Commonwealth Coat of Arms of Australia

 

Telecommunications (SMS Sender ID Register) Industry Standard 2025

 

The Australian Communications and Media Authority makes the following standard under subsection 125AA(1) of the Telecommunications Act 1997.

Dated: 7 October 2025

Samantha Yorke

[signed]

Member

 

Cathy Rainsford

[signed]

General Manager

 

Australian Communications and Media Authority

 

 

 

Contents

Part 1—Preliminary.....................................................1

1  Name.................................................................1

2  Commencement..........................................................1

3  Authority...............................................................1

4  Application of industry standard..............................................1

5  Definitions..............................................................2

6  References to other instruments...............................................7

Part 2—Requirements relating to the Register....................................8

7  Application for approval....................................................8

8  Application to be a certified telecommunications provider...........................8

9  Requirements to provide information to entities...................................8

10  Requirement to publish information...........................................9

11  Requirements relating to the registration of sender identifications on behalf of an ABN entity.9

12  Requirements relating to the registration of sender identifications on behalf of a non-ABN entity......11

13  Requirements relating to the registration of sender identifications for an international partner or an EMSP partner......12

14  Requirement not to mislead................................................14

Part 3—Requirements relating to sending sender identification messages..................15

15  Requirement on telecommunication providers..................................15

16  Requirements on originating telecommunications providers.........................15

17  Requirements on transiting telecommunications providers..........................16

18  Requirements on terminating telecommunications providers........................16

Part 4—Requirements relating to policies and procedures............................18

19  Providers must implement policies and procedures...............................18

20  Providers must implement complaint handling policies and procedures................18

Part 5—Reporting requirements.............................................19

21  Traceback reporting.....................................................19

22  Quarterly reporting......................................................20

Part 6—System security, record keeping and privacy...............................22

23  Requirement to keep records...............................................22

24  Record retention........................................................22

25  System security........................................................22

26  Privacy..............................................................22

Part 7 – Notification to message recipients......................................24

27  Requirements on carriage service providers....................................24

Schedule 1 – Information to be provided to customers..............................26

Part 1Preliminary 

  This industry standard is the Telecommunications (SMS Sender ID Register) Industry Standard 2025.

Each provision of this industry standard specified in column 1 of the table commences, or is taken to have commenced, in accordance with column 2 of the table. 

 

Column 1

Column 2

Provisions

Commencement

1.  Sections 1 to 8, subsection 15(2), Part 4 and Part 6

15 October 2025.

2.  Sections 9 to 14, Part 7 and Schedule 1

30 November 2025.

3.  Part 3 except subsection 15(2), and Part 5

1 July 2026.

Note 1:       This table relates only to the provisions of this industry standard as originally made. It will not be amended to deal with any later amendments of this industry standard.

Note 2:       The Federal Register of Legislation may be accessed free of charge at www.legislation.gov.au.

 This industry standard is made under subsection 125AA(1) of the Telecommunications Act 1997 and in accordance with sections 5, 6, 7 and 8 of the Telecommunications (SMS Sender ID Register Industry Standard) Direction 2025.

  1.            Subject to subsection (2), for the purposes of subsection 125AA(1) of the Act, this industry standard:
  1.       applies to the following sections of the telecommunications industry:
  1.      carriers;
  2.    carriage service providers;
  3.  electronic messaging service providers; and
  1.       gives effect to the objectives set out in section 7 of the Telecommunications (SMS Sender ID Register Industry Standard) Direction 2025.
  1.            This industry standard does not apply to a carrier, or a carriage service provider, in its capacity as a statutory infrastructure provider.
  2.            An electronic messaging service provider may comply with its obligations under this industry standard by:
  1.       fulfilling the obligations itself; or
  2.       arranging with another person who is a participating telecommunications provider to fulfill some or all of the obligations on its behalf under subsection 13(5).
  1.       In this industry standard:

ABN (short for “Australian Business Number”) has the meaning given by section 41 of the A New Tax System (Australian Business Number) Act 1999.

ABN entity means an entity that has an ABN.

Act means the Telecommunications Act 1997.

Australian Business Register means the register established under section 24 of the A New Tax System (Australian Business Number) Act 1999.

Business Names Register means the register established and maintained under section 22 of the Business Names Registration Act 2011.

certified telecommunications provider means a participating telecommunications provider that is an originating telecommunications provider that has been approved to be a certified telecommunications provider under a determination made under subsection 484L(4) of the Act. 

Note 1:  See paragraph 589(2)(b) of the Act. 

Commonwealth agency means:

(a) the Commonwealth; or

(b) an authority of the Commonwealth; or

(c) a corporation in which the Commonwealth, or an authority of the Commonwealth, has a controlling interest;

and includes the Australian Defence Force.

company has the meaning given by section 9 of the Corporations Act 2001.

customer, in relation to a telecommunications provider, means an entity that has a contractual arrangement with the provider relating to the sending of sender identification messages.

