Your customers opted in for calls and texts from your business. But were those opt-ins still enough to comply with the Telephone Consumer Protection Act (TCPA)? New rules under the TCPA might have changed that.
The TCPA requires businesses to get prior express consent from consumers before making autodialed or prerecorded calls or texts, and it requires them to honor consumers’ opt-out requests promptly. Needless to say, this makes the TCPA a major presence in customer communication programs: non-compliance can bring hefty fines from the Federal Communications Commission (FCC).
The new TCPA regulations that went into effect April 11 are part of the FCC’s broader robocall/robotext crackdown. We’ll give you a breakdown of the changes and what they mean for businesses’ customer communications. Then we’ll talk about what businesses might do to adapt to the new consent requirements, including how they can use their customer journey management tools to their advantage in complying with them.
What’s Changing in the New TCPA Rules?
1. One-to-One Consent Rule (No More Shared Consent)
Consent for robocalls and robotexts must be directly between the consumer and the seller (i.e., your brand). That means lead generators or third-party consent brokers can no longer collect consent using generic “partner lists,” which often have dozens or hundreds of potential sellers. If you’re a seller on those lists, the customer didn’t knowingly consent to your company contacting them, according to the new rules. Also, the consent would likely be considered too broad to satisfy the new requirements.
Consent must include clear and conspicuous identification of each individual company the consumer agrees to be contacted by. That brings us to how the consent disclosure needs to be presented…
2. Consent Must Be Brand-Specific and Transparent
The consumer must see and agree to the actual name of the business before being contacted. And the consent can’t be bundled for multiple sellers or business partners in one opt-in: so no more saying, “You agree to receive communications from us and other brands you’d love.” Businesses can no longer rely on broad language in these disclaimers, either. Language such as “by submitting, you agree to be contacted by our partners” is no longer acceptable.
3. Scope of Calls and Texts Must Be Limited to the Purpose of Consent
Not only does the consent need to specify the brand, it also needs to specify the exact types of communication. So consumers need to know in the disclaimer that they agree to receive promotional messages, appointment reminders, order tracking updates, etc. It also means that consent for marketing calls can’t be used as consent for appointment reminders (or vice versa) without clear disclosure.
4. Recordkeeping Requirement
Organizations must document and retain proof of consent. If a consumer were to claim they never gave consent to receive communications, it’s on the organization—and not the consumer—to prove otherwise. This documentation will be critical should the company have to defend against TCPA litigation or FCC investigations.
5. Application to All Automated Calls and Texts
These rule changes apply to all robocalls, autodialed calls, pre-recorded messages, and SMS/MMS texts. So all channels are in scope—whether they’re voice or text-based. And there’s no exception for CX-related content, so appointment reminders, account notifications, fraud alerts, billing notices, etc. may require documented consent if they’re delivered through an automated system.
Why the New TCPA Rules Matter to Large Enterprises
Large enterprises face significant challenges under the new TCPA rules—especially those that rely on high volumes of automated customer communications. The more messages sent through automated systems, the greater the exposure.
As with anything else in customer communications, more channels can bring more challenges. Managing consent across voice, SMS, and email introduces operational complexity and increases the likelihood something can go wrong, like outdated opt-in records or missing revocation requests. Sending a payment reminder through an autodialed call without documented consent (even if it’s non-marketing) might be considered a violation under the new rules.
Running afoul of these consent rules carries a risk of costly litigation (including class-action lawsuits) as well as enforcement action from the FCC. TCPA violations can carry statutory damages of $500 to $1,500 per call, text, or voicemail depending on whether the violation is deemed negligent or willful.
But even setting aside the legal risks, there’s the reputational damage that comes with noncompliance. A brand that ignores consent requirements can come off as spammy to customers, which undermines the trust and loyalty it’s trying to foster through those communications.
Lastly, there’s the costly disruption that TCPA noncompliance can bring. It could force a business to pause or drastically alter SMS, robocalls, and other automated outreach until its systems are brought back into compliance. Then there are remediation “fixes” that become necessary after TCPA violations: audits, legal counsel, technology updates, and process improvements—often at a premium due to urgency. In some cases, businesses might have to re-obtain consent from millions of customers.
3 Smart Adaptations to the TCPA Rule Changes
Changes like the one-to-one consent rule are a big deal to your business if it runs robust automated customer communications. Here are some general best practices to not only help you manage the risks, but also improve your customer communications programs overall.
1. Unifying Your Customer Data (Including Opt-Ins)
The TCPA rules are only the latest example: It’s more important than ever to get a centralized view of customer data across your siloed departments and communications systems. That data should include consent—what channels and types of communications each individual customer has or hasn’t opted into. Once that data has been unified, then it’s easier for an intelligent decisioning system to send (or not send) your various automated messages to individual customers according to the consent and preferences you have on record.
2. Align Teams for Better Compliance
CX, marketing, legal, compliance and tech teams all have skin in the game when it comes to TCPA compliance. If you’re responsible for managing your customers’ communication strategy, it’s important to get on the same page with legal regarding the nuts and bolts of the requirements (like the disclaimers), and IT teams need to know what specific updates must be made to your communication systems. Also be sure to ask your customer engagement solution vendors what they’re doing to support TCPA compliance.
3. Use Automation and Centralized Platforms
Managing customer consent across multiple channels—like text, voice, and email—can get complicated fast. Automation and centralized tools can help you keep it sorted. Not only might such tools track the consent, but they might also send automated reminders to renew expired consent, or flag your business when a customer opts out. When you have the right customer engagement platform, these changes can be applied to the customer profile in real time. The automation and centralization reduce the chance of human error, keep you adaptable to the rule changes, and ensure your messages align with how customers expect to be contacted.
Keep Building Customer Trust
Compliance isn’t just about avoiding fines—it’s about customer trust. What these TCPA rule changes boil down to is showing customers that you respect their preferences. If that’s not about customer loyalty, what is?
Don’t let noncompliance undermine all the good work you’re doing to keep customers engaged and grow their relationships with your brand.
