COMPLIANCE FCC ROBOCALL

FCC Robocall Mitigation Database Explained

SIPNEX ·

The FCC’s Robocall Mitigation Database is one of the least understood but most impactful compliance mechanisms in the US telephone network. If your carrier is not registered in the RMD, other carriers may block your traffic at the network level — not because your calls are illegal, but because your carrier has not demonstrated compliance with the FCC’s robocall mitigation framework. Your calls never reach the terminating carrier. Your answer rate drops to near zero on affected routes. And you have no visibility into the problem because the blocking happens at a layer between your carrier and the recipient’s carrier that you cannot see.

This guide explains what the RMD is, what carriers must file, and what it means for your operation. SIPNEX is an FCC-licensed carrier registered in the Robocall Mitigation Database with a complete STIR/SHAKEN implementation and robocall mitigation plan on file.

What the Robocall Mitigation Database is

The RMD is a public database maintained by the FCC where voice service providers (carriers) must file certifications regarding their implementation of STIR/SHAKEN caller ID authentication and/or a robocall mitigation program. The database was established under the TRACED Act (Telephone Robocall Abuse Criminal Enforcement and Deterrence Act) of 2019 and the FCC’s subsequent implementation orders.

Every provider in the US call path — originating, gateway, intermediate, and terminating — must file in the RMD; the FCC extended the requirement beyond originating providers in its 2023 Sixth Report and Order, with filings due February 26, 2024. The filing certifies one of three things:

Complete STIR/SHAKEN implementation. The carrier has fully implemented STIR/SHAKEN caller ID authentication on all IP-based calls it originates. This means the carrier holds an SP-KI certificate and signs outbound calls with attestation levels. This is the highest level of compliance.

Partial STIR/SHAKEN implementation with robocall mitigation. The carrier has implemented STIR/SHAKEN on some but not all of its traffic (common for carriers that still have TDM/PRI infrastructure alongside SIP), and has a robocall mitigation program in place for the traffic that is not covered by STIR/SHAKEN.

Robocall mitigation program only. The carrier has not implemented STIR/SHAKEN but has a documented program to prevent illegal robocall traffic from originating on its network. Today this lane belongs to providers with non-IP (TDM) portions of their networks, providers that cannot obtain a Service Provider Code token, and small satellite providers — the general small-carrier extension expired June 30, 2023.

SIPNEX has filed as a complete STIR/SHAKEN implementer. We hold our own SP-KI certificate and sign every IP-originated call with STIR/SHAKEN attestation. Our RMD filing is public and verifiable.

Why the RMD matters for your operation

The FCC’s enforcement mechanism gives the RMD real teeth: intermediate and terminating carriers are prohibited from accepting traffic from voice service providers that are not registered in the RMD. This is not a suggestion — it is a rule with enforcement consequences.

In practice, this means that if your carrier is not in the RMD, carriers downstream in the call path (the carriers that deliver your calls to the recipient) may block your traffic at the network level. The call never reaches the terminating carrier. The recipient’s phone never rings. Your dialer may receive a SIP error response — typically 603, which the FCC has standardized as 603+ with the reason phrase “Network Blocked” for blocked-call notification (mandatory since March 25, 2026) — or 503 Service Unavailable, or, worse, a false ring-no-answer that looks like the recipient simply did not pick up.

The blocking is not universal or instantaneous — enforcement depends on each carrier’s compliance practices. But major terminating carriers (the ones serving T-Mobile, AT&T, and Verizon wireless subscribers) are increasingly strict about blocking traffic from non-RMD-registered originators. As a result, non-registered carriers experience progressively worse completion rates over time as more downstream carriers enforce the rule.

How to check your carrier’s RMD status. The RMD is publicly searchable at the FCC’s Service Now portal (fccprod.servicenowservices.com/rmd). Search for your carrier’s name and verify that they have an active filing. If your carrier is not in the RMD, or if their filing has lapsed (filings must be recertified annually by March 1 and updated within 10 business days of any change), your traffic is at risk of downstream blocking.

What a robocall mitigation program includes

For carriers that file robocall mitigation programs (either alongside or instead of STIR/SHAKEN), the FCC requires specific elements:

Know Your Customer (KYC) practices. The carrier must take reasonable steps to verify the identity of its customers and to evaluate whether a customer’s traffic patterns are consistent with legitimate use. This includes collecting and verifying business information, monitoring traffic volumes and patterns, and investigating anomalies.

Traffic monitoring. The carrier must monitor originating traffic for patterns associated with illegal robocalling — high-volume short-duration calls, rapid caller ID rotation, calls to numbers on the DNC registry, and other indicators. When suspicious patterns are detected, the carrier must investigate and take action.

Enforcement mechanisms. The carrier must have contractual provisions and operational processes to address customers that originate illegal robocall traffic. This includes the ability to suspend service, block specific traffic patterns, and terminate customer relationships. The carrier’s Acceptable Use Policy (like SIPNEX’s AUP) is a key component of this enforcement framework.

Cooperation with industry traceback. The carrier must participate in traceback efforts coordinated by the Industry Traceback Group (ITG) when illegal robocall campaigns are traced to the carrier’s network. Traceback is the process by which industry participants identify the source carrier of illegal robocall traffic by tracing the call path from the recipient back to the originator.

