot further, fanning the flames of popular sentiment that the court case was framed by the mobile operators themselves. For instance, it seems the current Justice Minister's private law firm, and much more disturbingly, the minister himself who interestingly happens to be Malawi's Attorney General - is in fact the lawyer for the Operators?? "What about conflicts of interests?" asked one angry commentator "How can the government be impartial if the attorney general himself and his firm are in fact representing the same people who everybody knows are against transparency. Have you ever seen such a thing before? Malawi, the world is watching. Its childish, pure comedy!" Further, other people are beginning to ask questions regarding the manner and "packaging" of the court case. Another Malawian I interviewed put it this way: "Who is this subscriber? A drug dealer? A VIP? A convict? As far as we know theres next to nothing why the authorities or indeed anyone else would want to keep an eye on this fellow. So the whole ...concerned citizen seeking court intervention to restrain Operators from submitting CDR's to the Authority. sounds contrived and extremely dubious."

A final factor that is not immediately obvious is that MACRA did apply to the court to join the proceedings as an interested party, but it appears this was rejected by the court, which then asked MACRA to be friends of the court (amicus curiae). Thus, isnt it surprising that with MACRA having been so heavily involved in this issue all along, that neither the Operators nor the concerned citizen has an interest in hearing MACRA's side of the story? Other detractors of independent verification and the CIRMS argue that taking the example of the US, fraudsters will still find a way around these measures sooner or later, citing an ETSI Technical Report [083, Universal Personal Telecommunication (UPT); General UPT security architecture, July 1993, and the Bibliography at Annex A see para. 2.3.4 of the Report] which mentions that fraud levels in the U.S. system of analogue mobile phones fell from 30% in the mid1980s because the system did not have strong inbuilt security systems, to 2%5% when the security systems were introduced. Yet as fraudsters found new technical holes in a structurally weak mechanism, the level of fraud increased again. If this court judgement is left to stand, the Malawian government would probably have lost the perfect opportunity to introduce transparency into the mobile telecommunication sector in the country, an opportunity that would have enabled it to put in place measures that address a larger global problem that has cost many governments worldwide, billions in undeclared taxes. Over the years, there have been widespread concerns that most governments across Africa have not taken a greater initiative in effecting legislation that would close loopholes in their Countries laws so as to reduce the effects of tax havens, commonly used by corporations in siphoning off profits, and that issues like telecom fraud are in fact part of a larger scheme of things that needs to be effectively addressed. The Organisation for Economic Co-operation and Development (OECD) estimates that developing countries lose

three times more to tax havens than they receive in aid each year. In Uganda, the African Development Bank (ADB) estimates that losses from tax incentives and exemptions are at least 2% of GDP. This amounts to around UGS 690 billion (US$272 million) in 2009/10. If you then add loopholes that allow undeclared taxes and which private companies are only too happy to exploit, its no wonder others think the unavailability of independent auditing could be costing African governments billions upon billions of dollars each year. Yet achieving a balance that will ensure that a country is attractive to foreign investment, but has a functional and nondeterrent tax regime is somewhat elusive even in advanced western economies. Internationally, Telecommunications operators have for long been at the receiving end of tax avoidance accusations. For instance, Vodafone which is the worlds second largest mobile telecommunication company, has over the years has been the subject of quite a considerable amount of scrutiny [1] [2] [3].
[Date: 08/05/12, Manchester, UK]

Telecomm Fraud and other related articles:


1. 2. 3.

Malawi telecom operators fight regulator on CIRMS Ghana: Airtel Fights SIM Box Fraudsters Taxing international inbound calls: Is there a middle way between fleecing consumers and monitoring international voice traffic transparently? MTN Ghana Blames Airtel for $9M Simbox Fraud Kasambaras AG, Justice Minister roles Undemocratic Malawi Law Society A double-edged sword for Telecom Asia Operators:

4. 5.

6.

Reducing Internal and External Fraud Threats whilst Protecting Revenue Integrity?
7. 8. 9. 10.

N.Y. Sues Sprint for $300 Million in Tax Fraud Case Telenor refuses to pay $400M in fines to Bangladesh authority Tax agency accuses Entel of US$24mn tax evasion - Bolivia Plugging telecom revenue leakages: Tools to combat hi-tech telecom theft. Telecom operators take $750 million hit on revenue leakages Tax Havens; Undermining Democracy

11. 12.

You might also like