Note: A customer can be an ABN entity or a non-ABN entity.

disrupt, in relation to a sender identification message, means where the sender identification included in the message is over-stamped by a participating telecommunications provider with a new sender identification of “Unverified”.

domain name registrar means a business that handles the reservation of domain names as well as the assignment of IP addresses for those domain names.

electronic messaging service provider has the same meaning as in section 108A of the Act.

EMSP partner means an electronic messaging service provider that has a direct relationship with an entity and who has partnered with:

  1.     for an ABN entity or non-ABN entity – a certified telecommunications provider; or
  2.    for an ABN entity – a participating telecommunications provider that is an originating telecommunications provider, and that is not a certified telecommunications provider;

and who has made a request for the provider to fulfill some or all of the partner’s obligations under this industry standard on its behalf. 

entity means an entity covered by subsection 484F(2) of the Act that uses or proposes to use sender identification messages.  

entity associate means an entity who is authorised by another entity to send sender identification messages using the sender identification registered in the Register for that other entity.

excluded satellite service means a satellite service that may be used by a consumer in an overseas location where the charge for that service is the same or lower than the charge for the same service in Australia.

existing customer, in relation to a participating telecommunications provider, means an entity who is a customer of the provider as at 30 November 2025.

government agency means:

(a) a Commonwealth agency; or

(b) a State or Territory of Australia; or

(c) an authority of a State or Territory of Australia; or

(d) a corporation in which a State or Territory of Australia, or an authority of a State or Territory of Australia, has a controlling interest.

identity verification service means:

  1.     an identity verification service as defined in section 5 of the Identity Verification Services Act 2023; or
  2.     a service designed to provide a high assurance level to verify an individual’s identity accurately, including through the use of government-issued identity documents, biometric or other information. This includes services that have been authorised, approved, or recognised by a foreign government.

international mobile roaming service means a carriage service that is not an excluded satellite service and enables a consumer to automatically and seamlessly do any or all of the following when travelling overseas outside the normal coverage area without losing the connection:

  1.     make, send, access or receive voice calls or SMS/MMS messages;  
  2.     download or upload data.

international partner means an international telecommunications service provider that has a direct relationship with an entity and who has partnered with:

  1.     for an ABN entity or non-ABN entity – a certified telecommunications provider; or
  2.    for an ABN entity – a participating telecommunications provider;

to make an application for registration of a sender identification and to send sender identification messages on behalf of the relevant entity. 

international telecommunications service provider means a telecommunications service provider or electronic messaging service provider based outside of Australia that is a non-ABN entity.

mobile number has the meaning given by section 18 of the Telecommunications Numbering Plan 2025.

Note:  The Telecommunications Numbering Plan 2025 is a legislative instrument registered on the Federal Register of Legislation and may be accessed free of charge at www.legislation.gov.au.

non-ABN entity means an entity that does not have an ABN.

Note: For example, a foreign company or an Australian entity that does not have an ABN will be a non-ABN entity.

originating telecommunications provider means a telecommunications provider that agrees to send sender identification messages on behalf of:

  1.     a customer; or
  1.     an international partner; or
  2.     an EMSP partner.

participating telecommunications provider means a telecommunications provider that holds an approval under section 484F of the Act.

personal information has the same meaning as in the Privacy Act 1988.

prospective customer, in relation to a participating telecommunications provider, means any entity who is not an existing customer but may become a customer of the provider.

quarter means a period of 3 months beginning on 1 January, 1 April, 1 July or 1 October in any year.

Register means the SMS Sender ID Register.

register data means the list of registered sender identifications in the Register.

Register of Trade Marks means the register kept under section 207 of the Trade Marks Act 1995.

registered business name means a name that is registered under a law of a State or Territory that relates to the registration of business names and is entered on the Business Names Register.

registered domain name means a unique address or name that represents a website or other online resource on the internet that has been acquired from a domain name registrar.

satellite service means a carriage service where customer equipment used in connection with the supply of the service communicates directly with a satellite-based facility.

scam message means any communication sent via SMS/MMS to a mobile number that includes a sender identification that is registered in the Register, that, based on the content of the communication, or other information available to a telecommunications provider, appears to have been sent for the purpose of dishonestly obtaining a benefit, or causing a loss, by deception or other means.

sender identification match has the meaning given by subsection (2).

sender identification message means an SMS/MMS message that includes a sender identification and is sent to a mobile number issued in Australia.

