Compliance

Strengthen Your DDRC for the Ofcom Era!

The UK phone-paid services market is set for a significant regulatory change, with the Phone-paid Services Authority (PSA) handing over its responsibilities to Ofcom on 1st February 2025. For companies in the charge-to-bill value chain, this transition is an opportunity to review and strengthen due diligence, risk assessment, and control (DDRC) measures to ensure compliance with evolving regulatory expectations.

A Stable Market Built on Strong DDRC Practices

The UK phone-paid services market is widely recognised as a stable and well-regulated market, thanks in large part to the PSA’s strong focus on DDRC. Over recent years, the PSA’s robust regulatory approach has contributed to a market environment that sees only a small number of compliance issues each month. However, this stability hasn’t come without enforcement action.

New entrants, particularly those from less mature regulatory environments, can find themselves caught out by the UK’s more rigorous requirements. The PSA has consistently demonstrated its willingness to enforce compliance standards when DDRC measures fall short.

A recent adjudication against a telco provider illustrates this. High volumes of complaints about its merchant providers triggered an investigation, covering two breaches of the PSA Code. While the PSA found that the provider had conducted satisfactory due diligence, its risk assessment and control measures were deemed inadequate. The PSA classified the overall breach severity as very serious and imposed significant sanctions:

A formal reprimand (a public record of non-compliance).

A fine exceeding £250,000.00.

A requirement to conduct a compliance audit by an approved third party within 12 months and implement the recommendations.

An administration fee of nearly £14,000.00.

This case serves as a stark reminder that the UK’s regulatory environment leaves little room for error, particularly around DDRC.

What Changes Under Ofcom?

While Ofcom has retained the PSA’s codes relating to DDRC, it has strengthened and expanded them in certain areas. Key updates include:

1. Formal Definition of Risk:

Ofcom defines “risk” as any reasonably identifiable circumstance or event with potential adverse effects on consumers. Providers are now required to assess risks across:

The purpose and nature of the arrangement.

The parties involved.

The content, promotion, and marketing of controlled PRS.

2. Broader Scope of Risk Assessments:

Providers must assess risks associated not just with direct partners but also subcontractors. This requires additional diligence when onboarding merchants and affiliates.

3. Stronger Accountability Measures:

Providers must regularly review their DDRC measures at intervals not exceeding 12 months. Networks and intermediaries must suspend or terminate arrangements with merchants (and other intermediaries) if they suspect a contravention or security compromise.

4. Complaint-Driven Risk Reviews:

While consumer complaints don’t automatically indicate non-compliance, Ofcom expects providers to have regard for consumer enquiries or complaints in their risk assessments and take appropriate action where necessary.

These updates underscore Ofcom’s commitment to protecting consumers from harm by ensuring networks, aggregators and content service providers have robust DDRC mechanisms in place.

Anticipating Increased Scrutiny

Ofcom is no stranger to DDRC. With its experience in overseeing the wider communications industry, the regulator is accustomed to engaging with entities that have strong compliance frameworks and the resources to support them. This could mean higher expectations for the phone-paid services industry, particularly for smaller players or those operating with leaner resources. As an industry, we should prepare for a level of scrutiny that potentially exceeds what we’ve experienced under the PSA.

How MCP Insight Can Help

The transition to Ofcom presents an opportunity to assess and refine your DDRC processes. MCP Insight offers comprehensive DDRC reviews and compliance audits to ensure your business is prepared for the new regulatory framework.

Our services include:

Partner Risk Assessments: Evaluate the compliance and risk levels of your merchant providers.

DDRC Process Reviews: Identify gaps in your due diligence, risk assessment, and control mechanisms.

Live Service Compliance Audits: Assess your onboarded services for compliance with regulatory standards.

Don’t leave compliance to chance—get in touch with MCP Insight today to ensure your DDRC processes are fit for purpose and ready for Ofcom’s oversight.

Contact us to schedule a discovery call or click below for further information.

Learn more about our DDRC review designed to prepare payment aggregators and intermedaries for Ofcom.

Strengthen Your DDRC for the Ofcom Era!

December 3, 2024

Discover how the transition from PSA to Ofcom impacts the UK phone-paid services market. Learn about strengthened DDRC requirements and how to prepare for potentially enhanced compliance standards.

Black Friday: Tackling Misleading Advertising

November 5, 2024

With Black Friday fast approaching, mobile network operators need to stay vigilant against misleading advertising practices that can harm both customers and their DCB business.

Navigating the Global Carrier Billing Landscape

October 29, 2024

In an increasingly complex carrier billing landscape, payment aggregators face growing challenges in balancing compliance, supporting CSPs, and driving sustainable revenue. In this insightful interview, MCP Insight Director Kev Dawson shares his experience across the DCB value chain and offers practical advice for aggregators.

