The Complete TCPA Approval Checklist for Business Texting
Use this TCPA checklist for business texting so your 10DLC registration can get approved and your texting campaigns can continue running without...
If you use a 10-digit number to send texts from your business, your campaigns could be getting blocked by major mobile carriers like AT&T and Verizon—without your knowing it.
Long story short, as of August 31, 2023, texts sent from unregistered 10DLC numbers are now being completely blocked by mobile carriers. And mobile carriers arrived at this deadline in such a way that left texting providers ill-equipped to help businesses prepare for and navigate the changes, causing a cascade of issues.
So in this post, we're going to lay it all out for you, including what's going on, why, and what you need to do to ensure your text campaigns are running and continue to run.
This is a bit of a mess, and it requires quite a bit of untangling, so here’s the quick TLDR summary:
To understand why this is happening, you need to know the 10DLC enforcement timeline. Let’s hit it:
If you didn’t see an increase in your texting platform pricing, it’s because your service provider was eating the cost.
This is…a pretty big deal I’d say. And yet there are many businesses that aren't aware of it or don't understand it. There are even texting providers (CSPs) that don't quite understand it or can't keep up with it. Why?
Several compounding reasons. Let's take a stroll through the cluster:
Even though 10DLC registration became a requirement in 2022, the enforcement of that regulation started off almost nonexistent and then began gradually accelerating. This was helpful in the sense that it bought business texting providers (CSPs) time to get their customers registered, but it was not helpful in that there were no clear deadlines or clear consequences.
Moreover, there was (and continues to be) a lack of centralized/consistent information on this situation. Yes, there was a wave of news articles and blog posts back when 10DLC registration first became a requirement, but it fizzled out when there was no real enforcement.
In addition, carriers began imposing different deadlines for different milestones.
I'm sorry...what?
Moreover, as fees and consequences increased, there were no real announcements, but rather just obscure help pages on DCA websites, with inconsistent deadlines, and in technical language mainly geared for CSPs (and hard to make sense of even for CSPs).
This limited the ability of CSPs to understand both the urgency of the situation and the steps needed to get their customers' registrations approved (not just submitted).
As I just mentioned, it's the CSP that submits the registration application for businesses, not the business themselves.
This is because when a business uses a texting platform, they do not interface directly with the mobile carrier. They interface with their CSP (texting provider), their CSP interfaces with a DCA (texting service), and the DCA interfaces with the MNO (carrier).
In the 10DLC registration process, the CSP submits the application to The Campaign Registry (TCR) on the business's behalf, and then gets a campaign ID that they then submit to the DCA, which the DCA then submits to the MNO and the MNO either accepts or rejects.
So...CSPs now have to collect information from their customers (not very readily available information either, like tax ID numbers), to submit an application on their behalf, for a regulation that had no formal announcement or centralized documentation—does that sound sketchy or what.
CSPs were essentially on their own in figuring out what's going on, then figuring out how to communicate that to customers, and then how to get them all to submit their information so they could submit their application for them (and ultimately prevent their text campaigns from being blocked).
This has disaster written all over it.
So you end up with this slow but inevitable 10DLC acceleration, with deadlines that come out of nowhere and no easy-to-understand resources.
CSPs end up scrambling to get their customers registered all at once, which causes the typical 3-5 day registration process to take up to 8 weeks.
But it gets better (and by better I mean worse)...
So we've got CSPs trying to get customers to take (cumbersome) action on an urgent but obscure deadline (aka pulling teeth). And we've got a backlogged, month-long application processing timeline. Now add in MNOs rejecting applications left and right—with only broad reasons provided.
Applications can only get accepted if the business meets TCPA compliance laws. But for TCPA opt-in requirements alone, for example, that could mean one missing word on a form or an entire privacy policy needing redoing. And it's black and white: if there's any violation, regardless of the size of the violation, it's a no.
So MNOs are not being clear with DCAs about specifics, so DCAs can't be clear with CSPs, so CSPs can't help their customers fix their registration errors. (Although as the situation evolves, some DCAs have been able to produce helpful documentation, such as Twilio's 10DLC rejection reasons.
10DLC registration rejection is quite the hot topic.
As mentioned above, the whole crux of this issue is identifying exactly why your number was rejected, and MNOs aren’t providing that. Just basic reasons. So we're going to walk through some more specific reasons that we've uncovered in our experience with this whole debacle, to help you out. You can also see a summary in our 10DLC/TCPA Checklist for Business Texting.
This is the easiest reason. Your CSP had to collect information from you to submit your application—not a lot of information, but enough to leave a lot of room for error. Typos in things like tax ID numbers, business addresses, and website addresses can cause rejection. Look out for emails from your CSP asking you to confirm or correct any of your information.
The second most common reason for numbers getting rejected is not having an opt out option in the first text of a campaign. This one requires a little more work than fixing a form typo.
What it means is, you need to give your contacts clear instructions on how to opt out of receiving texts in the first text of every campaign. And the opt-out keyword has to be in all caps
For example:
"Hi [name], this is [name] from [COMPANY]. Thanks for submitting your form on our site. How many windows do you need replaced?
If you don't want to talk via text, reply STOP."
(Many businesses use "Reply STOP to unsubscribe" but we went with this example since our customers use text for personalized, real-time conversing rather than batch texting.)
So even if a contact enrolls in several campaigns, their first text from you from that campaign must include opt out instructions.
For help with this 10DLC rejection reason, head to our 10DLC Opt-Out Requirements and Examples.
(Note that this is a Hatch knowledge base article, but the information holds for non Hatch users as well.
