Full Report
Unfortunately, there aren't many options unless you're Starlink Citing national security fears, America is effectively banning any new consumer-grade network routers made abroad.…
Analysis Summary
# Regulation/Compliance: FCC Covered List Expansion (Foreign-Made Routers)
## Overview
This mandate involves the Federal Communications Commission (FCC) updating its "Covered List" to include all foreign-made consumer-grade network routers. Citing Section 2 of the Secure and Trusted Communications Networks Act of 2019, the regulation effectively bans the authorization of new router models manufactured outside of the United States, as they are deemed to pose an unacceptable risk to national security and supply chain integrity.
## Key Details
- **Issuing Authority:** Federal Communications Commission (FCC) / Executive Branch Interagency Body
- **Effective Date:** March 24, 2026 (Date of announcement/inclusion on Covered List)
- **Jurisdiction:** United States (National)
- **Status:** In Effect (for new authorizations)
## Requirements
### Mandatory Requirements
1. **Equipment Authorization Prohibition:** The FCC will no longer grant "Equipment Authorization" to any new consumer-grade router models manufactured in foreign countries.
2. **Manufacturing Origin Disclosure:** Manufacturers must certify the geographic location of production for any new equipment seeking FCC approval.
3. **Supply Chain Security:** Telecommunications equipment must align with the National Security Strategy to ensure no dependence on foreign entities for core defense/economic components.
### Recommended Practices
1. **Domestic Sourcing:** Move manufacturing operations to US soil to ensure future product lines can be authorized for sale.
2. **Exemption Applications:** Manufacturers may seek "Conditional Approval" via the Department of Defense (DoD) or Department of Homeland Security (DHS) if they can prove specific devices do not pose a risk.
## Affected Organizations
- **Industries:** Consumer electronics manufacturers, ISPs (Internet Service Providers), and retailers of networking hardware.
- **Organization Size:** All sizes (from global corporations like Cisco/Netgear to smaller hardware startups).
- **Geographic Scope:** Any entity wishing to sell consumer-grade routers within the US market.
## Compliance Timeline
- **Pre-March 2026:** Legacy equipment authorized prior to this date remains legal for import, sale, and use.
- **March 24, 2026:** Effective date; all new authorizations for foreign-made routers are halted.
- **Ongoing:** Manufacturers must transition production to the US or obtain specific DHS/DoD exemptions for new models.
## Implementation Guidance
### Assessment Phase
- **Audit Current Pipeline:** Identify upcoming product launches and determine the manufacturing origin of each SKU.
- **Risk Evaluation:** Assess the impact of stalled authorizations on US market share and retail contracts.
### Implementation Phase
- **Relocate Manufacturing:** Explore US-based manufacturing options (e.g., Texas-based facilities similar to Starlink).
- **Petition for Exemption:** Engage legal and compliance teams to submit technical documentation to the DHS/DoD for "Conditional Approval."
### Validation Phase
- **FCC Certification:** Ensure all new products marketed in the US hold a valid FCC ID granted post-March 2026, proving domestic manufacture or exemption.
## Technical Requirements
- **Hardware Provenance:** Verification of the "Core Components" origin within the router.
- **Security Vulnerability Mitigation:** Devices must lack the backdoors or supply chain vulnerabilities typically associated with foreign state-sponsored cyberattacks (e.g., Volt Typhoon).
## Penalties & Enforcement
- **Fines:** Significant monetary penalties for selling non-authorized electronic equipment in the US.
- **Other Consequences:** Seizure of imports by US Customs and Border Protection (CBP); revocation of existing FCC licenses for non-compliant firms.
- **Enforcement:** Enforced through the FCC’s equipment authorization program and Section 2 of the Secure Networks Act.
## Related Standards
- **Secure and Trusted Communications Networks Act of 2019:** The underlying legal framework for the "Covered List."
- **NIST SP 800-161:** Cybersecurity Supply Chain Risk Management (C-SCRM) practices.
- **Executive Order 13873:** Securing the Information and Communications Technology and Services Supply Chain.
## Resources
- **Official Documentation:** [fcc[.]gov/supplychain/coveredlist]
- **Relevant Statute:** Section 2 of The Secure Networks Act.
## Practical Recommendations
- **Inventory Management:** Retailers should double-down on stocking currently authorized 2025/2026 models, as these are grandfathered in and will remain the primary available stock until domestic production scales.
- **Supply Chain Pivot:** Enterprise networking firms should accelerate "Made in USA" initiatives to avoid being locked out of the consumer refresh cycle.
- **Regulatory Monitoring:** Stay apprised of updates to the "Conditional Approval" criteria from the DHS/DoD, as this remains the only legal pathway for foreign-made hardware.