REVENUE ASSURANCE AND SOX
Companies listed at the stock exchange are obligated to international and statuary regulations covering billing accuracy, network and service availability, customer relationship management, privacy of customer data, revenue booking and recognition or settlement between companies.
The Sarbanes Oxley Act of 2002 (SOX, [4]) is considered the most significant regulation with respect to its immense regulation catalogue .
RA relevant sections of these regulations are the demand of Accuracy of Financial Statements (Section 302) and the demand of Internal Controls (Section 404).
These sections describe following obligations:
- Designing, Establishing and Maintaining the Disclosure Controls
- Evaluating the effectiveness of Disclosure Controls
- Presenting Conclusions
- Fraud, Deficiencies and Significant changes in the Disclosure Controls should be disclosed
- Management accepts responsibility for establishing and maintaining Internal Controls
- Management is responsible for assessing the effectiveness of Internal Controls
- External Auditor attests management’s assessment of Internal Control
While SOX compliance requirements are key‐drivers for data quality and risk management initiatives, RA ensures data integrity for financial reporting, detects leakages at system integration points and provides evidence for internal control evaluation and documentation
There are many definitions of data quality. One definition of data quality is fitness for use. Dimensions of data quality like accuracy, correctness, completeness and relevance are also defined.
In practice, especially in times of growing data volumes and more and more complex business processes using data quality methods becomes a more and more important and challenging issue. Revenue assurance and SOX compliance raises the priority and necessity of the use of data quality methods.
To aim the goal of high data quality in respect to revenue assurance, a set of quality criteria has to be defined, considering the accuracy, correctness, completeness, relevance and consistency of the data.
For finding revenue leakage, the process flow of the data, beginning with entering in the front‐end system up to invoicing in the billing system, has to be considered. The question of existence of a realized or sold product, which is not at all or not correctly billed to the customer, has to be answered. This is done by extraction of the data of all involved systems and by evaluating the quality criteria of the data in all different systems, considering both, quantification issues and analysis for finding the causes of the problem.
RA distinguishes two kinds of miss‐billing: underbilling and overbilling
UNDERBILLING
In this case, the customer orders a special product, the product gets provisioned and the customer can use the product, but the bill does not invoice that product. In some cases the customer pays a different cheaper product and in some cases the customer pays no product of that type at all. For the company, revenue loss happens in any of these cases.
OVERBILLING
The other way occurs less often than underbilling. Overbilling defines the case where the customer gets billed too much. The ordered and provisioned product does not appear on the bill, but perhaps another not provisioned product appears on the bill. The customer complains about overbilling more often than underbilling. For a company listed at the stock exchange, this has serious effects, since the Sarbanes‐ Oxley‐Act of 2002 (SOX) demands cleaning of overbilling.
Revenue Assurance Operational Systems Architecture
Aiming the ultimate goal of proactive revenue assurance, it is necessary to look at all revenue‐ and profit related areas of the systems architecture. Below you see the general process flow of the telco.
• From entering the customer and contract information in the CRM‐ system
• The provisioning‐ relevant data flows to the provisioning system
• The customer data gets sent to the customer system
• And the contract data moves to the asset system
• The billing system receives all necessary information from the customer, asset and provisioning system.
• In addition the billing system orders call records for every asset from the rating system
The here described systems communicate over the process using different, mostly technical keys
Defining Key Performance Indicators (KPI)
An effective and comprehensive outcome of a revenue assurance project depends essentially on the careful and complete definition of rules that measure performance. These KPI consist of both, rules intended for detecting the revenue loss and rules for finding the reasons behind the problem. Another category reflects the needs of SOX compliance. Sample list of demands by the SOX legislation applied in this section are given below A sample list of main rules and KPI’s categorized according to quantification or cause‐searching is shown in the next tables.
Sample list of demands by the SOX legislation:
• Ensure that all collected events are processed according to established filtering rules
• Ensure that duplicated records are identified, labelled and analysed.
• Ensure that customer information items stored in different internal data sources are synchronized or regularly reconciled.
• Ensure that all payments made and received for telecom services are properly allocated to customer or service partner accounts within proper period.
• Ensure that external customer information is regularly verified against internal customer information.
• Ensure that usage records are obtained from each service partner and reconciled with internal records whenever applicable to verify accuracy of service partner invoice.
• Ensure that all billable usage records from service partner are processed and billed according to the billing rules consistent with existing contracts.
• Ensure accuracy of service fees and charges classification to enable proper matching of revenues and expenses.