News

Important New Robocall Mitigation Database Filing Deadlines

Written by Amy Ralls | Jan 26, 2024 7:17:55 PM

Last March, the FCC adopted expanded robocall mitigation database (RMD) filing requirements. The FCC has now released a public notice setting the deadlines for those filings.

By February 26, 2024:

  • All voice service providers and intermediate providers must file certifications and a robocall mitigation plan for all of their calls, even if they have fully implemented STIR/SHAKEN or lack control of the network infrastructure to deploy STIR/SHAKEN. This deadline applies to providers filing plans for the first time as well as existing filers who must supplement their existing filings. The certifications and plan must include the following:
    • A description of the reasonable steps taken to avoid, as applicable, the origination, carrying, or processing of illegal traffic.
      • For originating providers, describe the affirmative, effective measures taken to prevent new and renewing customers to originate illegal calls (e.g., know-your-customer compliance) and procedures for knowing the upstream provider
      • For intermediate providers, describe their know-your-upstream provider procedures
      • For all providers, describe any call analytics they have implemented and the name of any third-party vendor being used for analytics
      • For all providers, describe contractual provisions with end user customers or upstream providers that are designed to mitigate illegal robocalls.
    • State whether the provider has been removed from, or barred from, filing in the RMD
    • State whether it still qualifies for an extension of STIR/SHAKEN implementation and, for domestic providers, describe the basis for the extension or explain why it is unable to implement STIR/SHAKEN due to lack of control over necessary network infrastructure
    • Commit to responding to traceback requests within 24 hours.
  • All providers must also file or update their RMD certification with the following new information:
    • State whether the provider, in the preceding two years, has been the subject of a formal FCC, law enforcement, or regulatory agency action or investigation with accompanying findings of actual or suspected wrongdoing due to “transmitting, encouraging, assisting, or otherwise facilitating illegal robocalls or spoofing” and, if so, provide specified details. (This does not include traceback requests).
    • State whether it has been removed from or prevented from filing in the RMD
    • Describe the provider’s role in the call chain based on one of eight specified categories. Providers playing different roles (e.g., an originator for some calls or an intermediate provider for others), they should check each applicable category.
    • Provide the provider’s OCN if it has one
  • Update the RMD within 10 business days if any of this information changes.

By May 28, 2024

  • All providers must block traffic from upstream intermediate providers that are not in the RMD. (Intermediate providers and voice service providers are already required to block traffic from a gateway provider or voice service provider not in the RMD. This is now extended to non-gateway intermediate providers not in the RMD. Intermediate providers whose information was transferred to the RMD from the Intermediate Provider Registry is not sufficient. They must file a separate certification and plan.)

Filing instructions:

Providers must submit their RMD filings through this portal: https://fccprod.servicenowservices.com/rmd?id=rmd_welcome

Updated instructions can be found here: https://www.fcc.gov/files/rmd-instructions.

Providers may request confidential treatment.

Providers should contact their counsel or reach out to the CCA regulatory committee and Michael Pryor (mpryor@bhfs.com) if they have questions. The new and updated RMD certifications and robocall mitigation plans are reasonably complex and the Commission likely will be reviewing them carefully.