SMS/MMS message means a message sent using a short message service or a multimedia messaging service on a public mobile telecommunications service.

telecommunications provider means:

  1.     a carrier; or
  2.     a carriage service provider; or
  3.     an electronic messaging service provider.

terminate, in relation to an SMS/MMS message, means to deliver the message to the message recipient.

terminating telecommunications provider means a carrier that is responsible for delivering sender identification messages to message recipients who are connected to a public mobile telecommunications service owned or controlled by the carrier.

trade mark has the meaning given by section 17 of the Trade Marks Act 1995.

transit means to receive or send a sender identification message to facilitate the passing of the message between telecommunications providers over a telecommunications network.

transiting telecommunications provider means a telecommunications provider who connects with other telecommunications providers to transit sender identification messages between two telecommunications providers over a telecommunications network.

valid use case, in relation to a sender identification of an entity, means evidence that demonstrates a sender identification relates to, or is owned by, the entity.

  1.       To have a sender identification match for an entity, the sender identification:
  1.     for an ABN entity must be:
    1.        the same as; or
    2.      a contraction or abbreviation of; or
    3.    an acronym of; or
    4.     initialism of;

the entity’s registered business name, company name, trademark registered on the Register of Trade Marks; or registered domain name; or

  1.     for a non-ABN entity must be:
    1.        the same as; or
    2.      a contraction or abbreviation of; or
    3.    an acronym of; or
    4.     initialism of;

the entity’s trademark or its name entered on an official register or record in the country in which the entity is based; and

  1.     may also include one or more other words associated with the entity’s functions, location or which indicates the purpose of the sender identification message.

Note 1: For example, if an entity’s:

 company name is TS Pty Ltd;

 business name is Telservice;

 trade mark is TelService; and

 registered domain name is Zrates.com.au;

sender identification matches would include: “Telservice”, “TelServs”, “Telser”, “TS”, “TS_Track”, “TelServSale”, “Zrates” and “TS-Sydney”.

Note 2: A number of other expressions used in this industry standard are defined in the Act, including the following:

  1.         ACMA;
  2.        carriage service;
  3.         carriage service provider;
  4.        carrier;
  5.         customer equipment;
  6.         public mobile telecommunications service;
  7.        sender identification;
  8.        SMS Sender ID Register;
  9.          statutory infrastructure provider;
  10.          telecommunications network.

Note 3: Business day is defined in the Acts Interpretation Act 1901 to mean a day that is not a Saturday, a Sunday or a public holiday in the place concerned.

  In this industry standard, unless the contrary intention appears:

  1.      a reference to any other legislative instrument is a reference to that other legislative instrument as in force from time to time; and
  2.       a reference to any other kind of instrument is a reference to that other instrument as in force or existing from time to time.

Note 1: For references to Commonwealth Acts, see section 10 of the Acts Interpretation Act 1901; and see also subsection 13(1) of the Legislation Act 2003 for the application of the Acts Interpretation Act 1901 to legislative instruments.

Note 2:  For references to instruments that are not legislative instruments, see section 589 of the Act.

Note 3: All Commonwealth Acts and legislative instruments are registered on the Federal Register of Legislation.  The Federal Register of Legislation may be accessed free of charge at www.legislation.gov.au.


Part 2Requirements relating to the Register

A telecommunications provider that sends, transits or terminates sender identification messages must apply to the ACMA for an approval under section 484F of the Act.

Note: An entity that holds an approval under section 484F of the Act may apply to the ACMA for a sender identification to be registered in the Register under section 484G of the Act.

A participating telecommunications provider that wishes to:

  1.       make an application for registration of a sender identification in the Register; and
  2.       send sender identification messages;

on behalf of a non-ABN entity must apply to the ACMA for approval to be a certified telecommunications provider.

Note: A participating telecommunications provider can apply to the ACMA for approval to be a certified telecommunications provider under a determination made under section 484L of the Act.

Requirements regarding existing customers – before 1 July 2026

  1.       A participating telecommunications provider that is an originating telecommunications provider must contact each of its existing customers before 1 July 2026 to:
  1.     provide to the customer, in writing, the information in Schedule 1; and
  2.     subject to subsection (4), offer to make an application for registration of a sender identification in the Register on behalf of the customer.

Requirements regarding prospective customers seeking to use a new sender identification

  1.       If:
  1.     a participating telecommunications provider that is an originating telecommunications provider receives a request from a prospective customer, who asks the provider to send a sender identification message on behalf of the customer; and
  2.     the provider agrees to provide that service; and
  3.     the sender identification is not registered in the Register,

the provider must:

  1.     provide to the customer, in writing, the information in Schedule 1; and
  2.     subject to subsection (4), offer to make an application for registration of the sender identification in the Register on behalf of the customer.

