In a boost to the ease of doing business, the DoT has overhauled the OSP Framework. The new framework applies only to entities carrying out voice-based BPO activities. Several provisions have been removed such as the requirement for registration, bank guarantees, network diagrams, restrictions on interconnection, and penalty and audit provisions. India's IT sector may now implement modern network structures, WFH facilities and infrastructure sharing for greater efficiency. Security related obligations such as requiring OSPs to maintain CDRs and to avoid toll bypass have been retained.
The Department of Telecommunications (DoT) has published the Guidelines for Other Service Providers (OSP) implementing a significant overhaul of the existing telecom framework for Business Process Outsourcing (BPO) entities in India.
The OSP framework was originally put in place to ensure that the special dispensations provided to the then nascent BPO sector had adequate safeguards. These safeguards were designed to ensure that OSPs did not impinge into the jurisdiction of Telecom Service Providers (TSP) as well as to address associated security concerns. Over time, thanks to the increased availability (and the decreasing cost) of telecom connectivity, as well as the convergence of voice and data technologies, these regulations were no longer relevant. To the contrary, they imposed a significant compliance burden on the IT and ITeS industries which were made even more challenging given the vague language with which the framework had been drafted.
The DoT has radically pared the framework down to restrict its applicability and to remove a number of the procedural compliances. These include:
(a) the applicability of the framework to non-voice based BPO activities;
(b) the registration requirement for all OSP entities;
(c) penalty and audit provisions;
(d) requirements to furnish a bank guarantee;
(e) content monitoring;
(f) most restrictions on sharing of infrastructure; and
(g) location and network specific requirements like the need to provide a network diagram.
In effect, the framework now primarily contains certain security obligations with additional high-level protections to prevent toll bypass. The definition of the term OSP has been limited to only voice based BPO service providers removing data-based services entirely from the ambit of the regulation. The new framework permits (i) the sharing of infrastructure between international and domestic OSPs over VPNs, (ii) the interconnectivity of OSPs, (iii) the use of closed user groups for internal communications, (iv) the facility of work from home/work from anywhere, and (v) the use of distributed EPABXs, without any limitations or registration/intimation requirements. All that OSPs are required to do is ensure that there is no toll bypass.
International OSPs may host their EPABX abroad, provided they have a copy of their call data records (CDR) and system logs stored at any of their centres in India. Domestic OSPs on the other hand are required to retain their EPABX and client data centre only in India. As far as security related obligations are concerned, the new framework requires OSPs to maintain CDRs, system logs, access log, configurations of the EPABX, and routing tables, for a period of one year. Remote access is required to be provided to the authority to view the CDRs along with details of the agent manning the position. In case of specific instances of unlawful content (such as content that infringes intellectual property), the OSP is required to extend support to the authority in tracing any malicious calls, messages or communications carried on its network.
The liberalisation of this framework is likely to be a huge relief to the IT sector as a whole. The registration requirement coupled with all the other compliance obligations has weighed heavily on the competitiveness of the outsourcing industry for many years. This is a much-needed step in the right direction and is likely to increase the attractiveness of India as a destination for business process outsourcing.
Originally Published By Trilegal, November 2020
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.