Strengthen Your DDRC for the Ofcom Era!

A Stable Market Built on Strong DDRC Practices

What Changes Under Ofcom?

Anticipating Increased Scrutiny

related posts

info@mcpinsight.com

Strengthen Your DDRC for the Ofcom Era!

A Stable Market Built on Strong DDRC Practices

What Changes Under Ofcom?

Anticipating Increased Scrutiny

related posts

Strengthen Your DDRC for the Ofcom Era!

Black Friday: Tackling Misleading Advertising

Navigating the Global Carrier Billing Landscape

Compliance – A Key Driver for Sustainable Carrier Billing

Connected World KSA 2024 – Book a Meeting

Key Insights from the Global Carrier Billing & Mobile Payments Summit 24

MCP Insight Partners with PayGate

World Telemedia 2024 – book a meeting with our team

Introducing MCP’s New Enhanced Compliance Reports

Introduction to DCB and PSMS Billing Flows

Global Carrier Billing & Mobile Payments Summit 24

Euros 24 Attract Unscrupulous Practices

INDUSTRY LEADERS TEAM UP TO IMPROVE GOOGLE AD EXPERIENCE

AI in the mVAS & DCB Space

MCP Insight Strengthens Leadership Team

Protecting Children in the mVAS Customer Journey

Google Responsive Display Ads: A Call for Collaboration

Insights and Celebrations at WASPA’s 20th Anniversary

Building a Secure and Trustworthy Mobile Payments Ecosystem

Telecoms World Middle East 2024

Cookie Consent Pop-ups on mVAS Advertising Flows

Inspiring Inclusion: Women in Tech

How Does a Malicious App Work?

TELEMEDIA 8.1 LIVE & MWC 2024

It’s the Most Wonderful Time of Year (for Fraudsters)

The Future Regulation of UK Phone-paid Services

Is Direct Carrier Billing in Germany Going Mainstream?

MTN Ad Buying Power Goes from 0 –78% in Just 3 Weeks

The Key to Reducing Complaints and Regulatory Fines in Carrier Billing

Why Are You Falling Foul of Google Ads Policies?

MCP Insight Launches MCP SCANNER 3.1

MEF CONNECTS: The Future of Fraud Prevention

AfricaCom: Africa Tech Festival 23

Market Intel: Nigeria

Protecting Barbie Fans: Our Fight Against Misleading Ads!

Global Carrier Billing & Mobile Payments Summit 23

Meet Ivan Rogani: Head of Business EU and LATAM

mVAS and DCB: How to Build Trust with Your Customers

Direct Carrier Billing (DCB) Compliance Guidance

Opportunities in the LATAM market for mobile value-added services (mVAS)

mVAS partnerships are revolutionising fan experiences

World Telemedia 2023 – book a meeting with our team

Ensuring trust and transparency: DDRC best practice

How to protect your customers and build trust in carrier billing

The rise of Direct Carrier Billing (DCB)

MTN South Africa sees positive change in marketing trends

Market insights: Oman

Mobile payments terminology: A to Z glossary

Unlocking the benefits of Direct Carrier Billing: a MNO’s guide

Malicious mobile apps: Spoofed and hidden APKs

How to identify malicious apps on Google Play Store

Meet the MCP team at 8.1 LIVE, Barcelona 2023

How to improve customer retention in the mobile services space

12 days of Christmas giveaways (and misleading ads)

Market insights: Greece

Mobile billing fraud: “I didn’t subscribe for this service”

Global Carrier Billing Summit 2022

An interview with mobile billing expert Riccardo Vallero

Asiacell Iraq partners with MCP Insight

New Proximus Payment Flow Sees 90% Reduction in Advertising

App Malware Reads Notifications Blood Pressure Tracker App

Advertising monitoring identifies ‘sick’ attempts to capitalise on Ukraine War

MCP Welcomes Potential Benefits of Premium Rate Regulatory Responsibility Transferring from PSA to OFCOM

MCP Insight Launches SCANNER 3.0

UK – Is Your Business 15th Code Ready?

MCP Scanner finds 23 New DCB services

MCP Scanner finds 22 New DCB services

MCP Scanner finds 15 New DCB services – A total of 62 in November

MCP Scanner finds 13 New DCB services

MCP – Golden Goose partnership

MCP Scanner finds 14 New DCB services

MCP Scanner finds 18 New DCB services

MCP Scanner finds 18 New DCB services

MCP Scanner finds 7 New DCB services – A total of 67 in October

MCP Scanner finds 14 New DCB services