Requirements regarding existing customers using a new sender identification

  1.       If:
  1.     a participating telecommunications provider that is an originating telecommunications provider receives a request from an existing customer, who asks the provider to send a sender identification message on behalf of the customer; and
  2.     the sender identification is not registered in the Register,

the provider must:

  1.     provide to the customer, in writing, the information in Schedule 1; and
  2.     subject to subsection (4), offer to make an application for registration of the sender identification in the Register on behalf of the customer.
  1.       Where the customer is a non-ABN entity, the requirement in each of paragraphs (1)(b), (2)(e) and (3)(d) does not apply, unless the provider is a certified telecommunications provider.

All originating telecommunications providers must make available on their website the information about the Register referred to in Schedule 1.

Requirements for a participating telecommunications provider that is an originating telecommunications provider

  1.     Subject to subsection (2), if:
  1.     an ABN entity requests a participating telecommunications provider that is an originating telecommunications provider to make an application for registration of a sender identification in the Register on behalf of the entity; and
  2.     the provider agrees to send sender identification messages on behalf of the entity;

the provider must make an application for registration of the sender identification in the Register on behalf of the entity.

  1.     Before making the application, the provider must ask the entity if it is an entity associate for another entity.
  2.     If the entity is an entity associate for another entity (the other entity), the provider must:
  1.     apply to the ACMA for an approval on behalf of the entity associate under section 484F of the Act; and
  2.     confirm with the other entity that the entity associate is authorised by the other entity to send a sender identification message that includes that other entity’s sender identification registered in the Register; and
  3.     subject to paragraph (b), if the sender identification is not registered in the Register – make an application for registration of the sender identification on behalf of the other entity.
  1.       Before making an application for registration of a sender identification in the Register on behalf of an ABN entity, a participating telecommunications provider that is an originating telecommunications provider must establish that the entity has a valid use case for the sender identification by:
  1.             confirming that:
    1.        there is a sender identification match for the entity in relation to the registered business name of the entity in the Business Names Register; and
    2.      the status of the business name of the entity is “registered”; or
  2.             confirming that:
    1.        there is a sender identification match for the entity in relation to the company name of the entity in the Australian Business Register; and
    2.      the status of the ABN relating to the entity is “active”; or
  3.             confirming that:
    1.        there is a sender identification match for the entity in relation to a trade mark owned by the entity and included in the Register of Trade Marks or an equivalent international register of trademarks; and
    2.      the status of the trademark owned by the entity is “registered”; or
  4.             confirming that:
    1.        there is a sender identification match for the entity in relation to a registered domain name of which the entity is the “registrant” in the whois.auda.org.au database; and

either,

  1.      the registered domain name is used for a website:
  1.          that can be accessed via the internet at the time that the valid use case is being confirmed; and
  2.          which the provider believes on reasonable grounds is a legitimate website; or
    1.    the registered domain name is used for an email account to which the provider has sent an email at the time that the valid use case is being confirmed and, the provider has not received a notification from the email server that the email message was not able to be delivered.
  1.       Subsection (4) does not apply where:
  1.             the ABN entity is a government agency that intends to use a sender identification in relation to which there is no sender identification match for the entity; and
  2.             the sender identification relates to an emergency, or a matter of public health, safety or security; and
  3.             the entity has provided evidence to the provider that satisfies the provider of the reason why the agency intends to use the sender identification rather than its registered business name, company name, trademark or registered domain name, as relevant.

Requirements for a certified telecommunications provider

  1.       If:
  1.     an ABN entity requests a certified telecommunications provider to make an application for registration of a sender identification in the Register on behalf of the entity; and
  2.     the provider agrees to send sender identification messages on behalf of the entity;

subject to subsection (7), the provider must make an application for registration of the sender identification in the Register on behalf of the entity.

  1.       Before making the application, the provider must comply with subsections 12(4) and (5), as if the ABN entity were a non-ABN entity.
  1.     Subject to subsection (2), if:
  1.     a non-ABN entity requests a certified telecommunications provider to make an application for registration of a sender identification in the Register on behalf of the entity; and
  2.     the provider agrees to send sender identification messages on behalf of the entity;

the provider must make an application for registration of the sender identification in the Register on behalf of the entity.

  1.       Before making the application, the provider must ask the entity if it is an entity associate for another entity.
  2.       If the entity is an entity associate for another entity (the other entity), the provider must:
  1.       apply to the ACMA for an approval on behalf of the entity associate under section 484F of the Act; and
  2.       confirm with the other entity that the entity associate is authorised by the other entity to send sender identification messages that includes that other entity’s sender identification registered in the Register; and
  3.       subject to paragraph (b), if the sender identification is not registered in the Register – make an application for registration of the sender identification on behalf of the other entity.
  1.       Before making the application, the provider must do the following:
  1.     confirm the identity of the person who has requested the provider to make the application on behalf of the entity, using an identity verification service; and
  2.     confirm that the person is an authorised representative of the entity; and
  3.     confirm that the entity has been officially recognised or certified by a governing body, regulatory authority or accreditation organisation in the country in which the entity is based; and
  4.     establish that the entity has a valid use case for the sender identification by confirming that there is a sender identification match for the entity using a trademark register or an official register or record in the country in which the entity is based.

