Written by
Sarah Delphey, VP Trust Solutions
Published on
January 27, 2023
Updated on
August 15, 2025
On January 24th, the FCC issued a Robocall Enforcement Notice to all US-based voice service providers stating:
“We hereby provide written notice to all U.S.-based voice service providers to take steps to effectively mitigate apparently illegal traffic from PhoneBurner and MV Realty. We consider blocking the traffic to be an example of effective mitigation.”
All US-based voice service providers must “promptly investigate the traffic identified” in Attachment A to the notice. If a provider finds that PhoneBurner or MV Realty is its customer, then within 14 days of the notice, it must file a report with the FCC’s Enforcement Bureau with its findings and steps taken to mitigate traffic.
Separately, the FCC issued a letter to Twilio which, according to its press release, “demanded that voice service provider Twilio cease and desist from carrying the suspected illegal robocall traffic which it was apparently receiving from PhoneBurner.”
This is not the first time the FCC has issued a blocking notice or a cease and desist letter, but this action is a big deal for two reasons:
The cease and desist letter to Twilio marks a statement from the FCC that it will not shy away from issuing enforcement notices to large, well-established service providers. The FCC noted in its press release that “Twilio is the largest voice service provider yet to receive a cease-and-desist letter from the FCC.”
Previous cease and desist letters named smaller providers that were generally not big names in the industry. Twilio is a publicly traded company founded in 2008 with well over 5,000 employees1. Twilio is a member of industry associations that are prominently involved in efforts against illegal calls, such as the Alliance for Telecommunications Industry Solutions (ATIS) and the Industry Traceback Group (ITG).
While it’s not clear exactly what took place between Twilio and the FCC leading up to the issuance of the cease and desist letter, the issuance of the cease and desist letter to Twilio appears to have been an intentional choice by the FCC and a signal to the industry that all service providers can and will be subject to enforcement regardless of size.
The FCC’s letter to Twilio’s CEO states that Twilio is “apparently originating illegal robocall traffic” and that the “letter is based on FCC rules that apply to originating providers like Twilio.” The question of who originates or initiates a call has implications for who has responsibility under the TRACED Act for things like signing calls, registering in the Robocall Mitigation Database, and validating the identity of the calling entity.
Definitions and terms continue to be debated, with comments filed with the FCC as recently as November 2022 by the Cloud Communications Alliance discussing the definition of the word “customer.”2 In the world of wholesale telecom, in the matter of “who in the call delivery chain is responsible for illegal calls,” the current barometer seems to point to: potentially everyone.
According to the FCC, the calls at issue were made by MV Realty using dialing software provided by Phoneburner. Phoneburner, in turn, used Twilio’s service to facilitate the delivery of calls to one or more of Twilio’s downstream interconnection vendors who were not named by the FCC. Twilio had no direct commercial relationship with the initiator of the calls, MV Realty, but with its cease and desist letter, the FCC alleges that Twilio failed to adequately perform KYC when vetting Phoneburner and therefore carries responsibility for allowing MV Realty’s calls.
Enforcement Bureau Chief Loyaan A. Egal is quoted in the FCC press release stating, “‘Know Your Customer’ (KYC) principles should be at the forefront of all communications service providers’ business practices. It is concerning to see such a large provider allowing this kind of traffic on its networks. I hope and expect Twilio to immediately cease and desist. I also thank our partners in state Attorneys General offices around the country for their strong enforcement efforts against MV Realty.”
Service providers that have placed full responsibility on their customers for performing KYC and for traffic sent over their networks – take note. The Twilio cease and desist letter appears to reject this argument and its potential protections. Service providers should carefully consider these implications, their KYC practices, and the risks to their business.
Numeracle is a leader in KYC solutions and has advised regulators and carriers on best practices and standards for customer vetting in communications. Numeracle’s Entity Identity Management (EIM) platform can help service providers verify and manage the identity of customers, including complex business entity relationships.
Or contact us today at www.numeracle.com/contact-us to learn more
Know Your Customer (KYC) in telecom refers to the process of verifying the identity and intent of individuals or businesses before granting access to communications services. This identity validation helps prevent fraud, such as SIM swapping or spoofed phone calls, and supports industry compliance with federal and industry-led regulations. In the telecom ecosystem, KYC establishes trust between parties by ensuring that the phone numbers and services issued are tied to a legally recognized entity. Numeracle’s Entity Identity Management platform supports identity verification and ongoing management across telecom use cases.
Call labeling, blocking, and delivery problems often stem from a lack of trust in your identity as a caller. Carriers and analytics engines flag unverified numbers more easily—especially if they can’t tie your calls to a legitimate, known entity.
Numeracle’s Verified Identity process solves this by validating your legal business identity through a secure KYC process. Once verified, your identity becomes the foundation for all reputation management and branded calling efforts. Without this step, your numbers can’t be fully protected or trusted in the ecosystem.
Completing KYC is the key to unlocking consistent call delivery, accurate labeling, and long-term brand reputation.
Once you sign up with Numeracle, we conduct a thorough KYC review of your legal business identity and calling activity. Expect to submit business information and relevant identity documentation. After our verification is complete, your organization is issued your Verified Identity and set up as a trusted caller in our platform, which unlocks access to number registration, reputation protection, and branded calling across the voice ecosystem. This is a one-time process and required to activate any services.
Solutions without KYC may offer quick access to number registration or monitoring, but they lack the ability to verify who’s actually placing the calls. This opens the door for misuse, resulting in higher rates of spam labeling, call blocking, and reduced trust from carriers and analytics engines.
In contrast, solutions that include a KYC verification process—like Numeracle’s Verified Identity—validate the legal identity and authority of the calling party before any numbers are registered or protected. This creates a trusted foundation that carriers recognize and rely on when determining whether to allow or label a call. Without KYC, you're operating without proof of legitimacy; with KYC, you gain access to a protected, scalable, and reputation-safe calling strategy built on verified trust.
