Federal Communications Commission DA 26-644 Before the Federal Communications Commission Washington, D.C. 20554 In the Matter of ) ) Voximplant, Inc. ) File No.: EB-TCD-26-00040372 ) FRN: 0028133205 ) ) ORDER Adopted: July 8, 2026 Released: July 8, 2026 By the Chief, Enforcement Bureau: 1. The Enforcement Bureau (Bureau) of the Federal Communications Commission has entered into a Consent Decree to resolve its investigation into whether Voximplant, Inc. (Voximplant or Company) failed to comply with the Commission’s robocall mitigation rules. To settle this matter, Voximplant admits that its Robocall Mitigation Database (RMD) certification was noncompliant, and will implement a compliance plan. 2. The RMD was established with the goal of promoting transparency and effective robocall mitigation.1 Voice service providers are required to file certifications and robocall mitigation plans in the RMD.2 The information submitted by the providers allows law enforcement to quickly and efficiently investigate and stop illegal robocallers. Upon a Commission review of certifications and robocall mitigation plans in the RMD, the Wireline Competition Bureau (WCB) notified Voximplant of deficiencies in its certification and robocall mitigation plan. When Voximplant did not respond, WCB referred the Company to the Bureau for investigation. On August 6, 2025, the Bureau released an order removing Voximplant’s certification from the RMD.3 3. After reviewing the terms of the Consent Decree and evaluating the facts before us, we find that the public interest would be served by adopting the Consent Decree and terminating the referenced investigation. 4. In the absence of material new evidence relating to this matter, we do not set for hearing the question of Voximplant’s basic qualifications to hold or obtain any Commission license or authorization.4 5. Accordingly, IT IS ORDERED that, pursuant to section 4(i) of the Act, 47 U.S.C. § 154(i), and the authority delegated by sections 0.111 and 0.311 of the Commission’s rules, 47 CFR §§ 0.111, 0.311, the attached Consent Decree IS ADOPTED and its terms incorporated by reference. 6. IT IS FURTHER ORDERED that the above-captioned matter IS TERMINATED in accordance with the terms of the attached Consent Decree. 1 Call Authentication Trust Anchor, WC Docket No. 17-97, Second Report and Order, 36 FCC Rcd 1859, 1902, para. 83 (2020) (Second Caller ID Authentication Order). 2 47 CFR § 64.6305(d)(2)(ii). 3 In the Matter of Robocall Mitigation Database Filers, Order, DA-25-694, 2025 WL 2253753 (EB 2025). 4 See 47 CFR § 1.93(b). Federal Communications Commission DA 26-644 7. IT IS FURTHER ORDERED that a copy of this Order and Consent Decree shall be sent by first class mail and certified mail, return receipt requested, to Alexey Aylarov, CEO, Voximplant, 150 West 25th Street, RM 403, New York, NY, 10001. FEDERAL COMMUNICATIONS COMMISSION Patrick Webre Chief Enforcement Bureau 2 Federal Communications Commission DA 26-644 Before the Federal Communications Commission Washington, D.C. 20554 In the Matter of ) ) Voximplant, Inc. ) File No.: EB-TCD-26-00040372 ) FRN: 0028133205 ) ) ) CONSENT DECREE 1. The Enforcement Bureau of the Federal Communications Commission and Voximplant, Inc. (Voximplant or Company), by their authorized representatives, hereby enter into this Consent Decree for the purpose of terminating the Enforcement Bureau’s investigation into whether Voximplant violated section 64.6305 of the Commission’s Rules in connection with the Bureau’s removal of non-compliant providers’ certifications from the Robocall Mitigation Database. To resolve this matter, Voximplant agrees to implement a Compliance Plan and the attached Operating Procedures. Voximplant shall be reinstated to the Robocall Mitigation Database upon notification of the Company’s appointment of a Compliance Officer and implementation of the Compliance Plan and Operating Procedures. I. DEFINITIONS 2. For the purposes of this Consent Decree, the following definitions shall apply: (a) “Act” means the Communications Act of 1934, as amended.1 (b) “Adopting Order” means an order of the Bureau adopting the terms of this Consent Decree without change, addition, deletion, or modification. (c) “Bureau” means the Enforcement Bureau of the Federal Communications Commission. (d) “Commission” and “FCC” mean the Federal Communications Commission and all of its bureaus and offices. (e) “Communications Laws” means collectively, the Act, the Rules, and the published and promulgated orders and decisions of the Commission to which Voximplant is subject by virtue of its business activities, including but not limited to the Robocall Mitigation Rules. (f) “Compliance Plan” means the compliance obligations, program, and procedures described in this Consent Decree at paragraph 14. (g) “Covered Employees” means all employees and agents of Voximplant who perform, supervise, oversee, or manage the performance of, duties that relate to Voximplant’s responsibilities under the Communications Laws, including the Robocall Mitigation Rules. (h) “Effective Date” means the date by which both the Bureau and Voximplant have signed the Consent Decree and the Bureau has released an Adopting Order. 