Frameworx Home

Application Framework (TAM)

Business Process Framework (eTOM)

Business Process Framework Flows

Information Framework (SID)

Business Metrics High Level

All Diagrams

Frameworx Processes

Frameworx Applications

Information Framework ABEs

Frameworx Metrics

Views

Frameworx Process: Fraud Analysis

Category: (4) eTOM Process Type

Process Identifier: 1.7.2.3.2.2

Original Process Identifier: 1.3.2.3.2.2

Maturity Level: 4

Description

This process is the ongoing activity of investigating, diagnosing, and implementing controls to both prevent fraud and minimize existing fraud impacts.

Extended Description

Fraud Analysis is comprised of a series of sub processes that act as guidelines for activities conducted by the analysis team. Each sub process is part of a linear flow that also includes feedback into action and support processes, as described below. 1. Alarm Assessment: As data processing triggers alarms of suspected fraud, the assessment activity is the first point at which initial triage of the alarm(s) is conducted. During the assessment, the analyst should determine, based on business rules, the initial validity of the alarm, a priority of the alarm (based on value, affected systems, or other criteria), and the appropriate team that would need to address the alarm (e.g., billing, wholesale partner, network, etc.). 2. Alarm Investigation: Once initial assessment has occurred, the alarm is then forwarded to an investigation activity that typically begins as an internal function. During investigation additional data may be accessed, scope of the issue may be ascertained, and an overall understanding of the issue will need to be achieved before determining whether the issue is, in fact, fraud. During this process initial actions may be invoked (e.g., disrupted service) to prevent further loss/risk prior to customer contact and/or fraud determination work. 3. Contact Customer: Once internal investigations have gathered all information available, a customer contact may be necessary to understand customer intention, validity of the subscriber, etc. This is the final process performed prior to reaching a fraud decision. If no customer is directly involved, this step may not be necessary (e.g., Dealer Fraud, Internal Fraud). 4. Fraud Determination: Once all information is collected from internal and external investigations, a fraud determination is made. If the decision is that the issue is not fraud, all investigative materials and findings are then passed onto the Fraud Actions process (1.2.3) for closure, and the Support process (1.3.3) for enhancement of rules and configurations to possibly avoid recurrence of this alarm condition. If the decision is that the issue is, in fact fraud, similar subsequent activities will occur: First, the issue is referred to the Fraud Actions (1.2.3) process to properly handle actions to stop the fraud, initiate collections and legal actions, etc. Second, all investigative materials and findings are then passed onto the Support process (1.3.3) for enhancement of rules and configurations to hotlists, blacklists, and any refinement needed to possibly capture the issue more rapidly. 5. Recording and Reporting: After the determination is made as fraud or not fraud, activities associated with the analysis are finally passed into recording of actions, and reporting of recoveries, time to capture and correct, and preventative actions now in process.

Explanatory

Reserved for future use.

Mandatory

Reserved for future use.

Optional

Reserved for future use.

Interactions

Candidate Explanatory

Candidate Mandatory

Reserved for future use.

Candidate Optional

Reserved for future use.

Candidate Interactions

Reserved for future use.

(4) eTOM Process Type Fraud Analysis

Appears on these diagrams:

Issues

  • Business Process Framework 14.5 Addition
  • Business Process Framework 15.0 Modification
  • Business Process Framework 15.5 Modification

This was created from the Frameworx 16.0 Model


Created from the TM Forum Model Frameworx 16.0.0 on 6/13/2016 at 22:22