Understanding MVNOs and MVNEs

A mobile virtual network operator (MVNO) provides mobile telecommunications services without owning radio spectrum or network infrastructure. Instead, the MVNO purchases wholesale access from a mobile network operator (MNO) and resells services under its own brand. A mobile virtual network enabler (MVNE) provides the technical platform, billing systems, and operational support that allows MVNOs to operate without building their own back-end infrastructure.

The UK MVNO market is one of the most developed in Europe. MVNOs account for approximately 14% of UK mobile subscriptions. The commercial models range from branded resellers (who simply rebrand an MNO’s service) through light MVNOs (who control retail operations but rely on the host MNO for core network) to full MVNOs (who operate their own core network elements and interconnect with the host MNO at the radio access level).

Regulatory framework

MVNOs that provide electronic communications services are “communications providers” under section 32(4) of the Communications Act 2003 and must comply with Ofcom’s General Conditions of Entitlement. There is no licensing requirement in the UK: any person may provide electronic communications services subject to compliance with the General Conditions.

The principal General Conditions relevant to MVNOs include: GC A1 (general requirements, including network access obligations), GC B1 (number portability), GC B2 (number allocation and use), and GC C1 to C8 (consumer protection, including contract transparency, switching, and complaint handling). MVNOs that provide services to consumers must comply with the full suite of consumer protection conditions on the same basis as MNOs.

Wholesale access and MVNO agreements

Unlike some EU member states, the UK does not impose a regulatory obligation on MNOs to provide wholesale access to MVNOs. Ofcom’s position, set out in its 2018 award of 700 MHz and 3.6-3.8 GHz spectrum statement, is that commercial negotiations have delivered sufficient MVNO access without regulatory intervention. The Competition and Markets Authority (CMA) reached a similar conclusion in its assessment of the Three/O2 merger inquiry.

MVNO wholesale access agreements are therefore purely commercial contracts. Key terms include: wholesale pricing structure (per-unit, capacity-based, or revenue-share), minimum volume commitments, quality of service obligations, technology roadmap commitments (including 5G access timelines), data and roaming pass-through arrangements, number porting cooperation, and termination provisions including migration assistance on exit.

Where an MVNO operates through an MVNE, a tripartite structure arises: the MNO provides wholesale radio access, the MVNE provides the technical platform and operational support, and the MVNO holds the retail customer relationship. The contractual architecture must clearly allocate regulatory obligations (particularly consumer protection and data protection) between the three parties, since each may qualify as a communications provider in its own right depending on the scope of services it provides.

Number portability and switching

MVNOs are subject to the same number portability obligations as MNOs under General Condition B3 (formerly GC18). Customers must be able to port their mobile number when switching to or from an MVNO within one working day of the port being activated.

Ofcom’s One Touch Switch process, which took effect on 3 April 2023, applies to MVNOs. Under this regime, the gaining provider leads the switching process, reducing friction for consumers. MVNOs must participate in the industry switching systems and cooperate with porting requests. The MVNO wholesale agreement should address how switching and porting obligations are operationally fulfilled, particularly where the MVNE manages the technical porting process on the MVNO’s behalf.

Data protection and privacy

MVNOs process substantial volumes of personal data, including location data, traffic data, and communications metadata. Under the Data Protection Act 2018 and UK GDPR, the MVNO is typically the data controller for its retail customer data. Where an MVNE processes personal data on the MVNO’s behalf, it acts as a data processor and a compliant data processing agreement under Article 28 UK GDPR is required.

The Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR) impose additional obligations specific to electronic communications providers, including restrictions on processing traffic data (regulation 7), location data (regulation 14), and requirements for security of public electronic communications services (regulation 5). MVNOs must ensure their wholesale and MVNE agreements address data flows, processing purposes, retention periods, and incident notification obligations under both UK GDPR and PECR.

Consumer regulation and compliance

MVNOs serving consumers face the same regulatory requirements as MNOs. Ofcom’s General Conditions C1 to C8 mandate pre-contract information, contract summaries, maximum contract duration limits, transparent pricing, accessible complaint handling procedures, and access to alternative dispute resolution (ADR) through approved schemes such as Ombudsman Services or CISAS.

MVNOs must also comply with Ofcom’s net neutrality guidance on traffic management and open internet access, and with the requirements of the Telecommunications (Security) Act 2021 to the extent applicable to their network elements. Where the MVNO operates a core network, the security obligations under section 105A of the Communications Act 2003 (as amended) apply directly.

