VoIP Reseller Obligations: Navigating FCC & CRTC Regulatory Requirements 

Owning a reseller business – and make it scale fast – is an achievable goal for MSPs and ISPs. But as with many markets, to ensure healthy margins and longevity, you need to keep up with your VoIP reseller obligations.  

We know. There’s nothing sexy in bureaucracy, but when it comes to telecommunications, both the U.S. and Canada have official bureaus that regulate and monitors internet use, calls, and text messages – even the ones made with VoIP.  

And, yes, some of those obligations falls under your provider (say, VoIP.ms), but your mistake is to think ALL regulatory requirements are the provider’s responsibility. Some of them fall under your belt, too.  

But don’t worry. We’re not about to leave you hanging.  

This post will clarify key obligations you have under the Federal Communications Commission (FCC) in the U.S. and the Canadian Radio-television and Telecommunications Commission (CRTC) in Canada, so you stay compliant and avoid penalties.  

Understanding Your Role as a VoIP Reseller 

Listen, we know you might be a pro at this already, but it’s important to understand your role as a reseller in the telecommunications universe, so your obligations are clearer.  

Let’s dive into it.  

What “reseller” means in the VoIP/telecom context 

A VoIP reseller is typically a non-facilities-based provider. This means you don’t own the physical infrastructure (a.k.a. the network) but resell services from a wholesale carrier.  

Let’s say you sign up for the VoIP.ms Reseller Program. In this case, VoIP.ms is the ‘wholesale carrier’; the infrastructure of the VoIP system is taken care of. You, however, resell the technology and phone systems in accordance to your business model – white-label for MSPs and as part of an internet bundle for ISPs.  

But, despite not managing networks directly, you are still seen as a telecommunications service provider under both FCC and CRTC definitions. 

Why resellers bear direct regulatory obligations, not just wholesalers 

Ok, here’s where things start to get tricky. Since the FCC and CRTC views resellers as telecommunications service providers, you need to comply to certain regulations. Namely: 

• Registrations (as a reseller, for example)  

• Reports (e.g., revenues, suspicious client activity) 

• Access to emergency services  

• Protection of consumer data  

Even if you don’t own the network, you need to be aligned with regularity organs in both countries to act as a reseller.  

Key U.S. Obligations for VoIP Resellers (FCC) 

Take note! This is the part where you’ll understand what are your VoIP reseller obligations with the FCC.  

Registration and reporting (e.g., Form 499‑A) 

Step number one is to register your reselling business. Not only that, but also keep your information updated at all times to avoid penalties.  

For the FCC, you need to fill out Form 499-A to register and yearly report your revenues as a reseller. Usually, the due date for this form is April 1, but keep in mind deadlines can change for a number of reasons – check the FCC official website for the correct information. 

Documents must contain all important information regarding your reselling business, such as name, address, list of offers, etc. 

Emergency services (E911) 

All U.S.-based VoIP resellers – or those offering services terminating in the U.S. – must support Enhanced 911 (E911) capabilities.  

This means ensuring accurate location routing for emergency calls and communicating any service limitations clearly to end-users, particularly for nomadic or internet-based calling setups. 

STIR/SHAKEN Call Authentication 

STIR/SHAKEN is a caller ID authentication framework aimed at reducing spoofed calls.  

If you’re originating calls on U.S. networks, you’re expected to comply. Facilities-based providers typically handle technical implementation, but non-facilities-based resellers may not be eligible to deploy STIR/SHAKEN directly. 

In these cases, you still have regulatory obligations. You must develop internal processes – such as Know Your Customer (KYC) procedures – to validate end-user identities and prevent misuse of your services. These procedural safeguards support compliance even when direct technical deployment isn’t possible. 

RELATED: Everything you need to know about STIR/SHAKEN  

Robocall Mitigation Database (RMD) Registration 

Regardless of STIR/SHAKEN eligibility, all voice providers – including resellers – must register with the FCC’s Robocall Mitigation Database (RMD). If you can’t implement STIR/SHAKEN, you’re required to file a robocall mitigation plan describing the steps you’re taking to protect the integrity of your call traffic. 

This typically includes: 

• Verifying end-customer identities (KYC) 

• Monitoring traffic patterns 

• Responding to traceback requests 

Even if your upstream carrier handles authentication, you are still responsible for documenting and submitting your mitigation practices. 