1 47 U.S.C. § 151 et seq. Federal Communications Commission DA 26-644 (i) “Investigation” means the investigation commenced by the Bureau in EB-TCD-26- 00040372 regarding whether Voximplant violated the Robocall Mitigation Rules. (j) “Operating Procedures” means the standard internal operating procedures and compliance policies established by Voximplant to implement the Compliance Plan, as prescribed by Attachment 1. (k) “Parties” means Voximplant and the Bureau, each of which is a “Party.” (l) “Robocall Mitigation Database” or “RMD” means the public database implemented by the Commission in April 2021 to facilitate the implementation of STIR/SHAKEN and the Robocall Mitigation Rules. (m) “Robocall Mitigation Rules” means section 64.6305 of the Commission’s rules and other Communications Laws related to robocall mitigation obligations. (n) “Rules” means the Commission’s regulations found in Title 47 of the Code of Federal Regulations. (o) “Voximplant” or “Company” means Voximplant, Inc. and its affiliates, subsidiaries, predecessors-in-interest, and successors-in-interest. (p) “WCB” means the Wireline Competition Bureau of the Federal Communications Commission. II. BACKGROUND 3. The FCC in 2020 announced that it would establish the RMD to promote transparency and effective robocall mitigation.2 On March 16, 2023, the Commission adopted amendments to section 64.6305 of its rules in the Sixth Caller ID Authentication Order that enhanced the information requirements for RMD certifications and expanded the obligation to submit a robocall mitigation plan for new and existing filers.3 On May 18, 2023, the Commission adopted additional amendments to section 64.6305 in the Seventh Call Blocking Order that required all providers to include in their RMD certifications a commitment to respond fully to traceback requests within 24 hours of receipt of the request.4 Both of these rule amendments took effect on February 26, 2024, and required all existing filers to update their RMD certifications to provide the newly required information and updated robocall mitigation plans by that same date.5 4. Under the amended rule, voice service providers, gateway providers, and non-gateway intermediate providers6 must submit several pieces of information in their RMD certifications. First, a provider must certify that all calls that it originates (in the case of voice service providers) or carries or 2 Call Authentication Trust Anchor, WC Docket No. 17-97, Second Report and Order, 36 FCC Rcd 1859, 1902, para. 83 (2020) (Second Caller ID Authentication Order). 3 See Call Authentication Trust Anchor, WC Docket No. 17-97, Sixth Report and Order and Further Notice of Proposed Rulemaking, 38 FCC Rcd 2573, 2592-2601, paras. 36-52 (2023) (Sixth Caller ID Authentication Order). 4 Advanced Methods to Target and Eliminate Unlawful Robocalls, Call Authentication Trust Anchor, CG Docket No. 17-59, WC Docket No. 17-97, Seventh Report and Order in CG Docket 17-59 and WC Docket 17-97, Eighth Further Notice of Proposed Rulemaking in CG Docket 17-59, and Third Notice of Inquiry in CG Docket 17-59, 38 FCC Rcd 5404, 5422, para. 52 (2023) (Seventh Report and Order). 5 See Wireline Competition Bureau Announces Robocall Mitigation Database Filing Deadlines and Instructions and Additional Compliance Dates, WC Docket No. 17-97, Public Notice, 39 FCC Rcd 383, 383-87 (WCB 2024) (RMD Public Notice); Advanced Methods to Target and Eliminate Unlawful Robocalls, Call Authentication Trust Anchor, 89 FR 4833, 4833 (Jan. 25, 2024) (establishing February 26, 2024 as the effective date for the amendments to section 64.6305) (Seventh Report and Order Effective Date). 6 The Sixth Caller ID Authentication Order amended section 64.6305 to require non-gateway intermediate providers to file certifications in the RMD for the first time. See 47 CFR § 64.6305(f); Sixth Caller ID Authentication Order, 38 FCC Rcd at 2593, para. 38; RMD Public Notice, 39 FCC Rcd at 384. 