SMS marketing is a popular method of marketing to and communicating with your customers via text message. If your business is looking to launch an SMS marketing strategy and tools, you must pay attention to SMS compliance.
It’s understandable, however, if the term “compliance” brings up a certain amount of trepidation, since not understanding or adequately managing compliance can put your business at risk. And SMS marketing compliance is no different.
To help instill confidence in your SMS marketing efforts, let’s discuss why SMS compliance is so important and how you can ensure you stay on top of it with an SMS compliance checklist.
Importance of SMS compliance
Today, SMS is the fastest-growing marketing channel because it reflects the preferred mode of communication — texting — among consumers. That’s why using SMS to reach your customers is one of the most effective marketing strategies.
However, the explosive growth of SMS marketing has resulted in new laws and regulations governing it. SMS compliance standards have become stricter to protect consumers from unwanted business solicitations and communications over the years. Laws around spam, consumer privacy, and data collection — including the Federal Communication Commission’s Telephone Consumer Protection Act (TCPA) and CAN-SPAM Act, the General Data Protection Regulation (GDPR), and the Cellular Telephone Industries Association (CTIA)’s best practices for business texting — restrict who businesses can text and for what purposes.
If you’re not sure which SMS laws or practices apply to your particular business, you risk fines, lawsuits, or worse. And if you needlessly bother your customers with texts they don’t want, you can damage your business reputation as well.
To be clear, though, the point of talking about an SMS compliance checklist isn’t to scare you away from SMS marketing. Many types of businesses use SMS every day — without incident. So as long as you’re following a few critical rules, you can go forward confidently knowing that you’re using SMS responsibly.
The TCPA and SMS compliance
The Telephone Consumer Protection Act (TCPA) is the primary law regulating SMS compliance. Originally enacted to protect consumers from telemarketers, the TCPA has since evolved to include text messages.
Here’s what the TCPA stipulates with regard to businesses using SMS (which we’ll cover in greater detail below):
- You may not send text messages to consumers without their consent.
- You must get explicit written consent from consumers to contact them. Providing a double opt-in process in which the customer provides consent when they initially subscribe to SMS, and then again with the first text they receive, is a legal way to meet “explicit written consent.”
- You must provide an easy way for customers to opt out of texts at any time.
- You may not send or schedule texts to arrive before 8 a.m. and after 9 p.m. in your subscribers’ time zone(s).
- You must provide clear and truthful information and avoid sharing prohibited content in messages.
- Lastly, you must identify yourself and include your company’s name in every message so customers know who the message is from.
Failing to follow SMS compliance is a surefire way to irritate your customers and get into trouble. For example, without proper SMS opt-in, you can be fined anywhere from $500 to $1,500 per willful violation, meaning you knowingly texted a customer who wasn’t opted in. Fines can add up if you’re not careful, which brings us to the SMS compliance checklist.
How to get compliant: Your SMS compliance checklist
Now that we’ve talked about the TCPA, let’s get into the practical details of how to go about achieving SMS compliance. The following outlines the steps and a checklist to properly ensure SMS opt-in and opt-out are legally sound. Disclaimer: this information does not constitute legal advice. Please check with your legal counsel if you have specific questions or concerns.
1. Get set up with an SMS-compliant platform
The texting platform you use needs to comply with the TCPA by providing double opt-in, automatically unsubscribing customers when they opt out, and keeping all customer information safe. Choosing an all-in-one reputation management platform with built-in SMS capabilities is ideal as you can easily incorporate SMS-compliant campaigns into your overall marketing strategy with convenient one-stop access to existing customer data and feedback that you collect and monitor as part of a reputation management strategy.
The platform you choose should also allow you to register the phone number(s) you’ll use to text customers as part of the A2P 10DLC (Application-to-Person 10 digit long code) standard. This is a newer SMS compliance requirement from 2023 intended to reduce spam that allows mobile carriers to make sure businesses are texting customers in a consensual way. To register, you’ll need to understand your business or brand type, texting use cases, and the phone numbers you’ll be using for your SMS campaigns.
