<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2955377&amp;fmt=gif">
Schedule a Demo
arlington-research-kN_kViDchA0-unsplash

The Complete Guide to Call Center Compliance

The Telephone Consumer Protection Act (TCPA) was signed into law in 1991 to protect consumers from being plagued by spam calls. Since that time, there has been an evolution in how we consider what’s considered spam, what’s compliant with TCPA, and how call centers handle these regulations.

Is Your Call Center Aligned with TCPA Compliance?

The penalties for breaking compliance are severe. There is a wealth of lawyers who are constantly on the lookout for ways to collect from call center companies who slip up. There are even instances of lawyers holding companies for ransom, saying, “Hey, this is an illegal call. I’m going to sue you for $50,000, but if you give me $10,000 now I will go away.”
 
So, it’s obviously very important for call centers to understand and commit to following TCPA compliance. But how can you determine whether your call center is compliant with TCPA?
 
There are some general guidelines and some of them are more clear cut than others. For example, TCPA prevents call centers from calling people before 8:00 AM or after 9:00 PM in their time zone.
 
This one seems quite simple, and it truly is. In fact, you can set up software that automatically looks at the customer's time zone and won't serve up the call if it's outside of that window.
 
Another thing to consider is you absolutely have to respect the do not call (DNC) list. Most good call center software will have this built into their system so you don’t have to worry about calling someone who’s opted out of hearing from you. Typically, what you’ll see is that in most cases, if someone interacts with you, you have up to 18 months to contact them.
 
For the most part, do not use ringless voicemails. There are certain situations where ringless voicemails are appropriate, but generally, it’s best to avoid them so you don’t get into any gray areas.
The abandoned rate of calls cannot be more than 3%. We’ve seen different measurements for this, but typically with a predictive dialer, they can't drop more than 3%. This means that customers can't answer and no one's there because there are no agents there and they hang up more than 3% of the time.
 
Make sure you use a TCPA compliant dialer. We’ve all heard the disclaimers on the calls that say something along the lines of, “This call may be recorded for quality assurance purposes.” It’s required in about a dozen states, so if you’re doing nationwide calls it’s probably safe to just turn that on.
 
And remember, all the rules that apply to phone calls also apply to texting!

 

Taking Ownership of Compliance

Hopefully, you’re reading this and feeling good about your call center’s compliance. But, who exactly at the call center is responsible for making sure you are and stay compliant?
 
In general, it’s the person who’s directing how the business operates. This is especially true if you’re outsourcing calls and giving the external team directions. Just because you’re not making 100% of the calls in-house, you still need to take responsibility to make sure what they’re doing is legal and compliant.

What is a Predictive Dialer?

A predictive dialer is an outbound dialing phone system that dials numbers automatically from a list. It screens for voicemails, disconnected numbers, no answers, and busy signals; and it does not serve those calls to an agent. The only calls that are served to an agent, are those where a real human being answers the phone.

The technology in a predictive dialer allows it to dial out multiple calls per agent at a time. As soon as the dialer sees that a human has answered the phone, it attempts to serve that call to an agent. Ideally, there is a call lined up for an agent as soon as they hang up their previous call. 

The advantage here is that the agent isn't spending time on calls where there's not a human on the other end. This is key when running marketing campaigns because it allows you to move through attempts more quickly. The only calls where you can make a sale or have a positive outcome are ones where there's a human being on the other line. So, if an agent can spend all of their time on connected calls, there are greater chances for success on your campaigns and you can get through your campaigns quickly. 

 

When Not to Use a Predictive Dialer

There are certain restrictions with a predictive dialer, so it’s important to consider your campaigns and your data before starting to dial. It is illegal to use a predictive dialer to dial cell phones if they’ve not specifically opted in to be contacted via a predictive dialer. So, if you're not positive that everyone in your campaign has given consent to be dialed with a predictive dialer, don't use a predictive dialer. 

 

How Does This Technology Work?

Using proprietary algorithms based on average call time and connection rate, predictive dialers place multiple outbound calls on behalf of each agent automatically. The dialer’s logic is saying, “The average agent is spending this long on calls and this many people are answering. So I'm going to send out X number of calls per available agent.” 

Some dialers also allow a manager in the call center to throttle the calls up or down based on volume. If the manager is seeing that agents are idle - sitting back, waiting for calls - that might mean that they need to throttle up on the dialer a bit. If the opposite is happening, and they're seeing that customers are answering the phone and no agent is available to join the conference, the manager will want to decrease the outbound calls per agent, otherwise, they risk an increase to their call drop rate.

 

Why You’ll Love Call Routing

One feature to look for in a predictive dialer is call routing. With call routing, you can set preferences to where the live calls are routed. There are several common options with call routing. One option allows the manager to build a round-robin system that passes calls to agents evenly. Another might be based on a specific set of skills that the agent has (ie: route Customer Service calls to Jessica or route French-speaking calls to Jeffrey). A personal favorite is the ability to route calls based on performance or likelihood to close.

