Every MVNO reaches a point where lawful interception can no longer be treated as an afterthought. Whether triggered by a regulatory audit, the migration to your own IMS core, or simply reaching a subscriber threshold that puts you on an authority’s radar, the question becomes unavoidable: should you build and operate your own lawful interception infrastructure, or hand it to a specialist?
The answer depends on far more than cost. It involves regulatory exposure, technical capability, staffing realities, time-to-compliance and long-term strategic direction. This guide walks through both models in detail, outlines the key decision criteria and provides a practical framework to help MVNOs make the right call for their specific situation.
Understanding Managed LI Operations
Before comparing them, it helps to define what each model actually involves in practice.
In-House LI Operations
In-house lawful interception means the MVNO owns the entire compliance stack. This includes purchasing or licensing a Lawful Interception Management System (LIMS), deploying a mediation platform, integrating interception functions into your IMS core or packet gateway, establishing secure handover interfaces (HI1, HI2, HI3) with every relevant law enforcement agency, and staffing a team to manage warrant lifecycles around the clock.
The MVNO is responsible for keeping the system aligned with ETSI standards (TS 102 232 series, TS 103 120, TS 103 707), responding to national regulatory requirements (such as Germany’s TKÜV and TKG, France’s LCEN, or Spain’s LGTEL), and passing audits conducted by bodies like the BNetzA or equivalent national authorities. Every firmware update, every new warrant type, every change in delivery format falls on the in-house team.
Managed LI Operations
Managed LI means outsourcing the operational responsibility to a specialist provider. The provider runs the mediation platform, processes warrants, manages secure connections with law enforcement agencies and ensures ongoing compliance with evolving standards. The MVNO retains legal accountability — you cannot outsource that — but the day-to-day technical and operational burden sits with the managed service partner.
A well-structured managed LI engagement typically includes 24/7 warrant handling, platform hosting and maintenance, regular compliance reporting, audit preparation support and proactive updates when standards or regulations change. The MVNO maintains oversight through dashboards, periodic reviews and defined escalation procedures.
The Seven Decision Criteria
Cost is the first thing most MVNOs look at, but it should not be the only factor. The following seven criteria provide a more complete basis for the decision.
1. Subscriber Scale and Growth Trajectory
Scale matters because it determines whether fixed infrastructure costs can be spread across a large enough base to make economic sense. An MVNO with 500,000 subscribers will find in-house LI disproportionately expensive on a per-subscriber basis. The mediation platform, LIMS licensing, secure network links and dedicated staff represent a fixed cost floor that doesn’t shrink with fewer warrants or simpler requirements.
By contrast, MVNOs with several million subscribers and a clear growth trajectory may reach a point where the per-subscriber cost of in-house operations falls below what a managed provider charges. The break-even point varies by jurisdiction and complexity, but as a rough benchmark, MVNOs below two million subscribers in a single jurisdiction almost always find managed services more cost-effective.
2. Regulatory Complexity
MVNOs operating in a single country with stable, well-documented LI regulations face a simpler compliance landscape. The requirements are known, the interfaces are defined and the audit expectations are predictable. In these cases, either model can work.
Multi-country MVNOs face a fundamentally different situation. Each jurisdiction brings its own legal framework, its own delivery specifications, its own agency interfaces and its own audit cadence. Germany requires SINA Box encrypted delivery and follows TKÜV requirements. France has its own platform requirements under LCEN. The Netherlands, Spain, Italy and others each add layers of jurisdiction-specific obligation. Managing this patchwork in-house requires deep, current knowledge across every operating country — a capability that is expensive to build and even more expensive to maintain.
Managed LI providers serving multiple operators across multiple countries have already solved these problems. They maintain the agency relationships, the country-specific configurations and the regulatory monitoring that would otherwise consume significant in-house resources.
3. Technical Integration Depth
Lawful interception does not exist in isolation. It must integrate with your IMS core, your session border controllers, your packet gateways and your subscriber databases. The depth and complexity of these integrations depend on your network architecture and the services you offer.
MVNOs running a lightweight MVNE-hosted core with limited direct infrastructure have fewer integration points, making managed LI straightforward. MVNOs operating their own IMS, running VoLTE and VoWiFi services, or offering rich communication services face deeper integration requirements. In these cases, the choice between in-house and managed becomes a question of where integration expertise resides. If your engineering team already understands ETSI LI architecture, X1/X2/X3 interfaces and IRI/CC delivery, in-house may be viable. If not, a managed provider brings that expertise from day one.
4. Staffing and Expertise
Lawful interception requires a very specific skill set that sits at the intersection of telecommunications, security, legal compliance and law enforcement operations. Finding people who understand ETSI TS 102 232 mediation, who can troubleshoot HI2/HI3 delivery failures at 2 AM, and who can handle sensitive warrant information with appropriate security clearance is genuinely difficult.
An in-house LI operation typically needs at minimum two to three dedicated staff to provide adequate coverage, handle warrant surges and manage platform maintenance without single points of failure. For a smaller MVNO, this represents a significant payroll commitment for a function that may process only a handful of warrants per month. Managed services absorb this staffing requirement into a shared operational team that serves multiple clients, achieving economies of scale that individual MVNOs cannot.
5. Time to Compliance
Regulators do not offer grace periods. When an MVNO takes operational control of IMS voice services, lawful interception capability must be in place from day one. Building an in-house LI operation from scratch — procurement, deployment, integration, testing, agency certification — realistically takes six to twelve months. Managed LI providers with established platforms and pre-existing agency connections can typically achieve compliance in eight to twelve weeks.
