Compliance Jul 8, 2026 9 min read

TCPA Compliance Checklist for Outbound Call Centers (2026)

Knowing the TCPA rules is the easy part. Proving you followed them on the call is where centers get caught.

Ansh Deb

Ansh Deb

Founder & CEO

TCPA Compliance Checklist for Outbound Call Centers (2026)
$500 to $1,500

TCPA penalty per call

8am to 9pm

local calling window

100%

of calls, made provable

TL;DR

  • Understand the core rules: obtain prior express written consent, scrub against National and internal Do Not Call lists, stick to local calling windows, state proper disclosures, and honor opt-out requests instantly.
  • The landscape shifted: the FCC one-to-one consent rule was vacated by the Eleventh Circuit in January 2025, returning the standard to prior express written consent. At the same time, consumers gained the right to revoke consent by any reasonable means, at any time.
  • The proof is the pivot: most outbound operations get fined not because they broke the rules, but because they could not prove they followed them on the live call.
  • Legal disclaimer: this is operational guidance, not legal advice. Always check the current state of local and federal law with your qualified legal counsel.

Most TCPA litigation does not target operators who ignore compliance. It targets operators who followed their compliance protocols perfectly, yet could not prove it when a demand letter arrived.

TCPA compliance for outbound call centers is the operational framework for dialing consumers within legal boundaries: obtaining valid consent, honoring opt-out requests, and documenting every interaction to protect against litigation. This practical checklist walks how to protect your operation before you dial, on the call, and after the conversation ends.

Disclaimer: this guide provides operational best practices. It is not legal advice. The TCPA landscape shifts constantly. Consult your own legal counsel to verify these rules for your specific campaigns.


The outbound compliance checklist at a glance

StageOperational requirementLegal standard / reference
Before you dialObtain prior express written consent for autodialed/prerecorded telemarketingReinstated "prior express written consent" standard (Jan 2025 11th Circuit ruling)
Before you dialScrub the National DNC Registry and update internal suppression listsFTC and FCC Do Not Call rules
Before you dialScrutinize wireless numbers with extra careAutodialer restrictions on mobile lines
On the callProvide accurate caller ID, identify the caller, and disclose recordingFederal identification requirements and state-level two-party recording consent
On the callKeep calls within the 8 a.m. to 9 p.m. window of the consumerTCPA calling-time restrictions (local time of the called party)
On the callEnd the call and log internal DNC upon a verbal opt-outInternal DNC and opt-out honoring requirement
After the callProcess consent revocation via any reasonable means2025 FCC consent-revocation rule
After the callKeep audit-ready records of on-call behaviorBest-practice evidence for litigation defense

Before you dial

1. Secure prior express written consent for marketing

If you run autodialers or prerecorded marketing messages, you must have prior express written consent: a written agreement, signed by the consumer, with clear disclosures showing they agreed to receive your telemarketing calls.

Keep in mind that the regulatory environment changes quickly. The FCC's strict one-to-one consent rule was vacated by the Eleventh Circuit in January 2025 (Insurance Marketing Coalition v. FCC), which prompted the FCC to reinstate its prior express written consent standard. While you do not need consent scoped to a single seller under federal law, you still need a verified, signed, documented agreement for every lead you contact, and you need to be able to produce it.

2. Scrub against the National DNC, and update your internal DNC list

Running clean outbound means scrubbing your lead sheets against the National Do Not Call (DNC) Registry. Federal rules also require you to maintain and respect an internal DNC list. If a consumer asks your agents to stop calling, their number must go onto your company's internal suppression list. Plaintiffs' attorneys often check whether you honor internal DNC requests across all your active campaigns.

3. Treat wireless numbers with extra restriction

The TCPA treats cell phones with a higher level of scrutiny. Placing autodialed or prerecorded telemarketing calls or texts to a mobile number without documented prior express written consent is a violation. When compiling dialer lists, treat every mobile number as a high-exposure path.


On the call

4. Provide accurate identification

Your agents must state the name of the business responsible for the call at the start of the conversation. If you are a BPO dialing on behalf of a corporate client, disclose who you are representing. You must also transmit accurate, non-deceptive caller ID.

5. Deliver clear disclosures and state recording notices

Read the required disclosures at the beginning of the pitch, not buried at the end. And if the consumer is in a state that requires two-party consent, your agents must state that the call is being recorded. Getting this right on every call is the baseline, because a missed disclosure on a single call can lead to a dispute.

