Under the New Other Service Provider (OSP) guidelines of the Department of Telecom (DoT), the registration requirement for OSPs has been done away with altogether and the BPO industry engaged in data related work have been taken out of the ambit of OSP regulations. Also, requirements such as deposit of bank guarantees, for static IPs, frequent reporting obligations, publication of network diagram, penal provisions etc. have also been removed. Similarly, several other requirements, which prevents companies from adopting ‘Work from Home’ and ‘Work from Anywhere’ policies have also been removed. We spoke with Balbir Bora, Founder & CEO Whitewater Solutions, who clarifies the key aspects of the new policy and its impact
For an outsourcing service provider, what is the impact of the new OSP guideline?
The new guidelines on Other Service Providers (OSP) is a positive step in the direction of ease of doing business as well as it removes the ambiguity that persisted about the endless dos and don’ts around the technology and some licensing conditions.
It is the new regime of SELF REGULATION and it shall not be misconstrued as NO REGULATION. Only voice-based processes are regulated and there is no registration of the services either online or offline will be required by any ITES service providers. It also calls off any requirement of BG for infrastructure sharing. No specific guidelines will be required to be followed for WFH/WFA.
Some of the key highlights include:
* No OSP registration for any Domestic or International operation will be required
* Any international or domestic outsourcing operations not using voice is not covered under the purview of OSP
* Outsourced operation using voice only will be regulated as per the DoT norms for toll violation, data privacy and traceability
* No OSP registration for any Domestic or International operation will be required
* There will be no need of any Bank Guarantee (BG) for any infrastructure sharing situation
* Security condition for the OSP operations remain the same as in the earlier regulations which calls for maintaining logs, CDRs of the EPABX system and making your infrastructure available for scrutiny if requested by the agency.
* For WFH/WFA as well the tamper proof system logs and CDRs/UDRs must be stored for one year
It would help every outsourcing service provider, if you could highlight the key differences between the old policy and the new one, by giving us some examples?
As per the 2008 guidelines, an OSP company has to opt for a registration from the Authority and intimate to authority from time to time in case of any amendment in the applications. Every OSP center had to be registered with DoT’s respective LSA along with details on the legal and technical matters. There were provisions for annual compliances, Network diagram attestation and inspections from DoT
Today, no registration certificate will be required for OSP centers in India. There is no need to register with DOT for any OSP operations. There is no requirement of any compliance formalities or intimations of any legal or technical information.
Previously, a Bank Guarantee up to one crore was imposed for Infrastructure sharing of the EPABX, Centralized deployment of EPABX, use of CUG and Work from Home. Today, no Bank Guarantee whatsoever will be required for any facility or dispensation under these guidelines.
Previously, there was no provision earlier to interconnect two OSP centers of different companies. Interconnectivity between OSP centers belonging to different OSP companies shall be permitted. However, there will be segregation of voice and data traffic required beyond the specific OSP operations. Further, logs of all the activities will have to be maintained in this case as well for any security requirement in future
Scenario 1: Company B is an Indian subsidiary of an insurance company in Europe and is a captive outsourced center in Mumbai. Company B plans to outsource some L1 processes to a Company D in India. To execute this process, you will need an interconnectivity between these two companies just for the purpose of the specific project. There can be a similar situation for any Indian company who wants to outsource its business processes to a third party, and it is completely permissible after the new OSP guidelines.
Scenario 2: A multinational technology company having its contact center operation for its global clientele in India and few other countries will establish a single voice system for its global customers for a uniform experience and management purpose. The new regulation allows you to do this by having a global BAPX system for your Indian operations.
From a Work from Home perspective, what is the major impact for enterprises, as most companies today have employees working from home?
Previously, Work from Home was permitted using a PPVPN network along with a static IP address which had to be registered with DoT along with the home agent address. This also called for a one crore bank guarantee and a separate WFH registration with DoT.
Today, there are no requirements for any specific kind of network, IP addresses and registration of the home agents with DoT. For WFH/WFA, tamper proof system logs and CDRs/UDRs must be stored for one year. The data privacy and traceability by means of using an IP address assigned by and Indian registered Internet Service Providers only will have to be maintained.