The IT industry is losing billions of dollars each year in warranty and services claims abuse, and solution providers were most cited by vendors as a source for that fraudulent activity, according to a new report from the Alliance for Gray Market and Counterfeit Abatement (AGMA) and PricewaterhouseCoopers (PwC).
All told, manufacturers surveyed in the report estimate that 3 percent to 5 percent of their revenue is lost to services abuse, which totals $9 billion to $15 billion just for the companies surveyed by AGMA and PwC.
"If you Google services abuse, every company has one or more cases. Just last week, we saw the case where [ two people were arrested by the FBI for allegedly defrauding] Cisco for $23 million in Raleigh, N.C. That's what a 28-year-old and a 33-year-old can do to one company in a two-year period," said Ram Manchi, AGMA president. "That's huge."
Eighty-seven percent of the survey's vendor respondents said their partners commit warranty and service abuse.
That compares to 74 percent of the respondents who said small commercial customers engage in services abuse.
In addition, petty criminals were cited by 65 percent of respondents, who were followed by organized criminal groups (61 percent), employees of customers and partners (52 percent), enterprise customers (48 percent), independent consultants (16 percent) and governments (10 percent).
Solution providers may have been cited the most often because they have access to the most information that could be used in service abuse schemes, such as service contract numbers and product serial numbers, according to John Kurtz, director of internal audit and contract compliance services at PricewaterhouseCoopers. The report notes that solution providers also can be a vendor's greatest ally to curb abuses because they have the most detailed information.
AGMA and PwC's study uncovered at least five types of services abuse perpetrated by fraudsters, and AGMA offered recommendations to address the issue. Here's a detailed look at the types of abuse:
Undercoverage This is the primary type of fraud, Manchi said. It occurs when a customer buys a certain number of devices, but only a fraction of that many service contracts. Then the customer uses that smaller number of service contracts to cover all the machines.
"One way to [reduce this type of fraud] is to monitor the usage of the contracts. Vendors need to set some thresholds based on the failure rate of the product. If manufacturers believe that 3 to 5 percent of their products fail, but a customer wants 10 percent replacements, that's a red flag," he said.
An offshoot of that is buying "express" service for some equipment and using those overnight, or sometimes even shorter, response time guarantees for products that have a standard services contract, Manchi said.
Overcoverage In this scenario, a customer buys the same number of service contracts as devices, but files far more services requests than would be expected by the manufacturer. This is often done to receive newer, perhaps updated devices by customers for no charge. Manufacturers should issue a new serial number for each replacement product to track this activity, Manchi said. "If a serial number comes in more than once, something is wrong. There can be certain triggers that can be set up in processes to [monitor overcoverage]," he said. "They're just abusing their contracts."
Just-in-time coverage Without proper processes in place, some customers are able to buy an after-market service contract after the product has failed, Manchi said. "If they're returning a product within a few days after the service contract is established, there's a 90 percent change it's because they're playing a game," he said.
Non-return of defective devices Some manufacturers send out replacement parts or devices before the defective part is returned. Many times, the defective part is not returned, calling into question whether it was defective in the first place and the owner of the service contract received an extra product for free.
"It's healthy for companies to monitor what is coming back. I have seen companies that have 40 percent to 95 percent returns [of defective equipment]. If you're return rate is less than 95 percent, product could be floating in the gray market," Manchi said.
Employee service abuse In this type of fraud, a solution provider or end user has access to service contract serial numbers and contract numbers. They file services claims either while in employment or after termination to receive replacement parts that often are diverted for delivery to a different address. "These are often sold on the secondary market," Manchi said. "Lately, with the current economic challenge, people feel the need to make a living, but this is not the way to make a living."
In some cases, organized crime, often from overseas, has become involved in services abuse fraud, Manchi said. U.S. companies can't sell certain IT products to some countries, North Korea for example, Manchi said.
In some cases, service claims request replacement parts that are in turn sent to temporary addresses where the products are received and then shipped overseas into those countries.
"Many times when companies send replacement parts, they could be refurbished, and they may not track where those parts are going," Manchi said.
Also, some larger criminal syndicates send in a service request and return a counterfeit product to be replaced by the real deal, Manchi said.
The best defense against these services frauds is to have a trail of every transaction for every product, Manchi said.
"Any time something is being done, how effective can you capture the information, how entitlement processes are being set up, how you set up [services] requests, how is [claims] access provided. Is it automated? How much analysis is being done on the back end to determine the utilization of services? Set up thresholds.
AGMA believes a significant amount of fraud can be reduced by vigilance by vendors and solution providers, Manchi said.
Part of the issue is that some vendors need to see that the costs it takes to monitor for services fraud outweigh the losses they take through fraud.
"If a company is selling 10,000 of a product, losing 100 is a drop in the bucket. That's the cost of doing business. Each company should have its own strategy on how to go about it," he said.
But it's difficult to tell from numbers if the problem is getting worse, especially in light of the economy, Manchi added because many companies did not start monitoring for services abuse until recently.
"Visibility has increased to the problem. Now it's more visible and there's more monitoring and the true value [of loss] can be assessed," Manchi. "But with an economic downturn and employment loss, people will find ways to make money in the market."