Not only must contact center leaders and agents have strong communication skills and effective customer experience programs in place, but they must also adhere to regulations and compliance mandates.

Contact centers must stay up-to-date with changes in legislation and regulations, implement regular training and education for employees and use call center solutions to automate compliance tasks and have routine audits in place, according to McKay Bird, marketing director at TCN

Compliance Mandates to Watch in the Contact Center

Let’s get into some of the important compliance mandates contact center operators must know about:

Telephone Consumer Protection Act of 1991 (TCPA)

Congress and the Federal Communications Commission (FCC) wanted to address a growing number of telephone marketing calls and enacted the TCPA law in 1991. It restricts the making of telemarketing calls and the use of automatic telephone dialing systems and artificial or prerecorded voice messages. The rules apply to common carriers as well as to other marketers. 

In 1992, the FCC adopted rules to implement the TCPA, including the requirement that entities making telephone solicitations institute procedures for maintaining company-specific do-not-call lists, according to the FCC.

Related Article: Call Centers vs. Contact Centers: Understanding the Key Differences

Regulation F

The Bureau of Consumer Financial Protection (Bureau) revised Regulation F in 2020, implementing the Fair Debt Collection Practices Act (FDCPA). Effective Nov. 30, 2021, it addresses communications in connection with debt collection and places prohibitions on harassment or abuse, false or misleading representations and unfair practices in debt collection.

The rule traces back to 1977 when Congress passed the FDCPA to eliminate abusive debt collection practices by debt collectors and ensure that those debt collectors who refrain from using abusive debt collection practices are not competitively disadvantaged. The regulation also promotes consistent state action to protect consumers against debt collection abuses.


STIR/SHAKEN is an FCC framework of interconnected standards that stand for the Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using toKENs (SHAKEN) standards.

What does it mean? Calls traveling through interconnected phone networks would have their caller ID "signed" as legitimate by originating carriers and validated by other carriers before reaching consumers, according to the FCC. STIR/SHAKEN digitally validates the handoff of phone calls passing through networks, allowing the phone company of the consumer receiving the call to verify that a call is from the number displayed on Caller ID.

As of June 30, 2021, contact centers were on the hook per FCC rules to implement STIR/SHAKEN in the Internet Protocol (IP) portions of their networks. The goal? For Americans to “benefit from this important technology and start to have faith in their phone calls again,” FCC officials said. 

In September 2020, the FCC further implemented the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act) and adopted more rules to ensure that even those providers unable to implement STIR/SHAKEN immediately are still taking steps to protect their customers from illegal robocalls.

Related Article: Why Enterprises Are Turning to Contact Centers in the Cloud

Reassigned Number Database

The FCC’s Reassigned Numbers Database (RND) prevents a consumer from getting unwanted calls from someone who has their number. Callers can use the database to determine whether a telephone number may have been reassigned so that they can avoid calling consumers who do not want to receive the calls.

Learning Opportunities

Callers that use the database can also reduce their potential TCPA liability by avoiding inadvertent calls to consumers who have not given consent for the call. The Reassigned Numbers Database can be found at The database became operational for paid subscribers on Nov. 1, 2021. The Consumer and Governmental Affairs Bureau announced the initial interim usage charges for subscriptions to the RND.

RAY BAUM’s Act and Kari’s Law

While these two new laws only apply to emergency call situations, they're important compliance mandates for contact center leaders to consider. The new federal regulations in the US require enterprises to provide emergency telephony support for fixed and nomadic users while alerting personnel to 911 calls, according to Christian Militeau, senior director of product for 911 and emergency services at Bandwidth. As of Jan. 6, 2022, he noted, all enterprises — including contact centers — must comply with each regulations’ requirements.

“Why is this critically important for contact center leaders?” Militeau asked. “Today’s contact center agents are working across large, multi-story buildings with complex layouts and are increasingly virtual with increases in nomadic, non-fixed users. This complexity makes it challenging to provide first responders with precise and accurate dispatchable locations in emergency situations.”

Under Kari’s Law, multi-telephone systems (MLTS) manufacturers and vendors must pre-configure these systems to support direct dialing of 911. The user must be able to dial 911 without having to dial any prefix or access code, such as the number 9. In addition, MLTS installers, managers and operators must ensure that the systems support 911 direct dialing.

As for the RAY BAUM’S Act, the “dispatchable location” must be conveyed with 911 calls to dispatch centers, regardless of the technological platform used, including 911 calls from MLTS.

Dispatchable location means a location delivered to the Public Safety Answering Points (PSAP) with a 911 call that consists of the validated street address of the calling party, plus additional information such as suite, apartment or similar information necessary to adequately identify the location of the calling party, according to the FCC.

Contact Center Tips for Compliance Success

Contact centers must also consider other compliance mandates, such as Payment Card Industry Data Security Standard (PCI DSS), Do Not Call Registry (DNC) and the Health Insurance Portability and Accountability Act (HIPAA, for healthcare covered entities and business associates).

While there is a litany of compliance considerations, contact center leaders can take steps to ensure compliance across the board.

Here are a few, provided by Omri Hayner, General Manager, Portfolio and Workforce Engagement Management at NICE:

  • Implement customizable recording technology:  Recording has morphed into a must-have requirement for contact center compliance and quality purposes. It is the "go-to" point when consumers exercise their right to be forgotten or demand to receive all of the company's information on them. Regulation is constantly evolving, and in many industries, there are different federal-, state-, local- and industry-specific regulations (like PCI and GDPR) for which organizations must comply. To achieve this level of compliance, technology must have the option to customize its rules and rapidly adjust according to the company’s compliance needs.
  • Proactive personalized coaching: Proactive, personalized coaching and training improves agent performance, avoids compliance violations and costly fines. Intelligent analytics technology provides the ability to quickly identify agents with repeat violations and provides opportunities for more efficient training and coaching. It also recognizes the teams that are most adherent and those that are struggling, providing insight into where managers and coaches themselves need more training.
  • Proactive, compliance with AI-based virtual desktop attendants: Intelligent virtual attendants proactively remind agents of the need for compliance with new regulations and also send alerts of a potential violation risk in real-time. For example, smart AI-based virtual attendants proactively look for non-compliant speech in real-time, such as a heated exchange, and immediately inform agents of the need for compliance. The technology can also calculate in real-time if the statute of limitations for a particular debt is in place, notify agents of the inability to mention legal action and provide scripts to navigate the conversation to safer areas.

“The best way to ensure compliance with these regulations is by using a call center solution that helps you monitor operations, oversee agent practices and regularly run audits to stay informed and avoid penalties or lawsuits,” TCN’s Bird said.