Note: For example, the provider may check that the entity is listed on an official business register for the country in which the entity is based, or that it has been accredited by an industry association.

  1.       Subsection (4) does not apply where:
  1.       the non-ABN entity is a government agency that intends to use a sender identification in relation to which there is no sender identification match for the entity; and
  2.       that sender identification relates to an emergency, or a matter of public health, safety or security; and
  3.       the entity has provided evidence to the provider that satisfies the provider of the reason why the agency intends to use the sender identification rather than its trademark or name on an official register or record in the country in which the entity is based, as relevant.
  1.       A certified telecommunications provider must ensure that the contact details in the Register, including email address, for a non-ABN entity on whose behalf the provider has made an application to register a sender identification, are current.

Note: The ACMA will send to a non-ABN entity notifications relating to the registration of a sender identification in the Register on behalf of the entity.

International partners

  1.       If:
  1.       an international partner requests:
    1.             a certified telecommunications provider to make an application for registration of a sender identification in the Register, for the partner, on behalf of a non-ABN entity or an ABN entity; or
    2.           a participating telecommunications provider that is an originating telecommunications provider, and that is not a certified telecommunications provider, to make an application for registration of a sender identification in the Register, for the partner, on behalf of an ABN entity; and
  2.       the provider agrees to send sender identification messages for the partner;

the provider must make an application for registration of the entity’s sender identification in the Register, for the partner, on behalf of the ABN entity.

  1.       Subject to subsection (4), before making the application under subparagraph 13(1)(a)(i), the provider must have made written contractual arrangements with the international partner, which:
  1.               remain in force for as long as the partner is involved in the sending of sender identification messages; and
  2.               require the partner to perform the confirmations at paragraphs 12(4)(a), (b) and (c). 

Note: For an application made under subparagraph 13(1)(a)(ii), the confirmations in paragraph (b) will be undertaken by the ACMA via the Register system.

  1.     Subject to subsection (4), before making the application under subparagraph 13(1)(a)(i) or (ii), the provider must have made written contractual arrangements with the international partner which:
  1.               remain in force for as long as the partner is involved in the sending of sender identification messages; and
  2.               require the international partner to establish that the entity on whose behalf the sender identification is to be registered has a valid use case for the sender identification:
  1.        for a non-ABN entity – by confirming that there is a sender identification match for the entity by using by using one of the confirmation methods mentioned in paragraph 12(4)(d); or
  2.      for an ABN entity – by confirming that there is a sender identification match for the entity by using one of the confirmation methods mentioned in subsection 11(4).
  1.    The requirements in subsections (2) and (3) do not apply where the provider has made written contractual arrangements with the international partner to undertake the actions in subsections (2) and (3) on behalf of the international partner. 

EMSP partner

  1.    A participating telecommunications provider who has partnered with an EMSP partner, must fulfill those obligations under this industry standard as agreed with the EMSP partner.

Notifications

  1.    Within 24 hours of receipt by a certified telecommunications partner of:
  1.       a notice of decision given by the ACMA under Part 24B of the Act, in relation to an application for registration of a sender identification in the Register made by a certified telecommunications provider on behalf of an international partner or an EMSP partner; or
  2.       a notice given by the ACMA relating to a sender identification that has been registered in response to an application made by a certified telecommunications provider on behalf of an international partner or an EMSP partner; or
  3.       a request from an international partner or an EMSP partner asking for the removal of a sender identification from the Register;

the provider must provide the notice to the international partner or EMSP partner or action the request, as relevant.

A participating telecommunications provider must not, in any communication with an entity, expressly or impliedly indicate that the sender identification messages can only be sent by the telecommunications provider that made the application to register the sender identification in the Register on behalf of the entity.

Note: Messages containing a sender identification can be sent by more than one participating telecommunications provider.

 

Part 3Requirements relating to sending sender identification messages

  1.       A telecommunications provider that is not a participating telecommunications provider must not send, transit or terminate a sender identification message.
  2.       A telecommunications provider that is not a participating telecommunications provider must not misrepresent itself as a participating telecommunications provider (including as a certified telecommunications provider).
  1.     This section applies to a participating telecommunications provider that is an originating telecommunications provider.

