Why Are Spam Calls Still a Major Problem Despite Existing Protections?
Americans lost an estimated $10.5 billion to phone scams in 2023, according to Truecaller’s annual report. That’s not just an annoyance—it’s a direct hit to consumers and businesses despite a decade of technological countermeasures. Google flagged spam calls in Android’s dialer as early as 2016, and iOS followed with its own call-blocking features. Yet the volume of unwanted calls keeps climbing: YouMail tracked over 5.5 billion robocalls in March 2024 alone, a 7% jump from the previous month.
Why haven’t these tools stopped the flood? The problem is structural. Most solutions focus on detection or user warnings, not on stopping spam at its source. Scammers adapt faster than apps can block them, cycling through new numbers and exploiting gaps in carrier oversight. The STIR/SHAKEN protocol, designed to authenticate caller IDs, only covers a fraction of calls due to patchy carrier adoption and loopholes for VoIP providers.
This isn’t just a nuisance. Spam calls fuel everything from phishing attacks to wire fraud, targeting the elderly and vulnerable with sophisticated schemes. Banks report increasing cases of social engineering via phone, and the FTC fielded over 2.4 million complaints about unwanted calls last year. For carriers, ineffective defenses invite regulatory scrutiny and customer churn. The persistence of spam calls signals that incremental app updates and half-measures aren’t enough—root-level change is overdue, as the FCC now argues according to Gsmarena.
What Is the FCC’s Role in Regulating Spam Calls and Carrier Responsibilities?
The Federal Communications Commission sets the ground rules for telecom in the U.S., wielding authority over carriers’ obligations and consumer protections. Its mandate covers everything from spectrum allocation to enforcing the Telephone Consumer Protection Act (TCPA), which restricts unsolicited calls and robocalls. The FCC has leaned on carriers to deploy call authentication technologies—like STIR/SHAKEN—and to block obvious spam at the network level.
Existing regulations require carriers to vet customers, but “Know-Your-Customer” (KYC) standards in telecom are looser than in banking. In financial services, KYC means rigorous identity checks to prevent fraud and money laundering. Telecom KYC, in contrast, often relies on basic info—sometimes just a name and billing address. That leaves the door open for bad actors to register hundreds of numbers using fake identities, prepaid SIMs, or shell companies.
The FCC’s past efforts have focused on technical and procedural fixes. In 2021, it mandated that large carriers implement STIR/SHAKEN. Smaller carriers were given more leeway, which scammers exploited. The Commission also runs the Robocall Mitigation Database, tracking carrier compliance. But as spam call volumes persist, regulators are signaling a shift: stricter customer vetting could become the new frontline defense.
How Will Strengthening KYC Rules Help Prevent Spam Calls at the Source?
The FCC’s latest proposal targets the onboarding process, where spam operations often begin. Under the new plan, carriers would need to verify customer identity far more rigorously—not just at signup but also when renewing accounts or activating new numbers. The Commission suggests requiring government-issued IDs, verified addresses, and secondary contact numbers. This mirrors the banking sector’s approach to KYC, where a single weak link can enable massive fraud.
Here’s how this could work: A customer applies for service. The carrier must collect a photo ID, cross-check the address with public records, and obtain at least one backup phone number. Automated systems would flag inconsistencies or high-volume registrations from the same credentials. For business accounts, carriers might demand incorporation documents and verify the legal existence of the entity. Such multi-layered checks make it harder for scammers to scale their operations or use burner identities.
This isn’t theoretical. In countries like India, telecom KYC regulations require in-person verification and biometric checks for SIM activation. After implementation, spam call incidence dropped by 30% within a year, according to the Telecom Regulatory Authority of India. By raising the barrier to entry, the FCC hopes to choke off the supply of disposable numbers that fuel U.S. robocall operations.
Stronger KYC also helps track down offenders after the fact. If every number is tied to a verified identity, law enforcement can unravel scam networks more easily. For carriers, automated KYC workflows mean less manual review but more up-front investment in compliance tech. The trade-off: fewer spam calls, improved reputation, and reduced regulatory risk.