2 Federal Communications Commission DA 26-644 processes (in the case of gateway and other intermediate providers) on its network are subject to a robocall mitigation program, that any prior certification has not been removed by Commission action and it has not been prohibited from filing in the RMD, and whether it has fully, partially, or not implemented STIR/SHAKEN on the Internet Protocol portions of its network.7 Second, the provider must upload a robocall mitigation plan that describes the specific reasonable steps the provider has taken to avoid originating (in the case of voice service providers) or carrying or processing (in the case of gateway and other intermediate providers) illegal robocall traffic as part of its robocall mitigation program,8 including: (a) a description of the affirmative, effective measures it is taking to prevent new and renewing customers from originating illegal robocalls (if it is a voice service provider); (b) a description of any call analytic system(s) that it utilizes, including those operated by a third-party vendor; and (c) a description of the procedures it is using to know its upstream providers.9 Third, the provider must provide its business name, address, and other identifying information, including contact information for a person within the company responsible for addressing robocall mitigation-related issues, and its principals, affiliates, subsidiaries, and parent companies.10 Fourth, the provider must include certain other information, including: (a) the role it is playing in the call chain; (b) detailed information supporting any claimed STIR/SHAKEN implementation extension or exemption; (c) a statement whether it or any affiliated entity has been subject to a Commission or other law enforcement agency action or investigation in the prior two years due to suspected involvement with illegal robocalling or spoofing, or due to a deficiency in its RMD certification; and (d) the provider’s commitment to respond fully and within 24 hours to traceback requests from the Commission, law enforcement, and the industry traceback consortium and to cooperate with such entities in investigating and stopping any illegal robocallers that use its service to transmit calls.11 5. Voximplant Investigation. Voximplant is a Delaware corporation, previously known as Zingaya, Inc., with a place of business in New York.12 Voximplant is a “voice service provider providing access to voice communications services to end users” via upstream providers.13 Following the February 26, 2024 effective date of the amended RMD requirements,14 WCB conducted a review of certifications in the RMD and identified providers that failed to update their RMD certifications (including their robocall mitigation plans) with the required information by the deadline.15 WCB notified Voximplant on March 29, 2024, that its certification was noncompliant with section 64.6305 because the Company had failed to submit an updated RMD certification and updated robocall mitigation plan by the February 26, 2024 deadline.16 WCB’s notification informed Voximplant that it “must submit an updated certification 7 47 CFR § 64.6305(d)(1), (e)(1), (f)(1); Sixth Caller ID Authentication Order, 38 FCC Rcd at 2595, 2597, paras. 42, 46; RMD Public Notice, 39 FCC Rcd at 385. 8 See Sixth Caller ID Authentication Order, 38 FCC Rcd at 2593, para. 39; RMD Public Notice, 39 FCC Rcd at 385, 388. 9 47 CFR § 64.6305(d)(2)(ii), (e)(2)(ii), (f)(2)(ii); Sixth Caller ID Authentication Order, 38 FCC Rcd at 2593-95, paras. 40-41; RMD Public Notice, 39 FCC Rcd at 386-87. 10 47 CFR § 64.6305(d)(4), (e)(4), (f)(4); Sixth Caller ID Authentication Order, 38 FCC Rcd at 2595-96, 2597, 2599, paras. 42-43, 46, 48; RMD Public Notice, 39 FCC Rcd at 385-86. 11 47 CFR §§ 64.6305(d)(2)(i), (iii), (iv), 64.6305(e)(2)(i), (iii), (iv), 64.6305(f)(2)(i), (iii), (iv); Sixth Caller ID Authentication Order, 38 FCC Rcd at 2596-99, paras. 43-47; RMD Public Notice, 39 FCC Rcd at 385-86. 12 Voximplant Terms of Service (March 14, 2025), https://voximplant.com/legal/tos. 13 Voximplant Robocall Mitigation Plan August 2025 (on file at EB-TCD-24-00036891). 14 See Seventh Report and Order Effective Date, 89 FR at 4833 (establishing February 26, 2024, as the effective date for the amendments to section 64.6305). 15 Id. 16 Email from Robocall Mitigation Database Team (Mar. 29, 2024) (on file in EB-TCD-24-00036891). 3 Federal Communications Commission DA 26-644 and updated robocall mitigation plan in the Robocall Mitigation Database by Monday, April 29, 2024.”17 After this second deadline, Voximplant still had not updated its RMD certification and robocall mitigation plan with the required information; as a result, WCB referred the Company to the Bureau. 