SMS Compliance for Texting Customers from Your Call Center

The same laws that apply to making a phone call, apply to text messages.  Text messages are different from email, which is covered by CAN-SPAM guidelines. If a call center is texting they should assume that the same rules apply as with a phone call, and the fines for violations are just as real. 

 

Fines Associated With Violations: 

The fines average around $500 to $1,500 per event, per recipient. If a company abuses the system and sends a marketing text out for a thousand people, at a $1000 fine each the fines can add up quickly.  A national pizza chain recently had a $16 million class-action lawsuit settlement for violating TCPA laws with their marketing text messages. 

 

Stay Within Compliance:

The rules seem to be better defined for texting than phone calls. Digitally, it is extremely easy to have evidence of what has happened in regard to consent.  The record of what has happened is obvious, and people can be held accountable. But in regards to texting, it is important to understand consent and implied consent. 

Whether it's a web form or a written consent form in a store, a company needs to make sure that they're asking for consent to send text messages to a customer. The company also needs to honor opt-outs. Not only does the language need to tell someone how to opt-out, but when a customer does opt-out, the center needs to make sure that they discontinue messaging. Similar to calling; a company also has to adhere to messaging windows in the customers’ timezone. These windows are typically 8:00 AM to 9:00 PM.

 

Some Laws are Open to Interpretation: 

A lot of these laws are open to interpretation. As time goes on, the laws will begin to be better defined because there are actual cases to help define the laws.  
 
One main point of confusion is the difference between sending automated, “robo” texts and manual texts. What is a manual text message? Is it where someone has to physically push a button? Is it one where someone physically punches the numbers to send the text? All of these things have been settled by case law, and are giving us a better understanding of the laws surrounding SMS messages.
 
If a company decides they are going to be sending text messages to their customers, they should absolutely consult with a TCPA lawyer for clarification on any points of confusion.

What Does The California Code of Regulations Mean For Your Business?

What is the California Consumer Privacy Act?

The California Consumer Privacy Act  (CCPA) was passed in 2018 and went into effect on the first of this year. The California Consumer Privacy Act grants the rights to Californian consumers to know whether their data is being collected correctly and grants them the ability to opt-out of their data being used. The CCR is very similar to the European GDPR laws that have come out recently.  

Who needs to worry about the California Code of Regulations?

All companies doing business in California that have sales of at least 25 million in annual revenue. If a company collects or receives the personal information on at least 50,000 or more consumers, or if a business derives more than half of their revenue from selling customer data, they're subject to this law. It's important because if a company is doing business in California, even if they are not a California company, they need to comply. 

What changes does this imply for people that are running call centers?

There are basic standards of handling data in a physical form as well as the way businesses transport customer data securely via API (Application Program Interface) or an FTP (File Transfer Protocol). For example, companies do not want to send data through an Excel file using an email. This is not a good safe practice. If a call center is doing business in California, regardless of size, you will want to make sure that the recorded call has clear and informed consent from your customers and you are sending data in a secure way.

California is one of 12 states that have a “two-party” consent also called an “all-party consent”.  “That means that both parties must consent to being recorded.

Advice for Call Centers

If a person is working at or managing a call center there are a few basic guidelines that we would strongly suggest. Take care of the customer’s data. Store customer data in a secure way. Put policies in place in the office where customer data is not sitting loose where anyone that walks by could grab the data. 

Transport the data stored in a secure way. Do not send out communications without the correct emails and disclosures. Look for ways to encrypt the data at rest. Finally, a company should have superior standards with how they are managing passwords in the business.

 

CASL and Why Your Call Center Must Comply

CASL stands for Canada’s Anti-Spam Law. It went into effect on July 1, 2014. This law is similar to that of the United States version, CAN-SPAM. This law applies to all electronic messages that organizations, businesses, etc send that contain commercial activity or CEM. Failure to comply with CASL can result in fines ranging from $1-10 million per violation. 

CEM

A CEM is a commercial electronic message. These messages usually contain details regarding a sale or promotion, or a coupon or gift code. This excludes messages that contain hyperlinks to websites or business-related information. Messages must be sent to electronic addresses in order to be caught by CASL. An electronic address includes: emails, instant messages, text messages, and some social media communications such as Instagram’s “Direct Message” feature. In order to receive CEMs, recipients must express consent. They are able to do this either orally or written. Written consent can be electronic, such as an email or text message. 

Exempt Messages

There are some messages that are exempt from CASL. These include: 

  • Messages between family members or those with an established relationship
  • Messages between employees or staff members within your organization
  • Responses to a current customer or someone that has inquired within the past six months
  • Messages that will be opened outside the country such as the U.S., China, and most of Europe
  • Messages sent on behalf of a charity or non-profit organization
  • Messages attempting to enforce a legal right or order
  • Messages that provide information about a warranty, recall, or safety information about a product
  • Messages that contain information about a subscription or monthly service 
  • A single message to someone based on a referral. The name of the referring person must be present in the message.

