info@contactspace.com | US +1 (415) 200 3752 | UK +44 115 824 5548 | AU 1300 360 553 | NZ +64 9558 2147
contactSPACE logo.
Contact Us

Blog

  • Blog
  • TCPA Compliance Checklist | For Outbound Call Centers

TCPA Compliance Checklist | For Outbound Call Centers

Tom Paton

If you’re making outbound voice or SMS contact to customers in the United States, you might be wondering how to ensure you maintain compliance with the Telephone Consumer Protection Act (TCPA).

Here at contactSPACE, we help businesses make compliant outbound contact at scale, so we have extensive experience helping different types of organizations manage their compliance when calling, including with the TCPA.

Today, we’ve explained some of the things you might want to consider to maintain compliance with this legislation when making outbound contact.

Note: the following is not legal advice and is general in nature. Please consult with a lawyer to develop an understanding of your specific compliance requirements.

Contents

TCPA summary

Call center agent speaking to a customer.

The Telephone Consumer Protection Act 47 U.S.C § 227 (TCPA) is a US federal law that regulates businesses’ conduct when making outbound contact using telecommunications technology, including telephone calls, text messages, and faxes.

The law mandates certain rules businesses must follow when making outbound contact, and has specific regulations around making automated telephone calls.

Under the TCPA, restrictions are placed on Automated Telephone Dialing Systems (ATDS), which are defined as tools that can store or produce random or sequentially-generated phone numbers, and place calls to them. When using an ATDS for solicitation (telemarketing), you generally cannot call or text a given number without prior express written consent from that customer.

Consumers are also given the right to opt out of marketing or sales communications from a business that contacts them.

Certain types of communications made by certain types of organizations are exempt from certain TCPA rules. For example, nonprofits do not always have to follow all TCPA requirements when making fundraising phone calls, and debt collection calls are often exempted from certain requirements.

The TCPA affects all businesses located in the United States, as well as international businesses contacting consumers in the US.

TCPA compliance checklist

Below are some of the main things you generally need to consider to ensure compliance with the TCPA when making outbound contact over voice or SMS channels.

We have described the rules in terms of how they apply to phone calls, but in general, the same restrictions apply to text messages as well.

  1. Calls must be made at a compliant time of day. You cannot call a person outside the hours of 8am to 9pm in their local time zone.
  2. Solicitation calls may not use an artificial voice or recording without prior express written consent. Solicitation is defined as encouraging the recipient of the call to purchase, rent, or invest in goods or services. The FCC has recently clarified that this applies to AI-generated audio as well.
  3. Solicitation calls may not be made to individuals registered on the national Do Not Call Registry. Only certain exempt types of contact, such as security/emergency alerts, may be made to listed numbers. If the national do not call list is stored locally by the business, it must be updated at most every 31 days.
  4. Solicitation calls using an ATDS may not be made to cell phones or pagers, or to numbers where the recipient may be charged for the call, without prior express written consent. If using an ATDS as defined by the TCPA to call one of these types of numbers, you must have previously obtained written consent from the customer.
  5. Companies must maintain an internal do not call (DNC) list, and anyone registered on the list must not be contacted. Customer requests to be added to the list must be honored within 10 business days as of April 2025, and list membership must be maintained for at least five years.
  6. Companies must identify themselves in their communications, including stating their business name, and providing a valid address or phone number. It must also be made clear to the customer how they can opt out of receiving future communications.
  7. ATDS and automated/prerecorded calls cannot be made to emergency numbers and certain other types of organizations without prior express consent. This includes hospitals, medical physician or service offices, health care facilities, poison control centers, and fire protection or law enforcement agencies.
  8. When predictive dialing, there is a maximum 3% allowable abandonment rate for each campaign over a 30-day period. A “campaign” in this case is defined as the offer of the same good or service from the same seller, even if the script, target region, or other attributes are different. Meaning, for each offer, in each 30 day period, you cannot leave more than 3% of people with no one to speak to within two seconds of answering the phone when predictive dialing.
  9. When a call is abandoned, customers must be informed using a prerecorded message, informing them how to opt out of receiving future communications. The message must inform the customer that the call was for “telemarketing purposes,” and must state the name and telephone number of the business. The phone number provided must allow the customer to make an opt-out request during business hours, and the option to opt-out using a voice or push-button IVR must also be provided.
  10. Telemarketers must provide caller ID. An accurate phone number must be displayed to the customer receiving the call, and this number must be capable of receiving an opt-out request during business hours.

Maintaining TCPA compliance in practice

Call center agent working at a desk.

Maintaining compliance with the TCPA can seem complex, especially as a larger team making outbound contact with various different types of customers.

Here at contactSPACE for example, some of our customers use AI agents to perform certain types of outbound interactions, which can introduce increased TCPA compliance considerations.

Other customers have various different types of leads they make contact with, each with varying levels of consent across the different contact methods on file.

If your team are using larger datasets, and make more calls, including predictive dialing, it can be a good idea to have software take on some of the work of ensuring compliance for you.

Using a software solution built with data control and campaign strategy in mind, it can become easier to ensure TCPA compliance, and consistently make the right contact, at the right moment, on the right channel.

Here at contactSPACE, our technology powers outbound contact for some of America’s largest businesses, including helping to manage their compliance obligations.

If you’re looking for a way to more easily make compliant contact at scale, including with other contact center software and communications platforms, learn more about our dialing, compliance, and data orchestration solutions.