Requirements prior to sending sender identification messages

  1.     Before enabling a customer’s account to send a sender identification message on behalf of an entity, the provider must check if the sender identification included in the message is registered in the Register for that entity.
  2.     If the sender identification included in the message is not registered in the Register for that entity – the provider must disrupt the message.

Note: If a provider has disrupted a sender identification message under subsection (3), the provider can send the message that has been disrupted.

  1.     If the sender identification included in the sender identification message is registered in the Register for the entity, the provider must confirm:
  1.     that it is authorised by the entity to send messages that include that sender identification; and
  2.     that the person who has requested the provider to enable the customer’s account to send a sender identification message is authorised by the entity.

Note:  Messages containing a sender identification can be sent by more than one participating telecommunications provider, if the other providers have been authorised by the entity.

  1.     The provider must not enable the customer’s account to send a sender identification message that includes the sender identification that is registered in the Register unless the provider has confirmed the matters mentioned in subsection (4).
  2.     If the provider receives notification from the ACMA that the provider is no longer authorised to send messages that include a sender identification for an entity, the provider must disable the customer account for the sender identification and cease sending any messages for that entity that include that sender identification immediately.

Note: The provider may receive notification from the ACMA if the entity has revoked the provider’s authorisation to send messages that include the sender identification or if the sender identification is no longer registered in the Register.

  1.     The provider must ensure that access to an account that has been enabled for an entity to send a sender identification message can only be accessed by authorised representatives of that entity.

Requirements relating to sending sender identification messages

  1.     Subject to subsection (9), the provider must not send a sender identification message to a telecommunications provider that is not a participating telecommunications provider.
  2.     A provider that receives a sender identification message from its EMSP partner or its international partner, as relevant, may send the message to a participating telecommunications provider that is:
  1.     a transiting telecommunications provider; or
  2.     a terminating telecommunications provider.
  1.   A provider that is also a terminating telecommunications provider, that receives a sender identification message from its EMSP partner or its international partner, as relevant, may terminate the message.
  1.     This section applies to a participating telecommunications provider that is a transiting telecommunications provider.
  2.     Subject to subsections (3) and (4), the provider must not transit a sender identification message unless:
  1.     the telecommunications provider sending the message; and
  2.     the telecommunications provider to which the provider transits the message

are participating telecommunications providers.

  1.     Subsection (2) does not apply where a sender identification message is sent to a mobile number that is connected with a carriage service that is an international mobile roaming service.

Note: For example, subsection (3) will apply where an individual, with a mobile number that was issued in Australia, is using an international mobile roaming service.  The transiting provider in this scenario will be the Australian mobile network operator of the network that the international roaming customer’s service is connected to when in Australia.

Messages from an international telecommunications service provider

  1.     Despite subsection (2), if a sender identification message is received by the provider from an international telecommunications service provider – the provider is permitted to transit the message if the provider has disrupted the message.
  1.     This section applies to a participating telecommunications provider that is a terminating telecommunications provider.
  2.     Subject to subsection 16(10) and subsection (7), the provider must not terminate a sender identification message unless the message is received from a participating telecommunications provider.
  3.     Before terminating the message, the provider must confirm, by checking the register data, that the sender identification included in the message is registered in the Register.
  4.     Subject to subsection (6), if the sender identification included in the message is not registered in the Register, the provider must disrupt the message.
  5.     For the purposes of subsection (3), checking the register data means that the terminating telecommunications provider must have checked against the register data no more than 24 hours before terminating the sender identification message.
  6.     A provider is not required to disrupt the message under subsection (4) if the sender identification included in the message is “Unverified”.

Messages from an international telecommunications service provider

  1.     Despite subsection (2), if the message is received by the provider from an international telecommunications service provider – the provider is permitted to terminate the message if the provider has disrupted the message.

 

 

Part 4Requirements relating to policies and procedures

A participating telecommunications provider must implement policies and procedures to achieve compliance with this industry standard.

A participating telecommunications provider must implement policies and procedures to deal with, record and resolve complaints from entities relating to the provider’s compliance with this industry standard. 

Note: For example, the types of complaints might include a complaint by an entity that a sender identification has not been registered in the Register as it requested or a complaint by an entity that a participating telecommunications provider did not provide information about registration of a sender identification as required by section 9.