Customer privacy & CPNI (Customer Proprietary Network Information) 

As a reseller, you’re also responsible for handling Customer Proprietary Network Information (CPNI) correctly and filing an annual certification with the FCC. 

Universal Service Fund (USF), regulatory fees & tax‑related considerations 

Now let’s talk money. Sort of.  

VoIP resellers are required to contribute to the Universal Service Fund (USF), a U.S. federal program that helps fund telecommunications services in rural and underserved areas. This involves registering with the FCC’s USAC (Universal Service Administrative Company), submitting Form 499-A annually, and reporting applicable revenues.  

Depending on how you structure your business, you may be classified as a direct or indirect contributor. Indirect contributors still need to file, but may pass through contributions via their wholesale provider. 

Beyond USF, resellers must also be aware of other regulatory fees, such as FCC annual regulatory charges, and may have obligations under federal, state, or local telecom tax regulations.  

Understanding how these fees are calculated, when they’re due, and who is responsible for remittance is essential to staying compliant and avoiding penalties. 

Key Canadian Obligations for VoIP Resellers (CRTC) 

Moving north, let’s look at what obligations you may have as a Canadian VoIP reseller.  

Registration with the CRTC as a reseller or telecommunications provider 

If you need to register with the FCC in the U.S., in Canada you need to register as a reseller with the CRTC, the Canadian Radio-television and Telecommunications Commission. 

However, in this case you don’t need to fill out a long form but write a letter with all the information provided on the CRTC website that can be submitted via their platform, mail, or fax.  

Registration is free and there’s no set deadline, but be aware: you need to register before you start offering your services and products.  

Emergency‑services obligations (9‑1‑1 service) for local VoIP providers 

As a reseller, you’ll need to provide either Basic or Enhanced 9-1-1 service, and clearly disclose any 9-1-1 limitations in customer communications, as well as obtain a BITS license for international traffic.  

To keep your registration and licensing status valid, you’ll need to update your information periodically.  

Canadian Consumer Complaints Body: CCTS / CPRST 

In Canada, VoIP resellers offering services to end-users must also register with the Commission for Complaints for Telecom-television Services (CCTS / CPRST), an independent body that handles consumer disputes related to telecom services.  

Registration is mandatory for most resellers operating in Canada and must be renewed annually. 

Failure to register or respond to CCTS inquiries can result in formal complaints, regulatory scrutiny, or reputational harm. Make sure your customer service processes are aligned with CCTS expectations – particularly around billing transparency and service disclosures. 

Consumer safeguard obligations and ongoing regulatory filings 

Canadian resellers must comply with consumer protection policies, including billing transparency and customer complaint procedures. Regular filings and updates may also be required. 

Extra Step: Do Not Originate (DNO) List Participation (U.S. & Canada) 

The Do Not Originate (DNO) list is designed to block fraudulent calls that appear to come from numbers that should never originate outbound calls (e.g., IRS or bank fraud hotlines). 

While typically managed at the carrier level, resellers should understand how their upstream provider interacts with DNO protections and avoid knowingly passing traffic from known DNO numbers. 

For higher-trust operations, participating in DNO protection can be a signal of good-faith traffic hygiene, especially if you manage number provisioning. 

RELATED: Everything you need to know about Do Not Originate (DNO) Lists 

Pre‑Launch Compliance Checklist for Resellers 

You might choose to open your reselling business only in one country – Canada or the U.S. -, but you might also choose to go all in and serve both. In either case, we know it’s a lot to do and take in terms of regulation.  

So we created a simplified checklist to help your process.  

Register appropriately (FCC & CRTC) 

The ideal scenario is registering before you even star offering your services, to guarantee you’re starting with the right foot, regardless of where you plan to offer your products and services.  

Ensure emergency services/E911 capability is addressed 

Access to emergency services is vital, so check if your workflows have that capability implemented to avoid issues in the future – and don’t forget to plan for power outages!  

Verify upstream wholesale provider compliance and contract terms 

Is your provider acting according to regulations? Are they following the steps they need to take to ensure their services are legit and compliant? Better check before even signing up to their reselling programs.  

