- 1Capture prior express written consent
Before any marketing call, get a signed authorization that names your business, lists the specific number, and makes clear calls may use an automated system or artificial/AI voice. Store it with a timestamp and the exact disclosure text. Keep marketing and informational consent separate.
- 2Disclose the AI and the recording up front
Open every call with a clear line: 'This is an AI assistant calling on behalf of [company], and this call may be recorded.' This covers AI-disclosure and recording-consent requirements in one breath. Keep it early and plain.
- 3Honor opt-outs and the Do-Not-Call list
Offer an automated opt-out the caller can trigger at any point, process it immediately, and scrub against the National DNC Registry plus your internal suppression list before every campaign. An opt-out that isn't honored within a reasonable time is its own violation.
- 4Respect calling-time windows
Restrict telemarketing calls to the permitted local-time window for the called party (commonly 8am-9pm local). Use the called number's time zone, not yours, and watch daylight-saving edge cases.
- 5Keep an auditable record of every call
Store, per call, what was disclosed, whether consent existed, whether an opt-out was offered/honored, and a tamper-evident record. If you can't produce this, you can't prove compliance, so automate it rather than relying on spot checks.
The checklist (print this)
- Written consent captured, dated, and stored for every marketing number.
- AI + recording disclosure scripted into the first turn.
- Automated opt-out wired and tested end-to-end.
- National DNC + internal suppression scrubbed pre-campaign.
- Calling-time windows enforced in the called party's time zone.
- Per-call audit record (consent, disclosures, opt-out, hash) generated automatically.
- Every page/script carries the required identifications.
Scripting the rules is easy; proving every call followed them is the hard part. Trace scores 100% of calls against a TCPA rule pack the moment they end — disclosure present, opt-out honored, calling window respected — redacts sensitive data, and writes the tamper-evident audit hash for you. It runs on PyAI Omni agents or on your existing stack.
Frequently asked questions
What's the fastest way to make an AI agent TCPA-compliant?+
Capture prior express written consent for marketing, disclose the AI and recording at call start, honor opt-outs and scrub DNC, restrict calling hours, and automate a per-call audit record. The last step is what lets you prove the rest.
Do I need written consent or is a verbal okay?+
Marketing/telemarketing calls with an artificial or prerecorded (AI) voice generally need prior express written consent. Verbal 'prior express consent' is generally only sufficient for non-marketing informational calls.
How do I prove an AI call was compliant after the fact?+
Keep a per-call record of the consent, the disclosures spoken, and the opt-out handling, secured with a tamper-evident hash. Tools like PyAI Trace generate this automatically for every call.
Primary sources
We cite primary law. Statutes, rulings, and state laws change, confirm currency before relying on them.
- 47 U.S.C. § 227 (TCPA)
The federal statute governing autodialed and prerecorded/artificial-voice calls.
- 47 CFR § 64.1200 (FCC rules)
The FCC's implementing rules, including the prior-express-written-consent requirement.
- FCC Declaratory Ruling (Feb 8, 2024)
AI-generated and voice-cloned calls are an 'artificial or prerecorded voice' under the TCPA.