 

Part 5Reporting requirements

  1.     Where a participating telecommunications provider becomes aware that a sender identification message is a scam message:
  1.     if the provider is the originating telecommunications provider of the scam message – it must report to the ACMA in accordance with subsection (3); or
  2.     if the provider is not the originating telecommunications provider of the scam message – it must:
  1.      notify the telecommunications provider which sent the provider the scam message, that it is a part of the chain through which a scam message has been sent; and
  2.    report to the ACMA in accordance with subsection (3).
  1.     Where a participating telecommunications provider is notified by another participating telecommunications provider that it is part of the chain through which a scam message has been sent:
  1.     if the provider is the originating telecommunications provider of the scam message – it must report to the ACMA in accordance with subsection (3); or
  2.     if the provider is not the originating telecommunications provider of the scam message – it must comply with the obligation in paragraph (1)(b).
  1.     A report to the ACMA which is required under this section:
  1.     must be in writing; and
  2.     must contain the following information:
  1.        the sender identification for the scam message; and
  2.      the total number of recipients to whom the scam message was sent; and
  3.    information about the content of the scam message; and
  4.     if the provider preparing the report (the provider) is the originating telecommunications provider of the scam message:
    1.     that the provider is the originating telecommunications provider of the scam message; and
    2.      the identity of the entity which registered the sender identification, or on whose behalf the sender identification was registered, as relevant; or
  5.       if the provider is not the originating telecommunications provider of the scam message:

(A) the identity of the telecommunications provider who sent the provider the scam message; and

(B) if relevant, the identity of the international partner or EMSP partner on whose behalf the message was sent; and

  1.     must be given to the ACMA as soon as practicable and in any event no later than 2 business days from the date on which the provider became aware of the scam message.

Within 20 business days after the end of each quarter, a participating telecommunications provider referred to in an item of column 1 of the following table must:

  1.       prepare a written report for the relevant quarter containing the information mentioned in column 2 of the item; and
  2.       give the report to the ACMA.

Information to be reported

Item

Column 1

Column 2

 

Participating telecommunications provider who must provide information

Information

1

Originating telecommunications providers

Transiting telecommunications providers

Terminating telecommunications providers

The number and type of complaints the telecommunications provider has received from other telecommunications providers, entities and message recipients relating to the Register.

2

Originating telecommunications providers

  1.     The total number of sender identification messages sent by the originating telecommunications provider which included sender identifications registered in the Register.
  2.     The total number of sender identification messages which included sender identifications that were not registered in the Register and were disrupted by the originating telecommunications provider.

3

Transiting telecommunications providers

Terminating telecommunications providers

The identity of any telecommunications providers that are not participating telecommunications providers that have attempted to send sender identification messages.

4

Terminating telecommunications providers

  1.     The number of sender identification messages received from participating telecommunications providers.
  2.     The number of sender identification messages which included sender identifications that were not registered in the Register and were disrupted by the terminating telecommunications provider.

5

Transiting telecommunications providers

The number of sender identification messages sent by international telecommunications service providers that were disrupted by the transiting telecommunications provider.

6

Certified telecommunications providers

The number of requests received from a non-ABN entity (directly to the certified telecommunications provider or via an international partner or EMSP partner for the provider) to make an application for registration of a sender identification in the Register on behalf of the entity under subsection 12(1) but the application was not made because the provider was unable to confirm or establish one or more of the matters in subsection 12(4).

Part 6System security, record keeping and privacy

  1.     A telecommunications provider must keep records to demonstrate its compliance with this industry standard. 
  2.     Where a telecommunications provider keeps records under subsection (1) it must take all reasonable steps in the circumstances:
  1.       to protect any such record from misuse, interference and loss and from unauthorised access, modification or disclosure; and
  2.       to ensure that any such record is destroyed or otherwise disposed of in a secure manner where the record is no longer required to be retained under this industry standard or any other applicable law.

A telecommunications provider must:

  1.       retain any record required to be kept under subsection 23(1) for 2 years from the date of creating the record; and
  2.       make any such record available to the ACMA within 5 business days after receiving a written request from the ACMA.
  1.       A participating telecommunications provider must take all reasonable steps to ensure that its information technology systems and processes relating to the sending of sender identification messages and its interactions with the Register are secure.
  2.       Where a participating telecommunications provider becomes aware of a breach or suspected breach of the security of any of its information technology systems or processes referred to in subsection (1), it must notify the ACMA, as soon as practicable, of what has occurred and what steps have been taken to rectify the matter.

Where a participating telecommunications provider is not subject to the requirements of the Privacy Act 1988, it must ensure that personal information it collects for a particular purpose in connection with this industry standard:

  1.       is not used or disclosed for some other purpose except:
  1.        as required to manage a complaint made by the person to whom the information relates; or
  2.      with the express consent of the person to whom the information relates; or
  3.    where the use or disclosure is required or authorised by or under an Australian law or a court or tribunal order; and

 

  1.       is destroyed or otherwise disposed of in a secure manner where it is no longer required to be retained under this industry standard or any other applicable law.

Note: Where a provider is subject to the Privacy Act 1988, Australian Privacy Principle 6 in Schedule 1 to that Act will apply to the use or disclosure of personal information it collects in connection with this industry standard.

