10DLC carrier compliance is widely discussed as if it were a single standard: register with TCR, get approved, and your messages reach all subscribers. That framing does not describe how carrier enforcement actually works. AT&T, T-Mobile, and Verizon each operate independent compliance enforcement architectures — separate throughput tier structures, separate DCA review criteria, and separate real-time content filtering systems. A campaign that clears TCR vetting and passes the DCA review for one carrier may still encounter delivery friction on another network because the enforcement logic differs at the network layer. Understanding what each carrier enforces, and how, is the prerequisite for diagnosing delivery failures that registration status alone cannot explain.
10DLC Carrier Compliance Is Not One Standard — It Is Three
The 10DLC framework assigns compliance governance to The Campaign Registry at the registration layer, but enforcement at the delivery layer is distributed across three carrier networks. Each carrier operates a Direct Connect Aggregator that applies its own supplemental review criteria before approving a campaign for delivery on that network. AT&T’s DCA is Syniverse. T-Mobile’s DCA is KORE Wireless. Verizon’s DCA is iconectiv. These entities review campaign data independently after TCR vetting completes, which is why a campaign can show as TCR-approved while traffic to a specific carrier network remains blocked.
The carrier code of conduct for A2P messaging — published at 10dlc.org and aligned with CTIA Messaging Principles — establishes the baseline requirements that all carriers enforce: registered brand and campaign, documented opt-in consent, functioning opt-out workflow, compliant message content, and no prohibited use cases. Baseline compliance satisfies the minimum threshold. But the throughput available, the filtering triggers applied, and the escalation paths for disputed decisions differ materially across the three networks. Staying current on Carrier Policies & Updates is an ongoing operational requirement, not a one-time registration task.
AT&T 10DLC Compliance: Campaign Message Class and Throughput
AT&T sets throughput at the campaign level, not the brand level. Each campaign registered under a brand receives an AT&T-assigned “Message Class,” a score determined by the campaign’s use case classification and, in many configurations, a separate vetting score from an approved third-party vetting provider. The Message Class determines the messages-per-second ceiling for that specific campaign on AT&T’s network.
The practical implication is that two campaigns under the same brand can have different throughput ceilings on AT&T depending on how their respective Message Classes were assigned. A reservation notifications campaign with a high vetting score may achieve a higher Message Class than a promotional loyalty campaign with no third-party vetting. AT&T also applies real-time content filtering through Syniverse’s network-layer inspection, which evaluates message content against AT&T’s content policies independently of what was submitted in the TCR campaign sample messages. Content that passes TCR vetting can still trigger AT&T’s content filter if the live message traffic contains elements — URL formats, promotional density, keyword patterns — that Syniverse’s detection system flags.
For campaigns requiring higher AT&T throughput than the base Message Class provides, third-party vetting through TCR-approved vetting providers is the primary escalation path. Vetting providers conduct additional review of the campaign’s use case, consent documentation, and operational processes, and their score feeds into the Message Class assignment. AT&T T-Mobile Verizon 10DLC compliance differences are most visible at this throughput ceiling layer — the path to increasing limits on AT&T involves campaign-level vetting, while the same goal on T-Mobile requires brand-level trust score improvement.
T-Mobile 10DLC Compliance: Brand-Level Daily Allowance
T-Mobile structures its throughput enforcement at the brand level, not the campaign level. Every registered brand receives a daily message allowance — a cap on total messages sent across all campaigns under that brand within a 24-hour period. The allowance is determined by the brand’s TCR trust score. Brands with trust scores in the standard tier receive a default daily allowance. Brands with trust scores below the standard threshold may be limited to a reduced daily allowance. Operators who need to exceed the default daily allowance must apply for an increased limit through KORE Wireless, T-Mobile’s DCA.
The operational consequence of T-Mobile’s brand-level architecture is that a high-volume deployment — a resort sending reservation confirmations, spa bookings, and check-in alerts across multiple campaigns — draws from a single shared daily pool. A promotional campaign that exhausts the brand’s daily allowance early in the day can block transactional campaigns from delivering for the remainder of that day, even if those transactional campaigns individually are well within normal message volume. The TCR Trust Score Preflight Simulator at MyTCRPlus models a brand’s likely trust score before submission, identifying the trust score band that will determine the initial daily allowance on T-Mobile.