6. On December 10, 2024, the Bureau released an order requiring Voximplant to cure its deficiency and notify the Bureau of the same, or inform the Bureau why the Company should not be removed from the RMD within 14 days of publication of a summary of the order in the Federal Register.18 On December 17, 2024, the summary of the order was published in the Federal Register.19 Accordingly, the deadline to comply with the order was December 31, 2024.20 The Company failed to update its certification and submit a robocall mitigation plan with all required information by the deadline. On August 6, 2025, the Bureau released an order removing Voximplant from the RMD.21 Additionally, the removal order noted that the providers listed in the order, including Voximplant, appeared in tracebacks of suspected illegal robocalls.22 Since August 6, 2025, Voximplant has appeared in 20 tracebacks as an originating provider according to the Industry Traceback Group. 7. Voximplant responded to the removal order and requested that it be reinstated to the RMD on August 13, 2025. Given Voximplant’s previous failure to understand and comply with the Commission’s rules and the Bureau’s orders, as well as the Company’s robocall traceback history, we require the Company to implement a Compliance Plan. Voximplant has cured all deficiencies identified in the Order and will provide certification of their resolution. Voximplant shall be reinstated in the RMD upon notification of the Company’s appointment of a Compliance Officer and implementation of the Compliance Plan and Operating Procedures. III. TERMS OF AGREEMENT 8. Adopting Order. The provisions of this Consent Decree shall be incorporated by the Bureau in an Adopting Order. 9. Jurisdiction. Voximplant agrees that the Bureau has jurisdiction over it and the matters contained in this Consent Decree and has the authority to enter into and adopt this Consent Decree. 10. Effective Date; Violations. The Parties agree that this Consent Decree shall become effective on the Effective Date as defined herein. As of the Effective Date, the Parties agree that this Consent Decree shall have the same force and effect as any other order of the Commission. 11. Termination of Investigation. In express reliance on the covenants and representations in this Consent Decree and to avoid further expenditure of public resources, the Bureau agrees to terminate the Investigation. In consideration for the termination of the Investigation, Voximplant agrees to the terms, conditions, and procedures contained herein. The Bureau further agrees that, in the absence of new material evidence, it will not use the facts developed in the Investigation through the Effective Date, or the existence of this Consent Decree, to institute any new proceeding on its own motion against Voximplant concerning the matters that were the subject of the Investigation, or to set for hearing the question of Voximplant’s basic qualifications to be a Commission licensee or hold Commission licenses or authorizations based on the matters that were the subject of the Investigation.23 17 Id. 18 See 2,411 Robocall Mitigation Database Filers, Order, DA 24-1235, 2024 WL 5090088, at *3 (EB 2024) (Show Cause Order). 19 In the Matter of 2,411 Robocall Mitigation Database Filers, 89 FR 102144 (Dec. 17, 2024). 20 See id. 21 In the Matter of Robocall Mitigation Database Filers, Order, DA-25-694, 2025 WL 2253753 (EB 2025). 22 Id. at *2. 23 See 47 CFR § 1.93(b). 4 Federal Communications Commission DA 26-644 12. Admission. Voximplant admits for the purpose of this Consent Decree and for Commission civil enforcement purposes, and in express reliance on the provisions of paragraph 11 herein, that paragraphs 5-7 contain a true and accurate description of the facts underlying the Investigation. 13. Compliance Officer. Voximplant shall designate a senior corporate manager with the requisite corporate and organizational authority to serve as a Compliance Officer and to discharge the duties set forth below. The person designated as the Compliance Officer shall be responsible for developing, implementing, and administering the Compliance Plan and ensuring that Voximplant complies with the terms and conditions of the Compliance Plan and this Consent Decree. In addition to the general knowledge of the Communications Laws necessary to discharge his or her duties under this Consent Decree, the Compliance Officer shall have specific knowledge of the Robocall Mitigation Rules prior to assuming his/her duties. 