 

Part 7 Notification to message recipients

  1.       This section applies to a carriage service provider that supplies a public mobile telecommunications service.

Regular notifications

  1.       For each public mobile telecommunication services supplied by a provider under a contract, the provider must provide information about how the following will be dealt with under this industry standard:
  1.     a sender identification message that includes a sender identification registered in the Register; and
  2.     a sender identification message that includes a sender identification that is not registered in the Register,

to either:

  1.     the end-user of the service; or
  2.     the account holder for the service.
  1.       For subsection (2), the information must be:
  1.     published on the provider’s website from 30 November 2025; and
  2.     provided to the end-user or the account holder, as relevant, by SMS, via a mobile application or by email or any other direct communication with the end-user or account holder:
  1.      upon entering into or renewing a contract with the account holder; and
  2.    at least once every quarter, starting from the quarter commencing 1 October 2026.

One-off notifications around 1 July 2026

  1.       For each public mobile telecommunication services supplied by a provider under a contract, the provider must provide the following information:
  1.     how the following will be dealt with under this industry standard:
  1.      a sender identification message that includes a sender identification registered in the Register; and 
  2.    a sender identification message that includes a sender identification not registered in the Register; and
  1.     that the Register will commence on 1 July 2026,

to either:

  1.     the end-user of the service; or
  2.     the account holder for the service.
  1.       For subsection (4), the information must be provided to the end-user or account holder, as relevant, by SMS, via a mobile application or by email or any other direct communication with the end-user or account holder:
  1.     between 18-20 June 2026; and
  2.     between 28-30 June 2026; and
  3.     between 8-10 July 2026.

 

 

Schedule 1 – Information to be provided to customers

(Paragraph 9(1)(a), paragraph 9(2)(d), paragraph 9(3)(c), and section 10)

The following information must be provided to customers by a participating telecommunications provider that is an originating telecommunications provider under paragraphs 9(1)(a), 9(2)(d) and 9(3)(c) and by an originating telecommunications provider under section 10:

  1.       Part 24B of the Act provides for the establishment of the SMS Sender ID Register (the Register);
  2.       From 1 July 2026, if a sender identification message is sent which includes a sender identification that is not registered in the Register, the sender identification message will be labelled as ‘Unverified’;
  3.       If an entity wishes to send sender identification messages, it must register its sender identification in the Register and ensure that it uses one or more participating telecommunications providers to send the sender identification messages;
  4.       The following types of entities can be approved to make applications to register sender identifications in the Register:
    1.             an individual;
    2.             a body corporate;
    3.             a corporation sole;
    4.             a body politic;
    5.             a government entity (within the meaning of the A New Tax System (Australian Business Number) Act 1999);
    6.             a partnership;
    7.             any other unincorporated association or body of persons;
    8.             a trust;
    9.             a superannuation fund (within the meaning of the Superannuation Industry (Supervision) Act 1993);
  5.       For an entity to be able to have its sender identification registered in the Register, the entity must demonstrate that it has a valid use case for the sender identification;
  6.        An entity can make an application to register its sender identification in the Register through a participating telecommunications provider that is an originating telecommunications provider. A list of all participating telecommunications providers that are originating telecommunications providers will be made available on the ACMA’s website;

 Entities with an ABN

  1.       An entity with an ABN can make an application to register its sender identification through any participating telecommunications provider that is an originating telecommunications provider, or a partner of a participating telecommunications provider. In order to obtain approval to make such an application:
    1.             the person making the request for the entity must be listed as an authorised contact for the entity on the Australian Business Register, or be otherwise authorised by that entity; and
    2.             the person making the request must pass an identification check; and
    3.             the person making the request must agree to the Register’s terms of use;

Note:  These requirements will be included in a determination made under section 484L of the Act.   

  1.       Once the provider has made the application for registration of the sender identification on behalf of an entity, the person making the request for the entity will receive instructions from the ACMA about how to access the Register;
  2.        Once the entity is approved by the ACMA, the entity will be able to confirm the registration of the sender identification;

Note:  The requirements in paragraphs (h) and (i) will be included in a determination made under section 484L of the Act.   

  1.        Any cost for registering a sender identification, including any ongoing annual charge;
  2.       Once the entity’s sender identification is registered, the entity can authorise other participating telecommunications providers to send messages using that sender identification;
  3.        An entity with an ABN can also register its sender identification through an originating telecommunications provider that is a certified telecommunications provider;

Entities without an ABN

  1.     An entity without an ABN can only make an application to register its sender identification through an originating telecommunications provider that is a certified telecommunications provider or a partner of a certified telecommunications provider. That provider or partner will conduct similar checks to those outlined in paragraph (g);
  2.       An entity without an ABN that makes an application to register its sender identification through a provider or partner of the kind referred to in paragraph (m) will not be able to gain access to the Register.