Back in my financial services days, I remember the strict difference in regulatory scariness between the USA and the UK. The SFA (as was then) in the UK was very much the steel hand in the silk glove, while its US counterpart, the SEC, was undeniably the steel hand in the steel glove. Yes, the SFA could put chains on the bank’s doors but the SEC would likely ensure there were no doors remaining.
It is similar in telecoms, the FCC is pretty direct and to the point – there’s certain licenses we can’t get simply because we’re majority owned by dirty foreigners, no ambiguity or compromise – while Ofcom in my experience are gentler on the outside. Both have the steel hand when they choose to use it, but how willing are they to use it?
We posted yesterday how we were deferring our (full) compliance with the latest STIR/SHAKEN changes. We’d been amongst the first to be compliant with the original requirements and, here again, are ready to go. The problem is, nobody else seems to have bothered. Compliance at this stage would, we suggest, be very disruptive for our customers and counter-productive to the FCCs aims – our customers would justifiably move to operators who aren’t nearly as compliant and are actively dragging their feet. Obeying the regulator is bad for business; defying the regulator seems to be good for business. That cannot be right.
And so it is in the UK. It was back in 2018 that GC C6 made changes to the handling of CLI in the UK, and network numbering on international calls. We fully complied and it caused merry hell because – guess what? – seemingly nobody else did. We had a spat with an MNO because they were leaking network numbers to their subscribers (inconsistently around their network) which is and was against the rules. The result of that was Ofcom decided not to punish them for their leaking of subscriber information, but to change the guidance so we shouldn’t set it in the first place. Shortly after we had to make the commercial decision to relax many of the changes we’d made because it was disruptive for our customers – again, obeying the regulator was bad for business while defying the regulator seemed to be good for business.
2018 was a long time ago – more than a third of some of my colleagues lives – but all these years later CLI compliance is still taken as a “meh”. Other operators have responded to updated guidance from Ofcom as “new regulations” which we’ve had to blog time and again are not new regulations. BT even got some free advertising for doing some of what was required, 7 years after it was required – no such thanks or State subsidy for those of us who listened the first time.
In the meantime a few other things have happened…
Back in 2020 we took our customers back on the journey towards us blocking all invalid CLI on outbound calls. For some this was arduous, for others less-so, but it meant all were compliant with GC C6 and have been ever since. Our position on that remains unique I believe, although some other operators have been nudged towards it by “new regulations” which weren’t new at all. No invalid CLI leaves the Simwood network on the way out to the PSTN, as GC C6 intended, and our customers are mostly ok with that. Some didn’t like the restriction of course and left us – obeying the regulator was bad for business, defying the regulator seemed to be good for business.
On July 1st 2021, dirty origin surcharges kicked in. We were, and remain, the only wholesale operator to not levy them on our customers, at great expense. That expense was mitigated somewhat by us having previously cleaned up outbound CLI. Had we not we’d have been paying the MNOs 528x MTR for invalid CLI. Yes, those very operators who had done nothing to comply back in 2018 or since, were now able to reap supranormal profits from surcharging for what they should have blocked. They continue to do so today! Others in the chain had a whole new column in their revenue spreadsheet where they could blend surcharges and make profit on that side, as well as the basic charge for the call. So yes, once again, obeying the regulator appeared to be bad for business, defying the regulator led to supranormal profits.
Later in 2021 I had the pleasure of addressing Parliamentarians at Westminster Forum. My speech was controversial yet heartfelt but the more exciting thing was that I was asked to Chair certain panels, notably one on origin surcharging. It caused something of a stir when a “Managing Director” from BT presented how on IP they’d finally be able to block invalid CLI as they couldn’t on their TDM network, to which I posed the question “so you can’t identify invalid CLI to block it, but you can identify it to bill for it it?”. Press coverage largely supported BT, even though they’d been required to block it for the prior 4 years at that stage. I also had a bit of a difference of opinion with Ofcom around the methodology for origin surcharges – charging for where a call appears to originate rather than where it actually originates is dumb IMHO, yet Ofcom defended it as necessary. Unsurprisingly, I haven’t been asked back.
