Passthrough, in this instance, is where your company-supplied router has all of the functionality apart from the modem disabled; It is set up to pass all data straight out to the LAN side of the device. You then have a second router, purchased by yourself and set up how you wish, handling all LAN services; DHCP, NAT, SPI etc. This has two major benefits;
- The device provided by your ISP is almost guaranteed to be the cheapest crap they can get away with calling an Integrated Service Router; It will fall over faster than you can reboot it. Taking all services away from this device, apart from passing packets from the ISP to the LAN, is good for your network uptime.
- Your ISP provided device is probably hooked up with any number of backdoors for service reps to help Grandma Lilly connect her wireless printer, or meter your LAN traffic and bill you for it (I forget who did that, but I laughed when I read it). Having another router inside the LAN, after the ISP's device, ensures that the CSR's on the support desk can't access your LAN. Ever. They can't see traffic, they can't tell how many devices you have, nothing.
My home network is set up exactly like this, only I go one step further and have my own router pass all traffic through a VPN. There is just no way for the ISP to know anything about my internet usage, only how many bits it passes for me.
As for serving one MAC address, that's exactly why a lot of ISRs in the early - mid 2000s had MAC cloning as a feature; Set up your modem on your PC, then tell your router to clone your PC NIC's MAC address. BOOM instant internet sharing, and the ISP is none the wiser.