TCPA Compliance for Call Centers: The SOP Playbook

$500 to $1,500 per violation, per call. That's the statutory damages range under the Telephone Consumer Protection Act. Not per campaign. Not per complaint. Per individual call. A 200-seat outbound collections floor making 15,000 calls a day can generate seven figures in TCPA exposure before lunch.

Here's how it happens. An agent on your early-shift collections team pulls a dial list that wasn't scrubbed against your internal Do Not Call registry. The list was supposed to be suppressed overnight, but the procedure for running the suppression match lives in a PDF that your former compliance analyst created in 2022. That analyst left eight months ago. Nobody updated the document when you switched dialers. Nobody is even sure where the current version is.

The agent dials 47 numbers on the DNC list over two days. Three of those consumers file FCC complaints. One retains a plaintiff's firm that specializes in TCPA class actions. Their first discovery request asks for your written DNC procedures, your suppression list protocols, your agent training records, and evidence that the agent who made the calls was trained on the current version of each procedure.

You can't produce any of it. Not because the procedures don't exist—they do, somewhere—but because nothing is version-controlled, nothing is linked to specific agents, and you have no record proving anyone was trained on the version that was supposed to be in effect on the date of the violation.

What TCPA Actually Requires from Your Operations

The TCPA (47 U.S.C. § 227) and the FCC's implementing regulations (47 CFR § 64.1200) impose specific operational requirements on any organization making outbound calls. The law itself isn't ambiguous. The problem is translating legal mandates into agent-level procedures that are current, accessible, and provably trained on.

Here are the operational obligations that need documented, version-controlled procedures:

• •Prior express consent documentation: You must have written procedures for how consent is obtained, recorded, and stored. For calls using an automatic telephone dialing system (ATDS) or prerecorded voice, you need prior express written consent. Your agents need to know what qualifies as valid consent, how to verify it before dialing, and what to do when consent is revoked mid-call.
• •Internal DNC list management: Under 47 CFR § 64.1200(d), you must maintain a company-specific DNC list of consumers who have asked not to be called. You must honor requests within a reasonable time (the FCC expects 30 days). Your procedure needs to specify who owns the list, how requests are logged, how the list is applied to outbound campaigns, and how agents handle real-time opt-out requests.
• •National DNC registry scrubbing: You must scrub your call lists against the National Do Not Call Registry at least every 31 days. The procedure must specify the scrub schedule, who runs it, how exceptions (existing business relationships, prior express permission) are documented, and what happens when the scrub fails or is delayed.
• •Calling time restrictions: Calls to residential numbers are prohibited before 8:00 a.m. or after 9:00 p.m. in the called party's local time zone. Your procedure needs to address time zone determination, daylight saving transitions, and what happens when a consumer's area code doesn't match their physical location.
• •Abandonment rate limits: The FCC caps abandoned calls at 3% of answered calls per campaign over a 30-day period. Your procedure must define how abandonment is measured, who monitors the rate, and what corrective action is triggered when you approach the threshold.
• •Required disclosures: Within two seconds of a call being answered by a live person, agents must identify themselves, the entity on whose behalf they're calling, and provide a callback number. For prerecorded messages, opt-out instructions must be provided. These disclosures need to be scripted, and your agents need to be trained on the exact language.

Each of these obligations needs a written procedure. Each procedure needs to be current. Each agent needs to be trained on the current version. And you need evidence of all of it. That's six categories of procedures, each with multiple sub-procedures, each requiring version control, training records, and audit trails.

Where Call Centers Actually Get Burned

TCPA lawsuits don't usually succeed because a call center had no procedures. They succeed because the call center can't prove the right procedures were in effect, that agents were trained on them, or that the procedures were actually followed. The gap isn't intent—it's evidence.

Here are the specific failure modes we see over and over:

• •Procedures exist but aren't version-controlled. Your consent language changed in Q3 when legal updated the disclosure requirements. Someone edited the Word document on SharePoint. But the version agents were reading during training was cached locally from Q1. You now have agents using two different consent scripts and no record of which version was authoritative on the date of the alleged violation.
• •Agents were trained on an outdated version. Your DNC scrub procedure was updated after you switched vendors, but the training materials still reference the old vendor's portal and the old suppression file format. New hires get trained on a procedure that doesn't match your current operations. When one of them makes a call to a suppressed number, you can't claim adequate training.
• •No evidence linking agents to procedure versions. You held a training session on the updated calling-hours procedure. Twenty agents attended. But your only record is a sign-in sheet with names and a date—it doesn't specify which procedure version was covered. Plaintiff's counsel argues the training was on the old version. You have no way to disprove it.
• •Compliance team can't prove what was in effect when. A consumer alleges they were called after revoking consent on March 12. Your compliance team needs to show the consent revocation procedure that was in effect on March 12, prove the agent was trained on it, and demonstrate the procedure was adequate. Without date-stamped version history, you're guessing.
• •State-level TCPA laws add layers nobody tracks. Florida's Telephone Solicitation Act (effective July 2021) imposes a $50,000 per-call penalty for willful violations and restricts calling hours to 8 a.m.–8 p.m. (narrower than federal rules). Oklahoma, Washington, and several other states have their own mini-TCPA statutes. If your procedures only reference federal requirements, you're exposed in every state with stricter rules—and nobody is tracking which agents serve which states.

The common thread: the procedures were written at some point. But they degraded. Versions drifted. Training records disconnected from procedure versions. And when litigation arrived, the call center couldn't reconstruct what was supposed to happen on the day in question.

How We Built This into SOP Studio

SOP Studio was designed for exactly this problem: regulated operations where you need to prove what procedure was in effect, who was trained on it, and when. Here's how each capability maps to the TCPA compliance gaps described above.

The Math on TCPA Exposure

TCPA class actions routinely settle in the tens of millions. Capital One settled for $75.5 million in 2014. Dish Network was hit with a $280 million judgment in 2017. These are extreme cases, but the economics apply at every scale.

Take a mid-size collections operation making 8,000 outbound calls per day. If 0.5% of those calls hit a number that should have been suppressed—that's 40 potential violations per day, or roughly 800 per month. At $500 per violation (the statutory minimum), that's $400,000 in monthly exposure. At the $1,500 treble damages rate for willful violations, it's $1.2 million per month.

The "willful" threshold is lower than most call center operators think. Under FCC guidance, failing to implement reasonable procedures to maintain your DNC list can constitute willfulness. If you can't demonstrate that you had written procedures, that agents were trained on them, and that the procedures were current—you're in willful territory.

SOP Studio costs a fraction of a single TCPA settlement. The question isn't whether you can afford SOP management software. It's whether you can afford to defend a TCPA claim without it.