Your service provider is stating you have gone above your PIR of 384k so I can only assume the site you are sending from or too has a bandwidth of more than 384k?
Normally you would pay for a committed rate on a PVC of CIR (192k in your case) which the service provider should under normal circumstances guarentee. and a maximum the PIR (384k in your case) which should be set to the smallest bandwidth of either the local site or the remote site of the PVC links.
Your service provider is stating that they are dropping packets when above
384k (PIR) so one end of the pvc must be fed by a pipe over 384k (local or remote end), As they are dropping packets above PIR then there must be a lot of queueing during high demand times which will cause at best high delays and at worst dropped packets. (A SP can drop packets legitimately above CIR and below PIR as that is what you are paying for. It's up to you to shop around here, it all depends on available bandwidth in the SP network. i.e. what seems cheap isn't as cheap as expected, some SP's are better value than others and the others appear better value till you use them) As your SP is stating dropping above PIR this does not mean they are a bad ones as all SP's will drop above PIR + a small amount (burst/queueing).
I am not exacly sure what you are restricting to 20k on your firewall but as a guess are you restricting individual flows o/g to 20k as when d/l the o/g flow would just restrict ACK's (small packets) but i/c (large data packets) would not be restricted and hog the bandwidth.
Delay is due to queing in/out of your site causing delays. You may not be comparing like with like with your old ISDN connection.
I don't know what you're router is capable of, but to alleviate this problem you can use frame-relay traffic-shaping. This will 'smooth out the bumps' in the traffic making your provider less likely to drop packets (note frame relay is inherently a contended service). You router should also be able to adapt to BECN frames received from the provider, indicating you're sending traffic into a temporarily congested network, by throttling the source.