IoT connectivity is no longer a purely technical detail. For organizations deploying devices internationally, it is increasingly becoming a legal and operational challenge. One of the most underestimated risks in this context is permanent roaming.
What is permanent roaming?
When an IoT device connects to a local network via a foreign SIM card, this is called roaming. In itself, this is not a problem. Roaming only becomes “permanent” when a device does this over an extended period, for example more than 90 to 120 days without ever returning to the home network of the SIM card.
For most IoT devices, this is almost always the case. A smart meter, industrial sensor or payment terminal is installed at a fixed location and does not move. As a result, the SIM card is constantly roaming, while roaming agreements between operators were originally designed for traveling users.
Four regulatory themes to watch
Global regulation around IoT connectivity focuses on four main areas.
- The permanent roaming ban: an increasing number of countries explicitly prohibit this or make it practically impossible through supporting policies.
- IMEI registration requirements, where foreign devices must register with local authorities after a certain period, sometimes linked to tax obligations.
- eSIM provisioning regulations, which define who is allowed to distribute profiles and how data may be stored, driven by privacy, data sovereignty and national security concerns.
- Regulation of roaming tariffs.
Permanent roaming banned: which countries have which rules?
Regulation varies significantly by country. Brazil, Turkey, Nigeria, China and India prohibit permanent roaming or make it practically impossible through regulation. Turkey is particularly strict: in 2025 it required all eSIM provisioning to be handled via Turkish operators, leading to the blocking of dozens of international eSIM providers. Saudi Arabia and Singapore impose strict conditions. The US and Canada do not have legal bans, but operators apply their own restrictions.
Within the European Union, permanent roaming is allowed under the “Roam Like at Home” act, although there is ongoing discussion about whether specific M2M regulation is needed. Australia, Japan, New Zealand and South Korea allow roaming under certain conditions.
How do you stay compliant?
There are four main approaches:
- Multi-IMSI SIM cards contain multiple operator identities and allow the device to automatically switch to a “local” IMSI, meaning roaming does not technically occur.
- eSIM with remote provisioning via the SGP.32 standard enables over-the-air activation of a local operator profile, without physical access to the device.
- Local breakout via regional networks routes data traffic locally instead of through the home network, reducing latency and improving data sovereignty compliance.
- Local operators offer partnerships in markets such as China, India and Brazil. This is the only viable approach in regions where regulation requires local presence.
SGP.32: promising, but not a guarantee
SGP.32 is seen as the technical answer to the roaming challenge. The GSMA standard, published in 2023, enables dynamic remote profile switching and is specifically designed for IoT environments without a user interface. The first large-scale deployments are expected in 2026 and 2027.
However, SGP.32 is a technical standard, not a legal guarantee. Whether a locally provisioned profile is actually compliant depends on which operator provides the profile and whether the SM-DP+ server meets local regulatory requirements. Technology and compliance must be managed together.
Conclusion
Permanent roaming is not a marginal issue: it affects every organization with IoT devices across multiple countries. As more regulators actively enforce rules and more operators tighten their policies, compliance becomes a prerequisite for operational continuity.
At Thingsdata, we support organizations with international IoT deployments. Through our multi-IMSI SIM cards, eSIM solutions and local operator partnerships, such as the Thingstian alliance, we ensure compliant, scalable connectivity in over 190 countries. For more information, please contact us at +31-85-0443500 or via email at info@thingsdata.com.
Need reliable IoT SIM cards? Request our test kit for 3 free SIMs with 100 MB data for 3 months. Experience seamless IoT connectivity today.
Looking for a reliable IoT partner? Download our brochure for instant access to valuable insights about our services and IoT solutions.