14. Compliance Plan. For purposes of settling the matters set forth herein, Voximplant agrees that it shall develop and implement a Compliance Plan designed to ensure future compliance with the Communications Laws and with the terms and conditions of this Consent Decree. With respect to the Robocall Mitigation Rules, Voximplant shall implement, at a minimum, the following procedures: (a) Operating Procedures. Voximplant and all Covered Employees shall comply with the Operating Procedures set forth in Attachment 1 to help ensure Voximplant’s compliance with the Robocall Mitigation Rules. Voximplant shall also develop a Compliance Checklist that describes the steps that a Covered Employee must follow to ensure compliance with the Robocall Mitigation Rules. (b) Compliance Manual. The Compliance Officer shall develop a Compliance Manual and distribute it to all Covered Employees. The Compliance Manual shall explain the Robocall Mitigation Rules and set forth the Operating Procedures that Covered Employees shall follow to help ensure Voximplant’s compliance with the Robocall Mitigation Rules. Voximplant shall review and revise the Compliance Manual as necessary to ensure that the information set forth therein remains current and accurate. Voximplant shall distribute any revisions to the Compliance Manual promptly to all Covered Employees. (c) Compliance Training Program. Voximplant shall establish and implement a Compliance Training Program on compliance with the Robocall Mitigation Rules and the Operating Procedures. As part of the Compliance Training Program, Covered Employees shall be advised of Voximplant’s obligation to report any noncompliance with the Robocall Mitigation Rules under paragraph 15 of this Consent Decree and shall be instructed on how to disclose noncompliance to the Compliance Officer. All Covered Employees shall be trained pursuant to the Compliance Training Program within fourteen (14) calendar days after the Effective Date, except that any person who becomes a Covered Employee at any time after the initial Compliance Training Program shall be trained within thirty (30) calendar days after the date such person becomes a Covered Employee. Voximplant shall repeat compliance training on an annual basis, and shall periodically review and revise the Compliance Training Program as necessary to ensure that it remains current and complete and to enhance its effectiveness. 15. Reporting Noncompliance. Voximplant shall report any noncompliance with the Robocall Mitigation Rules and with the terms and conditions of this Consent Decree within fifteen (15) calendar days after discovery of such noncompliance. Such reports shall include a detailed explanation of: (i) each instance of noncompliance; (ii) the steps that Voximplant has taken or will take to remedy such noncompliance; (iii) the schedule on which such remedial actions will be taken; and (iv) the steps that Voximplant has taken or will take to prevent the recurrence of any such noncompliance. All reports of noncompliance shall be submitted to the Chief, Telecommunications Consumers Division, Enforcement Bureau, Federal Communications Commission, via EnforcementBureauTCD@fcc.gov. 5 Federal Communications Commission DA 26-644 16. Compliance Reports. Voximplant shall file compliance reports with the Commission ninety (90) calendar days after the Effective Date, one hundred and eighty (180) calendar days after the Effective Date, twelve (12) months after the Effective Date, and every twelve (12) months thereafter until the Termination Date. (a) Each Compliance Report shall include a detailed description of Voximplant’s efforts during the relevant period to comply with the terms and conditions of this Consent Decree and the Robocall Mitigation Rules. In addition, each Compliance Report shall include a certification by the Compliance Officer, as an agent of and on behalf of Voximplant, stating that the Compliance Officer has personal knowledge that Voximplant: (i) has established and implemented the Compliance Plan; (ii) has utilized the Operating Procedures since the implementation of the Compliance Plan; and (iii) is not aware of any instances of noncompliance with the terms and conditions of this Consent Decree, including the reporting obligations set forth in paragraph 15 of this Consent Decree. (b) The Compliance Officer’s certification shall be accompanied by a statement explaining the basis for such certification and shall comply with section 1.16 of the Commission’s Rules and be subscribed to as true under penalty of perjury in substantially the form set forth therein.24 (c) If the Compliance Officer cannot provide the requisite certification, the Compliance Officer, as an agent of and on behalf of Voximplant, shall provide the Commission with a detailed explanation of the reason(s) why and describe fully: (i) each instance of noncompliance; (ii) the steps that Voximplant has taken or will take to remedy such noncompliance, including