On February 4, 2025, the Federal Communications Commission (FCC) proposed a $4,492,500 penalty against Telnyx LLC for failing to prevent malicious actors from using its network to originate illegal robocalls. The Notice of Apparent Liability for Forfeiture (NAL) alleges that fraudulent callers used artificial and prerecorded voice messages to impersonate an FCC “Fraud Prevention Team” as part of a government imposter scam. These calls targeted FCC staff and their family members in an attempt to intimidate recipients into making fraudulent payments.
Specifically, on February 6 and the morning of February 7, 2024, more than a dozen FCC employees and their relatives received calls designed to threaten, intimidate, and defraud them. One individual reported being connected to a live scammer who demanded $1,000 in Google gift cards to “avoid jail time for [their] crimes against the state.”
The FCC’s Enforcement Bureau, working with the Industry Traceback Group, traced the source of these calls back to Telnyx. Telnyx identified two accounts – referred to as the “MarioCop Accounts”—as responsible for placing the calls.
Telnyx’s Role and Failure to Vet Customers
Telnyx is a communications provider offering various services, including a voice API that enables users to make, receive, and control calls globally. It is also a VoIP provider with carrier status in over 30 countries, including the United States. The company also holds an FCC Section 214 international authorization for facilities-based and resale services and has direct access to numbering resources.
According to the FCC, Telnyx failed to implement proper customer verification measures, allowing malicious actors to exploit its platform and place 1,797 calls in under two days. The company accepted minimal and suspicious customer information, including:
- A customer “Christian Mitchell” with an IP address in Edinburgh, Scotland, but a physical address linked to a Sheraton hotel in Toronto, Canada
- Another customer, “Henry Walker,” with an IP address in London, England, and the same Toronto hotel address as the first customer
Telnyx did not require customers to provide phone numbers, verify identities, or validate the purpose of their accounts. In addition, Telnyx accepted payment from the MarioCop account in Bitcoin with anonymized transaction IDs.
FCC’s Compliance Expectations for Voice Service Providers
The NAL emphasizes that Voice Service Providers (VSPs) must take affirmative steps to verify customer identities and prevent illegal call origination. The FCC outlined key verification measures, including requiring customers to provide one or more of the following:
- Government-issued identification
- Corporate formation records
- Proof of good standing
- Federal employer identification number (EIN) or business registration number
- Active telephone numbers
- Third-party records confirming a physical address
- Verification of commercial purpose and services offered
The FCC accused Telnyx of ignoring red flags and making no effort to confirm whether the limited information provided by its customers was legitimate. In evaluating the fine against Telnyx, the FCC declined to adjust the fine upwards to account for the egregious nature of the violations noting that Telnyx’s prompt self-reporting to the FCC that it originated the calls was an important factor against increasing the fine. The FCC encouraged parties to “continue to work with the Commission early on and to disclose potential violations.”
Broader Implications and Takeaways for Businesses
This case is significant not only because of its egregious facts but also because it marks the first robocall enforcement action under the new Administration. The FCC is sending a strong signal that VSPs must comply with customer vetting obligations and prevent bad actors from misusing their networks.
What Businesses Should Do:
To avoid regulatory scrutiny and potential fines, VSPs and other businesses should:
- implement robust Know-Your-Customer (KYC) procedures
- conduct thorough identity verification before granting network access
- monitor for suspicious activity and high-volume call patterns
- ensure compliance with FCC regulations and best practices
- regularly update fraud detection measures to prevent abuse
- consider self-reporting bad actors on its network to the FCC to mitigate potential fines
The FCC’s action against Telnyx underscores the importance of proactive compliance. Businesses that fail to verify customers and prevent fraudulent activity risk significant financial penalties and reputational damage.
Save Yourself $4.5M – Download Our FREE Robocall Mitigation Guide
For a quick reference on FCC robocall mitigation requirements, download our Robocall Mitigation Rules and Requirements Guide. This free guide covers essential compliance frameworks, including STIR/SHAKEN protocols, mitigation strategies, and database filings. It’s a valuable resource for ensuring your company meets FCC regulations and stays ahead of emerging risks.
NEED HELP WITH ROBOCALL MITIGATION, COMPLIANCE AND LITIGATION SUPPORT/DEFENSE AGAINST BUSINESS & LEGAL CHALLENGES?
The CommLaw Group Can Help!
Given the complexity and evolving nature of the FCC’s rules, regulations and industry policies & procedures around Robocall Mitigation and Compliance issues (e.g., Stir/Shaken, TRACED Act, FCC Rules & Regulations, US Telecom Industry group, ATIS, NECA, VoIP Numbering Waivers, Know Your Customer and the private sector ecosystem), as well as the increased risk of business disputes, consumer protection enforcement by state attorneys general, and even civil litigation, and anticipating the potential torrent of client questions and concerns, The CommLaw Group formed a “Robocall Mitigation Response Team” to help clients (old and new) tackle their unique responsibilities.
CONTACT US NOW, WE ARE STANDING BY TO GUIDE YOUR COMPANY’S COMPLIANCE EFFORTS
Michael Donahue — Tel: 703-714-1319 / E-mail: mpd@CommLawGroup.com
Susan Duarte – Tel: 703-714-1318 / E-mail: sfd@commlawgroup.com
Rob Jackson – Tel: 703-714-1316 / E-mail: rhj@CommLawGroup.com
Ron Quirk – Tel: 703-714-1305 / E-mail: req@CommLawGroup.com
Diana James – Tel: 703 663-6757 / E-mail: daj@CommLawGroup.com
