DNC COMPLIANCE GUIDE
How to Fully Adhere to Do-Not-Call Legislation
Whether you're a small business or large enterprise, the requirements imposed by the Do-Not-Call Act and similar state statutes can create considerable strife within your company's internal ecosystem. In this eGuide, you'll discover how to fully manage your Federal, State and Internal DNC list scrubs, protect against compliance violations, and take advantage of exemptions like Established Business Relationships (EBR) to maximize contacts.
Within this mobile-friendly guide, you'll discover:
- The 4 broad IT undertakings required by DNC regulations
- What impact each can have on your business
- How to fully adhere with DNC & TCPA compliance requirements to avoid penalties, fines & lawsuits
- Why it could make sense to outsource to an expert
Experience this guide now.
DNC COMPLIANCE GUIDE
How to Avoid Do Not Call
Violation Penalties & Fines
National Do Not Call List
Telemarketing companies are required to obtain a SAN in order to access the DNC database so they can cross-check their call list against it. Sellers are also required to pay for the area codes in which they need telephone number data, for every area code after their 5th.
Every 24 hours, the DNC database is updated, and telemarketers really should download the most up-to-date version every day, replacing the file from the previous day. In order to meet federal safe harbor requirement, sellers must download the updated file at least once every 30 days.
Managing a monthly or daily download of 240 million phone numbers and scrubbing your own call list against it is a task that few small businesses have the necessary IT infrastructure to handle, both in terms of hardware and personnel. It’s a huge data operation, more than you can typically manage with programs like Excel or Access.
Crunching this data on a daily basis requires dedicated servers and IT management; small companies entering the market for the first time may not be aware of the scale of these operations or may assume there’s some alternative to obtaining a SAN and required area code data. There isn’t, and the cost alone—of up to $17,500 for all area codes—can be a major pain point for small businesses.
Whether they’ve developed it internally or outsourced it, any mid- to enterprise-level marketer that engages in outbound dialing has to have a DNC solution. In many cases, however, these are ad hoc solutions that have points of friction with other systems in place, and may be long overdue for evaluation and modifications. Consider what is involved for an enterprise-scale company to maintain and update a massive database like this every day, handle any flags and exceptions, and utilize it to scrub a mission-critical call list. A system developed years ago to manage a download of 240 million contacts is very unlikely to be performing this operation in a reasonably efficient way.
If DNC list management is being outsourced, it can be very difficult to tell if the solution is robust enough or if you’re getting adequate support and related services for the money you’re paying. Even when you can clearly identify problems with your current provider, it can be difficult to leave if you have no alternate solution lined up and are not ready to take on the workload.
When DNC lists are being managed in-house, it is vital that companies have the right infrastructure and IT resources to handle it. Downloading the massive files and scrubbing your call list every day can easily be a full-time job, and as such, it can be a distraction from your core competency and requires you to keep current with DNC legislation updates, their impact, and the best ways to implement processes to stay compliant and avoid costly penalties for violating the law.
Why It Could Make Sense to Outsource
With an outsourced provider, you don’t have to worry about becoming a DNC expert out of necessity, and your business can focus on what it’s best at. You can use them as a dedicated IT resource that fits within your existing process.
If you already have an outside provider and want to switch, the new provider can do the heavy lifting of mapping database fields so that your output files remain the same, and the solutions they offer are generally prebuilt to include all the special features you could ever need, and some you probably haven’t thought of yet—for example, restricting calls on national holidays or during states of emergency.
You might also end up with new ways to slice and process your data, for instance, you could run a list of newly-acquired numbers against the DNC database to flag any that are on it, or you can integrate the provider’s system with your own enterprise-level system to verify your adherence to current regulations and automate the process so that the updated database download and scrubbing occurs nightly in the provider’s ecosystem. By plugging into their system via an API, you can quickly and efficiently update the records in your own database.
An enterprise-level DNC scrubbing solution should include more than just a Federal DNC scrub. It should scrub against all applicable state and internal DNC lists, remove serial TCPA litigators, improve overall data hygiene, and provide sufficient flexibility to align with your current business processes and specific needs.
State Do Not Call List
These state DNC lists are smaller databases, easier to manage with Excel and Access, but issues can still crop up when IT departments have to integrate the state lists with the larger Federal one, despite the possibility of differing formats, and ensure that the company is adhering to all applicable sets of rules and regulations. You also have to manage state licensing requirements for each database you need to access and keep in mind that state legislation is not static and can change very quickly compared to laws at the Federal level, especially when it comes to things like creating new holidays. (Louisiana is notorious for this—making abrupt changes to legislation, dates, holidays, and so on.) States also vary on how often you need to download their local list and on what the safe harbor requirements are.
Small companies that sell nationally (or in multiple states) must pay for all the area codes they intend to do business in, and they need to be able to obtain and integrate each of the states’ DNC lists into their primary DNC database for scrubbing. While state lists are smaller and easier to manage, the requirement to integrate them with the Federal list does add another layer of complexity and keeping up with state-level legislative changes can be challenging. Companies that operate locally, or within a restricted list of area codes in their own state, can likely handle DNC management on their own.