the schedule on which proposed remedial actions will be taken; and (iii) the steps that Voximplant has taken or will take to prevent the recurrence of any such noncompliance, including the schedule on which such preventive action will be taken. (d) Each Compliance Report shall identify all ownership interests greater than 5% in Voximplant and its Affiliate, Vox Global Tech Ltd. In addition, each Compliance Report shall identify the principal place of business or place of residence for each identified ownership interest. (e) All Compliance Reports shall be submitted electronically to the Chief, Telecommunications Consumers Division, Enforcement Bureau, Federal Communications Commission, via EnforcementBureauTCD@fcc.gov. 17. Termination Date. Unless stated otherwise, the requirements set forth in paragraphs 13 through 16 of this Consent Decree shall expire thirty-six (36) months after the Effective Date. 18. Section 208 Complaints; Subsequent Investigations. Nothing in this Consent Decree shall prevent the Commission or its delegated authority from adjudicating complaints filed pursuant to section 208 of the Act25 against Voximplant or its affiliates for alleged violations of the Act, or for any other type of alleged misconduct, regardless of when such misconduct took place. The Commission’s adjudication of any such complaint will be based solely on the record developed in that proceeding. Except as expressly provided in this Consent Decree, this Consent Decree shall not prevent the Commission from investigating new evidence of noncompliance by Voximplant with the Communications Laws. 24 47 CFR § 1.16. 25 47 U.S.C. § 208. 6 Federal Communications Commission DA 26-644 19. RMD Reinstatement. The Bureau shall reinstate the Company’s certification to the RMD upon notification of the Company’s appointment of a Compliance Officer and implementation of the Compliance Plan and Operating Procedures. 20. Event of Default. Voximplant agrees that an Event of Default shall occur upon the failure by Voximplant to comply with the Operating Procedures set forth in Attachment 1 or any terms of this Consent Decree. If an Event of Default occurs, Voximplant will be provided with notice from the Bureau and an opportunity to cure the deficiencies in its compliance with the Operating Procedures and/or the terms of this Consent Decree, or to explain why the Company believes that it is in compliance. The Bureau’s notice will provide a minimum of fourteen days for Voximplant to cure the deficiencies or respond. If Voximplant fails to cure the identified deficiencies or explain to the Bureau’s satisfaction how Voximplant is in compliance with the Operating Procedures or the terms of Consent Decree, then the Company’s certification shall be removed from the RMD. Voximplant hereby waives all rights to any other notice, hearing, or other proceeding, including under 5 U.S.C. § 558, prior to the removal of its certification from the RMD. 21. Waivers. As of the Effective Date, Voximplant waives any and all rights it may have to seek administrative or judicial reconsideration, review, appeal or stay, or to otherwise challenge or contest the validity of this Consent Decree and the Adopting Order. Voximplant shall retain the right to challenge Commission interpretation of the Consent Decree or any terms contained herein. If either Party (or the United States on behalf of the Commission) brings a judicial action to enforce the terms of the Consent Decree or the Adopting Order, neither Voximplant nor the Commission shall contest the validity of the Consent Decree or the Adopting Order, and Voximplant shall waive any statutory right to a trial de novo. Voximplant hereby agrees to waive any claims it may otherwise have under the Equal Access to Justice Act26 relating to the matters addressed in this Consent Decree. 22. Severability. The Parties agree that if any of the provisions of the Consent Decree shall be held unenforceable by any court of competent jurisdiction, such unenforceability shall not render unenforceable the entire Consent Decree, but rather the entire Consent Decree shall be construed as if not containing the particular unenforceable provision or provisions, and the rights and obligations of the Parties shall be construed and enforced accordingly. 23. Invalidity. In the event that this Consent Decree in its entirety is rendered invalid by any court of competent jurisdiction, it shall become null and void and may not be used in any manner in any legal proceeding. 