First-of-Its-Kind Enforcement Action Portends FCC’s Expanded National Security Role

Following a referral from the US Department of Justice, the Federal Communications Commission took a first-of-its-kind enforcement action against a company for violating the terms of its mitigation agreement with the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector, commonly known as Team Telecom, setting a new precedent for future oversight and enforcement.

With the uncertainty surrounding its ability to impose monetary penalties now set to be addressed by the US Supreme Court, the Federal Communications Commission took the significant step of announcing that it was expanding its role as an enforcer in the national security arena.

On January 8, 2026, the FCC released an Order and Consent Decree finding that Marlink, Inc. violated the terms of its international section 214 and earth station authorizations by failing to comply with the commitments set forth in its mitigation agreement with Team Telecom to address national security and law enforcement risks. Those commitments required Marlink to impose strict control on foreign-employee access to United States communication infrastructure and customer information.

As part of the settlement, Marlink must pay $175,000 and adopt a comprehensive compliance plan, including enhanced procedures and reporting obligations. The FCC enforcement action underscores that commitments made to Team Telecom are binding conditions on an FCC authorization or license. It also gives Team Telecom an effective new tool in its toolbox to enforce mitigation agreements by providing it with the flexibility to refer noncompliance to the FCC for further enforcement of conduct that may warrant more severe enforcement measures such as revoking or terminating an authorization or license for noncompliance.

According to the FCC’s press release, its “landmark” action against Marlink is the first time an enforcement action has focused strictly on compliance with Team Telecom mitigation agreement obligations, signaling a road ahead that is paved with heightened regulatory scrutiny and new compliance expectations for authorization holders and licensees in the telecommunications and information and communications technology and services (ICTS) sectors. The press release and Consent Decree also specifically reference DOJ’s referral of the company’s noncompliance for further investigation and enforcement by the FCC.

Companies operating in the US telecommunications and ICTS sectors that have national security mitigation agreements that condition an FCC authorization or license should carefully review their compliance frameworks to ensure strict adherence to their national security and law enforcement mitigation obligations.

BACKGROUND

Under Executive Order 13913, Team Telecom is authorized to review applications for foreign participation in the US telecommunications sector for national security and law enforcement risk and impose mitigation conditions. [1] However, when it comes to enforcing compliance with those mitigation conditions, Team Telecom does not possess the authority to enforce violations of its mitigation agreements. Rather, Team Telecom must rely on the FCC accepting its recommendations regarding whether an entity is complying with its mitigation requirements.

This contrasts with other Executive Branch entities such as the Treasury Department–led Committee on Foreign Investment in the United States [2] or the Commerce Department’s Office of Information and Communications Technology and Services, [3] which maintain independent authority to enforce compliance with mitigation terms and agreements that address identified national security risks involving foreign ownership, control, investment, or participation in critical US industries and sectors.

Marlink, a Delaware-incorporated and Texas-headquartered provider of maritime and land-based satellite communications, operates under an FCC-issued international section 214 authorization as well as FCC-issued earth station authorizations. In 2022, the FCC conditionally approved Marlink’s applications for transfer of control, and the FCC’s approval for that transaction was contingent on strict compliance with the terms of the mitigation agreement negotiated with DOJ on behalf of Team Telecom. [4]

The mitigation agreement contained specific obligations designed to mitigate national security and law enforcement risks, including detailed personnel screening requirements, cybersecurity controls, incident reporting protocols, and restrictions on foreign access to US records and domestic communications infrastructure.

MARLINK’S MITIGATION AGREEMENT COMMITMENTS

The Team Telecom agreement that conditioned Marlink’s FCC authorizations is illustrative of these types of mitigation agreements and contained comprehensive definitions and obligations, including:

• Designation and maintenance of a US Law Enforcement Point of Contact
• Strict compliance with lawful interception statutes, including the Communications Assistance for Law Enforcement Act, and a prohibition on sharing lawful US process with foreign governments or entities without DOJ or court approval
• Cybersecurity plans and incident response protocols based on the National Institute of Standards and Technology or international security standards, with timely remedial measures in response to threats
• Reporting of security incidents, unauthorized access, or material breaches within specified timeframes
• Disclosure and approval requirements for principal equipment, outsourced/offshored service providers, and network operations center changes
• Ongoing annual reporting and site visits for compliance verification
• Personnel screening and notification requirements for foreign employees, with DOJ approval or objection rights

FCC INVESTIGATION AND ENFORCEMENT ACTION

The FCC’s Enforcement Bureau launched an investigation into Marlink after DOJ raised concerns about Marlink’s compliance with its mitigation commitments. In coordination with both the FCC’s Office of International Affairs and Space Bureau, the Enforcement Bureau reviewed Marlink’s procedures for screening foreign employees that had access to US records, domestic communications, and domestic communications infrastructure.

The review found that Marlink did not, as required by its mitigation agreement, request approval from DOJ at least 30 days prior to granting 186 foreign employees access to US records and domestic communications infrastructure. The deficiency stemmed from inadequacies in Marlink’s manual screening procedures, which failed to flag and vet these foreign employees in advance.