I don’t know if I’d describe that experience as ‘bad for business’ but clearly what would have been ‘good for business’ would be to rock up and virtue signal; to tell the policymakers what they wanted to hear, even though doing so was admitting that one was violating the very conditions that entitle one to operate in this sector as modified 4 years prior. I struggle with that.
And here we are today, in 2025. Simwood is still blocking invalid CLI on all outbound calls and we’re making great strides towards protecting both our customers and the wider community from nuisance calls – blocking 3.4m in a month – but we continue to do so alone. We continue to see incoming calls from other networks with invalid CLI – calls that should have been blocked at source since 2018. We’re also identifying patterns that demonstrate a ridiculous level of non-compliance with other Ofcom requirements in GC C6 such as numbers used in CLI must be dialable. In our data, 38% of incoming calls fail this test. That is 38% of calls should never have been originated by other operators if they were compliant. We could block them today and would protect our customers from many nuisance calls as a result, but we’d also throw some babies out with the bath water and none of our customers would welcome a 38% reduction in calls to their customers’ businesses. So, once again, we have a choice: comply and go out of business, or ignore the regulator and survive?
As historically, we opt for the third option of complying to the maximum extent that is practicable and trying to raise the bar with others. Doing so isn’t our job though and a regulatory environment in both the US and the UK that rewards defiance and punishes good behaviour is ultimately bad for the consumer. It is also so inverted one has to pose the question whether we’d be better without it at all? Probably not is my conclusion but we shouldn’t even be asking the question.
I’ve centred on CLI compliance here but the problem is far wider than that.
How can it be reported in national news that a consumer of services from 4Com is having his life ruined? Ofcom’s comment: “If we see evidence of widespread issues, we’ve shown we can and will consider taking action.” Based on the investigative journalism in the excellent piece by the BBC, and the absence of Ofcom’s website notifying the opening of an enforcement case, we are not entirely sure if the word “widespread” means the same in Riverside House as it does to the average consumer. But if you have the audacity to put some boobs on the internet for a teenager to see without age verification, seemingly the entire £100m+ budget of the regulator will be brought to bear. In any event, how has their supplying operator not grown a set enough to terminate them, as they cannot be unaware? Is the profit so good it’s to hell with the lives ruined?
We have our own recent experience where a large reseller invited me to put one of our customers out of business a few years ago (I of course refused), and more recently resorted to cutting end-users service off (including a florist in the run up to Mothers’ Day, which upset me particularly) then lied to extort them to leave their parent provider in order to have service resumed – all ably supported in the porting process through a certain carrier to whose platform they happened to be moving and who was the rangeholder for many of the numbers. Our customer provided call recordings and customer statements to Ofcom – they were truly horrific – and we pulled the levers we could to support them. It was dismissed as a “commercial dispute”. I can’t name names (much as I’d really love to) because there’s criminal elements here, as well as massive litigation pending. Yet the sector regulator is “meh”.
The Telecom Security Act came in three years ago. It requires certain issues in a network to be reported to the regulator. So imagine our surprise when three years on, with one of our competitors having seemingly weekly outages, a Freedom of Information request reveals that the regulator is aware of none of them. Will they be punished with a 10% of turnover fine? Removed from the market? Probably neither – they’ll be allowed to continue as is, sweating those old ropey assets to fund personal extravagances.
I could go on. It feels to me though like being at school with that certain teacher who had absolutely no control over the class. They’d shout and make up rules but they’d just be ignored and ridiculed. Kids quickly learned that if they did behave they were punished by peers for brown-nosing. In a professional industry that warrants regulation, things shouldn’t be like that.
Our regulators need, in my opinion, to start taking their own rules seriously and bringing up the rear with a bit of stick, while simultaneously taking away the carrot of non-compliance. If they don’t, and soon, we’ll be back to the Wild West and simply accelerate our industry’s obsolescence.