Quick answer. The General Conditions of Entitlement are Ofcom’s core regulatory rules for providers of electronic communications networks and services. They set binding standards on network security, emergency services access, consumer protection, transparency, switching and numbering. The conditions apply automatically by virtue of providing a regulated service; there is no licence to apply for. Which specific conditions bind a provider depends on its category, and misclassifying the category is the most common source of compliance breaches.

The General Conditions of Entitlement are the principal mechanism through which Ofcom regulates communications providers. They set minimum standards for network security, consumer protection, emergency services, transparency, and access obligations. Compliance is mandatory for all providers that fall within scope. But the General Conditions are not a single regime. They are a matrix. Which specific conditions apply to your provider category determines the compliance obligations you face. Mismatching conditions to provider type is the most common compliance error.

Trigger situation

A provider has confirmed it falls within Ofcom’s scope and now needs to understand what the General Conditions require. A business expands into a new service category and needs to reassess which conditions apply. An existing provider faces a compliance gap following an Ofcom policy change or business model shift. A potential acquirer needs to understand the compliance obligations that transfer with a telecoms business. An Ofcom investigation identifies deficiencies and requires remedial action.

Why it matters now

The General Conditions were substantially consolidated and renumbered in 2022 when the European Electronic Communications Code was transposed into UK law. The 2022 consolidation created a new structure in which conditions are grouped by function (network security, consumer protection, emergency services, universal service, accessibility, transparency, and interconnection) rather than by provider type. This reorganisation, while logically sound, has created confusion among existing providers working from older understanding of the conditions. A provider’s obligations depend on three questions: whether it provides an electronic communications service (ECS) or an electronic communications network (ECN), whether that service or network is public or private, and which segment of customers it serves (consumers, SMEs, or enterprise). The same condition number may apply differently to different provider types, or may not apply at all. An MVNO (mobile virtual network operator) and a fibre network operator both provide electronic communications services but have materially different compliance obligations.

Ofcom has increased the intensity of compliance monitoring and enforcement across the General Conditions. Its typical enforcement pattern is to open an investigation and then use its information-gathering powers under section 135 of the Communications Act 2003 to require providers to produce documents and information. Enforcement notices can follow quickly where deficiencies are identified, particularly on network security obligations under the Telecommunications Security Act 2021. Compliance is no longer a one-time registration exercise; it is an ongoing operational requirement.

Where clients get it wrong

The most common error is to read the General Conditions as a flat list rather than a matrix. A provider might assume that all conditions apply to all providers, or conversely that only a subset applies to their category. In reality, the conditions are segmented by provider type. Public ECN providers have obligations around network design, interoperability, and open access that do not apply to ECS providers. ECS providers (such as VoIP providers) have obligations around number management and call quality that may not apply to network operators. Consumer-facing providers have additional consumer protection obligations (transparency, contract terms, quality of service reporting) whose scope depends on whether the provider serves consumers, SMEs, or enterprise customers.

The second common error is to confuse the numbering or terminology. The 2022 consolidation changed how conditions are identified and grouped. A provider working from compliance documentation prepared before 2022 may be following conditions that have been renumbered or merged with others. The condition on network security was previously in one location; it is now in another. The emergency services obligation was previously expressed in one form; it is now expressed in a more detailed form, particularly following the TAR 2026-31 which tightened emergency services requirements.

The third error is to assume that an existing compliance programme designed for one service category still applies when the provider expands to another. A managed network operator providing private network services to enterprise customers has one set of obligations. If that operator begins offering broadband internet access to the same customers, additional obligations apply. The provider cannot assume that the existing compliance structure covers the new service. A reassessment is required.

The fourth error is to focus on the condition text without understanding Ofcom’s guidance and enforcement precedents. Ofcom publishes guidance on each condition. The guidance explains how Ofcom interprets the condition, what evidence of compliance looks like, and what Ofcom regards as a material breach. A provider that complies with the literal text of a condition but not with Ofcom’s published guidance is still at risk of enforcement action. Ofcom’s enforcement decisions also establish how it interprets conditions in practice. These decisions are publicly available and provide crucial context.

The fifth error is to treat the conditions as static. Ofcom updates conditions, publishes new guidance, and issues enforcement decisions that shape interpretation. The conditions applicable to a provider in 2024 may be slightly different from those applicable in 2026. Providers that do not maintain a current compliance function risk being out of step with current regulatory expectations.

The Advisor’s Perspective

The General Conditions are not the obscure province of specialist telecoms lawyers. They are the operating manual for communications providers, and they determine, in granular detail, how you can operate and what you must do to comply. The 2022 consolidation created genuine opportunities for confusion because the structure changed. But the underlying logic is sound: different provider types have different obligations. The common mistake is to fail to map which conditions apply to your specific category.

From my Oftel days, the most effective compliance function is one that does this mapping at the outset and then monitors Ofcom guidance and enforcement precedents as they evolve. The provider that reads the conditions in isolation, without this context, is flying blind.

What good looks like

Bratby Law’s approach begins by identifying your precise provider category: are you providing an ECN or an ECS (or both)? Is it public or private? Which customer segments do you serve? Some providers fall into multiple categories. The first step is to establish this clearly. We then map which of the conditions apply to your category. This is not a compliance checklist; it is a structured analysis of the conditions that are in force in your case.