6. Stay strictly inside the 8 a.m. to 9 p.m. calling window

The TCPA limits telemarketing calls to the hours between 8 a.m. and 9 p.m. in the local time zone of the called party. A dialer set to your local clock will call a consumer two time zones away too early or too late, an automatic violation regardless of intent. Your dialing software must restrict campaigns based on the recipient's local time.

7. Honor verbal "do not call" requests instantly

If a consumer says "stop calling," "take me off your list," or any equivalent, the agent ends the call and the number goes on your internal DNC list. Training agents to talk past a clear opt-out to salvage a pitch is one of the fastest ways to earn a TCPA claim, and one of the easiest for a plaintiff to prove.

8. Keep agents aligned with compliance scripts

Off-script promises and unapproved claims are their own category of exposure. Compliance frameworks only protect your call center if your agents actually follow them on live calls.


After the call

9. Process consent revocation by any reasonable means

Under an FCC rule that took effect in 2025, consumers can revoke consent by any reasonable method, at any time: a verbal statement on a call, a text reply like "STOP," an email, or a letter. You cannot force consumers to use a specific form or portal. Your systems must capture these requests and suppress the numbers across your entire database, promptly.

10. Keep your records, and be able to prove what was said

Retain your consent records. But understand the gap: a lead form proves a consumer opted in on a website. It does not prove what happened during the live call, that your agent read the disclosure, stayed on-script, or honored the opt-out. For that, you need a verifiable record of the actual conversation, and a raw recording isn't evidence on its own.


Where outbound operations get caught

Read that list again. Almost every item is something you can perform correctly every single day and still lose a dispute over, because executing a protocol and proving you executed it are different problems.

When a demand letter arrives, it names a specific call on a specific date. To defend it, you have to show what was said on that exact call. Most operations cannot, because a human QA team only samples about 2% of calls, and the disputed one is almost never in that sample. The rules were followed. The proof is missing.

For instance, if a consumer claims your agent called outside the legal window, talked past a verbal opt-out, or skipped a disclosure, statutory damages start at $500 per call and rise to $1,500 per call if a court finds the violation willful. Without a verifiable record of that conversation, defending those penalties is close to impossible.


How Klariqo closes the proof gap

Klariqo scores 100% of your calls, not just a 2% sample, against the exact rules on this checklist. It automatically checks that disclosures were read, the identification was stated, the script was followed, and any verbal opt-out was honored.

Every call is then sealed into a signed, tamper-evident record built on the open vCon standard, independently witnessed by JLINC, and verifiable by anyone in a public verifier at klariqo.com/vcon/.

To be precise about what that covers: Klariqo gives you audit-ready evidence of on-call behavior. It does not validate the upstream written consent, that stays your and your lead source's responsibility, and it does not make your company compliant or act as your counsel. What it removes is the blind spot: the moment a call is disputed and you have no way to show what was actually said.

FAQ

Is the one-to-one consent rule still in effect? No. The Eleventh Circuit vacated the FCC's one-to-one consent rule in January 2025 (Insurance Marketing Coalition v. FCC), and the FCC reinstated the prior express written consent standard. You do not need consent scoped to a single seller under federal law, but you must still secure valid, documented written consent before dialing. Confirm the current state with your counsel, since this area keeps moving.

What are the TCPA calling hours? Telemarketing calls are restricted to 8 a.m. to 9 p.m. in the local time zone of the called party. Some states set narrower windows or add restrictions on holidays and weekends, so scrub against the consumer's location, not your office clock.

Does the TCPA require call centers to record calls? The TCPA itself does not mandate recording. State two-party-consent laws may require a recording disclosure. Operationally, a record is how you defend a claim, and a raw audio file can be disputed as edited, whereas a signed, tamper-evident record provides verifiable proof of the call's integrity.

How do I prove TCPA compliance for a specific call? You need a record of that call that shows what was said and confirms the file has not been altered. That means scoring the call against your rules and sealing it into a signed, independently verifiable record, so an auditor or court can confirm the disclosure was made and the opt-out honored.

What are the penalties for violating the TCPA? $500 per violation, and up to $1,500 per violation if a court finds it willful or knowing. On a high-volume floor, a single unaddressed pattern multiplies fast.

Score every call against this checklist

Klariqo scores 100% of your calls against the rules you set and hands you a signed record of each one. Upload a call and verify it yourself in the browser.

Verify a sample record →

Prove what was said on every call.

Turn one of your own calls into a signed, tamper-evident record you can verify yourself. No signup.