Be careful who you entrust with your call compliance chores! Dino Tsibouris, Tsibouris & Associates, LLC, listed in The Best Lawyers in America in the area of Technology Law 2007-2011, answers questions about vendor compliance and how it can cost you through DNC & TCPA enforcement actions - and what you can do about it.
From our experience in the technical marketing arena, DNC violations include:
- Violating consumer protection statutes repeatedly;
- Using a third party to do the work on their behalf without meaningful vendor training;
- Abdicating effective supervision over third-party vendors.
The importance of vendor supervision can’t be overstated. It serves to identify and correct a vendor’s compliance violations to the same extent you would supervise your own staff. And your vendor oversight agreements should be in writing - so everyones on the same complinace page. For example, we are concerned with the importance of B2B Cell Scrubbing right now. (See our Blog: "Why B2B's Should Scrub Cells Now.") It seems many companies are heading down the wrong path.
You wouldn’t have your internal compliance manager hire employees and then not supervise them. Regulators view regulated companies who hire an independent contractor no differently.
Bob: As a legal matter, is it better to hire a company that invests in a robust compliance framework as part of its business model? If so, why?
It's definitely better to work with a company that focuses on compliance as a core part of its service because laws and various judicial interpretations are very complex and the penalties are substantial. Moreover, companies are faced with the proliferation of class action lawsuits over technical violations:
- It is becoming prohibitively expensive to handle DNC in-house anymore.
- A compliance specialist can handle complaints so they don’t get bottled up. These complaints traditionally get lodged at the contractor, and are not reported to the company.
- A compliance specialist can introduce critical oversight, metrics, and performance reporting as required by your company.
Hiring a vendor who does not address key compliance issues, failing to implement adequate oversight, and failing to establish robust complaint reporting and verification can result in substantial liability, including regulatory investigations and settlements. See: "Do-Not-Call Protection."
There are so many ways that you can run afoul here – It is technically possible to do it internally, but it may be substantially more cost-effective to work with a professional solution. This is the common theme we hear over and over again. Unfortunately, many people that say, “We’re fine, we’ve got it from here, we’re good!”
So it’s really an issue of corporate governance and risk management - how can you can hire somebody to do it more effectively. Specialists can offer efficiencies of scale that can’t be built in-house.
Bob: What is the most important thing in management of compliance issues?
Oversight of complaints. This arose from large-scale mortgage servicing errors when loans would get sold, the borrower wasn’t notified, and when they actually tried to call someone they would get the runaround or they would get nothing. Or they’d get sent to eternal hold. See our Blog: "Call Center Manager Best Practices for No Complaints."
Routing these complaints directly to your company is the biggest key here. If you choose to have them go to the vendor, you need to monitor those complaints – closely. How the operators are responding to each request. If you haven’t noticed, most solicitors have no idea what you’re talking about when you ask to file a complaint. No training. No filing. Just reading the script.
Bob: So yes, use vendors, but in compliance...
Ones that have all the latest technology and access to all the proper lists and robust recordkeeping. They should care about it as much as you do, it’s their core business and they should do it better than a company dealing with is as just part of their business. They may not make the same investment, and they may not have the same expertise.
Be aware, what happens frequently, because management and reporting staff can be so thin within a company, they don’t staff up enough to be able to effectively manage their vendors. And they just deal with the ones that are important. Overseeing the ones that have the most moving parts - but not necessarily the ones that have the highest legal risk. And for something like this, there’s a big legal risk.
When hundreds of thousands of people who are on the Do-Not-Call List get called regularly, as with Capital One for example, that’s a big legal risk.
(Please Note: No endorsement of any third party products or services is expressed or implied by Mr. Tsibouris – be sure to ask your own attorney for legal advice specific to your company.)
What do you think? Have compliance comments or questions for Dino - please contribute to the comments section below! -