Banks Push Back Against FTCPA

By Jeff Fotta

It’s no secret that telemarketers and sales reps get a bad rap. That’s why the Federal Communications Commission (FCC) implemented the Federal Telephone Consumer Protection Act (FTCPA) to regulate how consumers are called and to offer consumers a right of action should they receive unwanted telephone solicitations.

This summer, the Federal Communications Commission responded to over two-dozen petitions, including petitions filed on behalf of both the ABA and the Consumer Bankers Association (CBA), requesting clarification on the consumer protection regulations. As of July 10, in a three-to-two vote, the FCC released its declaratory ruling on the TCPA, dubbed the the FCC chairman as “One of the most significant FCC consumer protection actions since it established the Do-Not-Call Registry with the FTC in 2003.”

While the customer should always be top of mind in the sales process, regulations make it more difficult for legitimate businesses to conduct legitimate business. Even those with the best of intentions have a difficult time remaining compliant due to the complexity of the rules and confusion over the law’s language. According to a recent report issued by the U.S. Chamber of Commerce’s Institute for Legal Reform, lawsuits based on the TCPA  went up by 30 percent in 2014.

The TCPA, and its regulations on the use of automated dialers, is generally focused on reducing unwanted telemarketing spam calls. However, since automated dialers are an efficient way of communicating time-sensitive issues to customers in the financial services industry, the TCPA has become one of the most hotly contested issues in banking today. What do you do if the best way to communicate with your customers is so heavily regulated that you don’t know where to begin?

While there was much speculation that the FCC would expand the scope of the law, it appears that the FCC, through its Declaratory Ruling, stayed true to its promise to offer some clarity to an industry inundated with class action suits. Below is a summary of those industry-filed petitions and what you need to know about the TCPA Declaratory Ruling.

TCPA rules and the Declaratory Ruling

The TCPA restricts the use of automatic dialing systems, prerecorded voice messages, SMS text messages received by cell phones, and the use of fax machines to send unsolicited marketing communications to customers. Specifically, the TCPA prohibits the use of an “automatic telephone dialing system” to contact “any telephone number assigned to a … cellular telephone service” without “prior express written consent” from the person being called. They define “prior express written consent” as a signed, written agreement from each individual consumer that clearly and conspicuously discloses to the consumer that:

• By signing the agreement, he or she authorizes the contactor to deliver, to a designated phone number, telemarketing calls that utilize specified types of technologies; and

• The consumer is not required to sign the agreement or agree to enter into it as a condition of purchasing any property, goods or services.

To make matters more confusing, the standards for what constitutes “prior express written consent” vary widely state-by-state making it more difficult for businesses to keep track.

However, the main source of confusion and contention as it relates to the banking industry is the issue of the “automatic telephone dialing system.” Technically, it’s defined as “equipment which has the capacity, even with some modifications, (a) to store or produce telephone numbers to be called, using a random or sequential number generator, and (b) to dial such numbers.” To be considered an “automatic telephone dialing system,” the equipment need only have the “capacity to store or produce telephone numbers” without human intervention, even if that capacity is turned off.

In the Declaratory Ruling, the FCC clarified that while it intended to create a very broad definition of technology covered under the TCPA, the FCC clarified that “the term ‘capacity’ in the definition of [ATDS] is not unbound or so broad as to make any equipment that can dial a number an [ATDS] is not unbound or so broad as to make any equipment that can dialy a number an [ATDS].” While there was much speculation that the revisions would significantly expand the definition, the new definition is merely formalizing the guidance that was already provided by the FCC; however, the FCC did broaden the scope of the definition by stating that it still reserves the right to determine what is an ATDS on a “case by case basis.”

This definition also applies to text messages as well. The FCC has been clear that systems used to deliver bulk text messages are considered to be automatic dialing systems, and that text messages delivered with these systems were “recorded calls for the purposes of the TCPA rule.” Text message campaigns thus need to meet the same standards, including the prior express written consent and the associated disclosure obligations.

While other industries may use automated dialers to create and dial telephone numbers arbitrarily for telemarketing purposes, the banking industry uses them as an essential tool for communicating with customers. Banks engage in a wide range of informational, nonmarketing communications—from notification of potential fraud, to data breaches to pending money transfers—all of which are beneficial to the consumer, and at times are used in an attempt to comply with state and federal laws that require such notifications (e.g., data breach notification laws). When time is of the essence and bulk notifications must be sent, automated dialers not only reduce the time it takes to dial a number manually, but also reduce the chance of reaching an incorrect consumer and raising unwarranted red flags.

The implication of this burden is exacerbated by the growing trend of consumers dropping landlines in favor of exclusively using wireless numbers. In fact, more than two-fifths of American homes (44 percent) have only cell phones only—no landline phone. That means that without express consent granting the bank exclusive permission to use an automated dialer to contact the consumer at the specified cell phone number, banks cannot contact almost half of the American households even for beneficial consumer notifications. And, it is even more confusing because banks cannot tell whether a number is a landline or a cell phone.

Banks have typically employed third-party services to certify whether a number is wireless at the exact time of the call. In order to determine if a telephone number is wireless, you must utilize a data source that identifies both phone number exchanges pre-assigned for wireless use/distribution, and wireless numbers that have been ported over from traditional landline to wireless use. The FCC has provided a 15-day Safe Harbor for the identification of those numbers that have been ported over to wireless use so certifications must occur every two weeks, at the very least.

Bankers take action

In late 2014, the ABA filed a petition asking the FCC for an exemption to the automated dialing rules that would permit calls to wireless telephone numbers without prior express consent if the calls were placed for one of the following reasons:

1. Calls to notify consumers about risk of fraud/identity theft;
2. Data breach of customers’ personal information;
3. Steps consumers can take to prevent or remedy harm caused by data breaches; and
4. Actions needed to complete a money transfer.