What Are the Potential Challenges and Concerns with Enhanced Customer Verification?
Stricter KYC comes with real costs and risks. Privacy advocates warn that collecting sensitive documents—like government IDs—creates new targets for data breaches. Carriers would have to store this information securely and comply with state-level data protection laws, which vary widely. A single leak could expose millions of customers’ identities, compounding the very fraud the rules aim to prevent.
Operationally, onboarding could slow to a crawl. Requiring manual review for every new account adds friction, especially for prepaid or low-cost services. Carriers face higher labor costs and may need to overhaul their signup flows, risking lost business to rivals with less stringent policies. For customers, more paperwork means longer wait times and potential exclusion for those without standard forms of ID—such as undocumented immigrants or low-income users.
Resistance is likely from both sides. Some carriers argue that KYC would disproportionately impact rural and marginalized populations, who rely on easy access to prepaid phones. Others worry about competitive disadvantage if overseas carriers aren’t held to the same standards. Customers, meanwhile, may balk at handing over more personal data to telecom giants already under fire for privacy missteps.
Balancing fraud reduction against privacy and accessibility will be a key challenge. The FCC’s comment period is designed to surface these concerns, but history suggests that regulatory mandates rarely please everyone.
How Could the FCC Enforce Compliance and Penalize Carriers Who Fail to Prevent Spam Calls?
The FCC isn’t just asking for tougher KYC; it’s seeking input on how to punish carriers who fall short. That’s a shift from its usual approach, which relies on periodic audits and voluntary cooperation. Potential penalties could include multi-million dollar fines, public disclosure of violations, and even restrictions on new number allocations for repeat offenders.
A recent example: In 2022, the FCC fined Texas-based carrier Rising Eagle $225 million—the largest robocall penalty in U.S. history—for facilitating billions of illegal calls. The company had enabled scammers to flood networks with spoofed numbers, bypassing basic vetting. Rising Eagle’s case shows the Commission is willing to use its teeth, but enforcement is often slow and reactive. Most carriers settle before fines reach headline-grabbing levels.
The FCC could also mandate regular external audits, suspend non-compliant carriers from the Robocall Mitigation Database, or require remedial action plans. For major carriers, reputational risk compounds financial penalties: AT&T, Verizon, and T-Mobile have all faced public criticism for lagging on spam call defenses. Smaller carriers may struggle to absorb fines or remediate issues quickly.
Feedback from the industry will shape the severity and structure of these penalties. If the FCC opts for aggressive enforcement, expect a wave of compliance spending and new partnerships with identity verification firms. The Commission’s stance signals that passive policing is over—carriers must actively prove they’re keeping spam out.
What Should Consumers and Carriers Expect Next?
The FCC’s push for stricter KYC rules is more than regulatory posturing—it’s a sign that the agency expects carriers to shoulder greater responsibility for the spam crisis. For consumers, this could mean fewer scam calls, but also more hoops to jump through when signing up or switching services. Privacy and accessibility will be flashpoints, and public comment will determine how far the FCC goes.
Carriers should prepare for an uptick in compliance costs and possible disruption to onboarding flows. Investing in secure, automated identity verification tech may become table stakes. Watch for joint ventures between telecoms and fintechs, as expertise in KYC migrates across sectors.
Regulators, meanwhile, may use these rules as a template for tackling similar issues in VoIP and messaging platforms. The FCC’s comment period ends later this year, with final rules expected in early 2025. If enforcement follows the playbook of the Rising Eagle case, expect headline fines and public naming-and-shaming for laggards.
Bottom line: The spam call problem isn’t going away on its own. Stricter KYC won’t solve it overnight, but it could finally target the root—who gets access to phone numbers in the first place. Carriers and consumers alike should watch the FCC’s next moves closely, and prepare for a new era where identity verification is as central to telecom as it is to banking.
Impact Analysis
- Spam calls cost Americans billions each year, highlighting persistent vulnerabilities in telecom protections.
- Existing anti-spam tools are not keeping pace with scam tactics, leaving consumers exposed to fraud.
- The FCC’s push for stricter carrier action could lead to more effective and systemic solutions for unwanted calls.
