Back

Intelligent Solutions

STIR/SHAKEN update

Grahame Davies

6th September 2022

By Simon Woodhead & Thomas Hadden

TLDR: Regulations are getting ever tighter around US termination traffic. Simwood Inc customers can expect increased levels of scrutiny and Know Your Customer (“KYC”) checks on contract renewals in order to combat Robocalls.

In June 2022 the FCC updated their rules in order to include the definition of a ‘gateway provider’. Previous rules regulated US-based carriers but arguably left something of a loophole for the real problematic traffic entering the country from certain overseas territories.

We have seen a dramatic increase in enquiries in the USA, simply because the market is consolidating as a result of tightening rules to protect the customer. We continue to welcome that and already operate to the highest standards, but there is a lot of business floating around as others either come into line or go out of business. We are finding 90% of new enquiries do not meet our standards or pass the scrutiny of the KYC documents .

Now, all US-based carriers and Providers who receive calls from outside the US, but present North American Number Plan (i.e. +1) numbers in the CLI, are subject to additional requirements. As we’re licensed as a full Competitive Local Exchange Carrier (“CLEC”) in half the States of the USA, this certainly includes Simwood Inc. It will also trap so called ‘virtual CLECs’ or resellers although responsibility will trickle down from their carrier.

In short, all Carriers/Providers:

  • MUST register in the Robocall Mitigation Database (RMD)
  • MUST implement STIR/SHAKEN and authenticate unsigned calls “from” a US number
  • MUST implement a Robocall Mitigation Program, including:
    • Mandatory blocking of illegal traffic when notified by the FCC, and calls “from” numbers which appear on a Do Not Originate (DNO) list.
    • Implement “Know Your Customer (KYC-499)” and take reasonable and effective steps to ensure that the immediate upstream foreign provider is not using the gateway provider to carry illegal traffic
    • Mitigate illegal robocalls. This is a “general mitigation standard” that requires gateway providers to mitigate illegal robocalls regardless of whether they have fully implemented STIR/SHAKEN.

Simwood Inc is fully compliant here already although customers will notice updated KYC forms which need updating every year, for both new and long-established customers.

These rules also restrict who we will do business with. The FCC now requires that domestic carriers may only accept calls from originating or intermediate providers who are listed in the RMD. Therefore, to do business with us directly in the US, you will need to be registered with the RMD which practically means being a US operator yourself. International business is welcome via our UK business, with the US just another entry in our termination A-Z. However, this is not a loophole, we’re registered in RMD for both jurisdictions and have a zero-tolerance approach to abuse.

Looking forward the FCC is proposing another round (26 pages worth) of rules. These would extend the requirement to sign calls to all unsigned calls to any domestic intermediate carrier, as well as extend robocall mitigation requirements further and increase enforcement capabilities. They are also seeking to limit the use of US NANP numbers for foreign origin calls.

These changes fit squarely in the spirit of other changes from other parts of the world but crucially relate to calls entering the country ostensibly appearing to originate from within the country. As with everywhere else in the world, we’d counsel customers to diminish legitimate uses of spoofing (e.g. offshore processing centres for onshore businesses) as the noose is only going to get tighter. A call which originates offshore and looks like it originates offshore because it doesn’t try to pretend otherwise is fine.

Related posts