Similar to the above reason, applications are getting rejected because the first text of a campaign needs to clearly identify for the recipient who the company is.
For example, "Hi [name], this is [name] from [COMPANY]."
For help with this 10DLC rejection reason, head to our 10DLC Company Identifier Requirements and Examples.
Just like with the resource above, this is a Hatch knowledge base article, but the information holds for non Hatch users as well.
This one might be the biggest hassle of them all. It’s called prior express written consent. This applies to any form on your website that if a visitor fills it out, they may receive text messages from you. For these forms, there needs to be clear disclosures including:
For help with this 10DLC rejection reason, use our Prior Express Written Consent Templates, Examples & FAQs.
...because updating forms on your website is a pain in the butt.
As stated above, your form disclosures must not only link to your privacy policy and terms and conditions, but both of those documents need to have a clear SMS section.
If website forms are a pain in the butt, then legal documentation is a pain in the entire bod...perhaps even the soul.
For help with this 10DLC rejection reason:
As you can see, the 10DLC registration process is a bit of a disaster zone at the moment. If you’re concerned about your situation, here are our recommended steps:
If you are using a business texting platform and have not received any notices from your business texting provider (CSP), get in touch with them ASAP to find out what’s going on.
Hopefully, their communications have just been going to your spam. But if they haven’t done any work on this front, it’s time to change CSPs (see the last section of this post).
As mentioned, one of the biggest issues here is that for businesses whose text messages are being blocked, there isn’t a clear “not delivered” notification from the MNO that lets the business know, so your messages may just be getting blocked unbeknownst to you.
Be sure to check your text messaging metrics to see if there are any anomalies that would indicate your campaigns aren’t firing.
You can also reach out to a handful of customers you trust and ask them if they’ve been receiving your texts or even if you can run a test campaign on them, just to be sure your messages are getting through. You may want to do this periodically, because even though the deadline has passed, who knows how MNOs are detecting unregistered numbers—if it's a process, campaign shutdowns could be happening in batches.
If you are having trouble getting your registration approved and if your CSP has been unable to help you, we have plenty of resources as linked above. Here they are again, for your convenience:
There are more resources coming out, such as Twilio's 10DLC rejection reasons.
If you’re just getting started with business text messaging, or if you’re in a situation where your current provider is falling behind on compliance, use our tips below to find a business text messaging service that you can count on to keep your campaigns compliant (and running).
Compliance is only ramping up, and as we mentioned above, you don’t have direct access to the compliance gatekeepers, so it’s important that you have a business texting provider that you can trust to work and advocate on your behalf and keep you informed. Here’s what to look for in a texting software provider (aka campaign service provider/CSP).
Compliance is a pain in the butt for all of us, but it’s where the industry is headed. And just because the consequences are not apparent right away doesn’t mean they aren’t going to happen.
At the end of the day, noncompliant businesses (even if unintentional) will lose money either because their campaigns aren’t firing, because they’ve lost trust and reputation among MNOs and consumers, or because the experience they provide is not in line with what consumers have come to expect.
So it's crucial that your texting provider has a sense of urgency around compliance.
It might feel like they’re nagging at you and making you do work, but it is actually for your long-term success within this industry. If your texting provider is not pushing you to make these changes, you can conclude that they’re either choosing not to or are unable to keep up with this industry's direction, and/or don’t care enough about your long-term success to do so.
DCA stands for direct connect aggregator (or direct connectivity agent), and it’s the DCA that interfaces directly with the MNO (mobile network). They are the liaison between the MNO and CSP (your texting provider), so you’ll want to make sure that your business texting provider is using a reputable DCA that will equip your CSP with the information they need to best serve you. Popular DCAs include Twilio, Telesign, Vonage, and more.
As mentioned earlier, this whole 10DLC process has moved forward without providing a clear source of truth or documentation that makes sense to a layperson. A good texting software understands that if this is confusing and frustrating for them, it is even more so for their customers, and they will demystify exactly what’s going on so their customers can understand.
It’s one thing to help your customers understand possible reasons why their numbers aren’t getting registered or why their campaigns are getting blocked. It’s another thing to figure out with them the exact reason for that rejection.
If your CSP is merely sharing a link to a technical article that makes no sense to you and leaving you to figure out what needs to be fixed, it’s time to change CSPs. A good CSP will work with the DCA and do their own research to help you identify exactly what your TCPA violation was.
And finally, a good CSP will help you to make those fixes. Website changes and legal documentation aren't in the CSP's scope of work, but if they are truly committed to helping you succeed, they will equip you as much as they can to make those fixes, such as by providing templates, interfacing with the DCA, and referring you to the right person in your company or vendor list that can help.
It goes without saying that here at Hatch, we've been in the eye of this 10DLC storm and it hasn't been pretty. But our hope is that in sharing our learnings, we can equip businesses with the knowledge they need to keep their texts firing and their revenue growing.
From Hatch
From the FCC (Federal Communications Commission)
From the CTIA (Cellular Telecommunications and Internet Association)
From The Campaign Registry (the third party that registers 10DLC numbers)
Use this TCPA checklist for business texting so your 10DLC registration can get approved and your texting campaigns can continue running without...
10DLC registration is not just beneficial anymore, it's mandatory. Find out what it is, how to complete 10DLC registration, costs, deadlines, and...
Learn how to create an SMS privacy policy for your business to stay TCPA and 10DLC compliant—with a template to get you started.
Be the first to know about new sales and marketing insights to grow your messaging strategy with leads and customers.