For each applicable condition, we analyse what Ofcom requires and, crucially, what evidence of compliance looks like in Ofcom’s eyes. We review Ofcom’s published guidance on the condition, and any enforcement decisions that illustrate how Ofcom interprets it. We then advise on whether your existing compliance programme meets these standards or whether gaps or improvements are needed.

If compliance gaps exist, we advise on how to remedy them. This might involve changes to operational procedures, documentation, systems, or contractual terms. We prioritise gaps by reference to Ofcom’s enforcement history: conditions that Ofcom actively enforces are higher priority than those it does not.

For providers that are changing their service offering, we reassess the applicable conditions and advise on any new compliance obligations that arise.

When to instruct

Some General Conditions compliance is straightforward. A provider already knows it is regulated and has established compliance processes. If the provider is not changing its service offering and Ofcom has not recently issued guidance that affects its sector, no specialist input is needed. But in many cases external advice is valuable.

Cases where external specialist input is needed include: (1) a newly regulated provider establishing a compliance programme for the first time; (2) an existing provider expanding into a new service category and needing to assess whether new conditions apply; (3) an Ofcom investigation or s135 information request, where specialist interpretation and response is critical; (4) material uncertainty about how a condition applies to your specific business model; (5) a proposed change to operations or commercial terms and the need to assess compliance implications; (6) an acquisition or investment involving a regulated entity, where due diligence requires assessing compliance status.

How Bratby Law helps

We map the General Conditions applicable to your specific provider category and service offering. We analyse what Ofcom requires under each applicable condition and what evidence Ofcom expects to see. We review current Ofcom guidance and enforcement decisions to assess how Ofcom interprets the conditions in practice. We audit your existing compliance programme against the applicable conditions and identify gaps or improvements needed. We advise on how to remedy gaps and prioritise by reference to regulatory risk. We assist with compliance documentation, policies, and procedures. We respond to Ofcom investigations, s135 information requests and enforcement notices. We advise on compliance implications of proposed changes to service offerings or operational practices. For M&A transactions, we assess the compliance status of target businesses and identify any remediation needed.

Related telecoms regulation pages

See also our other telecoms regulation pages:

• Interconnection regulation
• Numbering
• Spectrum
• Lawful intercept and the Investigatory Powers Act 2016
• Ofcom Licence Fees
• Code Powers and access to land
• Am I regulated?
• SMP regulation and market reviews
• Telecoms Security
• Ofcom
• Complaints and investigations
• Connected Vehicles and IoT Regulation

Why Choose Bratby Law?

Independent directory rankings

Our specialist expertise is recognised in major independent legal directories:

• Chambers & Partners: Rob Bratby is ranked as a band 2 lawyer in the UK Guide 2026 in the “Telecommunications” category: Chambers
• The Legal 500: Rob Bratby is listed as a “Leading Partner – Telecoms” in London (TMT – IT & Telecoms): The Legal 500
• Lexology: Rob Bratby is featured on Lexology’s expert profiles as a Global Elite Thought Leader for data: Lexology

What clients say about Bratby Law:

If you are uncertain whether your service falls within scope, the starting point is our Am I regulated? page. If you are facing an Ofcom investigation into General Conditions compliance, see Complaints and Investigations.

Also see

• Why Bratby Law?
• Services
• Telecoms Regulation Overview
• Am I regulated?
• Interconnection and Access
• Numbering
• Code Powers
• Security
• Licence fees
• Transactions
• Transactions
• Co-counsel
• Fractional General Counsel

See also: MVNOs and MVNEs.

Frequently asked questions

Does the Ofcom General Conditions regime apply to my organisation?

It applies if you provide a public ECN or ECS. This includes providers offering connectivity to any non-related third party for remuneration, even a single customer.

Do the Ofcom General Conditions apply if I only provide services to enterprises?

Yes, if those enterprises are external to your group. Public/private classification depends on whether services are supplied to unrelated parties.

Do the General Conditions apply to wholesale services?

Yes. Wholesale providers of capacity, IP transit, interconnection, MVNO hosting and related services are public ECS providers and must comply with relevant Conditions.

Do the General Conditions apply to cloud-based or virtualised connectivity?

Yes where the core feature is connectivity. SD-WAN, SASE and virtual switching services may constitute ECS provision.

How do the General Conditions interact with the Telecommunications (Security) Act?

Public ECN/ECS providers must comply with the statutory security duties. These obligations sit alongside, and do not replace, the General Conditions.

Which Conditions apply to numbering and porting?

Numbering and porting requirements are in Part B. They apply to providers using or controlling numbers, including VoIP and MVNO providers. Additional (gaining provider led) switching requirements are set out in Part C.

Which Conditions apply to consumers and small businesses?

Part C includes contract information, switching, complaints handling and other protections for consumers and small enterprises placed on providers to those groups.

What happens if I breach the General Conditions?

Ofcom may issue directions, require remedial steps, impose penalties and publish enforcement outcomes.

See our Core Communication and TelXL case studies for examples of how we advise on Ofcom General Conditions compliance.