Frequently asked questions

What is prior express written consent (PEWC)?

PEWC is officially defined as “an agreement, in writing, bearing the signature of the person called that clearly authorizes the seller to deliver or cause to be delivered to the person… advertisements or telemarketing messages using an automatic telephone dialing system or an artificial or prerecorded voice, and the telephone number to which the signatory authorizes such advertisements or telemarketing messages to be delivered.”

In short:

  • Consent must be provided in writing, and the agreement must be signed by the customer.
  • Consent must be tied to a specific telephone number.
  • The agreement must clearly state that the customer is signing up to receive ATDS calls and/or prerecorded/AI voice calls.
  • The agreement must clearly disclose that signing is not required as a condition of purchase.

The signature can be provided electronically or digitally, and must be “recognized as a valid signature under applicable federal law or state contract law.”

For some types of communications, only prior express consent (PEC) is required, such as making non-solicitation artificial voice calls using an ATDS.

Compared to prior express written consent, PEC is defined more broadly. It can be transmitted orally, and can sometimes be implied as opposed to explicitly provided.

When do I need prior express written consent (PEWC)?

You most likely need PEWC:

  • To make solicitation calls using prerecorded auto or an automated voice.
  • To make solicitation calls to a mobile number, or numbers where the recipient may be charged to receive the call, using an ATDS.
  • To make solicitation calls to protected organizations such as hospitals and law enforcement departments.

Does PEWC override the national Do Not Call Registry?

If you have PEWC from a customer, it is generally permissible to call or text them even if their number is listed on the national Do Not Call Registry.

The law states that in this case, “…permission must be evidenced by a signed, written agreement between the consumer and seller which states that the consumer agrees to be contacted by this seller and includes the telephone number to which the calls may be placed.”

Does the TCPA affect B2B communications?

The TCPA also applies to B2B phone calls and text messages.

In general, similar rules apply for B2B and B2C outbound calling and SMS campaigns under the TCPA.

However, businesses looking to contact other businesses may have to pay closer attention to certain aspects of the law.

For example, there are specific restrictions around placing calls to phone numbers where the recipient may incur a charge, which can be common in a B2B context. If you call a toll-free number for instance, the recipient may be billed to receive the call, or may be charged per minute that they stay on the line.

It is also explicitly prohibited to engage “two or more telephone lines of a multi-line business… simultaneously” under the TCPA.

Does the TCPA affect predictive dialing?

Contact center agent making an outbound call.

The TCPA has rules that affect predictive dialing both directly and indirectly.

  • Abandonment must be limited to a maximum of 3% every 30 days for each campaign the business conducts. A call is defined as abandoned when no agent is available to speak to within two seconds of the customer answering the phone.
  • When a call is abandoned, the customer must be notified as such, be provided the business’s name and contact details, and given the ability to opt out of solicitation communications.
  • A solicitation phone call cannot be disconnected until at least four rings or 15 seconds have elapsed. Your predictive dialer must therefore allow unanswered calls to ring for at least this long.

Does the TCPA apply to sending emails?

The TCPA does not cover email communications, no matter the device they are received or sent on. These are instead regulated by the CAN-SPAM Act.

Am I using an ATDS?

If the software you are using cannot generate telephone numbers randomly or sequentially, it may not be considered to be an ATDS under the current interpretation of the TCPA.

However, certain states have enacted their own laws with different definitions of an ATDS and other restricted technologies, which can be broader than the federal definition in some cases. Therefore, just because a solution cannot generate telephone numbers randomly or sequentially does not always mean it is not considered an ATDS in all jurisdictions.

Also, not using an ATDS does not necessarily exclude your business from TCPA compliance requirements, especially those that do not apply to ATDS-based contact specifically.

What is the Established Business Relationship exemption?

Under the TCPA, if you have what is known as an Established Business Relationship (EBR) with a customer, certain communications can sometimes be TCPA-exempt.

This means that within 18 months of a purchase or 3 months of an enquiry with your business, you can sometimes contact that customer without prior express written consent, without using an ATDS, and assuming the customer is not on your internal DNC list.

Once again, this rule can vary by state, as some jurisdictions have different definitions of the respective timeframes from a purchase or enquiry that you can make contact.

What are the consequences of violating the TCPA?

The most common penalty for violating the TCPA is a fine. The exact amount of the fine depends on a range of different factors, including the specific aspects of the regulations that were violated.

At a basic level, courts can impose a fine of up to $500 per individual violation of the law. However, this amount can increase significantly if it is found that the breach was made knowingly or willfully, increasing to $1,500 per violation in some cases.

This means that repeated breaches of the rules can quickly lead to fines of five to six figures or higher, depending on the level of culpability assessed by the court.

It’s also worth mentioning, specific aspects of the TCPA can attract higher fines when violated. For example, calling someone on the Do Not Call Registry or your internal DNC list can result in a fine of more than $53,000, under the FTC’s Telemarketing Sales Rule.

Final advice

To ensure TCPA compliance when making calls or sending texts, it can be helpful to have close control over your data and contact strategy.

For example, to ensure compliance, you may need to more closely control who you call, when you call them, and how you make contact – as well as managing abandonment when predictive dialing.

At contactSPACE, our outbound contact solutions give you complete control over your data and contact strategy.

If you’re looking for a way to more easily manage your outbound compliance responsibilities, get in touch with our team today.

Menu