Newsletters

Customer Support:   (972) 395-3225

Home

Articles, News, Announcements - click Main News Page
Previous Story       Next Story
    
Three Steps for Taking the Stress out of Managing Contact Center Compliance

by Rob Schneider, VP Customer Service, Connect First - January 15, 2015

Three Steps for Taking the Stress out of Managing Contact Center Compliance
By Rob Schneider, vice president of customer service, Connect First

The contact center industry is inundated with regulatory requirements but maintaining compliance is critical for business success. Ensuring compliance isn’t easy with constant regulatory changes, and some of the main hurdles include how to staff correctly, stay on top of change and manage the business through various stages of compliance.

Changes in regulations often trigger compliance failures which can lead to data exposure, fines and fees, security breaches, loss of customers, impact to reputation and civil action.

“With all the new regulations, we are seeing a tremendous increase in breaches,” said Jeff Brown, director of business development, Compliance Point. “We see multiple breaches every week from the finance, retail, healthcare and other industries.”

1. Agree that compliance is not a one-shot deal

Brown believes that the increase in non-compliance often happens because organizations take a “point in time” approach to managing change. With this approach, organizations get compliant once but then fail to maintain updates to stay compliant over time.

“Many organizations think of compliance as an annual fire drill of scrambling to get auditors the information they require,” said Brown. “This can mean that companies are creating documents on the fly for auditors, which isn’t an effective practice.”

This also creates uncertainty around how to properly complete the audit because the type of information requested changes from year to year. Turnover in organizations also creates knowledge vacuums around how compliance requirements are implemented.

Ultimately, as more advanced regulations are added, compliance costs rise and the time it takes to understand and implement regulations can become too overwhelming for contact centers that take a reactive approach.

A better way to remain compliant, manage costs and create a viable program is to have a proactive approach where compliance changes are automated and updated continuously.

Real-time monitoring of compliance is also key. Consider investing in an automation or platform tool to automate compliance activities such as assignment of tasks, notifications, escalations, etc. This way, any tasks that are not getting done will be automatically flagged in the system as a non-compliant activity and can be addressed immediately.

“Compliance should be part of the daily process,” says Brown. “It should include a defined framework that everyone understands and follows. This helps engrain the compliance mentality within the culture of the organization, and helps everyone understand their role in regard to compliance.”

2. Pay special attention to TCPA compliance regulations

Updated TCPA legislation started to be enforced in October 2013, but many contact centers have struggled to understand the rules and apply the resources to remain compliant.

The volume of class action TCPA cases continues to rise, and the FCC is becoming more aggressive in its lawsuits. On average, there are four to five new lawsuits every day. The common legal issues include, but are not limited to, calling/texting to cell phones, prerecorded messages and DNC violations.

“In many cases, the scope of consent that companies have is not sufficient for the type of calls they are making,” said Nick Whisler, legislative chair of PACE. “Other common practical issues are use of automatic telephone dialing systems (ATDS) to call cell phones, calling reassigned numbers, and the confusion across telemarketing v. non-telemarketing legislation.”

Calls to cell phones remain a primary area of conflict. The general rule is that organizations cannot use an ATDS or a prerecorded message to call a cell phone without the called party’s prior consent. The current interpretation of an ATDS is any equipment with the capacity to dial telephone numbers without human intervention. There are also stricter specifications if the call being made is for telemarketing purposes and if the call has mixed purposes, it is treated as a telemarketing call.

For companies that handle any outbound activities, maintaining TCPA compliance can seem like a full time job. It is important to strengthen policies and procedures involving these high-risk areas, such as cell phones and prerecorded messages. In most cases, a specific contact center platform designed for TCPA compliance can assist in maintaining a compliant system, but staff still need be aware of regulatory changes and work with partners to understand any impact to the system.

“It’s critical to have good policies and procedures in place, as well as a failsafe mechanism to prevent unintended violations,” said Whisler.

3. Build a network of trusted experts

Call centers should not feel pressured to create compliance processes on their own. In fact, many other organizations have been working on best practices and can be essential in creating the right compliance landscape.

For example, some TCPA best practices include; consulting with a corporate attorney, honoring the DNC registry, drafting a DNC-list policy and procedures document, reviewing compliance of outbound solutions, and implementing TCPA compliance training programs.

“TCPA is very complex. Most individuals without a legal background will have a difficult time interpreting the legislation and how it will affect their call center,” said Geoff Mina, CEO, Connect First. “Working with a team of experts can help mitigate the risk and create a path for contact centers to remain complaint.”

The importance of training programs for employees should not be overlooked. “Contact centers can have the best technology, the most compliant vendors and partners, and management teams that understand the regulations,” said Mina. “But if agents don’t understand the compliance requirements, the company could inadvertently fall outside of procedures and end up in a court battle – all from an agent who didn’t understand what they needed to do and what questions they needed to be asking.”

The same can be said for PCI compliance. Some best practices for PCI Compliance include leverage the tools and resources available on the PCI Standards website, engage with contact center technology vendors that understand PCI, taking into account physical layout issues, and evaluating security around work-at-home agents.

“Most importantly, remember to engage your network of experts early on in the process,” added Mina. “With the ever-changing world of compliance, building a team before you get into trouble is a good rule of thumb.”

About the authors:

Nick Whisler is an attorney and the legislative chair of PACE. Jeff Brown is director of business development of Compliance Point and Geoff Mina is CEO of contact center platform technology provider Connect First.

 
Return to main news page