Understanding the Do Not Call Rules & Regulations
By Contact Center Compliance on Oct 16, 2019
Introduction to Do Not Call Policy & Compliance Requirements
Once upon a time, you could place marketing calls to anyone you wanted. They might get mad that you interrupted their dinner, yell, and hang up on you, but it was all perfectly fine and legal. Then, in 2003, the Do Not Call Implementation Act became law. A national Do Not Call (DNC) registry was created, and consumers could add their number to the list, making it illegal to place unsolicited calls to them for telemarketing purposes.
Telemarketers are required to obtain a Subscription Account Number, or SAN, to grant them access to the Federal do not call database, which currently holds more than 240 million phone numbers. Every 24 hours, the database is updated with new numbers, which means that telemarketers should download the whole thing every day in order to stay compliant.
Avoiding numbers on the DNC list is easy in theory, but the technical details can make it challenging, especially for IT departments, who have to manage not only the Federal DNC database but also state and internal databases and Established Business Relationship (EBR) exemptions.
In this post, we’ll provide an overview of the four broad IT undertakings imposed by the DNC regulations, the impact each of them will have on your business, and how it may be advantageous to outsource your do-not-call compliance operations to a specialized provider.
National Do Not Call List
The National (or Federal) DNC List is a registry that any consumer can opt into by adding their phone number. Only companies that have applied for a SAN can access the list to identify legal call recipients. If a company needs to access more than five different area codes, they have to pay a fee.
This registry is updated daily. To ensure safe calling, telemarketers should download a fresh version every day and overwrite the file they previously downloaded. To meet Federal safe harbor requirements, companies must download the updated file at least once every thirty-one days.
Most small businesses don’t really have computer hardware or IT staffing robust enough to handle a daily—or even monthly—download and scrubbing of 240 million phone numbers. Excel and Access can easily choke on a data operation that massive.
To deal with these processes every day, you need dedicated servers and IT staff, if you’re even aware of these requirements—which many small startup businesses are not. Small businesses may also be brought up short by the cost of obtaining access to all area codes for nationwide calling—it can run as high as $17,500.
No matter what size your business is, you still have to have a valid DNC solution. Many companies devise internal solutions that aren’t well-integrated with their other systems, leading to errors and inefficiencies.
When outsourcing DNC management, it’s not always easy to see if the solution is working as intended, of if you’re getting your money’s worth in terms of support. Even when you can identify issues with your provider, switching to a different one can be difficult and costly.
In-house DNC management requires adequate infrastructure and IT resources. When staffing is tight, downloading and scrubbing these files can be time-consuming enough to detract from other important business operations. You also have to stay on top of updates to DNC regulations that may impact your processes, or else risk falling into noncompliance and incurring costly fines or even lawsuits.
Why It Could Make Sense to Outsource
Outsourcing your DNC management that works with your existing processes can relieve you of having to become a DNC wizard in your own right, leaving you free to focus on your core business competencies.
When switching providers, you’ll want to look for a solution that handles integration details, like mapping database fields so that your output files don’t change, and takes care of the little aspects of compliance that aren’t always intuitive, like restricting calling during holidays or declared states of emergency
Dedicated providers can also help you use your data in new and beneficial ways. With the proper integrations, you can reconcile a list of newly-acquired phone numbers to the DNC list to flag any that you aren’t supposed to call, or you could automate the database scrubbing process to run offsite overnight, updating your call list through an API before the start of the business day.
Enterprise-level DNC management should include much more than just scrubbing to the Federal registry. It’s reasonable to expect state and internal scrubbing, the identification and removal of serial Telephone Consumer Protection Act (TCPA) litigators, data hygiene processes, and the flexibility to work alongside your existing procedures and requirements.
State Do Not Call List
There are twelve states that maintain their own DNC lists, separate from the Federal registry, and telemarketers must comply with these lists as well. States may also have rules about calling on holidays, or after a certain hour.
The state registries are usually small enough to manage with desktop programs like Access and Excel, but difficulties can arise when integrating these lists with the larger Federal database. States may also have their own safe harbor rules or licensing requirements for their databases, which can change from year to year—state law tends to change at a much more rapid face than Federal legislation.
State registries are usually small enough to manage on their own with ease, so businesses that only place calls within a local area within their own state may be able to handle in-house DNC management without much difficulty. Things inevitably get complicated when you have to account for Federal and internal lists at the same time.
