We recently published a whitepaper for mobile carriers titled Unlock Sustainable Carrier Billing Growth Through DDRC. Written to help carriers reduce complaints and regulatory fines, as well as protect revenue streams, MCP research shows that the benefits of DDRC are becoming more widely appreciated in the DCB/mVAS ecosystem.
In the interview below, we talked to Toby Padgham, Chief Operations Officer at MCP, about DDRC and its role in the carrier billing market.
For those who are not familiar with the acronym DDRC, can you explain what it is and its role in the mVAS and DCB industry?
Toby Padgham (TP): DDRC stands for Due Diligence and Risk Control. You might not have heard of it because in many companies DDRC is the responsibility of the senior executive team, legal function or risk management team. So it’s not as well-known and understood by the people responsible for mVAS and DCB within the business.
However, for anyone operating in this space, we believe it’s a fundamental part of developing sustainable revenue from carrier billing. The due diligence element of DDRC is similar to Know Your Customer (KYC) or Know Your Business (KYB) but it goes further than initial checks with direct partners to encompass the entire DCB value chain. Whereas risk control involves continuous monitoring and escalation management, as well as implementing tools and controls to minimise risks such as fraud.
How does DDRC reduce customer complaints and the risk of fines?
TP: By instigating robust DDRC practices, you can address several key challenges that can result in financial repercussions like refunds and fines. The first challenge is compliance, typically misleading ads, whether deliberate or accidental. DDRC starts with partner accreditation checks which will uncover any previous adjudications or compliance issues. This includes all parties in the value chain – aggregator, merchant, affiliates and so on.
The second challenge that has a negative impact on DCB revenue streams is technical fraud: malware, spoofing, bots and other cybersecurity threats that target the payment page. DDRC controls check for vulnerabilities in your partners’ platforms, through PEN testing and other security checks, and ensure that anti-fraud solutions are deployed and are fit for purpose.
DDRC also covers consent to charge. This is about ensuring that customers are fully aware of what they are purchasing or subscribing to, as well as implementing protective measures such as 3rd party verification to ensure you can demonstrate that you have consent to charge when handling queries or for audits.
As mentioned before, this is an ongoing process, so a robust DDRC strategy will also uncover any changes that might negatively impact the business and address any unknowns. For example, a new fraud vector or changes made to a previously approved service that alters its compliance status.
How does DDRC contribute to building consumer trust in mVAS and DCB?
TP: Reducing complaints is obviously key. In turn, it reduces any negative publicity about DCB as a secure payment method and mVAS as a reputable business sector. But DDRC also has a focus on customer care and managing customer queries which is also important for building consumer trust.
As we know, many queries about suspected fraudulent activities are genuine transactions where a customer has consented but doesn’t recognise the charge on their bill. Perhaps the bill descriptor isn’t clear, or they’ve forgotten they made the purchase or someone else in their household has accessed their phone or sim. A successful DDRC strategy encompassing customer care is very effective at preventing these queries from becoming complaints and further escalation. At the same time, proactive customer care helps consumers better understand how secure DCB is as a payment method, and how carriers are protecting them from fraudulent activities. Giving them more confidence in making mVAS purchases and using DCB as a payment method.
How can mobile carriers educate customers about DCB services, potential risks, and legitimate transactions?
TP: Clear bill descriptors are an easy win, although there are premium content services where this might not be so desirable. However, where there is an opportunity to relate the bill descriptor to a recognisable merchant or service with the provider’s contact details, do it. Carriers see a dramatic reduction in queries related to charges when bill descriptors are clear.
Self-service customer care solutions are another area to invest in. “Understand your bill” pages on your website, and online MSIDIN lookup tools that provide the merchant’s customer care details, are all effective ways of educating customers and reducing queries and complaints.
Providing information about how to cancel subscriptions also builds trust in mVAS and DCB. Customers should automatically get this information when they receive their purchase receipt, but it can also be made available via lookup tools. It doesn’t necessarily mean they will cancel. It just means they know how to do it if they want, which increases transparency and trust in the sector.
Reducing complaints is a clear objective for DDRC, but for many parties in the mVAS/DCB ecosystem the measures deployed to reduce complaints results in a decrease in revenue. What do you say to this?
TP: DDRC controls block fraudulent traffic. So when that happens, carriers, aggregators, and merchants may experience a decrease in transactions from these fraudulent sources. However, it is essential to consider the bigger picture and the long-term financial implications. Without a robust DDRC strategy, the ecosystem is vulnerable to potential risks, leading to additional costs such as refunds, fines, complaint management, and reputational damage. These factors can significantly impact the bottom line as well.
In the absence of effective DDRC controls, a typical pattern emerges, where mVAS/DCB revenue initially grows with a mix of legitimate and fraudulent traffic. As sales targets are raised to meet the apparent success, it exerts pressure on affiliates and marketers to generate more traffic, sometimes leading to an increase in fraudulent activity. This vicious cycle eventually culminates in a surge of customer complaints, forcing carriers to stop services on their network completely.
A more sustainable approach for long-term growth is to protect customers from fraudulent activities, build trust in mVAS and DCB services, and focus on enhancing the overall customer experience. By prioritising DDRC measures, the ecosystem can thrive, engendering customer loyalty and fostering a positive reputation, ultimately leading to increased revenue from genuinely satisfied and trusting customers.
As the mVAS and DCB market continues to evolve, what future trends or innovations do you foresee in DDRC practices to further enhance customer trust and security?
TP: I think the main trend is self-regulation. We’ve seen it in the UK when the PSA introduced non-mandatory standards for DDRC. These have been embraced by the UK market because it knows that if it doesn’t, more stringent legislation would follow. In other global markets, regulators are keenly interested in this example, so it makes sense to pre-empt increased regulation by putting in place a robust DDRC strategy on your own terms.
As far as innovations go, we’re seeing a lot of interest in technologies to support these strategies including our own DDRC platform, MCP NET, and related services. We’ve been working closely with carriers to develop solutions that help them manage DDRC and demonstrate compliance, such as auditable, tamperproof data management systems for storing accreditation, security audits, policies and other documentation. We’ve also launched DDRC as a Service, a flexible service that gives carriers and aggregators access to our compliance expertise as well as being a more affordable way of managing DDRC than handling it internally.
What should people do if they want to know more about DDRC?
TP: Get in touch with us at MCP! We’d be delighted to talk them through what we’re doing for our clients and discuss best practices and solutions.
To get in touch with the MCP team, click here.