A while ago someone I know went to Cyprus for a few months. She had a pay-monthly account with a UK phone provider, but for calling within Cyprus it made sense to get a SIM from a Cyprus provider, which she did.
Three months later, on checking her bank account and bills on her return to the UK, she discovered that the UK SIM had apparently been nicked from her hotel, as there were £900 of roaming charges to Cyprus numbers, for calls she hadn't made. Ouch.
Fair enough, maybe she should have had someone check her bills and bank statements in her absence. But frankly, I think the operator (in this case Orange) should take some responsibility.
When I was head of IT for a London-based company, we had a corporate account with one of the other operators (I'm 99% sure it was Vodafone, but it might have been Cellnet). One day one of my users called me to say his phone had been blocked, so I called the operator and they told me that they automatically imposed a limit of £200 per month, to make sure people didn't get clobbered with big bills when phones go missing. All I had to do to change the limit on a per-handset basis was to ask them officially by quoting a password. This was a really neat idea, and in fact it later saved us a lot of money when one user decided to start calling premium-rate numbers from his company phone (strangely this activity stopped when we pointed out that the itemised bills came directly to me, and I did read every one before signing it off).
Does any of the networks have such a limit any more? It struck me then, and it still strikes me now, as a blindingly good idea, for personal as well as business use accounts.
Oh, and if anyone from Orange is reading this: do you think it's right to allow someone on a low-price callplan to rack up bills of £300 per month without your systems smelling a rat and flagging an alert to someone? And if anyone from the other networks is reading this: I'd be interested to know what mechanisms each of you has in place to cater for this type of issue.