receives compensation from some of the companies listed on this page. Advertising Disclosure


The TRACED Act: How to Protect Your Business

Rozanne Andersen
Rozanne Andersen

Learn how new legislation may impact your business's communication with consumers.

As the 116th United States Congress neared the end of its first session, legislators from both sides of the aisle set their sights on robocall practices. The Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act, sponsored by Sen. John Thune (R-South Dakota) and Rep. Frank Pallone (D-New Jersey) was signed into law by President Trump on December 30, 2019.

This new law's stated purpose was to modify sections of the Telephone Consumer Protection Act of 1991 (TCPA), but the TRACED Act also directs the Federal Communications Commission (FCC) to take action on several robocall-related issues. In effect, the law put the FCC, rather than Congress, in charge of reforming the TCPA.

For both consumers and the communications industry, the TRACED Act is a welcome development. But third-party debt collectors and the creditors they serve are rightly concerned and bracing for impact.

The legislation ignored third-party collectors' push for reforms

Over the past 15 years, the accounts receivable management (ARM) industry has consistently lobbied government officials from both parties to amend the TCPA. At the same time, the industry pushed for additional modifications to the FCC's TCPA regulations from 2003.

The ARM industry's proposed changes would have clarified important issues such as:

  • Consent requirements to use an autodialer, prerecorded message or artificial voice when contacting a consumer using their cellular number;
  • Revocation of consent requirements to use an autodialer, prerecorded message or artificial voice when contacting a consumer using their cellular number;
  • The definition of an automatic telephone dialing system and its alter ego, a manual contact system; and
  • Transferability of consent when a carrier reassigns a mobile number from one person to another.

Unfortunately, the TRACED Act included none of the revisions proposed by the ARM industry.

Nevertheless, it is critical that third-party debt collectors and other organizations that contact consumers by phone understand the TRACED Act and its potential effects. These businesses will likely be impacted as much as the bad actors targeted by the legislation, because the regulatory language developed by Congress makes no distinction between legitimate phone calls and spam.

Summary of key provisions

Here's a brief outline of the TRACED Act's main provisions, as outlined by Contact Center Compliance:

  1. Stopping robocalls: The TRACED Act directs the FCC to take final action on its June 2019 Declaratory Ruling on Advanced Methods to Target and Eliminate Unlawful Robocalls.

  2. SHAKEN/STIR: Service providers are required to implement SHAKEN/STIR, or Signature-based Handling of Asserted Information Using toKENs (SHAKEN) and the Secure Telephone Identity Revisited (STIR). These are authentication protocols for digitally validating a phone call as it passes through the complex web of telecom networks, allowing phone providers to verify that the call is actually coming from the party that appears to be placing the call.

  3. Monetary penalties: The FCC is authorized to assess penalties of up to $10,000 per call for violation with intent.

  4. Statute of limitations: The statute of limitations for a general violation is one year, while the statute of limitations for violation with intent is four years.

  5. Protections from spoofed calls: The TRACED Act instructs the FCC to enact a rulemaking to "help protect a subscriber from receiving unwanted calls or text messages from a caller using an unauthenticated number."

  6. Report on reassigned number database: Within a year of the date of enactment, the FCC must give a report to Congress on its progress in implementing its proposed official database of reassigned phone numbers.

  7. Protection from one-ring scams: The FCC is required to "initiate a proceeding to protect called parties from one-ring scams."

Business leaders in the ARM market need to take a hard look at each of these provisions. For example, the SHAKEN/STIR requirements create challenging call authentication protocols, which the FCC will hash out over the next few months and years and then enact in the form of more new rules.

Once the FCC publishes its rules, the ARM industry would do well to file comments. Any TRACED Act violation could lead to a penalty as high as $10,000 per instance. Whether SHAKEN or STIRred, that's one expensive cocktail.

5 keys to mitigating risk for your business

If you communicate with consumers, you should seek the advice of independent legal counsel. An attorney who is familiar with the TRACED Act can help you determine precisely how the legislation may impact your business's specific communication with consumers.

Here are five recommended practices and next steps to consider:

  1. Revise and enhance the required consent and revocation of consent documentation for each consumer and number.
  2. Outline a process to create reports on caller ID display for all outbound calls.
  3. Activate policies to ensure outbound calls are made using numbers associated with the proper company.
  4. Implement monitoring and analysis procedures for fraud and scam scores assigned by carriers to any outbound calls.
  5. Ensure that all outbound calls align with state, federal, and client call restrictions.

While the TRACED Act is a major development with many open questions for third-party collectors, business leaders can adopt practices and processes now to effectively manage their risks ahead of FCC rulemaking. Educate yourself on the law, and be sure to weigh in on the FCC's proposed rules.

By staying on top of developments and fine-tuning your operations, you can navigate the new legal landscape while continuing to advance your business goals.

Image Credit: Chainarong Prasertthai / Getty Images
Rozanne Andersen
Rozanne Andersen Member
Rozanne Andersen, J.D., serves as Ontario Systems VP and Chief Compliance Officer. She leads the company’s compliance products, services, and consulting initiatives. Her 28+ years of experience includes roles as general counsel, chief lobbyist, executive vice president and CEO of ACA International. As a frequent presenter and consultant on CFPB-related compliance topics, Rozanne is recognized nationally for her advocacy work on behalf of the credit and collection industry resulting in landmark FDCPA, FCRA, and HIPAA reforms.