đŸ”„ [Panel] Personalization, AI, Trust—What Top BFSI Marketers Are Doing Differently.
Register Now
Login Request Demo
Demo
Request Demo Login
Demo

New TCPA Rules: Are Your SMS Messages Compliant in 2025?

By Debamrita Ghosh
  • UPDATED: 04 April 2025
  • 8 minread
New TCPA Rules: Are Your SMS Messages Compliant in 2025?

Reading Time: 8 minutes

Famous shoe and fashion accessory store chain Designer Shoe Warehouse (DSW) faced a $4.42 million lawsuit in March 2025. They’d violated the Telephone Consumer Protection Act (TCPA), sending unwanted marketing SMSs to consumers. And unless you want to walk the same path, you should know the new TCPA rules.

In a nutshell, the TCPA regulates how businesses must handle SMS opt-outs and follow other procedures to protect consumer privacy while running SMS engagement campaigns. As per the recent changes, companies must honor opt-out requests made through “any reasonable means,” not just standard keywords like “STOP”.

This shift presents new challenges for businesses, demanding a more robust and flexible approach to SMS opt-out management. So without further ado, let’s dive into the new rules, what risks they entail, how to comply with them, and what best practices you should follow.

But first


 

What is TCPA?

The Telephone Consumer Protection Act (TCPA), 1991, is a federal statute enacted by the Federal Communications Commission (FCC) to protect consumers from unwelcome calls, texts, and robocalls from telemarketers.

TCPA compliance requires businesses to request explicit customer consent to send them pre-recorded voice messages, SMS, fax, and auto-dialed calls. A customer may sue if a company doesn’t follow the TCPA compliance guidelines.

Who Does the TCPA Apply To?

The TCPA applies to everyone in the United States. But what if your business is situated outside the US? In that case, the TCPA can still apply if you make telemarketing calls or send SMS messages to consumers in the US.

 

What are the New TCPA Rules?

Approved by the Office of Management and Budget (OMB), the new TCPA rules will become effective on April 11, 2025. Here are the key TCPA rule changes and what they mean for you:

Expanded Opt-Out Methods

Consumers can now revoke consent through various methods, including emails, voicemails, and informal messages, such as “Leave me alone.” This means businesses must go beyond simply recognizing keywords like “STOP” and interpret a wider range of opt-out requests.

Opt-Out Confirmation Text

After receiving an opt-out request, businesses can send a single text to the customer to confirm the request. But this confirmation message should not contain any promotional or marketing information.

Businesses must also send this message within 5 minutes of receiving the opt-out request. If it takes longer than that, they must prove there was a reasonable delay in sending the text.

10-Day Rule for Opt-Outs

The timeframe for processing opt-out requests has also been significantly reduced. Businesses must now process all opt-outs within 10 business days instead of 30 days. This change requires companies to have efficient systems in place to ensure timely compliance.

One-to-One Consent Rule

The one-to-one consent rule became effective in January 2025. Under it, marketers, especially lead generators, must now obtain “one-to-one” consent from consumers to receive telemarketing calls and texts.

This curbs situations where consumers consent once to receive calls from a company, but the consent is linked to multiple other businesses and partners.

Consumers must provide “clearly and conspicuously” written consent for calls from each individual marketer or seller. Further, any more messages from the seller must be related to the website where the consumer consented.

For example, if a consumer agrees to receive calls from a car insurance company, they must not receive calls from a banking partner based on that consent. The banking partner needs to ask the consumer for consent separately.

