The Federal Communications Commission (FCC) recently proposed a significant enforcement action in a Notice of Apparent Liability for Forfeiture, recommending a $2 million fine against Lingo Telecom. This proposal arises from Lingo Telecom’s involvement in providing an “A” attestation for calls that were illegally spoofed. These spoofed calls, which originated in New Hampshire, imitated President Biden’s voice, creating serious concerns and drawing the attention of the FCC (a topic our firm covered in earlier advisories).
The FCC’s investigation revealed that Lingo Telecom had failed to follow “Know Your Customer” (KYC) principles, which are essential for ensuring the accuracy of caller ID information. By providing the highest level of attestation (A) without verifying the caller ID information, Lingo Telecom demonstrated a blatant disregard for the necessary due diligence required under FCC regulations. This high level of attestation indicates a significant degree of trust in the caller ID information, and its misuse in this instance is particularly troubling.
Caller ID authentication, using the STIR/SHAKEN standards mandated by the FCC, is a critical tool designed to combat illegal spoofing. These standards act as digital identifiers for each call, empowering the traceability of suspicious calls, informing robocall blocking tools, and supporting more reliable caller ID information for consumers. Lingo Telecom’s failure to verify the caller ID information undermines the effectiveness of these standards and highlights the urgent need for rigorous KYC processes.
The importance of KYC protocols cannot be overstated. The FCC has repeatedly emphasized that telecommunications providers must employ robust KYC measures to deter bad actors and limit the damage they can cause. This is especially crucial in an era where generative AI technology can be combined with spoofed caller ID information to perpetrate sophisticated scams. Loyaan A. Egal, Chief of the Enforcement Bureau, underscored this point by stating, “It is imperative that providers employ ‘Know Your Customer’ protocols that will deter bad actors and limit the damage they can cause when they combine generative AI technology with spoofed caller ID information—a failure to do so undermines trust in our communications networks. We will hold providers accountable for failing to know their customers and for failing to uphold the rules we have in place to protect the American public.”
This enforcement action against Lingo Telecom serves as a stark reminder of the critical importance of compliance with FCC regulations. Telecommunications providers must ensure that they are applying the appropriate level of scrutiny and verification to all calls they attest to, especially when providing the highest level of attestation. The consequences of failing to do so are severe, as evidenced by the proposed $2 million fine.
To mitigate such risks, it is essential for companies to conduct a thorough review of their compliance procedures, particularly concerning caller ID authentication and attestation levels. Establishing and maintaining comprehensive KYC protocols is vital for verifying the identity and legitimacy of customers. Regular audits and updates to these protocols are necessary to address evolving threats and technological advancements.
Furthermore, regular training for staff on the importance of KYC protocols and the potential consequences of non-compliance is crucial. Fostering a culture of compliance within your organization will help ensure that all employees understand and adhere to regulatory requirements. Staying informed about FCC updates, guidance on STIR/SHAKEN standards, and KYC requirements will also help you stay ahead of potential risks.
NEED HELP WITH ROBOCALL MITIGATION, COMPLIANCE AND LITIGATION SUPPORT/DEFENSE AGAINST BUSINESS & LEGAL CHALLENGES?
The CommLaw Group Can Help!
Given the complexity and evolving nature of the FCC’s rules, regulations and industry policies & procedures around Robocall Mitigation and Compliance issues (e.g., Stir/Shaken, TRACED Act, FCC Rules & Regulations, US Telecom Industry group, ATIS, NECA, VoIP Numbering Waivers, Know Your Customer and the private sector ecosystem), as well as the increased risk of business disputes, consumer protection enforcement by state attorneys general, and even civil litigation, and anticipating the potential torrent of client questions and concerns, The CommLaw Group formed a “Robocall Mitigation Response Team” to help clients (old and new) tackle their unique responsibilities.
CONTACT US NOW, WE ARE STANDING BY TO GUIDE YOUR COMPANY’S COMPLIANCE EFFORTS
Michael Donahue — Tel: 703-714-1319 / E-mail: mpd@CommLawGroup.com
Rob Jackson – Tel: 703-714-1316 / E-mail: rhj@CommLawGroup.com
Ron Quirk – Tel: 703-714-1305 / E-mail: req@CommLawGroup.com
Diana James – Tel: 703 663-6757 / E-mail: daj@CommLawGroup.com
