FCC Proposes First of its Kind $4.5 Million Penalty on Voice Provider for Alleged Know-Your-Customer Failures
On February 4, 2025, the Federal Communications Commission (FCC or Commission) released a Notice of Apparent Liability for Forfeiture (NAL) against voice service provider Telnyx LLC (Telnyx) for alleged violations of the FCC’s know-your-customer (KYC) requirements related to allegedly fraudulent robocalls originated from Telnyx’s network. In a bipartisan, first-of-its kind enforcement action claiming violations of the FCC’s KYC rules, the agency proposed a penalty of nearly $4.5 million. Although the NAL received bipartisan support, Commissioner Simington dissented, stating that he believes the U.S. Supreme Court’s Jarkesy decision prevents him from voting “to approve this or any item purporting to impose a fine.”
Calls at Issue Claimed to Be From Non-Existent FCC “Fraud Prevention Team”
The NAL explains that on February 6 and February 7, 2024, over a dozen FCC staff and some of their family members reported receiving fraudulent calls on their personal and work telephone numbers. The artificial and prerecorded voice messages received by recipients stated that the caller was with the FCC’s “Fraud Prevention Team.” The NAL notes that no such team exists, and alleges that the “purpose of the calls appears to have been to threaten, intimidate, and defraud.” One call recipient reported that when they pressed ‘1’ to speak with a live caller, the individual demanded that the call recipient pay the FCC $1,000 in Google gift cards to avoid jail time for their “crimes against the state.”
NAL Indicates That Telnyx Promptly Reported Problematic Account to FCC
The approximately 1,800 calls made between February 6 and February 7, 2024 were originated from two Telnyx end-user customers identified in the NAL as “First MarioCop Account” and “Second MarioCop Account” (collectively, the "MarioCop Accounts"). Although the NAL states that the FCC’s Enforcement Bureau worked with the Industry Traceback Group to determine that Telnyx was the originating voice service provider for the allegedly fraudulent calls, a close reading suggests that Telnyx promptly reported the First MarioCop Account to the FCC. Specifically, the NAL states that Telnyx “flagged” the First MarioCop Account during a “routine examination of new users,” and Telnyx terminated the account on February 7, 2024 and reported the incident to the FCC on the same day.
Overview of the FCC’s KYC Requirements
The Commission’s rules require a voice service provider to “[t]ake affirmative, effective measures to prevent new and renewing customers from using its network to originate illegal calls, including knowing its customers and exercising due diligence in ensuring that its services are not used to originate illegal traffic.”[1] While the Commission does not mandate specific actions to comply with this rule, the NAL explains voice service providers can “contribute” to compliance by obtaining records to verify the customer’s identify. The NAL further highlights that additional KYC measures are needed when a prospective customer is applying to use services that will allow for the origination of a high volume of calls.
NAL Alleges Telnyx’s KYC Practices Were Insufficient
The NAL alleges that Telnyx collected “very limited” identifying information from either of the MarioCop Accounts – including a name, email address, physical address, and IP address. Neither of the MarioCop Accounts provided a telephone number, and Telnyx did not conduct further corroboration or independent verification of the other information. The NAL alleges Telnyx overlooked “obvious” discrepancies in the information it collected – for example, the MarioCop Accounts provided a physical address in one country (a Sheraton Hotel in Canada) but provided IP addresses from different countries (Scotland and the United Kingdom). The Commission states that “[b]ecoming Telnyx’s customer and gaining access to outbound calling services that allowed origination of hundreds of calls … was as simple as making up a fake name and address and acquiring a nonfree email address.” Although the NAL also mentions that Telnyx accepted bitcoin as payment for the MarioCop Accounts, the Commission clarifies that this fact “is not a basis for a finding of apparent violations in this case.”
NAL Proposes $4.5 Million Forfeiture Based on “Proxy” Calculation
FCC regulations and precedent do not provide a base forfeiture amount for violations of the KYC requirements, so the FCC used Section 64.6305(g)(1) as a “proxy.” That FCC rule section prohibits intermediate providers and voice service providers from accepting traffic directly from a domestic voice service provider that does not have a filing in the Robocall Mitigation Database. Like the KYC requirements, Section 64.6305(g)(1) was intended to ensure providers have adequate robocall mitigation practices before gaining access to the U.S. voice network.
The Commission has a base forfeiture of $2,500 per call for any calls transmitted as a result of a violation of Section 64.6305(g)(1), and the NAL applied this base forfeiture to the 1,797 calls that Telnyx allowed the MarioCop Accounts to make, for a total base forfeiture of $4,492,500. Notably, the NAL states that the FCC “could likely find that Telnyx apparently violated [its] rules with regards to every customer it onboarded using the same process as it did for the MarioCop Accounts,” but declined to do so in this instance “absent further investigation.” Further, the NAL declined to apply an upward or downward adjustment to the base forfeiture. Although there were factors supporting an upward adjustment for “egregiousness and substantial harm,” the NAL highlighted that Telnyx promptly disclosed to the Commission that it had originated the calls.
Addressing Illegal Robocalls May Be a “Top” Priority Under Chairman Carr
Finally, the accompanying news release highlights that cracking down on illegal robocalls will be a “top priority at the FCC” under Chairman Brendan Carr’s leadership. Under prior Democratic and Republican leadership, actions addressing illegal robocalls were typically characterized as a “top consumer protection priority.” Chairman Carr’s elevation of illegal robocalls to a “top” priority for the Commission could signal that the agency may place even more scrutiny on voice service providers for their robocall mitigation practices in this new Administration. Especially given the FCC’s recent tightening of Robocall Mitigation Database filing requirements and the bipartisan support for eliminating illegal robocalls, we can expect to see additional FCC activity in this area, both through rulemaking and additional enforcement actions.
***
We have a deep and experienced robocalling bench, and our experts handle federal and state policy issues, compliance with federal and state requirements, and complex TCPA issues. For more information or assistance with complying with the FCC’s robocall mitigation obligations, please contact one of the authors listed on this alert.
[1] 47 CFR § 64.1200(n)(4).
