Full Report
The Federal Communications Commission has updated its Covered List to include all consumer routers made in foreign countries, banning the sale of new models in the U.S. [...]
Analysis Summary
# Regulation/Compliance: FCC Ban on Foreign-Manufactured Consumer Routers (Secure & Trusted Communications Networks Act Update)
## Overview
The Federal Communications Commission (FCC) has expanded its "Covered List" to include all consumer routers manufactured in foreign countries. This regulation effectively bans the sale and import of new foreign-made models in the U.S. unless they undergo a rigorous, transparent approval process. The mandate is driven by a National Security Determination identifying these devices as high-risk vectors for disrupting critical infrastructure and the national economy.
## Key Details
- **Issuing Authority:** Federal Communications Commission (FCC)
- **Effective Date:** March 20, 2026 (Following National Security Determination)
- **Jurisdiction:** United States (Importation and Sale)
- **Status:** Final
## Requirements
### Mandatory Requirements
1. **Equipment Authorization Ban:** No new router models manufactured outside the U.S. may receive FCC certification for sale unless they meet specific exemption criteria or the "Alternative Approval Path."
2. **Alternative Approval Disclosure:** Manufacturers seeking to bypass the ban must provide:
- Full corporate ownership and foreign government financial influence disclosures.
- Detailed Bill of Materials (BoM).
- Country of origin for all hardware components and firmware/software.
- IP ownership details.
3. **Onshoring Plan:** Applicants for approval must submit a formal plan to relocate critical component manufacturing to the United States.
### Recommended Practices
1. **Supply Chain Audit:** Organizations should immediately identify the country of origin for all networking hardware in their procurement pipeline.
2. **Software/Firmware Maintenance:** Users of Unmanned Aircraft Systems (UAS) should ensure all critical security updates are applied before the 2027 cutoff.
## Affected Organizations
- **Industries:** Consumer Electronics, Telecommunications, Managed Service Providers (MSPs), and Retailers.
- **Organization Size:** All sizes; applies to any entity importing, distributing, or selling networking equipment.
- **Geographic Scope:** All foreign router manufacturers; U.S.-based distributors and consumers.
## Compliance Timeline
- **March 20, 2026:** National Security Determination issued/Ban on new foreign-model certifications begins.
- **March 24, 2026:** FCC updates the Covered List to reflect the broad ban.
- **January 1, 2027:** Deadline for software and firmware updates for Unmanned Aircraft Systems (UAS) and critical components.
## Implementation Guidance
### Assessment Phase
- **Inventory Audit:** Identify current and planned router models in the product catalog.
- **Origin Verification:** Verify the manufacturing location and component sourcing of all "new-to-market" devices.
### Implementation Phase
- **Certification Re-filing:** For critical models, initiate the "Alternative Approval Path" by gathering ownership and BoM documentation.
- **Onshoring Strategy:** Develop and document a transition plan to move assembly or component manufacturing to U.S. soil.
### Validation Phase
- **FCC Certification Check:** Ensure all new stock carries an active FCC certification granted after the March 2026 ruling.
- **Vendor Attestation:** Require manufacturers to provide legal attestation regarding compliance with the Secure and Trusted Communications Networks Act.
## Technical Requirements
- **Bill of Materials (BoM):** Must include origin for all semiconductors and integrated circuits.
- **Software Origin:** Must disclose the source code origin for the operating system and management firmware.
- **Manufacturing Controls:** Relocation of assembly lines to U.S. jurisdiction to mitigate supply chain tampering.
## Penalties & Enforcement
- **Fines:** Significant monetary penalties for importing or selling non-authorized equipment under the Communications Act.
- **Other Consequences:** Revocation of existing FCC authorizations; seizure of shipments by U.S. Customs and Border Protection (CBP).
- **Enforcement:** Enforced through the FCC’s Equipment Authorization program and the "Covered List" restrictions.
## Related Standards
- **Secure and Trusted Communications Networks Act of 2019:** The foundational law for the Covered List.
- **NIST SP 800-161:** Supply Chain Risk Management (SCRM) practices.
- **Executive Order 14017:** America's Supply Chains.
## Resources
- **Official Documentation:** [fcc[.]gov/supplychain]
- **Guidance Documents:** Guidance for Conditional Approvals Submissions (March 2026)
- **Covered List:** [fcc[.]gov/vetted-trusted-sources-list]
## Practical Recommendations
- **Shift Sourcing:** Begin vetting domestic U.S. manufacturers for consumer networking hardware to avoid certification delays.
- **Price Forecasting:** Account for a 10–20% increase in hardware costs due to onshoring and regulatory compliance overhead.
- **Inventory Buffer:** Stock existing certified models now, as new model entries to the U.S. market are expected to slow significantly due to the "couple of months" testing and approval window.