24. Subsequent Rule or Order. The Parties agree that if any provision of the Consent Decree conflicts with any subsequent Rule or order adopted by the Commission (except an order specifically intended to revise the terms of this Consent Decree to which Voximplant does not expressly consent) that provision will be superseded by such Rule or order. 25. Successors and Assigns. Voximplant agrees that the provisions of this Consent Decree shall be binding on its successors, assigns, and transferees. 26. Final Settlement. The Parties agree and acknowledge that this Consent Decree shall constitute a final settlement between the Parties with respect to the Investigation. 27. Modifications. This Consent Decree cannot be modified without the advance written consent of both Parties. 28. Paragraph Headings. The headings of the paragraphs in this Consent Decree are inserted for convenience only and are not intended to affect the meaning or interpretation of this Consent Decree. 29. Authorized Representative. Each Party represents and warrants to the other that it has full power and authority to enter into this Consent Decree. Each person signing this Consent Decree on 26 See 5 U.S.C. § 504; 47 CFR §§ 1.1501–1.1530. 7 Federal Communications Commission DA 26-644 behalf of a Party hereby represents that he or she is fully authorized by the Party to execute this Consent Decree and to bind the Party to its terms and conditions. 30. Counterparts. This Consent Decree may be signed in counterpart (including electronically or by facsimile). Each counterpart, when executed and delivered, shall be an original, and all of the counterparts together shall constitute one and the same fully executed instrument. ________________________________ Patrick Webre Chief Enforcement Bureau ________________________________ Date ________________________________ Alexey Aylarov CEO Voximplant, Inc. ________________________________ Date 8 Federal Communications Commission DA 26-644 ATTACHMENT 1: OPERATING PROCEDURES The following provisions are not a comprehensive robocall mitigation plan and are designed to supplement, rather than replace, existing robocall mitigation measures Voximplant currently has in place or may implement in the future. Compliance with these measures is not a defense to future violations of state or federal law or Commission Rules. I. DEFINITIONS 1. For the purposes of the Operating Procedures, the following definitions shall apply, in addition to any definitions set forth in the Consent Decree. (a) “Affiliate” means a Person that (directly or indirectly) owns or controls, is owned or controlled by, or is under common ownership or control, with another Person. For purposes of this paragraph, the term “own” means to own an equity interest (or the equivalent thereof) of more than 10 percent. See 47 U.S.C. § 153(2). (b) “Customer” means any end user of the Company’s services, but does not include any Upstream Providers. (c) “Person” includes an individual, partnership, association, company, trust, or corporation. See 47 U.S.C. § 153(39). (d) “Supporting Record” means any of the following: (i) a primary document containing the information that Voximplant is required by this Consent Decree to obtain (e.g., government record, government identification, lease, utility statement); (ii) a search result from a government website (e.g., the Delaware Division of Corporations); or (iii) a report from a private database that validates information about companies for the purpose of providing fraud detection, risk management, credit check, or similar services. (e) “Upstream Provider” means any gateway or intermediate provider immediately upstream from the Company. II. ROBOCALL MITIGATION DATABASE COMPLIANCE 1. Voximplant shall fully comply with 47 CFR § 64.6305. 2. Voximplant shall update its RMD certification within 10 business days of any changes, consistent with 47 CFR §§ 64.6305(d)(5), (e)(5), and/or (f)(5), as applicable. III. TRACEBACK MONITORING 1. Upon receipt of a traceback request from the Commission, civil law enforcement, criminal law enforcement, or the industry traceback consortium, Voximplant must fully respond to the traceback request within 24 hours of receipt of the request consistent with 47 CFR § 64.1200(n)(1) and 47 CFR §§ 64.6305(d)(2)(iii), (e)(2)(iii), and/or (f)(2)(iii), as applicable. 2. On the last business day each month for the duration of the Consent Decree, Voximplant shall inform the Bureau of any traceback requests that it received and provide the following information to the Bureau: (a) The date and time of the traceback request; (b) The traceback ID number; (c) The subject matter of the call; and (d) The actions taken by Voximplant to investigate and resolve the traceback request. 