There are a number of SMS marketing software solutions on the market that meet SMS compliance — including complete reputation management platforms — so it shouldn’t be difficult to find one that’s right for your business.
2. Legally and transparently acquire customer contact information
When a customer makes a purchase, signs up for an account, or visits your website or store location, you can ask for their contact information including name, email, address, and phone number.
However, if you ask for their phone number and want to text them, you must get consent and provide disclosure language for them to opt into text communications (see the example below) to meet SMS compliance. Disclosure language should include a privacy policy and terms and conditions governing the collection, use, and sharing of such customer information that can include:
- What type of messages customers can expect to get from you
- How often they can expect to get messages
- Message and data rates that may apply, depending on the carrier
- Opt-out instructions
- Help information
3. Offer a double opt-in agreement — a.k.a. explicit written consent
The first text message you send to your SMS subscribers should be an automated text asking for additional consent (see the example below) and including your business name so they know who the text is coming from. Additional consent is especially important for your SMS compliance if you’re using texting to send promotional or marketing texts or texts that include personal information.
Customers responding with “Y” or “Yes” are truly opted into your SMS program. Anyone responding “N” or “No” have NOT opted in to receive SMS from you and should not be contacted unless they reinitiate and then provide double opt-in consent.
Double opt-in isn’t quite as important if you plan to send texts that pertain to customer support inquiries only. But asking for double opt-in no matter what ensures you’re only texting customers who truly agree to it.
4. Provide customers an easy way to unsubscribe — or opt-out
Like email, SMS compliance requires that you offer a way for customers to unsubscribe from your text communications.
This means you need to include language at the end of every text you send that reads something like “Reply STOP to unsubscribe” — or a similar phrase — so that every subscriber knows they can choose to stop receiving text messages from you at any time and have exact instructions on how to do so (see the example above).
Then immediately and completely remove any customers who opt out from your SMS subscriber list.
5. Don’t send prohibited content
SMS compliance also applies to the message itself. To meet requirements, you must be careful not to send messages with unlawful or illicit content. Not only is this a legal obligation of yours, but it simply makes good sense not to turn off your SMS subscribers with inappropriate messages. The point is to keep them engaged and interested in your content — not offend them.
According to the CTIA, which represents the wireless communications industry, as a business you should avoid sending:
- Spam
- Fraudulent or misleading messages
- Depictions or endorsements of violence
- Inappropriate content
- Profanity or hate speech
- Endorsement of illegal drugs
- Content that violates legal or ethical obligations when marketing to children under the age of 13
6. Only send texts during appropriate hours
You’re not quite done yet. No SMS compliance checklist is complete without ensuring the timeframe in which you send text messages is during typical business hours. This helps ensure that you’re respecting your customers by not unduly waking them up in the morning or bothering them late at night.
To stay within appropriate hours, avoid sending texts before 8 a.m. or after 9 p.m. in the time zones in which your SMS subscribers live.
Quick-scan SMS compliance checklist
Now that you understand the basic laws and best practices around SMS compliance, here’s a checklist you or your team members in charge of SMS marketing can quickly scan and refer to:
- Does the texting platform you’re using offer features that meet SMS compliance?
- Have you registered the phone number(s) from which you plan to send SMS campaigns?
- Have all of your SMS subscribers willingly provided their contact information and consented to be contacted by SMS?
- Upon receiving initial consent, did you send a first text message to your SMS subscribers asking for explicit written consent through additional opt-in (or double opt-in)?
- Are you only sending messages to those subscribers who consented via double opt-in?
- Do you always provide a way for subscribers to opt out of receiving text messages?
- If someone opts out, did you promptly remove them from your SMS subscriber list?
- Are your text messages appropriate for each audience and do they avoid unlawful or illicit content?
- Do you send or schedule texts during typical business hours?
To learn how GatherUp’s reputation management platform with built-in SMS marketing capabilities can help you cross off your SMS compliance checklist, start a free trial today.