 

Challenges and Risks in SMS Marketing with the New TCPA Rules

The new TCPA rules bring the following potential compliance challenges for businesses running SMS marketing campaigns:

  • Failure to Recognize Opt-Out Requests: Businesses that rely solely on keyword-based opt-out processing risk violating the TCPA by not recognizing non-standard opt-out requests.
  • Delays in Processing Opt-Outs: Manual processing of opt-out requests may lead to delays, causing businesses to exceed the 10-day window for compliance, as per the new TCPA rules.
  • Multi-Channel Opt-Outs: Opt-out requests can come from various channels, including SMS, email, and social media. Businesses must track and process these requests across all channels to avoid non-compliance.
  • Increased Scrutiny and Penalties: Non-compliance can lead to severe consequences, including hefty fines ($500 to $1,500 per violation), carrier blocks, and more consumer lawsuits.

 

TCPA SMS Compliance Checklist

What good are successful SMS marketing strategies and campaigns if they aren’t legal too?

Here’s a checklist based on the new TCPA rules that you can follow when sending SMS messages to your customers:

A TCPA SMS compliance checklist that SMS marketers in the US must follow when running SMS campaigns

1. Get Explicit Written Consent

The TCPA states that you must obtain your customers’ permission in writing before adding them to your subscription list for promotional or marketing communication. After you obtain their consent, it must be documented.

These examples can help you understand how to obtain express written consent in SMS marketing, as per the TCPA:

  • Keyword Response: You can ask your customers to reply to your text message with short code SMS keywords if they agree to receive promotional communications from your business. For example, you can send them a message like, ‘Hi Alan, get up to 50% off on select orders this summer. Want more summer sale offers? Reply with SUMMER25!’
  • Form Submission: Your customers can fill an online or offline form that states they’re subscribing to marketing communications from your business.
  • Checking Boxes: Ask customers to check a box if they wish to join your business’ SMS database. Ensure the box isn’t already pre-checked.

2. Provide Full Disclosure with Opt-In and Opt-Out Instructions

After getting the customer’s permission to send them messages, you must send them a comprehensive disclosure statement. It’s one of the TCPA compliance requirements.

Here’s a list of things your message should include:

  • The name of your business
  • Why you’re sending messages to customers
  • How many text messages you intend to send every day, week or month
  • Data rates
  • Terms and conditions
  • How customers can opt out of receiving messages

Here’s an example of a messaging template you could use:

‘[Business Name], Alerts: News & Sales. Approx. 10 texts per month. Standard message and data rates may apply. Reply STOP to unsubscribe. Reply HELP for more information.’

3. Manage SMS Opt-Outs

How SMS marketers need to manage SMS opt-outs as per the new TCPA rules

Customers sometimes opt out of receiving a brand’s SMS messages. Adhering to the new TCPA rules gets easy when you implement these steps in the cases of such SMS opt-outs:

  • Expand Opt-Out Recognition: Implement systems that can recognize different types of opt-out requests, including misspellings, non-English responses, and phrase-based requests.
  • Centralize Opt-Out Management: Maintain a centralized system to track and manage opt-out requests of individual customers from different channels.
  • Automate Opt-Out Processing: Automate the opt-out process to ensure timely TCPA SMS compliance with the 10-day rule.
  • Regular Audits: Conduct regular audits of opt-out processes to verify compliance.
  • Review Confirmation Messages: Check and update opt-out confirmation messaging templates to ensure they don’t contain any marketing content.

4. Share Your Terms and Conditions of Service

Clearly inform your customers how to access your business’s SMS policy terms and conditions. Your initial full disclosure message should include a link to the terms and conditions.

Also, customers often forget that they signed up to receive your messages in the first place. So, you need to keep reminding them. A smart way to do that is to periodically inform your customers how to access your business’ SMS communication policy. You should also notify them every time the terms and conditions change.

5. Mention Your Business Name in All Messages

No matter what the TCPA new rules are, every text message you send to customers should include your business name. This will help customers remember that they’d opted in for your marketing communications and keep your brand name at the top of their mind. This means they won’t unknowingly mark your business communication as spam.

6. Don’t Communicate Outside SMS Quiet Hours

You may have shared your offer with your customers through the most creative and personalized text message till date. But if you do so at ungodly hours, it’s bound to annoy them. How would you feel if your mobile beeped with a message when you were sleeping?

