FCC Strengthens RMD Filing Requirements and Enforcement Capability
On January 8, 2025, the Federal Communications Commission (FCC or Commission) released a Report and Order (Order) adopting new rules for Robocall Mitigation Database (RMD) filings. Adopted unanimously by the Commission, the Order imposes new requirements and fees for both RMD filers and accounts using the FCC’s Commission Registration System (CORES) generally. The new rules also establish base forfeitures for failing to update RMD certifications within 10 business days, and for submitting false or inaccurate information to the RMD. The updated rules follow the Commission’s August 2024 Notice of Proposed Rulemaking (NPRM), which invited comment on a host of proposals to improve the quality of information submitted to the RMD. The rules adopted in the Order are discussed in greater detail below.
All CORES Registrants Must Update Information Within 10 Business Days. The Order requires CORES registrants to update information submitted to CORES within 10 business days of any change to that information. The 10-day update requirement applies to all CORES registrants, not just those submitting filings to the RMD, and the Commission notes that “keeping information in CORES up to date may have benefits outside the robocall proceeding as well.”
Forfeitures Established for Submitting Inaccurate or False Certification Data to the RMD. The new rules impose a $10,000 base forfeiture for the submission of inaccurate or false certification data to the RMD. The Commission will treat such violations as continuing and assess forfeitures on a daily basis until the inaccurate or false information has been cured, up to the statutory maximum for continuing violations. In seeking to strike the appropriate balance with its forfeiture amount, the FCC noted that its existing adjustment factors permit it to assess penalties upward to the statutory maximum (in cases of egregious or deliberate malfeasance, for example) or reduce the penalty below the base when application of the factors justifies a lighter touch (such as minor/limited violations or the violator’s inability to pay). According to the Order, this approach will enable the FCC to ensure that it meets it obligation to enforce the statutes and regulations that protect consumers from abuses as well as its duty to promote and protect competition in the telecommunications industry.
Forfeitures Established for Failure to Update RMD Filings. The rules also impose a $1,000 forfeiture for failure to update RMD filings within 10 business days “if any information [the filers] are required to submit has changed.” In the context of RMD filers, the forfeiture for failure to update accompanying CORES information is likewise assessed as a continuing violation for each day that the failure to update has not been cured, accruing $1,000 per day up to the statutory maximum.
Filing Fees Adopted for Initial and Annual RMD Certifications. Stating that RMD filings are “applications” within the meaning of Section 8 of the Communications Act, the Order imposes an initial filing fee of $100 for RMD certifications. The Order cites the “significant expenditure” of FCC resources required to process RMD filings in support of the imposition of the fee.
The new rules also impose an annual March 1 recertification requirement that also includes a filing fee of $100. The annual recertification filings are also subject to the FCC’s red-light rule, which prevents the processing of any outstanding applications to the Commission by parties owing a non-tax debt to the FCC. As such, failure to submit initial RMD filings and annual RMD recertifications could result in parties losing access to other FCC filing systems and potentially the removal of noncompliant RMD certifications.
FCC to Stand Up Dedicated Reporting Mechanism for Deficient Filings. The Commission delegates authority to the Wireline Competition Bureau (WCB) to establish a dedicated reporting mechanism for deficient filings, in conjunction with the Office of the Managing Director (OMD). This delegation grants WCB the authority to “determine the appropriate mechanism for the Commission to receive reports of deficient filings,” and to “specify the form and format” of those reports, as well as make “any necessary changes” to the RMD portal and interface to facilitate the inclusion of a reporting portal.
The scope of the public reporting portal is broad, and will be available to “state and local regulators and attorneys general, consumers, public interest groups, providers, and others” who can “notify the Commission that it may need to re-check certain filings and take action to require prompt corrections from providers.” The Order endorses the creation of an outside reporting portal as a means of augmenting the Commission’s own limited resources, encouraging more consistent reporting, and potentially identifying recurring themes in deficient filings.
Two-Factor Authentication Required. The Order directs the WCB and OMD to develop a two-factor (or more) authentication solution to access the RMD. The Order acknowledges concerns in the record that this requirement could present logistical problems that would need to be resolved upon implementation. The Order therefore directs WCB and OMB to ensure that any approach offers “users the option of using phishing-resistant authentication – i.e., it must provide support for Web-Authentication based approaches, such as security keys.” (emphasis in original)
WCB Directed to Take Action on Additional Initiatives. The Commission also delegates authority to WCB to take action on other initiatives designed to improve the quality of RMD filings, including the authority to:
- Issue substantive guidance and filer education to assist filers with their robocall mitigation compliance obligations, including determining the form of such guidance and how the guidance should be promulgated.
- Develop and implement a technical solution for RMD filings that could validate data entered into an RMD filing against an external source and flag discrepancies for Commission staff – if WCB determines that the technical data validation solution “is likely to produce benefits that outweigh the solution’s cost.”
On the issue of limiting the scope of RMD filing confidentiality requests, the Order declines to further limit their scope. The FCC reasoned that its “existing rules discourage broad requests for confidentiality,” and that its dedicated reporting mechanism for deficient filings will better enable it to identify and address overly redacted robocall mitigation plans. However, the Order directs the WCB as part of its filer education initiative to “consider whether it would be helpful to provide additional guidance to filers that wish to submit requests for confidential treatment of their [RMD] filings.”
Unadopted Proposals from the NPRM. The Commission declined to enact certain proposals contained in the NPRM and on certain recommendations provided by commenters, such as:
- Authorizing permissive blocking for facially deficient filings
- Requiring filers to obtain a PIN to file in the RMD
- Applying heightened scrutiny to specific RMD filings under specific circumstances
- Recommendations seeking to facilitate the IP transition
Effective Dates of the FCC’s New Rules
In addition to establishing significant forfeitures in the context of the RMD, the Order also imposes important new filing requirements that affected parties should review closely. Doing so will help parties to avoid risking significant penalties under the Commission’s continuing violation forfeitures or receiving red-light status, which could lock providers out of important FCC systems, even those unrelated to RMD filings.
The FCC’s new rules adopted in the Order are subject to distinct effective dates. Specifically, the base forfeitures for submitting inaccurate or false certification data to the RMD and the forfeitures for failure to update RMD filings within 10 business days will go into effect 30 days after publication of the Order in the Federal Register, which has yet to occur. The new filing fee for initial RMD certifications and annual recertifications will go into effect upon notice to Congress, notice in the Federal Register announcing the effective date of RMD filing fees, and when “the FCC’s information technology systems and internal procedures have been updated….” Finally, the required updates to CORES accounts are effective upon review and approval by OMB.
We have a deep and experienced robocalling bench, and our experts handle federal and state policy issues, compliance with federal and state requirements, and complex TCPA issues. For more information or assistance with complying with the new RMD filing requirements, please contact one of the authors listed on this alert.