Large companies can pass this work off to their IT departments, provided they have the resources to install and manage all applicable state lists in their varying formats, into their call list database. When you handle DNC management in-house, you have to carefully track the DNC list release schedules for all twelve states that have them so that you don’t miss an update. You also have to account for any and all restrictions, flags, or exceptions in those lists.
Why It Could Make Sense to Outsource
With an outsourced solution, you can provide a single list of numbers for them to scrub against the Federal, state, and internal registries simultaneously. They can also be responsible for staying aware of any changes to state DNC regulations (like creating new holidays, which some states really seem to enjoy—we’re looking at you, Louisiana) and making the necessary updates to keep you in compliance with the law.
Internal Do Not Call List
Aside from the state and national DNC registries, companies must also maintain an internal list of customers who contact them directly to opt out of receiving telemarketing calls. These requests carry some additional compliance requirements. Calling a customer on the internal list more than 30 days after such a request is made is an automatic do-not-call violation that carries a fine, and any prior consent given by the customer may be revoked.
Internal DNC requests must be recorded and managed within a company’s own systems, removing or flagging prohibited numbers wherever they are stored. This can be trickier than it sounds when companies maintain multiple call lists, customer databases, and miscellaneous records. Having multiple locations makes this even more challenging, as DNC requests may come in through several different sources.
Why It Could Make Sense to Outsource
Outside providers can manage your internal DNC list for you in two ways: by doing a full file replacement to swap out your own database file for an updated one, or by amending the existing file. This can be done either via manual uploading, a nightly SFTP batch process, or API integration. Every week, the provider should give you a copy of your list for auditing purposes (or to give to a new provider, if you decide to switch).
Outsourcing should allow you to provide a single customer list and have all the relevant scrubs performed as a single operation, saving you from having to run multiple internal processes. A specialized provider should also perform routine data cleansing, removing reassigned or disconnected numbers. It’s always good to increase your ROI potential by adding back numbers that are no longer on any DNC list!
Providers should also be willing to help you maintain updated copies of the internal DNC list in your own IT system.
Established Business Relationship (EBR) Exemption
The EBR exemption to the DNC Implementation Act states that companies may call their existing customers for up to 90 days from their last inquiry, or up to 18 months from their last purchase. Non-marketing calls (for example: customer service responses, delivery information, collections) are generally permissible, even if the customer is on a DNC list.
Keep in mind that EBR rules may vary from state to state.
An EBR scrub is essentially a reverse of a DNC scrub—you’re validating numbers or adding them back in instead of removing them. You don’t have to scrub up-to-date customer lists against the DNC database, but they do have to be maintained, and state regulations and exemption timeframes must be accounted for.
Why It Could Make Sense to Outsource
Your outside provider can take your list of customers with whom you have an EBR, along with the expiration dates, and withhold the numbers on that list from DNC scrubbing processes. They should also help you out with reminders when EBRs are nearing their expiration dates, and automatically include them in scrubs once that date has been reached.
Conclusion: The Right Experts with The Right System
If you’re having trouble maintaining these massive DNC databases and keeping up with all of the relevant exemptions and flags that are required just to cleanse one particular list with all of these elements, there’s a good chance you’d be well-served by an alternative solution.
The right specialists, utilizing a solution flexible enough to fit seamlessly with your existing internal processes, can transform your business and eliminate the distractions that can result in costly violations, thus freeing you to focus on the things your business does best.
At Contact Center Compliance, we deploy an advanced do not call scrubbing tool called DNC Scrub®. This solution encompasses all of the legislative compliance requirements we discussed above, helping clients minimize their exposure to DNC and TCPA (Telephone Consumer Protection Act) risk.
Our DNC Scrub® solution includes the right ecosystem and IT resources to fully manage your Federal, State, and Internal DNC scrubs in a single job. We offer simple, flexible processes that allow our customers to come to our website and manually upload a list of phone numbers, schedule nightly SFTP jobs, or set up real-time API connectivity. Additionally, you can get real-time updates and increased efficiency from our enterprise-level integrations with platforms you’re already using, such as Salesforce, Five9, Genesys, ActiveProspect, VICIDial and Mitel.
With over 70 billion scrubs performed (and counting), with 0 violations, fines or lawsuits incurred by our clients, you can market with confidence.
We’re happy to talk more about how we can help you minimize exposure to DNC and TCPA compliance threats. Click here to book time with a friendly compliance expert.