How to file in the RMD (from a carrier that has)

For providers facing their own filing, the process runs through the FCC’s RMD portal (the same public system linked above). What you are actually assembling, from our own filing experience:

  1. Your certification category. Decide honestly which of the three certifications describes your network — complete STIR/SHAKEN, partial with mitigation, or mitigation-only. The category dictates what documentation follows, and misstating it is worse than filing the humbler truth.
  2. The mitigation plan description. Every filer submits one — since the FCC’s Sixth Report and Order (filings due February 26, 2024), certifying complete STIR/SHAKEN implementation no longer exempts you from describing your robocall mitigation program. Write the KYC, monitoring, and enforcement elements above specifically enough that the FCC (and any downstream carrier reading your filing) can tell it’s operational rather than aspirational.
  3. Contact information that answers. The filing requires a point of contact for traceback and enforcement inquiries. Treat it as an SLA: ITG traceback requests come with clocks, and an unresponsive contact is itself a compliance failure.
  4. Keep it current. Filings are not fire-and-forget. Under the FCC’s December 2024 RMD order (in force since February 5, 2026), changes must be reflected in your filing within 10 business days, and every filer recertifies annually by March 1 with a $100 filing fee — with base forfeitures of $10,000 for false or inaccurate information and $1,000 for failing to update. A lapsed or inaccurate filing carries the same practical consequence as no filing: downstream carriers must block your traffic.

None of this is legal advice — it’s the operator’s map of the terrain. If you’re a reseller or ITSP building on SIPNEX wholesale services, your filing obligations are your own, but the upstream attestation and mitigation posture you inherit from us makes the story you certify considerably easier to tell.

STIR/SHAKEN and the RMD: how they interact

STIR/SHAKEN and the RMD are complementary components of the FCC’s robocall framework.

STIR/SHAKEN is the technical mechanism — it provides a way for carriers to cryptographically sign calls with attestation levels, allowing terminating carriers to evaluate the trustworthiness of the caller ID claim. It operates on a per-call basis: each call gets signed, each signature gets validated.

The RMD is the accountability mechanism — it ensures that every carrier participating in the US telephone network has either implemented STIR/SHAKEN or has a documented robocall mitigation program. It operates at the carrier level: the carrier files once (recertified annually), and downstream carriers check the filing status before accepting traffic.

For your calls to have the best chance of reaching recipients:

  1. Your carrier must be registered in the RMD (network-level access)
  2. Your carrier must implement STIR/SHAKEN and sign your calls (per-call trust)
  3. Your carrier must sign at A-level attestation for maximum trust
  4. Your calling practices must be clean (reputation layer)

Each layer builds on the one below it. A carrier not in the RMD cannot even get calls to the terminating network. A carrier in the RMD but without STIR/SHAKEN cannot provide call-level trust signals. A carrier with STIR/SHAKEN but only B-level attestation provides a weaker trust signal than A-level. And even A-level attestation cannot save numbers with destroyed reputation from flagging.

SIPNEX provides all four layers: RMD-registered, STIR/SHAKEN implemented with our own SP-KI certificate, A-level attestation on all verified DIDs, and carrier-level traffic monitoring to keep our network reputation clean.

Frequently asked questions

What is the FCC Robocall Mitigation Database?

The RMD is a public database maintained by the FCC where voice service providers must file certifications regarding their STIR/SHAKEN implementation and/or robocall mitigation programs. It was established under the TRACED Act of 2019. Every provider in the US call path — originating through terminating — must be registered. The key enforcement mechanism: intermediate and terminating carriers are prohibited from accepting traffic from providers not registered in the RMD. This means an unregistered carrier’s traffic may be blocked at the network level, preventing calls from reaching recipients. The database is publicly searchable at fccprod.servicenowservices.com/rmd.

How do I check if my carrier is in the RMD?

Visit the FCC’s Robocall Mitigation Database portal at fccprod.servicenowservices.com/rmd and search for your carrier’s name. The database shows whether the carrier has an active filing, what type of filing they made (complete STIR/SHAKEN, partial, or mitigation program only), and when the filing was last updated. Filings must be renewed annually — a carrier with an expired filing is effectively unregistered. If your carrier is not in the database or their filing has lapsed, your outbound traffic is at risk of downstream blocking. SIPNEX maintains an active RMD filing with complete STIR/SHAKEN implementation.

What happens if my carrier is not in the RMD?

Downstream carriers — the carriers that deliver your calls to the recipient’s phone — may block your traffic at the network level. The FCC rule prohibits intermediate and terminating carriers from accepting traffic from non-registered providers. In practice, enforcement varies by carrier, but major terminating carriers serving T-Mobile, AT&T, and Verizon wireless subscribers are increasingly strict. The result for your operation: calls fail to complete, answer rates drop, and the problem may be invisible because your dialer shows the call as “sent” but the recipient’s phone never rings. There is no warning before this happens — the blocking begins when downstream carriers implement or tighten their RMD enforcement.

Does the RMD apply to all carriers?

Yes. Every provider in the US call path must file in the RMD — originating providers, gateway providers bringing international traffic onto the US network, intermediate providers, and terminating providers; the FCC extended the requirement to all of them in its 2023 Sixth Report and Order. STIR/SHAKEN implementation still has narrow carve-outs (non-IP network portions, providers that cannot obtain a Service Provider Code token, small satellite providers — the general small-carrier extension expired June 30, 2023), but carve-outs only change what you certify: every filer must describe a robocall mitigation program. The filing requirement is universal.


SIPNEX is registered in the FCC Robocall Mitigation Database with complete STIR/SHAKEN implementation. We hold our own SP-KI certificate and sign every originating call. Verify our filing or get started with a compliant trunk.

SIPNEX

The carrier built by operators, for operators.

FCC-licensed carrier with its own STIR/SHAKEN SP certificate. Operator-owned. SIP trunks built for operators who dial at volume.