Compliance Laws and Regulations within Contact Centres

Anwesha Roy

What compliance laws and regulations are important to contact centres nowadays?

Compliance Laws and Regulations within Contact Centres

Compliance laws and regulations are central to how a contact centre functions. Violating laws can cost you millions of dollars in penalties (like the AT&T contact centre, which was fined $25 million for a data breach). In a previous article, we discussed the top compliance areas to watch out for when operating a contact centre – namely the data you record, customer consent, data access privileges, ethical behaviour, and equipment misuse.  

What’s more, contact centre compliance laws and regulations are regularly updated in response to industry trends and market forces. That’s why it is critical that you know about the latest regulatory changes in the sector.  

Standard Regulations for Contact Centres in the US 

Any organisation working with Us customers must follow the country’s contact centre regulations. This includes the Telephone Consumer Protection Act (TCPA), which forbids agents from calling residential numbers between 9 PM and 8 AM, and makes it mandatory to disclose the caller’s identity information.  

Contact centres must also pay wages according to the state minimum wage standards and any data around health insurance has to comply with the Health Insurance Portability and Accountability Act (HIPAA).  

Apart from this, you have to remember union requirements as per local laws.  

What are the New Regulations You Have to Follow Nowadays? 

In 2019, several states introduced the US Call Center Worker and Consumer Protection Act, meant to address issues around customer service offshore.  

As per this new compliance law, agents would have to mandatorily disclose their name and actual location to consumers in the US. if the consumer requests that the call is handled by a US-based agent, you need a mechanism (and workforce) in place for transferring the call accordingly. Any violation would lead to your contact centre getting listed as a “bad actor” and incur a penalty of $5,000 per day or more.  

In some states like Colorado, you might have to submit detailed reports on your contact centre workforce and wage data.  

Standard Regulations for Contact Centres in the UK  

UK’s Ofcom lays down regulations for preventing persistent misuse of automated telephony equipment. You cannot call customers multiple times a day or leave a large number of calls silent/abandoned midway, causing customer inconvenience. Like other countries, the UK is also subject to data privacy laws, and exposure of customer data due to contact centre negligence could result in severe penalties.  

UK contact centres also come under the jurisdiction of PCI DSS, a global set of security regulations for handling customer payment information (cash, credit, or debit).  

 Are There Any New UK laws to Follow Nowadays? 

In addition to the above, the UK’s Information Commissioner’s Office (ICO) recently introduced the Direct Marketing Code of Practice, particularly relevant to outbound contact centres. This lays down guidelines for obtaining consent, distinguishing between service messages and direct marketing, and purchasing/renting marketing data.  

There are also new laws around data enrichment without consent, referral schemes where one customer shares another prospect’s data without the latter’s consent and obtaining consent at the time of registration.  



Join our Weekly Newsletter