New FCC Requirements for Voice Providers
The Federal Communications Commission (FCC) has adopted significant new robocall mitigation rules that affect every U.S. voice service provider (VSP) with a filing in the Robocall Mitigation Database (RMD). Most of these requirements became effective February 5, 2026.
These changes substantially increase compliance obligations, enforcement risk, and filing scrutiny for carriers. They also introduce new operational requirements such as annual recertification, multi-factor authentication, and faster update timelines.
Below is what VSPs need to know—and what action is required now.
What Changed in the FCC’s 2026 RMD Rules
The FCC’s updated framework introduces:
- Mandatory updates to RMD and FCC CORES information
- New annual RMD recertification requirement
- A stakeholder reporting process for deficient filings
- Multi-factor authentication (MFA) for RMD access
- A forthcoming $100 filing fee (pending system upgrade)
- Significantly increased fines for noncompliance
These changes reflect the FCC’s broader enforcement strategy to eliminate inaccurate filings and strengthen robocall traceability across the U.S. voice ecosystem.
Mandatory Updates to RMD and CORES Information
The FCC requires all VSPs to maintain complete, accurate, and current RMD filings, including robocall mitigation plans (RMPs). Under the new rules:
- Any change affecting an RMD filing must be updated within 10 business days
- This includes corporate structure, services offered, network role, and contact details
- Related records in the FCC’s CORES database must also be updated within 10 business days
Failure to keep RMD and CORES data aligned is now a direct violation subject to fines.
Annual RMD Recertification Required by March 1, 2026
For the first time, the FCC now requires annual recertification of all RMD filings.
- Recertification window: February 1 – March 1, 2026
- Applies to: all voice service providers
- Requirement: review, update, and formally certify filing accuracy
This means VSPs must actively re-validate their robocall mitigation plans and all associated filing data—not simply rely on prior submissions.
New Mechanism to Report Deficient Filings
The FCC has created a formal process allowing any stakeholder—including competitors—to report suspected deficiencies in a provider’s RMD filing.
Reports may include:
- Business name
- FCC Registration Number (FRN)
- RMD ID
- Description of the alleged deficiency
If the FCC determines investigation is warranted, it may issue a notice of inquiry requiring rapid response. Confirmed deficiencies can trigger enforcement actions and fines.
Implication: RMD filings are now externally scrutinized—not just regulator-reviewed. Even minor inconsistencies may prompt investigation.
Multi-Factor Authentication Now Required for RMD Access
The FCC has implemented mandatory MFA for all RMD accounts. Filers must authenticate using:
- Google Authenticator, or
- Okta Verify
This change aligns the RMD with federal identity-security standards and reduces the risk of unauthorized filing changes.
New $100 Filing Fee (Coming Soon)
The FCC will require a $100 fee for:
- Initial RMD submissions
- Annual recertifications
The fee will take effect once the FCC completes a technical upgrade to the RMD system. Providers should plan for this recurring compliance cost beginning in a future filing cycle.
Significantly Increased Fines for Noncompliance
The FCC has sharply increased base forfeitures:
- $10,000 per violation for false or inaccurate RMD information
- $1,000 per violation for failure to update within 10 business days
Violations are considered continuing until corrected, meaning penalties can accrue daily up to statutory maximums.
In addition to fines, enforcement may include:
- Removal from the RMD
- Traffic blocking by downstream providers
- Loss of interconnection or routing relationships
Because downstream carriers must block traffic from non-compliant providers, RMD accuracy now directly affects service continuity.
Why These Rules Matter Beyond Compliance
The RMD has become a foundational trust registry for the U.S. voice network. Inaccurate or outdated filings now create operational risk:
- Upstream and downstream blocking exposure
- Partner and customer due-diligence failures
- Enforcement investigations triggered by third parties
- Reputational damage within the carrier ecosystem
The FCC’s goal is to ensure that every provider’s robocall mitigation posture is transparent, current, and verifiable.
Required Actions for Voice Service Providers
With the new rules in force and the first recertification deadline approaching, all VSPs should:
- Review existing RMD filings for accuracy and completeness
- Update any changed corporate, network, or contact information
- Validate robocall mitigation plan content
- Ensure CORES data matches RMD filings
- Enable MFA access for filing personnel
- Submit recertification by March 1, 2026
In Summary
The FCC’s 2026 RMD rule changes significantly raise compliance expectations for voice service providers. Filings must now be continuously accurate, annually recertified, and resilient to external scrutiny.
With fines increasing and blocking risk tied directly to RMD status, maintaining an accurate, current robocall mitigation filing is no longer just a regulatory requirement—it is essential to uninterrupted voice service operations in the United States.
