Toll Compliance Regulations in India — an Automation fix
We recently met the CIO of a fairly large contact center in India. Over drinks, he ended up moaning about how they were having to deal with a TRAI toll compliance audit due to problems in how their system had been set up. “I am pretty sure I am doing everything right,” he said, “but they are digging in deep and I’m pretty stressed — what if a minor configuration flaw comes up?”
Toll compliance regulations are India’s attempt to preserve the revenues of incumbent telecom operators (and in turn, of the government) while dealing with the phenomenon of Internet Telephony. The purpose of the regulations is to ensure that companies doing business in India do not deprive telecom service providers of revenue by connecting IP networks with PSTN networks, thus enabling cheap calling across the world. And how does India make that happen? By simply passing regulation that prohibits mixing PSTN with long distance IP! Any organization that gets caught doing so faces investigation and punitive fines, along with potential canceling of registration and debarment for up to 3 years! Furthermore, the Telecom Regulatory Authority of India (TRAI) reserves the right to carry out periodic audits to check that organizations have been compliant, a right that it has been known to exercise regularly, like they did with our friend.
This means that any organization that has a multi-location presence in India or a multi-national presence with India as one of the locations must undertake some serious administrative effort to stay compliant with toll regulations. The challenges can be classified into management and control issues, regulatory grey areas, and the compliance overheads.
As UC and CC systems have become more and more capable, administrators have had to deal with the management and control problems of tracking interconnect capabilities across a more complex range of devices — today, PBXs, SBCs, IVRs, voice mails, conferencing servers and even endpoints can conference, which means every one of these devices has the potential to fall foul of toll-compliance regulations. Additionally, any mobility feature, like softphones (VPN or VPN-less), SIP phones registering to SBCs, and extending calls to cellphones over IP are all “roaming” in nature and can cause a company to be on the wrong side of the law. For the system to be compliant, each network element must be compliant. One must therefore check, at minimum, the configuration of every one of the above-mentioned devices.
Adding to the challenge are the grey areas in the regulations. For example, Chapter III, Clause 3(1) of the OSP regulations from TRAI states that -
“Domestic OSP is permitted to terminate PSTN/PLMN connection with outgoing facility on the same EPABX provided that such PSTN/PLMN lines shall be used for making calls through normal NLD network only and in no way directly or indirectly cause bypass of licensed National Long Distance Operator (NLDO) jurisdiction”.
What isn’t clear is: if an organization has PSTN with local VoIP, which means that if they get a call into an office in Aundh, Pune via PSTN, will taking it though VoIP to a user who is at the Nagpur office of the same company (800 kilometers away but in the same circle) be a violation?
Finally, the compliance overhead comes from administrators having to deploy internal information security (GIS) resources or external agencies to audit and certify that their systems are indeed compliant with toll regulations. The auditing is always done manually, which makes it slow, expensive, and prone to errors. The contact center mentioned earlier did have an annual audit from an external agency, but as the months passed and infrastructure got replaced and upgraded, the CIO was no longer sure if they were fully compliant.
To address this challenge, Assertion has developed an India Toll Compliance pack to scan the various configurations on communications systems (like PBXs) and provide a report on the compliance of the enterprise. The pack, among other things, verifies the locations of various resources like trunks, stations, gateways, and regions, scans and verifies the AAR/ARS routing configurations, corroborates Inter-PBX special toll compliance features (like SA9122 on Avaya Communication Manager), and validates Tenant and other logical partitioning settings. It also ensures that all settings for call forwarding, coverage, and other forms of call redirection for all the endpoints and trunks are configured to meet toll compliance regulations. The compliance check takes minutes — literally making it possible to verify your compliance status every day, if needed.
Assertion, as you probably know, automates compliance for enterprise applications. With the India Toll Compliance pack, we make it easy for organizations to confirm that they are indeed compliant with TRAI regulations. So if you are part of an organization that has a global footprint with a significant Indian presence, it’s time to ask the question: Do I need this pack? Of course, the answer is: you probably do!
And that CIO friend of ours? The good news is that he passed the audit. The better news is that he has decided to go for the Assertion India Toll Compliance pack!
- Article written by Pradeep Vasudev
About the Author
Pradeep Vasudev is the co-founder and COO of SmarterHi, makers of Assertion, which automates compliance for enterprise applications. Pradeep has held leadership positions in multiple companies, helping build teams from scratch. He has also co-founded two other startups, one of which he led to a successful close. He has a storied career, where he has been in teaching, journalism, documentation, support, marketing, and operations. He holds a graduates degree in Physics from Mumbai University. In his free time, Pradeep reads a wide variety of non-fiction and does yoga.