The ABA asked the FCC for calls to be permitted to wireless telephone numbers without consumer consent because “all of these messages serve consumers’ interests and can be conveyed most efficiently and reliably by automated calls to consumers’ telephones, which increasingly are wireless devices.”

Similarly, the Consumer Bankers Association (CBA) also filed a petition in the fall of last year seeking clarity from the FCC on the definition of “called party,” the party from which you must obtain consent, on whether the term “called party” refers to the intended recipient of the call or the actual recipient. The CBA is asking the FCC to clarify that a “called party” refers only to the “intended recipient” of the call. This clarity is requested under the TCPA so that financial institutions may know how to handle calls placed to what they believe are the intended recipients, but instead the telephone number has been reassigned to another consumer. By confirming that only “intended recipients” are “called parties,” the CBA claims the FCC will:

1. “Prevent potential chilling of beneficial consumer communications;
2. Shield consumers from higher costs stemming from institutions’ increased litigation and compliance expenses;
3. Squash frivolous litigation that is inundating courts and creating inconsistent law; and
4. Allow small businesses to grow and nonprofits to reach their goals without the threat of litigation.”

The CBA argued that if a caller is liable for obtaining the consent of what they believe is the called party but the telephone number has been reassigned and the new identity of the called party cannot be confirmed before the call, then compliance with the prior express consent requirements is impossible.

Despite even the most well-meaning professionals, the use of automated dialers has forced an unprecedented amount of TCPA lawsuits, and the continued uncertainty over what “called party” means has created an environment of constant legal threat that prevents banks from sending valuable information to their customers by the most effective means.

Both the ABA and the CBA’s petitions were reviewed by the FCC, and the Consumer & Governmental Affairs Bureau released Public Notices seeking comment on each petition in late 2014. Based on these public comments, the FCC responded directly to both the ABA and the CBA petitions.

The FCC Response to the ABA: Robocall exemption for certain financial institution alerts.

The FCC responded directly to the ABA petition and confirmed exemptions for “robocalls” placed to wireless numbers in cases of fraud, breach of customer’s personal information, potential data security breaches and steps consumers can take to prevent harm, and actions needed to arrange for receipt of pending money transfer.

While the FCC did grant exemptions for these communications, a limit of three calls over a three-day period per event was created. Additionally, consumers still have a right to opt-our of these types of financial alerts. Financial institutions were warned by the FCC that opt-outs must be honored immediately upon receipt.

The FCC responds to the CBA: Calls to reassign numbers safe harbor

The days that a business will be held strictly liable for calling a previously consented-to number in good faith without knowing it was reassigned are over. While the Fcc declined to redefine “called part” to included intended party, it did acknowledge the predicament of reassigned phone numbers and how to handle your business’ consent lists if that number is reassigned; thus, you no longer have consent of the phone subscriber. Callers now have some breating room, as the new rules created a one-call safe harbor, allowing a single call to a telephone number if a number has been reassigned before facing TCPA liability. The caller, and not the called party, ears the burden of demonstrating: (1) that he had a reasonable basis to believe he had consent to make the call, and (2) that he did not have actual or constructive knowledge of reassignment prior to or at the time of this one-additional call window.”

How can you prepare?

If all of this makes your head spin, you’re not alone. If you are unsure of your bank’s compliance with any of the above, the first thing to do is assess your current procedures for capturing and recording consent, and whether they meet the TCPA requirements. Sales data, collection points and prior consent information should all be reviewed by these standards.

When collecting consent, make sure you set clear expectations with consumers while also thoroughly and automatically documenting every step in the process. Successful approaches to this include capturing required consent via email, website form or voice recording, and then maintaining a record of consent for as long as legally required. How long a consent record must be maintained is contingent upon federal and varying state law, but ultimately depends on how long a regulator may need to investigate.

Reviews of your current policies and procedures surrounding the use of automated dialers should be done often and regularly. You should consider hiring outside counsel to review your consent capture points and disclosures to ensure they are in compliance with the TCPA, as it stands today.

Tap into sales intelligence data, too. If your system is monitoring the activity of your sales reps across branches, you’re able to measure adherence to company-set compliance guidelines, and also identify any potential areas of noncompliance that can be address before it’s too late.

Unlocking your bank’s potential

Most view regulations as a business and sales hindrance, but the reality is that they can actually help you with better targeting, which leads to improved productivity and customer service, and increased revenue opportunities.

Think of it this way: You have a list with thousands of phone numbers on it, and you blindly call them all. Not only is this against the law, but you’re wasting precious time and resources calling people who likely have no interest in your product or service. On the other hand, people who have consented to receive communication from you have shown an initial interest in your company. Therefore, they are more open to learning about your offering, and ultimately, more likely to become a paying customer.

The TCPA as well as other federal and state marketing privacy regulations are growing stricter by the day. However, this doesn’t mean outbound marketing to phones will cease to be a source of a bank’s growth. Banks that proactively address the new and changing regulatory environment are sure to reap the rewards—in sharp contrast to those firms that ignore the regulations and risk brand damage, as well as those that shy away from phone-based marketing completely. Those banks risk losing market share by failing to leverage a marketing channel that has proven to be effective and always within arm’s reach of the consumer, whether they’re at home, work or on the go.

Negligence in this regard obviously has serious consequences. It may bring you not only costly fines, class-action settlements and legal fees, but it can also permanently damage your bank’s reputation and hurt your future bottom line.

Jeffrey Fotta is president of Gryphon Networks. The company offers technology to help marketers comply with state and federal do-not-call and privacy regulations. Email: [email protected].