While DOJ ultimately approved all 186 employees, the failure to conduct the screening in advance constituted a violation of the mitigation agreement and triggered the FCC investigation and enforcement action.

To resolve the matter, Marlink entered into a Consent Decree with the FCC, agreeing to several remedial measures:

• Payment of $175,000 to the US Treasury
• Implementation of a robust FCC compliance plan, including designation of a senior corporate manager as the compliance officer responsible for implementing the compliance plan
• Enhancing operating procedures to include a review of every onboarded employee to determine if they are subject to DOJ review/approval; a process to manage and track foreign employee notifications made to DOJ; a comprehensive compliance manual for employees on Team Telecom mitigation agreement obligations; and a training program on the Team Telecom mitigation agreement/FCC Consent Decree for all employees whose duties relate to the mitigation agreement
• Conducting mandatory compliance audits, including additional annual reporting to the FCC
• Prompt reporting of any noncompliance or breaches of the Consent Decree, with detailed remedial and preventative actions
• Filing compliance reports regarding efforts to comply with the Consent Decree, including a certification from the compliance officer, due 90 days after the effective date and again at 12, 24, and 36 months after the effective date

The Consent Decree’s provisions are binding on Marlink and remain effective for three years.

KEY TAKEAWAYS

The Marlink enforcement action represents a watershed moment for Team Telecom national security and law enforcement risk oversight and compliance, with several key implications for telecommunications and ICTS companies that have FCC authorizations and licenses that are conditioned on compliance with Team Telecom mitigation agreements:

Regulatory Precedent: DOJ’s referral of a violation of the mitigation agreement terms followed by the FCC’s decision to enforce the mitigation agreement sets a strong precedent that Team Telecom commitments are not optional and will be actively monitored and enforced. As Assistant Attorney General for National Security John Eisenberg noted, “Today’s enforcement action sends a clear message that compliance is not optional. The Justice Department, as Chair of Team Telecom, remains committed to working with the FCC to protect our critical infrastructure and hold companies that violate the terms of their licenses to account.”

Procedure Failures Are Still Violations: The fact pattern is fundamentally procedural (timely notice and vetting workflow), not substantive national security harm, and the fact that DOJ ultimately approved Marlink’s access request for all 186 foreign persons did not change the outcome. The action underscores that administrative and timing requirements in mitigation agreements are enforceable conditions even where the government ultimately approves the underlying personnel access.

Heightened Compliance Expectations: Telecommunications and ICTS companies subject to mitigation agreements should review and strengthen their compliance frameworks to ensure full adherence to mitigation agreement obligations, including personnel screening, incident reporting, and cybersecurity controls. Internal compliance procedures should facilitate timely identification and engagement with Team Telecom where notice or consent obligations are triggered.

Risk of Enforcement and Penalties: Failure to comply with Team Telecom mitigation conditions can result in investigations, monetary penalties, potential threats to continued licensure, and reputational harm.

Increased Exposure from Self-Reporting and Ordinary-Course Notices: Marlink’s May 22, 2024 notification to DOJ triggered the sequence that led to the FCC enforcement. Companies should assume routine mitigation notifications and disclosures can be used to test compliance maturity and identify gaps, and if possible should validate internal controls before or concurrent with submitting recurring notices.

Additional Oversight and Ongoing Costs: The Consent Decree’s requirements—including audits, training, and reporting—provide for separate and additional compliance elements and reporting obligations that are parallel (and in addition to) to Team Telecom’s mitigation agreement requirements. Even if the underlying mitigation agreement remains stable and in place, an enforcement resolution with another agency can create additional obligations that increase costs and operational burdens.

Operational Impact: Enhanced procedures for onboarding, vetting, and notification of foreign employees must be carefully integrated into human resource and compliance operations, with clear documentation and prompt communication. Further, designation of a senior corporate manager as a compliance officer and certifications in reports reinforce that mitigation compliance is governance-driven. Companies should ensure leadership reporting lines, documentation, and escalation pathways are formalized and accountable.

Industry Guidance: The FCC’s enforcement action clarifies that Team Telecom mitigation agreements are now subject to meaningful enforcement. DOJ has additional recourse to enforce mitigation agreements for matters that do not rise to the level of referring a company to the FCC for revocation or termination of an authorization or license. Companies should proactively assess their exposure and consider consulting with counsel to evaluate compliance strategies tailored to their specific circumstances.

CONCLUSION

The FCC’s enforcement action against Marlink for violating its Team Telecom mitigation agreement marks a pivotal shift in regulatory approach, signaling increased scrutiny and real consequences for noncompliance for telecommunications companies that have mitigation agreements.

Telecommunications and ICTS companies must treat mitigation commitments as binding and ensure rigorous adherence to all conditions, or risk investigation and penalties. Companies should act now to understand their obligations and bolster their compliance protocols and mitigate regulatory risks.

Two of the authors of this LawFlash, David Plotinsky and Loyaan Egal, previously led DOJ’s Foreign Investment Review Section (FIRS) within the National Security Division, which represents the Attorney General as the Chair of the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector (commonly known as Team Telecom). In addition to serving as the inaugural Staff Chair of Team Telecom under Executive Order 13913, Loyaan also served as Chief of the FCC’s Enforcement Bureau.