5G and emerging MVNO models

5G presents both opportunities and challenges for the MVNO model. Network slicing allows MNOs to offer MVNOs dedicated virtual network capacity with defined quality of service parameters, enabling MVNOs to serve enterprise and IoT verticals with guaranteed performance. However, access to 5G wholesale terms, standalone core network capabilities, and edge computing resources requires renegotiation of existing MVNO agreements originally structured around 4G capacity models.

The growth of IoT MVNOs and embedded SIM (eSIM) providers adds further complexity. IoT MVNOs providing machine-to-machine connectivity may qualify as communications providers under section 32(4) of the Communications Act 2003 and must assess which General Conditions apply to their services. eSIM technology changes the switching dynamic and may require updates to wholesale agreement provisions on SIM management, device activation, and profile switching.

How bratby.law helps

Our team advises MNOs, MVNOs, MVNEs, and investors on the full range of MVNO-related regulatory and commercial issues. We bring direct experience from within the telecoms regulatory framework, having worked at Oftel/Ofcom and as general counsel to a mobile operator.

• Advising on MVNO wholesale access agreement negotiation, structuring, and renegotiation
• Regulatory compliance assessments for new MVNO launches, including General Conditions mapping
• MVNE platform agreements and tripartite contractual structures
• Data protection compliance for MVNO operations, including PECR obligations and data processing agreements
• Number portability and One Touch Switch implementation
• 5G wholesale access terms and network slicing arrangements
• Regulatory due diligence on MVNO acquisitions and investments

Frequently asked questions

Does an MVNO need a licence to operate in the UK?

No. The UK operates a general authorisation regime under the Communications Act 2003. Any person may provide electronic communications services without a licence, provided they comply with Ofcom’s General Conditions of Entitlement. An MVNO must notify Ofcom that it is providing services and must comply with the applicable General Conditions from the date it begins operations.

Can an MVNO be required to comply with the Telecommunications (Security) Act 2021?

It depends on the MVNO model. A full MVNO operating its own core network elements is subject to the security duties under section 105A of the Communications Act 2003 (as inserted by the TSA 2021). A branded reseller that does not operate any network elements may not be directly caught, but must ensure its wholesale agreement addresses the host MNO’s security obligations and the MVNO’s cooperation requirements.

What data protection obligations apply to an MVNE?

An MVNE that processes personal data on behalf of an MVNO acts as a data processor under UK GDPR. It must have a compliant data processing agreement with the MVNO under Article 28, covering processing scope, security measures, sub-processor controls, and breach notification. If the MVNE also provides services directly to end users, it may be a controller in its own right for those processing activities and must comply with the full controller obligations under UK GDPR and PECR.

Is wholesale MVNO access regulated in the UK?

Not currently. Ofcom has not imposed an obligation on MNOs to provide wholesale access to MVNOs. Access is secured through commercial negotiation. However, Ofcom has the power under sections 45 and 87 of the Communications Act 2003 to impose access-related conditions on operators with significant market power (SMP) if a market review concludes that competition is insufficient. Ofcom has periodically considered but not imposed such conditions in its mobile market reviews.

How does One Touch Switch affect MVNOs?

Ofcom’s One Touch Switch process, effective from April 2023, requires the gaining provider to lead the switching process for mobile customers. MVNOs must participate in the industry switching systems, respond to switching requests within mandated timescales, and not create unnecessary barriers to switching. The MVNO’s wholesale agreement and any MVNE platform must support the technical requirements of the switching process, including porting automation and customer notification.

Related transactions pages

See also our other transactions pages:

• Mergers and Acquisitions (M&A)
• SaaS and Cloud Services
• Private equity
• Subsea cables
• Interconnection, peering and access agreements
• Network sharing and co-location agreements
• Data commercialisation and licensing
• Digital Infrastructure Projects

See also: Am I regulated? and Ofcom General Conditions.

Independent directory rankings

Our specialist expertise is recognised in major independent legal directories:

• Chambers & Partners: Rob Bratby is ranked in the UK Guide 2026 in the “Telecommunications” category: Chambers
• The Legal 500: Rob Bratby is listed as a “Leading Partner – Telecoms” in London (TMT – IT & Telecoms): The Legal 500
• Lexology: Rob Bratby is featured on Lexology’s expert profiles (Global Elite Thought Leader): Lexology

What clients say about bratby.law