For larger companies, all of this is typically handled by their IT departments and requires dedicated resources. They need to be able to accept and programmatically install and manage the state lists (up to twelve of them, in multiple formats that can be anything from data tapes to online downloads) into their own database for scrubbing.
Companies that handle DNC management in-house need to stay on top of all twelve states’ schedules for releasing DNC list information and the process for obtaining it and must load that information into their own scrubbing ecosystem, keeping up with all restrictions, flags, and other exceptions all the while. This may be done at scheduled intervals or automated to occur in real time via an API—a complex process, if not necessarily a difficult one.
Why It Could Make Sense to Outsource
When using an outside provider, you can give them a single list of numbers and they can run both the Federal and State scrubs all at once, flagging the numbers on your list that have matches on any of the included DNC lists and accounting for all relevant rules and regulations. An outside provider can also free you from having to worry about changes to state legislation that impact DNC lists, like the creation of new holidays—experts stay ahead of these changes and make updates in real time so that you’re never caught unprepared.
Internal Do Not Call List
Once such an opt out request is made, the company should enter their information into an internal DNC list and propagate it to their entire system right away; any calls made to one of these customers after 30 days is a violation that results in a fine. Additionally, internal DNC requests often also constitute revocations of prior consent, which requests must be honored immediately.
Companies must record and maintain all internal DNC requests within their own ecosystem, removing or flagging numbers wherever they might be found. This can pose a significant challenge, as a flagged number may not occur within a dialer system, but could on other corporate lists, in BPO databases, and other hard-to-locate places. If you have multiple offices or branches, that only compounds the problem, and DNC requests may come in through various channels and locations. No matter where the request originates, it has to generate updates at every relevant location within the allotted timeframe.
Why It Could Make Sense to Outsource
If you don’t want to maintain your own DNC list repository within your own IT infrastructure, an outside provider can maintain and manage it for you in one of two ways: either by sending your list as a file replacement, or by sending it as an amendment to the current file. A provider should be flexible enough to do whichever is easiest for you and best fits your company’s processes (i.e. you can upload your list nightly, submit a batch file through Secure File Transfer Protocol, or SFTP, or submit automatically through an API integration).
Your provider should give you a copy of your list at the end of each week for audit purposes (or in case you need to switch to a new provider). With outsourcing, you can provide a single list of customers and get Federal, State and Internal DNC scrubbing done in a single operation rather than having to run multiple processes on your own side.
An outside provider should also run internal cleanses periodically and update internal DNC lists by removing ported, reassigned, or disconnected numbers. This is beneficial because it can potentially add numbers back into your list for marketing and sales purposes, helping you achieve greater ROI.
If you’re outsourcing and you want to maintain your own internal DNC list within your own IT infrastructure, you should be able to SFTP a copy of your file for scrubbing and identify the Federal, State and internal DNC numbers simultaneously. You could do this weekly or monthly, replacing the entire list or amending it to match what your provider has.
Established Business Relationship Exemption
Companies may call their own customers for up to 90 days from the last product or service inquiry, and up to 18 months from their last purchase or financial transaction. Remember, some state EBR laws vary. Also, regardless, companies can generally make non-marketing calls (customer service, delivery confirmations, collections calls, etc.) to their customers even if they are on the DNC list.
Whereas Federal and State scrubbing operations flag and remove contacts from your list, the EBR exclusion allows you to add them back in. Companies with up-to-date customer lists don’t have to scrub them against the DNC database, but they do have to maintain them, often manually, which can be challenging because the EBR exclusion can be overridden by state laws (with varying exemption time periods to keep track of and manage).
Why It Could Make Sense to Outsource
If you’re outsourcing to an outside provider, you can provide a list of customers with whom you have an EBR (and the ending dates of those EBRs) and the provider can refrain from scrubbing entries on that list against Federal, State, and Internal DNC lists.
They should also provide reminders of when your EBRs are coming to an end, including cases where state legislation overrides the DNC act and exclusion time periods are variable, and scrub against them after the time period has expired. With an outsourced provider, you get more than just Federal, State, and Internal DNC compliance—their ecosystem allows them to process everything at once and take advantage of all exclusions and additional flags.
The Right Experts With The Right System
At Contact Center Compliance, we deploy an advanced do not call scrubbing tool called DNC Scrub®. This solution encompasses all of the legislative compliance requirements we discussed above, helping clients minimize their exposure to DNC and TCPA (Telephone Consumer Protection Act) risk.
Our DNC Scrub® solution includes the right ecosystem and IT resources to fully manage your Federal, State, and Internal DNC scrubs in a single job. We offer simple, flexible processes that allow our customers to come to our website and manually upload a list of phone numbers, schedule nightly SFTP jobs, or set up real-time API connectivity. Additionally, you can get real-time updates and increased efficiency from our enterprise-level integrations with platforms you’re already using, such as Salesforce, Five9, Genesys, ActiveProspect, VICIDial and Mitel.
With over 70 billion scrubs performed (and counting), with 0 violations, fines or lawsuits incurred by our clients, you can now market with confidence.
If you'd like to learn more about how we can help your business minimize exposure to DNC and TCPA compliance risk and threats, request a consultation with one of our experts today.