The Telephone Consumer Protection Act in the financial sector – recent regulatory developments and practical compliance strategies
April 2016 | SPECIAL REPORT: MANAGING RISK
Financier Worldwide Magazine
A bank texts a customer to notify him about a low balance. Then, despite its good-faith efforts to comply with the US Telephone Consumer Protection Act (TCPA), the bank receives a class action complaint alleging millions of dollars in damages.
As strange as it sounds, this scenario is becoming increasingly common, and executives are starting to sound the alarm.
Overview of the TCPA
Congress passed the TCPA in 1991, restricting how financial services companies and other callers can communicate with accountholders, investors and other parties.
Generally speaking, unless it is an emergency, a caller must obtain “prior express consent” from the called party to use an “automatic telephone dialling system” (an ‘autodialer’) or a pre-recorded voice to call a wireless telephone number. This requirement applies even to non-marketing, informational calls, and voice calls and text messages are both covered. More on marketing calls later.
Violations of the TCPA can be incredibly costly – the minimum damages are $500 per call or text, and this can increase to $1500 per call or text for any wilful or knowing violations.
The TCPA allows class actions where otherwise allowed by a state and, in recent years, there have been an increasing number of multi-million dollar TCPA settlements.
How do you obtain consent?
The TCPA does not define “prior express consent”. However, the Federal Communications Commission, the government agency that implements the TCPA, has provided helpful guidance on this issue.
As an example, unless a consumer instructs otherwise, an organisation can obtain “prior express consent” for pre-recorded or autodialed non-marketing calls when the consumer provides his or her telephone number to the caller within the context of a transaction. However, the full scope of the consent depends on the facts of the transaction and the interaction with the consumer.
Back to marketing calls, for an organisation to make any pre-recorded or autodialed voice call that “includes or introduces an advertisement or constitutes telemarketing”, it must obtain “prior express written consent”. Obtaining “prior express written consent” is a heavier burden (compared to obtaining “prior express consent”), essentially requiring callers to carefully design written agreements with standalone opt-in “checkboxes”. Organisations must “clearly and conspicuously” state the following in the agreement: (i) the consumer consents to receive autodialed calls or texts at a specific number; and (ii) the consumer understands that the provision of consent is not a condition to purchasing any goods or services.
The FCC’s July 2015 decision also stated that consumers can revoke TCPA consents through any reasonable means (including orally), and at any time.
What is an autodialer?
The TCPA defines an autodialer as “equipment which has the capacity (A) to store or produce telephone numbers to be called, using a random or sequential number generator; and (B) to dial such numbers”.
In July 2015, the FCC released a decision stating that an autodialer’s capacity “is not limited to its current configuration but also includes its potential functionalities”. In its decision, the FCC also noted that one of the core functions of an autodialer is the system’s ability to dial thousands of numbers without human intervention in a short period of time, even if changes to the system are needed to enable such ability.
Furthermore, the TCPA decision released in 2015 noted that a predictive dialler satisfies the definition of an autodialer, and that companies cannot avoid obtaining consent for autodialed calls by dividing ownership among multiple entities.
The FCC’s July 2015 decision has been appealed in the DC Circuit, and that case remains pending.
‘Free-to-End-User’ financial exemption
In its July 2015 decision, the FCC created an exemption from the “prior express consent” requirement for financial organisations seeking to place calls or texts for the following purposes: (i) to notify consumers regarding fraud or identity theft; (ii) to provide information about security breaches of a customer’s personal information; (iii) to suggest measures that consumers can take to prevent identity theft following a data breach; and (iv) actions that consumers can take to arrange the receipt of pending money transfers.
The exemption applies to autodialed or pre-recorded calls and text messages that are initiated by banks or other financial institutions and sent free to the end-user – the communications cannot impact consumer cell phone plans or result in any per-call or per-message fees. Practically speaking, the caller has to work out an agreement beforehand with the wireless carriers.
The following additional conditions apply: (i) communications initiated under the exemption are strictly limited to the four purposes described above, and cannot include content related to telemarketing, solicitation, debt collection, cross-marketing or advertising; (ii) the caller may make voice calls and send text messages only to the wireless number the consumer provides; (iii) the caller must provide the name and contact information of the bank or financial institution; (iv) calls must be concise, with the FCC noting that calls must generally last less than one minute, and text messages should consist of less than 160 characters; and (v) the caller may make no more than three calls (or send no more than three text message per event) regarding an affected account, over a three-day period. The financial institution must offer consumers an easy way to opt-out from receiving calls under the exemption. Furthermore, the institution must honour opt-out requests immediately.
Calls to reassigned numbers
In the July 2015 decision, the FCC confirmed that parties must have the “prior express consent” of the current subscriber or “customary user” of a telephone number. Therefore, if a caller obtains consent to call an individual at a specific telephone number, and then the individual changes his or her telephone number, the caller can be liable for calls to the new subscriber at the same number. The FCC granted a one-call/text exception for organisations to discover if a consumer has changed his/her telephone number. For example, if a bank attempts to call a customer who recently changed his or her telephone number, the bank will be liable for all calls to the new subscriber after the first call, even if it had obtained consent from the prior subscriber.
What you can do
There are some important steps that companies can take to help reduce TCPA exposure. First, companies should re-examine their strategies to comply with the TCPA. For example, they can review intake materials, application forms, and other methods utilised to obtain consent. They should ensure that consent is being adequately obtained and that the customer specifies the “type” of number (home, mobile, etc.) on the forms.
Financial services companies should also examine internal calling policies or manuals, and prepare training modules in order to instruct employees on how to comply with the TCPA. Organisations should also evaluate how they handle consent revocation, manage changes to customer telephone numbers, and identify ways to keep the calling database as accurate and up-to-date as possible.
It is also important to monitor for new TCPA developments in court and at the FCC, as major developments are happening almost weekly in this space.
Mark W. Brennan is a partner and Roma Nandwani is an associate at Hogan Lovells US LLP. Mr Brennan can be contacted on +1 (202) 637 6409 or by email: firstname.lastname@example.org. Ms Nandwani can be contacted on +1 (202) 637 5910 or by email: email@example.com.
© Financier Worldwide
Mark W. Brennan and Roma Nandwani
Hogan Lovells US LLP