Federal Communications Commission DA 26-174 DA 26-174 Enforcement Advisory No. 2026-02 Released: February 20, 2026 FCC ENFORCEMENT ADVISORY MOBILE VIRTUAL NETWORK OPERATORS (MVNOS) MUST FILE CERTIFICATIONS AND ROBOCALL MITIGATION PLANS IN THE ROBOCALL MITIGATION DATABASE MVNOs are voice service providers that must comply with robocall mitigation database requirements, including responding to traceback requests The Enforcement Bureau (Bureau) of the Federal Communications Commission issues this Enforcement Advisory to remind Mobile Virtual Network Operators (MVNOs) of their obligation to file in the Robocall Mitigation Database (RMD) and the requirement to respond to traceback requests. The RMD serves an essential role in the Commission’s efforts to prevent illegal robocalls by housing information necessary to help the Commission evaluate a provider’s compliance with our robocall and STIR/SHAKEN rules, as well as providing transparency to industry. Improving the Effectiveness of the Robocall Mitigation Database, WC Docket No. 24-213, Report and Order, 40 FCC Rcd 599-60, para. 1 (2024) (2024 RMD Order). The traceback process allows the source of unlawful robocalls to be identified. See Implementing Section 13(d) of the Pallone-Thune Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), EB Docket No. 20-22, Report and Order, 38 FCC Rcd 7561, 7561-62, para. 1 (EB 2023). In March 2023, the Commission expanded the scope of providers required to comply with robocall mitigation requirements so that all voice service providers, gateway providers, and non-gateway intermediate providers, including MVNOs, are required to file in the RMD. Call Authentication Trust Anchor, WC Docket No. 17-97, Sixth Report and Order and Further Notice of Proposed Rulemaking, 38 FCC Rcd 2573, 2588, para. 28 (2023) (Sixth Caller ID Authentication Order) (requiring all intermediate and voice service providers to take reasonable steps to mitigate illegal robocalls and submit a certification and robocall mitigation plan to the RMD); 47 CFR § 64.6305. These requirements became effective on February 26, 2024, which was also the filing deadline for any new providers that had not yet been required to file. Wireline Competition Bureau Announces Robocall Mitigation Database Filing Deadlines And Instructions And Additional Compliance Dates, WC Docket No. 17-97, Public Notice, 39 FCC Rcd 383 (WCB 2024). RMD filers are also required to recertify their existing RMD filings annually by March 1, with the first annual recertification deadline being March 1, 2026. 47 CFR § 64.6305(h); see also 2024 RMD Order, 40 FCC Rcd at 615-16, paras. 37-38; Wireline Competition Bureau Announces OMB Approval and Effective Dates for Robocall Mitigation Database (RMD) Rules, Provides Guidance for Filing in the RMD, Reminds RMD Filers of their March 1, 2026, Annual Recertification Requirement, and Establishes A Reporting Mechanism for RMD Deficiencies, WC Docket No. 24- 213, MD Docket No. 10-234, Public Notice, DA 26-72 (rel. Jan. 22, 2026) (RMD Effective Date PN). When an MVNO resells voice services, The Commission defines “voice service” in a manner consistent with the TRACED Act definition when referring to caller ID authentication and Robocall Mitigation Database rules. See 47 U.S.C. § 227b(a)(2)(A); 47 CFR § 64.6300(o); see also Sixth Caller ID Authentication Order, 38 FCC Rcd at 2575, para. 4, n.11. Voice service is “any service that is interconnected with the public switched telephone network and that furnishes voice communications to an end user using resources from the North American Numbering Plan or any successor.” See 47 U.S.C. § 227b(a)(2)(A); 47 CFR § 64.6300(o). the MVNO qualifies as a “voice service provider” under section 64.6305 of the Commission’s rules and therefore has an obligation to file in the RMD and respond to traceback requests from the registered traceback consortium and law enforcement. 47 CFR § 64.6305. The registered traceback consortium is currently USTelecom’s Industry Traceback Group (ITG). See Implementing Section 13(d) of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), EB Docket No. 20-22, Order, 38 FCC Rcd 7561, 7561 (2023). However, MVNO compliance with the RMD filing requirement remains inconsistent. The Commission acknowledged in the Fifth Caller ID Authentication Further Notice that some resellers had already filed in the RMD, but despite adopting a universal requirement in the Sixth Caller ID Authentication Order for all voice service providers to do so, some MVNOs still have not. See Advanced Methods to Target and Eliminate Unlawful Robocalls; Call Authentication Trust Anchor, CG Docket No. 1759, WC Docket No. 17-97, Sixth Report and Order in CG Docket No. 17-59, Fifth Report and Order in WC Docket No. 17-97, Order on Reconsideration in WC Docket No. 17-97, Order, Seventh Further Notice of Proposed Rulemaking in CG Docket No. 17-59, and Fifth Further Notice of Proposed Rulemaking in WC Docket No. 17-97, 37 FCC Rcd 6865, 6946, para. 214 (2022); Sixth Caller ID Authentication Order, 38 FCC Rcd at 2588, para. 28. The Commission has stated that “all providers—including intermediate providers and voice service providers without the facilities necessary to implement STIR/SHAKEN”—must: (1) take “reasonable steps” to mitigate illegal robocall traffic; (2) submit a certification to the RMD regarding their STIR/SHAKEN implementation