Contents

Common Compliance Challenges and Additional Considerations

Top Five Compliance Challenges

Although Interaction Dialer provides the tools to make outbound dialing campaigns successful, the complexity of telemarketing rules mandates that strong technology is coupled with a strong, documented process.

A study conducted by Ken Sponsler, General Manager of Consulting and Audit Services for PossibleNOW, Inc. summarizes the main five challenges that outbound contact centers face with regard to Do Not Call legislation:

Knowledge of the rules

As we've seen in earlier modules, telemarketing rules are constantly revised and may differ widely from region to region. To further compound the issue, contact centers are also frequently bound by other compliance measures that vary by industry. For example, a health insurance contact center may be regulated by the Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA) and Centers for Medicare and Medicaid Services (CMS), among others. These regulations may create more strict rules for outbound centers. CMS, for instance, allows telemarketing calls to Medicare recipients for enhanced services, but stipulates that enrollment in these services is allowable only via inbound calls. Depending on the services offered, an agent may or may not be required to be licensed in the state they are calling.

The scope of compliance can seem overwhelming, and often even a dedicated compliance staff may be unaware of Do Not Call regulations, especially if the company conducts business in several States and countries. Thorough research for DNC compliance should be conducted prior to starting any new campaign and periodically as laws are revised.

Possessing Written Compliance Guidelines

As mentioned in the Internal Do Not Call module, the documentation of your internal process to comply with the Telemarketing Sales Rule and Telephone Consumer Protection Act is imperative in the event of an audit or complaint. Ken Sponsler suggests that beyond the general process of downloading lists each month, this document contain descriptions of the compliance rules, assignment of responsibility, training process, monitoring process and enforcement methodology. In short, define the rules, create a plan for compliance, and test the effectiveness of the plan at regular intervals.

Meeting Record Keeping Requirements

Depending on the industry, many campaign-related records may be required to be maintained for two years, while Do Not Call records (especially internal) may be required to be stored for up to 10 years. Sponsler poses these questions for a status check: if your organization were to be investigated for an alleged violation from two years ago, could you produce records of Do Not Call "scrubbing" activity, or proof of dialing hours, even if these records were associated with a customer with whom you no longer did business

Possessing Mutually Supportive Due Diligence

This is especially important for outsourced contact centers. Due diligence includes monitoring and enforcement by both the contact center and client, and records that clearly state customer transactional history, to comply with the Established Business Relationship requirement by both Federal and State guidelines.

Having a Defendable Position

This should act as the framework for developing compliance standards within your organization. In the example given earlier in the chapter regarding a contact center that was sued on behalf of the FTC, lack of process was strongly noted in the decision rendered by the Department of Justice. Clear internal guidelines for rule compliance, training, monitoring and enforcement will greatly assist in lessening liability if a complaint is lodged.

To begin drafting internal compliance procedures, ensure all responsible parties are able to answer the following questions:

Is our outbound activity regulated by the FCC, FTC or both?
In companies with several divisions, how many versions of the Federal Do Not Call Subscription Account Number (SAN) are we required to purchase?
Is your company located in a State that requires telemarketers and sellers to register?
How do the States in which you do business define "Established Business Relationship"? Are you aware of the Do Not Call regulations by State in reference to the EBR?