Implied vs. Express Consent

Implied consent is a looser interpretation whereas express consent requires consent from the recipient. Implied consent messages included are as follows:

  • Recipient purchased a product, service, or was involved with another business deal, contract, or membership within the last 24 months
  • You are a charity or non-profit organization and a recipient made a donation or gift, volunteered, or attended a meeting organized by you
  • Professional message sent to an email address that was given or obtained by you, or published, and the recipient hasn’t published or told you that they don’t want to receive unsolicited messages. 
Express consent is required for CEMs that are not included underneath implied consent. In your request for consent you must include the following information: 
  • A clear and concise description and purpose for the messages you intend to send
  • Requestor’s name and contact information -- for example: email address, physical address, phone number, website URL, etc., 
  • A statement that allows the recipient to unsubscribe from the messages at any time

What is an Auto Dialer and is it Right for My Business?

An auto dialer is an electronic device or software that automatically dials telephone numbers. It makes it easier for an organization, business, or call center to rotate quickly through a bulk list of phone numbers. Auto dialers need to be able to distinguish between live human pick-ups versus answering machines. Therefore, they are quite intelligent systems because they must analyze incoming audio information in order to determine whether a person is on the other end or if it’s just their answering machine. 

In order to use an auto dialer efficiently, an agent would need to upload a list of phone numbers for leads or prospects prior to starting a campaign. After the phone numbers have been loaded, the auto dialer would then begin calling the phone numbers in sequence.

An auto dialer is best suited for a small support team or remote work. Auto dialers help manage the workload of call center agents because they distribute the number of connected phone calls among available agents. Allowing agents to take their time on each call and not worry about having someone on hold. They are also beneficial when looking to integrate with a CRM. It allows the agents to store customer information for future use and makes it easier to initiate a campaign.  

There are several types of auto dialer phone calls that I’m sure all of us have received. The first type is the pre-recorded message or robocall. These phone calls often have a message pre-recorded to start playing once you’ve answered the phone call.

Then there is an interactive pre-recorded message that has you press a number for one side or another number for another side, usually these are political-based phone calls, calling for your opinion about something. Lastly, there are phone calls that are connected to a live agent. 

Compliance is extremely important when it comes to using auto dialing systems. There are compliance laws that, if ignored, can result in fines up to $1,500 per incident. It is always a good idea to consult a TCPA Compliance lawyer and brush up on your state’s or country’s regulations regarding auto dialers. 

The Basics of CAN-SPAM and Why You MUST Comply

CAN-SPAM is an acronym that stands for Controlling the Assault of Non-Solicited Pornography and Marketing Act. It was a law passed in 2003 by the United States government to help protect consumers against two things:

  1. Before this act, there was a gigantic prevalence of adult content that was being proliferated via email in an unsolicited manner. People who weren't subscribing to adult sites were unknowingly being added to a list and started receiving “naughty” emails. And of course, the last thing anyone wants is for their seven-year-old to walk in as an email comes up on your screen with adult content.
  2. CAN-SPAM also put parameters around what companies are required to comply with in regard to unsolicited email messages. 

Prior to the enactment of CAN-SPAM, you could say that internet marketing was like the Wild West. It was before the days that large inbox providers like Google, Yahoo, and Hotmail had sophisticated rules for managing what we now call “junk mail.” Furthermore, there were no stipulations or penalties around what would traditionally be considered as false advertising (think: the Nigerian Prince who’s looking for a small loan). Consumers had no way of knowing who was sending these messages because there was no requirement to identify yourself from a legal perspective. 

These days, because of CAN-SPAM and other regulations like it, there are fines and other punishments for sending intentionally disingenuous or misleading marketing messages. 

The U.S. was one of the first to come out with a national standard around these regulations, but we've been largely left behind in that space and CAN-SPAM really doesn't do that much to control it in the modern world. 

For example, GDPR (General Data Protection Regulation) poses a tougher set of standards on how, what, or when you can email. More recently, Canada implemented CASL (Canada’s Anti-Spam Law) with stricter standards than CAN-SPAM.

One thing CAN-SPAM doesn’t do is provide regulation for aging out email addresses. For example, if a company collected an email address from a customer or prospect more than 10 or 20 years ago, you can still send freely to that email address as long as you comply with the other mandates of CAN-SPAM. 

Other regulations like GDPR and CASL are stricter regarding aging out email addresses. This is loosely referred to as, “the right to be forgotten.” So if you haven't specifically opted in or you don't have a specific business relationship transactionally, both of those regulations have stipulations where the organization cannot email you unsolicited email. CAN-SPAM, on the other hand, doesn't have any existing business relationship or EVR requirements. There's no timetable on how long since a customer's last transaction you can email them. 

CAN-SPAM does not have any provisions for text messages or for phone calls other than emails that are sent to mobile devices.

See What Volie Can Do For Your Buiness

Learn More