A Rollercoaster of Risk: The mVAS/DCB Market Cycle

In the world of mobile value-added services (mVAS) and mobile payments, we’ve seen a repeating cycle play out across multiple markets.

1. Operators open their networks to merchants and content service providers (CSPs), enabling them to leverage carrier billing (DCB) as a seamless payment method.
2. For a time, revenues increase, and everyone in the value chain benefits.
3. Then, the consumer complaints start rolling in. Fraudulent activities – whether through misleading advertising, content locking, or unauthorised billing – lead to rising customer support costs, regulatory pressure, and reputational damage for operators.
4. Faced with the backlash, some operators react by pulling back, shutting down the market, or imposing overly restrictive measures that stifle growth.

The most mature markets, particularly in Europe, have learned from experience. Instead of shutting down carrier billing, they’ve mandated fraud prevention and compliance tools. But as some have discovered, simply telling the value chain to use these tools isn’t enough. Oversight is essential.

The Oversight Dilemma: Who Should Own DDRC?

The next logical step for operators is Due Diligence and Risk Control (DDRC) – a two-stage framework that ensures long-term sustainability in carrier billing.

• Due Diligence: This involves comprehensive vetting and onboarding of new partners, including CSP background checks, financial and operational risk assessments, compliance validation, and service testing before launch. Proper due diligence ensures that only legitimate, high-quality CSPs gain access to the operator’s network, reducing the likelihood of fraud or consumer harm from the outset.
• Risk Control: Once a CSP is onboarded, the focus shifts to ongoing monitoring and management. This includes real-time fraud prevention, compliance oversight, ad flow monitoring, transaction tracking, and customer care testing. Risk Control ensures that services remain compliant, consumer complaints are minimised, and fraudulent activities are proactively detected and stopped before they escalate.

Operators who implement a robust DDRC strategy can protect their reputation, maintain consumer trust, and sustain a profitable carrier billing ecosystem without the need for reactive, market-restricting interventions.

But here’s the challenge: most operators don’t have the internal resources to manage DDRC themselves. Many lack the expertise, bandwidth, and technology to implement an effective in-house solution at scale. This is why some leading network operators have engaged MCP Insight – we’ve developed the risk management technology and expertise so they can outsource DDRC to a trusted independent provider. 

The Opportunity for Payment Aggregators

With standardised APIs disrupting the aggregator model, there’s a new opportunity: Aggregators can evolve beyond payment facilitation and take on a greater role in risk management, compliance, and DDRC. Instead of being sidelined, they can offer operators a service that makes them indispensable.

Rather than waiting for operators to go through the painful cycle of opening the market, seeing fraud take hold, and then restricting DCB, aggregators can step in early with a proactive solution.

How Aggregators Can Offer DDRC as a Service

1. White-Label DDRC Solutions

Payment aggregators can partner with independent risk management providers (such as MCP Insight) to offer a fully managed DDRC service under their own brand. This allows them to provide operators with the compliance and fraud prevention oversight they need, without operators having to build their own internal teams.

2. End-to-End Risk Management

Beyond basic compliance, aggregators can offer a full risk management package that includes:

• Fraud prevention and detection (e.g., blocking unauthorised transactions, click-jacking, and misleading ads)
• Ongoing compliance monitoring (ensuring CSPs follow telco regulations and the operator’s code)
• Consent verification (reducing consumer complaints)

3. Strengthening Network Operator Relationships

Operators are looking for trusted partners to help them navigate the risks of mobile payments. Aggregators who position themselves as risk management enablers rather than just payment processors will build stronger, longer-term relationships with operators.

Future-Proofing Aggregators in the API Era

With standardised APIs reducing the network’s reliance on traditional aggregators, those who fail to evolve risk being left behind. But for those who adapt by offering high-value services like DDRC, the future is bright.

Instead of being seen as just another intermediary, aggregators can become critical partners in risk, compliance, and consumer protection – securing their position in the evolving carrier billing landscape.

Time to Take Action

The market is shifting, and payment aggregators must act now to avoid redundancy. Offering DDRC and risk management services isn’t just an added benefit – it’s a strategic move that can redefine the role of aggregators in an operator-led, API-driven world.

The question is: Will you evolve and lead, or wait and risk being left behind?

If you’re thinking about how to enhance your value proposition, strengthen operator relationships, and future-proof your business, let’s have a conversation.