9 Federal Communications Commission DA 26-644 IV. ENHANCED KNOW YOUR CUSTOMER (KYC) MEASURES FOR CUSTOMERS 1. Voximplant shall fully comply with 47 CFR § 64.1200(n)(4) and 47 CFR § 64.6305(d)(2)(ii), (e)(2)(ii), and/or (f)(2)(ii), as applicable. In addition, Voximplant shall implement at least the following measures to know its Customer. (a) If the Customer is a partnership or corporate entity, Voximplant shall obtain the following information about the Customer: i. Legal business name and Supporting Records confirming the same; ii. Place of formation and Supporting Records confirming the same; iii. Proof of good standing in the place of formation not older than six months prior to the date of the latest order by the Customer of a Voximplant product; iv. U.S. federal Employer Identification Number or Business Registration Number (if applicable); v. Physical business address and Supporting Records confirming the same; vi. Active telephone number and Supporting Records confirming the same; vii. Type of goods or services offered (e.g., marketing, education, political consulting), and verification of commercial presence reflecting same (e.g., website, social media, store front); viii. Name of authorized individual acting on behalf of the Customer; ix. Confirmation that the acting authorized individual purporting to act on behalf of the Customer has the authority to do so, e.g., letter of authority, board minutes, or contractual representation and warranty; and x. Confirmation the Customer has not been the subject of an adverse final determination in an adjudicatory proceeding brought by either a private or government party, including any FCC order, court order, or other similar determination, for violating any state or federal laws or Commission Rules pertaining to robocalls via contractual certification. (b) If the Customer is a natural person, Voximplant shall obtain the following information about the Customer: i. Name and Supporting Record confirming the name; ii. Physical address and Supporting Record confirming the same; iii. Active telephone number and Supporting Records confirming the same; iv. Type of goods or services offered (e.g., marketing, education, political consulting), and verification of commercial presence reflecting same (e.g., website, social media, store front); and v. Confirmation the Customer has not been the subject of an adverse final determination in an adjudicatory proceeding brought by either a private or government party, including any FCC order, court order, or other similar determination, for violating any state or federal laws or Commission Rules pertaining to robocalls via contractual certification. (c) Voximplant shall safeguard any sensitive or business confidential information it collects from customers (including potential customers) pursuant to these Operating Procedures. 10 Federal Communications Commission DA 26-644 V. ENHANCED KNOW YOUR UPSTREAM PROVIDERS MEASURES 1. Voximplant shall fully comply with 47 CFR § 64.1200(n)(5) and 47 CFR §§ 64.6305(d)(2)(ii), (e)(2)(ii), and/or (f)(2)(ii), as applicable. In addition, prior to transmitting any call as a gateway or intermediary provider on behalf of any immediate upstream provider (Upstream Provider), Voximplant shall obtain the following information: (a) All information identified in Section IV(1)(a); (b) Confirmation that the Upstream Provider has an active Robocall Mitigation Database certification; (c) Confirmation that the Upstream Provider imposes contractual obligations on its customers or its own Upstream Providers to prohibit unlawful traffic via contractual certification; and (d) Confirmation the Upstream Provider has mechanisms in place to ensure its clients, employees, and/or contractors comply with robocalling restrictions under state and federal laws and Commission Rules via contractual certification. 2. Voximplant shall safeguard any sensitive or business confidential information it collects from customers (including potential customers) pursuant to these Operating Procedures. VI. OWNERSHIP REPORTING 1. Voximplant and any Affiliate, including Vox Global Tech Ltd, shall inform Bureau of any change in foreign ownership greater than 5% within ten (10) business days. 2. For any changes, Voximplant and any Affiliate, including Vox Global Tech Ltd, shall identify the following: (a) Name; (b) Address; (c) Country or countries of citizenship (for natural Persons); (d) Country under the laws of which the entity is organized (for all other Persons); (e) Country of the principal place of business, headquarters, and place of incorporation or organization (for all other Persons); and (f) Percentage of equity and/or voting interest, and all controlling interests, held directly or indirectly in Voximplant and any Affiliate. 11