One wrong call can cost you $1,500. One class-action lawsuit can cost you millions. TCPA compliance is not optional for collections teams — it is survival.
The Telephone Consumer Protection Act, combined with state-level regulations and CFPB rules, creates a minefield for outbound calling operations. Here is every box you need to check.
The TCPA Basics Every Collector Must Know
The TCPA restricts how, when, and to whom you can make outbound calls and send texts. The penalties are severe:
- $500 per violation for negligent violations
- $1,500 per violation for willful or knowing violations
- No cap on class-action damages
A single predictive dialer campaign calling 1,000 wrong numbers could generate $750,000 to $1.5 million in liability. This is not theoretical — collections agencies face TCPA lawsuits daily.
Pre-Campaign Compliance Checklist
Consent Verification
- [ ] Verify you have prior express consent for each number being called
- [ ] For autodialed or prerecorded calls, verify you have prior express written consent
- [ ] Document when and how consent was obtained
- [ ] Confirm consent has not been revoked
- [ ] For debt collection: verify the right-party contact — calling the wrong person is a separate violation
Do Not Call (DNC) Compliance
- [ ] Scrub all call lists against the National DNC Registry (updated within 31 days)
- [ ] Maintain an internal DNC list of consumers who have requested no calls
- [ ] Honor DNC requests within 30 days (some states require faster)
- [ ] Scrub against state-level DNC lists (13 states maintain separate lists)
- [ ] Document every DNC scrub with timestamps
Calling Hours
- [ ] No calls before 8:00 AM or after 9:00 PM in the consumer's time zone
- [ ] Account for time zone differences — a 5 PM PT call is 8 PM ET
- [ ] Check state-specific restrictions (some states have narrower windows)
- [ ] No calls on state holidays where prohibited
- [ ] Sunday calling restrictions vary by state — verify each one
During-Call Compliance
Caller ID Requirements
- [ ] Display a valid caller ID on every outbound call
- [ ] Caller ID must be a number that can receive calls (no dead numbers)
- [ ] Never spoof or manipulate caller ID information
- [ ] Include your company name in caller ID where technically possible
Disclosure Requirements
- [ ] Identify yourself and your company within the first 30 seconds
- [ ] State the purpose of the call clearly
- [ ] For debt collection: provide the Mini-Miranda warning (this is an attempt to collect a debt)
- [ ] Provide a callback number where the consumer can reach you
- [ ] If recording the call, disclose recording in two-party consent states
Opt-Out Handling
- [ ] Provide a clear mechanism to opt out of future calls
- [ ] Honor opt-out requests immediately — do not call back
- [ ] For autodialed calls, provide an automated opt-out mechanism (press 2 to opt out)
- [ ] Log all opt-out requests with timestamps
- [ ] Propagate opt-outs across all campaigns and lists
Technology Compliance
Dialer Compliance
- [ ] If using a predictive dialer, maintain abandonment rate below 3%
- [ ] Play a prerecorded message within 2 seconds of the consumer answering an abandoned call
- [ ] Do not use artificial or prerecorded voice messages without prior express written consent
- [ ] Maintain records of dialer settings, pacing ratios, and abandonment rates
Recording and Monitoring
- [ ] Identify all two-party consent states in your calling universe
- [ ] Implement recording disclosure for applicable states
- [ ] Store recordings securely with access controls
- [ ] Maintain recordings for required retention periods (varies by state, typically 2-5 years)
State-Level Regulations to Watch
Federal TCPA is the floor, not the ceiling. Several states have stricter rules:
| State | Key Restriction | |-------|----------------| | California | Requires written consent for all autodialed calls to cell phones | | Florida | Calling hours: 8 AM - 8 PM (narrower than federal) | | New York | Mini-Miranda required in specific language | | Texas | Additional DNC registration requirements | | Illinois | Biometric data restrictions affect voice recordings |
Building a Compliance Program
Step 1: Appoint a compliance officer. Someone must own this. Not part-time, not "whoever is available."
Step 2: Train every agent. Not once — quarterly. Document all training with sign-off sheets.
Step 3: Automate what you can. Calling hour enforcement, DNC scrubbing, consent verification, and opt-out processing should never depend on human memory.
Step 4: Audit regularly. Pull random call samples monthly. Check caller ID, disclosure timing, opt-out handling, and calling hours.
Step 5: Document everything. In a TCPA lawsuit, the burden of proof is on you. If you cannot prove compliance, you lose.
The Cost of Non-Compliance vs. Compliance
Building a proper compliance program costs $5,000-$15,000 per year in software and training. A single TCPA class-action settlement averages $6.6 million.
The math is not complicated. Invest in compliance tools that enforce calling hours, scrub DNC lists automatically, track consent, and log everything. Your collections operation depends on it.