Role Overview | Conduct risk assessment, design effective controls, develop, monitor, evaluate and ensure implementation of corrective actions on established controls to prevent potential service fraud/ risk over business processes products, services and technological systems. This role is also responsible to lead implementation of change management in FM systems aligning with technological / business changes. Reporting role includes control documentations and effect cases to quantify the magnitude of deviation, investigation report etc.. It extends support towards legal & compliance for carrying out investigations, law enforcement agencies and regulatory issues. |
---|
Job Responsibility | - Analyzing different business process, products, services, regulatory guideline, technological systems to propose possible controls as per roadmap and GSMA guided standards
- Identification of possible sources, technical specification, control logic & data structure to develop control for risk mitigation.
- Propose and develop manual / process / system design / new system to mitigate risks identified prior service launch
- Cost-benefit analysis prior to control development
- Control development, manage development lifecycle and ensure effectiveness as per the design Adopt necessary changes in alignment with relevant services.
- Regular monitoring of control loading, manage exception handling and change management
- Co-ordinate with cross functional team for control analysis
- Carrying out investigations, identify probable fraudster or the group involved.
- Identify motives / loopholes that drive the particular fraud type and recommend possible mitigation plan (process change / design change / system flow or feature change / modality change) to stop future occurrences. Align internal or external stakeholder (industry, regulator etc.) if it requires to create awareness against the fraud. Mitigation also extends to launching awareness campaign, regulatory alignment and even regulatory policy level changes
- Ensure documentation for effect calculation throughout case management life cycle.
- Follow-up operation / business team to implement proposed remedial measures
- Engage from the concept stage of the proposed change in systems / processes
- Review proposed design of the system flow and business process
- Identify possible loophole and propose mitigation plan
- Recommend necessary changes in the system / process design to make sure proactive assurance to drive better control environment
- Generate test cases to test the effectiveness of the systems / process
- Measure defined test case for digital services and attempt to ethical hack for critical services
- Provide go ahead for launching upon fulfilling FM requirements for the service design.
- Carry out investigation on customer complaint / incident reported from information security system / any
- other source of internal or external claim related to information leakage, complain against internal employee / third party partner & vendor
- 360 degree investigation utilizing all sources of information (demographic, system incidents / events/ physical & domain access logs/ network logs /system access logs/ footage/ voice logs, customer survey etc.
- Carry out link analysis utilizing CDRs, handsets, location, SAF, service acquisition logs, service profile etc.
- Prepare investigation report and provide to relevant function (internal compliance, functional compliance or function owner) for proceedings with action
- Facilitate with information, analysis, explanation during enquiry and support to decision making on the conclusion.
- Produce and maintain FM control documents, project documents, fraud profiles, investigation report
- Assist in maintaining FM road map and FM Framework mapping
- Estimating impact of Fraud incidents
- Ensure regular reporting to Fraud forums, Telenor group security, regulator and management
- Fulfil requirement of information / analytics required by regulatory bodies , LEA and any other government agency
- Facilitate analytics / support in different regulatory audits to explain / sustain GP claim against audit findings
|
---|