Implement internal policies: data privacy, robocall mitigation, record keeping 

Have all your workflows in order before you start. Consider data privacy policies, STIR/SHAKEN and further robocall mitigation and create processes to record keeping, so your business is organized and full compliant.  

Maintain ongoing monitoring, updates, and document changes 

Also in terms of routine, creating a monthly monitoring meeting with yourself is important to keep track of documentation, changes in legislation and updates from providers and legal organs.  

This way, you’re always on top of regulations and aren’t caught by surprise when something changes unexpectedly.  

Common Compliance Pitfalls & How to Avoid Them 

We’re aware that regulations and bureaucracies are no easy matter, so let’s address the elephant in the room: common pitfalls and how you can avoid them.   

Assuming the wholesale provider handles all regulatory obligations 

Even if you sign up with the most compliant and reliable upstream provider on the market, as a reseller, you still have legal obligations when it comes to the FCC and the CRTC.  

Double-check who’s in charge of what and take your responsibilities to heart.  

Failing to register or filing inaccurately 

Failing to register as a reseller can also cause disruptions in your business. Not only it may delay launch, but also trigger fines that might compromise your initial budget.  

Gather all the documentation you need and be attentive to deadlines. You can always work with a lawyer to avoid this common mistake.  

Missing emergency service disclosures or failing location accuracy 

Lack of E911 or 9-1-1 access puts customers at risk and can violate national regulations. 

Overlooking state/provincial/local obligations (in addition to federal) 

Federal regulations might be easier to understand, but don’t forget your state or province might also have specific regulations you need to abide too.  

Check with local peers, forums or with a lawyer if there are any forms or fees you need to fill and pay in your location.  

The Business Advantage of Being Compliant 

We understand that handling government regulations and compliance might not be the most fun you’ll ever have as a reseller.  

But look at it this way, being compliant is a great competitive differentiator. You can even use it in your marketing strategy as a way to increase positive customer perception: better reliability, lower risk and higher trust.  

It shows professionalism and that you are keeping up with trends and news on the market. As a reseller looking to scale, being “compliant ready” helps MSPs and ISPs grow faster and easier.  

So it’s really better for you and your business to be up-to-date with legislations.  

Frequently Asked Questions (FAQ) 

Have a question you don’t see answered here? Ask our Sales Team directly!     

Do I need to register separately in the US and Canada if I serve both markets? 

Yes. Regulatory compliance must be addressed in each country where you operate. 

What happens if I don’t comply with FCC or CRTC obligations? 

Non-compliance with FCC or CRTC regulations can result in serious consequences for VoIP resellers. In the U.S., failure to register, file required forms (like Form 499-A), or contribute to the Universal Service Fund may lead to monetary penalties, loss of operating eligibility, and even enforcement actions.  

Similarly, in Canada, not registering with the CRTC, failing to provide 9-1-1 service disclosures, or missing ongoing regulatory filings can result in deregistration and revocation of your BITS license – effectively halting your ability to operate legally. 

Can I delegate compliance to my wholesale provider? 

No. While your wholesale provider may support certain compliance processes – like emergency service routing or tax remittance – you remain legally responsible for meeting regulatory obligations as a reseller.  

This includes registering with the FCC or CRTC, filing required forms, disclosing service limitations, and maintaining proper records. Think of compliance as a shared responsibility: your provider can assist, but the accountability ultimately rests with you. 

Are there size or volume thresholds for these obligations? 

No. Regulatory obligations generally apply regardless of the size of your business or the volume of traffic you handle. Whether you’re a solo reseller with a handful of clients or a large-scale provider, you’re still expected to register with the FCC and/or CRTC, provide access to emergency services, and comply with tax and reporting requirements. Compliance is tied to the type of service you offer—not the scale of your operation. 

Does regulation differ for business vs residential end‑users? 

No. Regulatory obligations apply based on the type of service you provide, not who your end-user is. Whether your customers are businesses or individuals, you must still meet requirements for registration, emergency service access, and reporting. The expectations for compliance remain the same, even if use cases differ. 

Final Thoughts & Next Steps for Resellers 

If you’re stepping into the VoIP space as a reseller, understanding your regulatory footprint is critical.  

Staying compliant with FCC and CRTC rules not only protects your business; it positions you as a professional, trustworthy provider in a competitive market.