As per the TCPA, you can text or call subscribers strictly between 8 AM and 9 PM in the customer’s time zone.

7. Adhere to the National Do Not Call Registry

Texting or calling anyone on the National Do Not Call (DNC) Registry is illegal. Maintained by the Federal Trade Commission (FTC) and the FCC together, this registry must be honored by all businesses. You must access the registry and remove all numbers listed therein from your calling or messaging lists.

 

TCPA Compliance Best Practices for SMS Marketing

Every person on your team should understand TCPA guidelines and be aware of the new TCPA rules. Following these best practices can help your business ensure TCPA SMS compliance.

1. Train Your Staff Per the New TCPA Rules

Ensure that customer support and other relevant staff are trained to handle opt-out requests from various channels. They must also be well-versed with every rule and procedure for running SMS marketing campaigns.

You never know when federal regulations might change. That’s why it’s crucial to schedule annual TCPA compliance training sessions with your team.

Your employees should also be informed of any updates to your terms and conditions. This will help them take timely actions and even notify customers of any changes in TCPA rules.

2. Review Past TCPA Lawsuits

Going through past class-action lawsuits can help you grasp the importance of complying with the new TCPA rules.

In 2019, banking giant Wells Fargo paid $17.85 million for violating the TCPA by sending unsolicited texts and calls to people who were not the bank’s customers.

The year 2017 saw Uber settling for $20 million. The company was accused of sending unwanted SMS messages about becoming Uber drivers.

3. Honor All Opt-Outs

Once someone opts out of receiving your messages, respect their wishes. No, sending them ‘just’ one more message, however engaging it might be, isn’t going to change their mind.

Even if their number isn’t featured on the DNC Registry, you should not contact them anymore. They’ve told you they don’t wish to hear from your business, and it’s your duty to respect their privacy.

4. Choose the Right SMS Marketing Platform

Finally, picking a reliable and user-friendly SMS marketing platform goes a long way toward ensuring TCPA SMS compliance. Regardless of the size of your business and the volume of messages, sending TCPA-compliant messages to customers should be easy through the platform.

Navigating the new TCPA rules and regulatory changes can be daunting. How can you ensure your business is always operating in the clear?

Give it up for MoEngage!

 

Use MoEngage to Comply with the New TCPA Rules and Safeguard Consumer Privacy

Our SMS marketing automation platform offers robust opt-out management capabilities that ensure you stay compliant with the latest TCPA regulations.

How MoEngage helps SMS marketers comply with the TCPA new rules

With MoEngage’s Best Time to Send feature, you can reach out to customers whenever they’re most likely to interact with your messages. No more figuring out customers’ local time zones — Sherpa AI takes care of it all!

In addition, MoEngage’s fuzzy opt-out feature goes beyond simple keyword matching. We understand that customers don’t always use exact opt-out keywords like ‘STOP’. Our system is designed to recognize various opt-out intents, including:

  • Messages containing opt-out keywords.
  • Misspellings and variations of those keywords.
  • Opt-out requests expressed through different phrases and even cuss words.

Plus, MoEngage lets you automate opt-out processing, maintain a clean SMS list, and protect your brand’s reputation while adhering to the new TCPA rules, especially its “any reasonable means” requirement.

Don’t let compliance challenges hinder your business. See MoEngage in action to learn how you can stay compliant and ahead of the curve when it comes to customer communication.

About the author
Debamrita Ghosh
Debamrita Ghosh

Debamrita is the SEO Content Marketing Manager for North America at MoEngage. She's spent 5 years helping brands from different industries create search-optimized content. When she's not working, the Potterhead, Narnian and Ringer (in that order) loves reading fiction and traveling.

Subscribe to Our Library Updates

Be the first to access actionable reports, guides, tips, videos, podcasts from experts in Customer Engagement, retention and more!