If your IMS migration timeline is aggressive or your regulatory authority has set a firm compliance deadline, the speed advantage of managed services may be the deciding factor regardless of other considerations.
6. Control and Data Sensitivity
Some MVNOs have legitimate reasons to prefer in-house operations for data sensitivity reasons. Lawful interception involves access to the most sensitive category of subscriber data — the content and metadata of communications under legal surveillance. Depending on your operating jurisdiction, your corporate governance requirements and the nature of your subscriber base, keeping this data within your own security perimeter may be a policy requirement.
That said, reputable managed LI providers operate under strict security frameworks, process data within defined jurisdictional boundaries and maintain certifications that many MVNOs would struggle to achieve independently. The control argument is valid, but it should be weighed against the actual security posture each model achieves in practice, not in theory.
7. Long-Term Strategic Direction
Consider where your MVNO is headed. If you are building toward becoming a full MVNO with extensive own-infrastructure, deep network control and potential wholesale services, investing in in-house LI capability may align with your broader infrastructure strategy. Lawful interception expertise becomes part of your operational DNA.
If your strategy emphasizes asset-light operations, rapid market entry and outsourced network functions, managed LI fits naturally alongside your other operational partnerships. There is no strategic advantage in building LI expertise if your model is designed around leveraging specialist partners.
The Decision Framework in Practice
To structure the decision, score your MVNO against each criterion on a simple scale. For each factor, determine whether it points toward in-house operations, managed services, or is neutral.
Subscriber base above two to three million in a single market points toward in-house. Below that threshold, managed services are almost certainly more efficient. Operating in multiple jurisdictions with differing regulatory frameworks strongly favors managed. Deep existing integration expertise and available engineering resources support in-house. Tight compliance timelines favor managed. Strong data sovereignty requirements may favor in-house. An asset-light strategic model favors managed.
In practice, most MVNOs find that the majority of criteria point toward managed services, at least in the early and growth stages. The economics simply do not support building a dedicated LI operation when subscriber volumes are modest, regulatory expertise is scarce, and the compliance deadline is approaching fast.
The Hybrid Path: Software With Support
It is worth noting that the choice is not strictly binary. A third model exists for MVNOs that want platform control without fully in-house operations. In this approach, the MVNO licenses LI management and mediation software, deploys it on their own infrastructure, and engages a specialist for implementation, training, ongoing support and compliance consulting.
This hybrid model gives the MVNO direct control over the platform and data while leveraging external expertise for the specialized aspects of LI operations. It works particularly well for MVNOs that have competent network operations teams but lack specific LI domain knowledge. Over time, as internal expertise grows, the MVNO can gradually reduce its reliance on external support while maintaining the software platform in-house.
Common Mistakes to Avoid
Regardless of which model you choose, several common mistakes can undermine your LI compliance posture. Underestimating ongoing costs is among the most frequent. The initial platform deployment is only the beginning. Standards evolve, regulations change, agencies update their delivery requirements and your own network architecture will shift over time. Budget for continuous adaptation, not just initial deployment.
Treating LI as a one-time project rather than an ongoing operation is equally dangerous. Lawful interception is a living system that requires active management every day. Warrants arrive around the clock. Delivery failures need immediate resolution. Agency relationships require ongoing maintenance. Whether in-house or managed, ensure your chosen model includes genuine operational commitment, not just technology deployment.
Neglecting audit preparation is the third common failure. Regulators do not simply ask whether you have LI capability. They examine your processes, documentation, response times, delivery accuracy and staff qualifications. Both in-house and managed models need rigorous documentation and regular compliance reviews to survive audit scrutiny.
Making the Transition
If you are currently operating without adequate LI capability, or if your existing arrangements no longer meet regulatory requirements due to network changes, the transition needs careful planning. Start with a gap analysis that maps your current LI capabilities against your regulatory obligations in every jurisdiction where you operate. Identify the specific technical, operational and staffing gaps that need to be closed.
Use this gap analysis to inform the build-versus-buy decision. If the gaps are primarily operational and staffing-related, managed services close them fastest. If the gaps are primarily integration-related and you have strong engineering resources, in-house or hybrid may be appropriate. If the gaps span everything, managed services provide the most reliable path to compliance within a realistic timeline.
ICS works with MVNOs across all three models. Our managed LI service provides complete operational coverage for MVNOs that need fast, reliable compliance without building internal capability. Our LIMS and mediation software serves MVNOs that prefer platform ownership with expert implementation support. And our consulting services help MVNOs at any stage evaluate their obligations, design their LI architecture and prepare for regulatory audits.
The in-house versus managed decision is significant, but it is not permanent. Many MVNOs start with managed services to achieve immediate compliance, then evaluate whether to bring operations in-house as they scale. The important thing is to make a deliberate decision based on your specific circumstances — not to delay until a regulator forces your hand.
Contact ICS to discuss your MVNO’s lawful interception requirements and explore which operational model fits your scale, timeline and strategic direction.
The decision between in-house and managed LI operations ultimately depends on your organisation’s technical capabilities, budget constraints, and strategic priorities. Many operators find that managed LI operations provide the best balance of compliance assurance and cost efficiency.
Related Articles
For further reading on related topics, explore these articles:
- LI Compliance as a Service: What SLAs Should You Actually Demand?
- What to Look for in a Lawful Interception Management System (LIMS)
External Resources
The following external resources provide additional context and official documentation: