Company A knows, but doesn't care, then sends the call to company B. Company B doesn't know / can't verify.

It seems like it's on the rise in the UK https://www.which.co.uk/news/2019/10/whos-really-calling-you...

As for the capability, in many ITSP companies you can sign a paper saying "I promise that all the calls I'm sending have a valid callerid" and get no restrictions.