Four Steps to STIR/SHAKEN and Robocall Mitigation Compliance for Small- to Mid-sized Carriers
Through its work with USTelecom | The Broadband Association’s Industry Traceback Group (ITG), the Federal Communications Commission (FCC) determined that small carriers are a major source of robocalls. As a result, on December 10, 2021, the FCC adopted an order that accelerates the deadline for small carriers that are not facilities-based to implement STIR/SHAKEN by a full year! The new deadline is June 30, 2022.
What’s more, there are consequences. After September 28, 2021, intermediate and Terminating Service Providers (TSPs) were prohibited from accepting traffic from any carrier without an approved plan registered in the FCC Robocall Mitigation Database (RMDB).
The result? Subscribers may not be able to complete calls and unhappy subscribers will take their business elsewhere. Now, more than ever, it’s time to harness the right resources and push forward!
Below we’ve provided a recap of the rules and regulations from the FCC for small to mid-sized carriers when it comes to STIR/SHAKEN and robocall mitigation. And, we’ve identified four steps to get you over the finish line, strengthen your business model, and maintain, even grow, your customer base, along with solutions to help you get there.
A timeline of rules and regulations for CSPs to be compliant.
June 30, 2021
- If not granted an extension, implement STIR/SHAKEN.
- If granted an extension, deploy a Robocall Mitigation program to stop robocalls from originating from your network.
- Respond to ITG traceback requests and cooperate with investigations around stopping illegal robocalls.
September 28, 2021
- Register in the FCC’s new Robocall Mitigation Database (RMDB) regarding what robocall mitigation and STIR/SHAKEN actions you’ve taken. Other carriers are not permitted to accept traffic from carriers not registered in the database.
June 30, 2022 (NEW)
- Non-facilities-based (CSP does not provide access) small service providers must implement STIR/SHAKEN by the new, shortened deadline of June 30, 2022.
- If the FCC notifies you that you failed to mitigate robocalls, you will be required to implement STIR/SHAKEN within 90 days.
- Non-facilities-based small providers that are subject to the new deadline are required to update their exemption status in the RMDB to confirm they are aware they must comply by June 30, 2022 (not June 30, 2023.)
June 30, 2023
- All carriers must implement STIR/SHAKEN.
The FCC’s Enforcement Bureau will also be reviewing each carrier’s registered program and can prescribe more specific robocall mitigation obligations for any carrier that hasn’t implemented a sufficient robocall mitigation program. They can also assign penalties against carriers who originate illegal robocalls and, indeed, have already begun to do so.
Four steps to compliance and growth.
Step 1: Certify what steps you’ve already taken in the RMDB.
The deadline to register in the RMDB was September 28, 2021 - after which carriers are meant to stop accepting traffic from those carriers that are not registered.
Don’t forget, you must also update your exemption status in the RMDB to confirm you are aware you must comply by June 30, 2022 (not June 30, 2023.)
As of December, 2021, there were 2,946 registrants (178 in June 2021) representing 104 countries, however, only 16% of those have said they have fully implemented STIR/SHAKEN.
Step 2: Review the CATA Best Practices.
Download the Best Practices for the Implementation of Call Authentication Frameworks by the NANC Call Authentication Trust Anchor (CATA) Working Group. This guide for carriers outlines best practices for implementing a call authentication framework based on industry expertise and experience.
Step 3: Learn more about the resources and solutions available to you.
Neustar Certified Caller enables carriers to comply with the latest and comply with the FCC’s STIR/SHAKEN call authentication mandate, while our Robocall Mitigation solutions work alongside STIR/SHAKEN to identify unauthorized and suspicious use of phone numbers and detect trends and anomalies in calling patterns for both originating and terminating calls. Beyond compliance, look to our Branded Call Solutions to give enterprise customers a competitive edge.
Step 4: Launch your strategy to implement STIR/SHAKEN.
While it’s not mandatory to implement both STIR/SHAKEN and a robocall mitigation program, by taking a complementary approach that includes STIR/SHAKEN, RM, and tracebacks, YOU can help restore trust in a vital communications channel and protect your business base.
- STIR/SHAKEN: ensures that calls originated from a network are trusted and that calls to subscribers are authenticated.
- Robocall Mitigation: protects subscribers from robocalls reaching the network and stops bad actors from originating from the CSP’s network.
- Tracebacks: seek to identify the party responsible for originating fraudulent calls by starting with the last (terminating) carrier and working backward through the multiple carriers that the call traversed. Learn more about US Telecom | The Broadband Association’s Industry Traceback Group (ITG).
When you act to prevent and protect users from illegal robocalls, you gain the advantage to:
- Manage and protect your brand
- Improve call answer rates
- Deliver a better customer experience
To learn more, visit our STIR/SHAKEN Resource Hub, and read the ebooks: Robocall Mitigation FAQs for CSPs:Countdown to Compliance and Crossing the Finish Line:Four Steps to STIR/SHAKEN Compliance for Small- to Mid-sized Carriers.