It’s been over a year since the FCC mandated voice service providers register in the Robocall Mitigation Database (RMD) with their call authentication plans to stop and prevent illegal robocall traffic from traversing the voice network. STIR/SHAKEN implementation deadlines have come and gone, and the FCC has just taken its first enforcement actions against a non-compliant provider for failing to meet its expectations for protecting consumers against scam robocalls and malicious caller ID spoofing.
While the intent of robocall mitigation initiatives is to provide a methodology to trace back to the source of illegal traffic to shut it down, the true identity of the source is often more complicated than it first seems.
The FCC sent a Notice on October 3rd to seven service providers, including Global UC, stating that if they didn’t update their Robocall Mitigation Plans and implement STIR/SHAKEN, they would effectively be removed from the Database.1 On November 22, 2022, the FCC announced the removal of Global UC from the Robocall Mitigation Database after their failure to take the appropriate action.
Removal from the Database means downstream service providers must stop carrying Global UC’s traffic within two business days of the FCC’s Order. The FCC also stated that Global UC “shall not refile” in the RMD unless the FCC later determines that Global UC has “addressed and resolved any deficiencies or shortcomings in their Robocall Mitigation Database certification.”
This makes Global UC the first service provider to be removed from the Robocall Mitigation Database by order of the FCC since its inception. It confirms FCC expectations that service providers must consistently monitor releases from the FCC on enforcement actions to continue to meet robocall mitigation requirements. It also proves that the FCC plans to remain vigilant in the fight against illegal robocalls and sends a message to other providers that it will intervene if Robocall Mitigation Plans are non-specific and/or the STIR/SHAKEN call authentication framework has not yet been implemented where required.
What it seems the FCC may not have considered, however, is that Global UC would turn out to be just one part of a global network.
When following the contact information for Global UC in the FCC’s Order, the Privacy Policy statement on Global UC’s website states that Global UC consists of a group of companies with offices in Switzerland under the name Global Telelinks GmbH and offices in the USA as Global UC Inc.
Global Telelinks GmbH is a Swiss company registered in 2002 and lists Opto Telelinks (Private) Limited as its partner, an Indian company whose registered officers are Kanwal Wadhawan and Seema Wadhawan. Global UC Inc. registered with the Texas Secretary of State in 2013, with listed officers Kanwal Wadhawan and Rick Perez. Wadhawan appears on the business registrations for the Texas-based company, the FCC target Global UC, and the Indian company Opto Telelinks.
Web searches on the company names reveal a second webpage for Global UC with the same logo under the URL global-uc.com, where the About Us page states that “Global UC Inc. is one of the subsidiary companies of Opto Telelinks Ltd. – a principal supplier of Optical Transmission and Communication products in India as the leading representative of Northern Telecom (Presently Nortel Network Corporation) and Bosch Telecom since 1993. Situated in Zug, Switzerland, Global Telelinks GmbH (GTL) is a leading offshore Technology Development and Telecom Solutions provider to the global market managed by a team of experienced telecom specialists.”
The page has a map with more global affiliates:
Global ownership alone doesn’t necessarily mean anything about a service provider’s traffic. But this Global UC example shows how ownership structures can make it difficult to identify service provider companies and apply enforcement measures effectively to protect consumers from potentially harmful calls. RMD registration does not require disclosure of affiliated companies or owners, and RMD registrations are not separately reviewed to find these links. When parent organizations are not documented in the RMD, it can make it difficult for the FCC to stop this traffic in cases of complex business structures or foreign ownership.
Global UC has been removed from the Robocall Mitigation Database, but Global Telelinks and Opto Telelinks were never registered, and they were not identified by the FCC as part of their removal Order. Global Telelinks or Opto Telelinks could register themselves or a new US subsidiary and continue operations, with service providers validating their RMD entry and unaware of any connection to Global UC and the FCC’s order.
This case highlights the need for enhanced and comprehensive approaches to identifying service provider companies and their ownership structures so providers and regulators can effectively mitigate illegal calls in an increasingly global communications industry. As it stands, the FCC’s action against Global UC may easily be rendered useless.
Service providers must remain vigilant of traffic traversing their network and ensure they are not passing along traffic from Global UC. In addition, service providers are encouraged to update their robocall mitigation plans to be specific on how they will combat illegal calls from passing through their networks and/or their plans/status of STIR/SHAKEN call authentication implementation.
Numeracle has developed an enhanced enterprise identity framework that reviews and validates the relationships between legal entities and parent companies across the globe. If you’re a service provider seeking to remain compliant in meeting the expectations for customer due diligence and verified identity, be sure to contact us and make sure you’re not on the FCC’s hit list.