status along with other identifying information; and (3) submit a robocall mitigation plan to the RMD. Sixth Caller ID Authentication Order, 38 FCC Rcd at 2588, para. 28. This broad requirement applies to all “voice service providers,” which includes MVNOs. See id. at 2647-2648, App. B, para. 22 (describing the entities to which the rules adopted in the Sixth Caller ID Authentication Order will apply as part of its final regulatory flexibility analysis); see also id. at 2593, para. 38, n.146 (citing reply comment of ACA Connects discussing a certification requirement “for providers lacking control over the infrastructure necessary to implement STIR/SHAKEN (e.g., voice resellers),” and noting that “many such providers already filed voluntarily”). The RMD rules require voice service providers to include a description of their “know-your-customer” processes in their robocall mitigation plan. See 47 CFR § 64.6305(d)(2)(ii); Sixth Caller ID Authentication Report and Order, 38 FCC Rcd at 2593-94, para. 40, n.158. Resellers of voice service that serve end-users are often in the best position to identify customers that are the source of apparently illegal traffic. Additionally, the Commission has stated that it is important to apply the same treatment to all providers in the call path of voice calls. See Sixth Caller ID Authentication Order, 38 FCC Rcd at 2593, para. 38 (noting overwhelming support for the universal filing obligation, and stating it would “ensure that every provider in the call chain is covered by the same basic set of rules and will increase transparency and accountability”). Accordingly, MVNOs must abide by RMD rules, including filing a certification and robocall mitigation plan in the RMD. See RMD Effective Date PN, App. A, at 1 (“Any provider that meets [the definition of ‘voice service’ provider, ‘gateway provider,’ or ‘non-gateway intermediate provider’], including voice over Internet protocol (VoIP) resellers and mobile virtual network operators (MVNOs), must file in the RMD.”). We remind all voice service providers that failure to file in the RMD has serious consequences. Other than emergency voice calls placed to 911 and calls from public safety answering points and government emergency numbers, intermediate providers and voice service providers are prohibited from accepting calls directly from other voice service and intermediate providers that do not appear in the RMD. 47 CFR § 64.6305(g). Intermediate providers and voice service providers must only accept calls directly from foreign voice service providers or foreign intermediate providers that use North American Numbering Plan resources that pertain to the United States in the caller ID field to send voice traffic to residential or business subscribers in the United States, only if that foreign provider’s filing appears in the RMD. Id. § 64.6305(g)(2). Providers may not block emergency voice calls placed to 911 and calls from public safety answering points and government emergency numbers. Id. § 64.6305(g)(5). Additionally, providers that fail to file in the RMD are subject to increased penalties, including a $10,000 base forfeiture for submitting false or inaccurate information, and a $1,000 forfeiture for failing to update the RMD within 10 business days of relevant information changing, both on a continuing violation basis. 47 CFR § 1.80(b)(11); 2024 RMD Order, 40 FCC Rcd at 605, para. 14. MVNOs and all other voice service providers must also respond to traceback requests. The Commission requires voice service providers to respond to traceback requests from the Commission, civil law enforcement, criminal law enforcement, or the industry traceback consortium within 24 hours of receipt of the request. 47 CFR § 64.1200(n)(1). Furthermore, all RMD filers must certify to the provider’s commitment to respond within 24 hours to all traceback requests from the Commission, law enforcement, and the industry traceback consortium, and to cooperate with such entities in investigating and stopping any illegal robocallers that use its service to originate, carry, or process calls. 47 CFR § 64.6305(d)(2)(iii), (e)(2)(iii), (f)(2)(iii). Failure to respond to traceback requests may result in significant penalties including monetary fines and removal from the RMD. On September 30, 2025, the Bureau removed 12 voice service providers from the RMD for failure to respond to tracebacks from the ITG. BPO VOIP et al., Order, DA 25-913, para. 8 (EB Sept. 30, 2025). Once a provider’s filing is removed from the RMD, all intermediate providers and voice service providers must cease accepting calls directly from the removed provider. See 47 CFR § 64.6305(g). Media inquiries should be directed to 202-418-0500 or MediaRelations@fcc.gov. For additional information about this Advisory, send an e-mail to EnforcementAdvisories@fcc.gov. To report non-compliance or file a complaint with the FCC, send an e-mail to EnforcementBureauTCD@fcc.gov. Reports of deficient RMD filings should be sent to RMD-Reporting@fcc.gov. In addition, you may visit https://consumercomplaints.fcc.gov or call 1-888-CALL-FCC. To request materials in accessible formats for people with disabilities (Braille, large print, electronic files, audio format), send an e-mail to fcc504@fcc.gov or call the Consumer & Governmental Affairs Bureau at (202) 418-0530 (voice). Issued by: Chief, Enforcement Bureau 2