T-Mobile’s DCA KORE Wireless also applies campaign-level content review independently during the DCA approval process. Campaigns that pass TCR vetting but contain use case descriptions or sample messages that KORE Wireless determines conflict with T-Mobile’s supplemental content guidelines may be held for manual review or returned with a carrier-specific rejection code.
Verizon 10DLC Compliance: Content Filtering and DCA Architecture
Verizon has not published formal throughput tier guidance equivalent to AT&T’s Message Class or T-Mobile’s brand daily allowance. Its A2P messaging throughput is managed through iconectiv, Verizon’s DCA, which applies network-level review criteria independently from TCR’s vetting output. Verizon’s compliance enforcement is most visible at the content filtering layer: its network-layer detection systems evaluate message content in real time against content policies that extend beyond what TCR vetting inspects.
10DLC carrier filtering on Verizon’s network is sensitive to URL structures. Public link shorteners — bit.ly, tinyurl.com, and similar generic shortening services — are blocked by Verizon as potential vectors for malicious content hiding. Messages containing public shortened URLs will be filtered regardless of TCR registration status. Branded short domains or full unshortened URLs are the compliant alternatives. Verizon’s filters also weight message volume patterns on newly provisioned numbers, applying heightened scrutiny to numbers that immediately generate high message volume before establishing a delivery history.
For campaigns experiencing Verizon-specific delivery failures after AT&T and T-Mobile traffic is routing normally, the issue is almost always at the iconectiv DCA layer or Verizon’s content filter — not at TCR. The TCR Error Codes & Rejections Hub covers the specific rejection codes generated by DCA-layer holds, including the iconectiv codes that identify Verizon-specific compliance failures. Resubmitting a TCR campaign will not resolve a Verizon content filter issue — the content itself must be corrected.
SHAFT Content Policy: The Cross-Carrier Content Enforcement Layer
SHAFT — Sex, Hate, Alcohol, Firearms, and Tobacco — defines a category of content that all three carriers enforce at the network layer through CTIA Messaging Principles compliance. Content that triggers SHAFT detection is filtered regardless of whether the campaign is registered with TCR and regardless of which carrier network is receiving the traffic. Cannabis content is included in the blocked category by all three carriers even though cannabis is legal in many states; carrier policy is federal in its content standards.
A2P carrier filtering for SHAFT content operates through automated pattern detection at the network layer, not only through TCR vetting review. A campaign may submit sample messages that do not contain SHAFT-triggering content and pass vetting; if the live message traffic contains SHAFT-adjacent language — promotional copy with alcohol references, health product descriptions that use controlled terminology, content adjacent to firearm accessories — carrier filtering will suppress those messages without notification to the sender. The Carrier Message Requirements & Best Practices resource at MyTCRPlus provides the content evaluation criteria each carrier applies to live traffic, mapped to specific prohibited language patterns.
State Laws Expanding 10DLC Carrier Compliance Obligations
10DLC carrier compliance now extends beyond the federal CTIA framework into state-level regulatory obligations. Texas Senate Bill 140, effective September 2025, expands the definition of “telephone solicitation” to explicitly include text messages, subjecting A2P promotional SMS to Texas Do Not Call registry enforcement and opt-out requirements that go beyond CTIA baseline standards. Virginia Senate Bill 1339, effective January 2026, requires businesses to honor SMS opt-out requests for ten years — a retention obligation for consent and opt-out records that is materially more demanding than CTIA’s general guidance.
These state laws are not enforced by carriers at the network layer, but they create compliance obligations that affect how campaigns are documented, how opt-out records are retained, and how consent can be demonstrated for messages sent to subscribers in those states. Operators with significant subscriber bases in Texas or Virginia need to evaluate whether their current opt-out record retention architecture satisfies these state-specific requirements. The A2P 10DLC / TCPA Carrier Policy Updates hub at MyTCRPlus tracks state and federal regulatory changes affecting A2P messaging compliance.
10DLC Carrier Compliance as an Ongoing Practice
TCR registration is the entry point, not the completion state. 10DLC carrier compliance requires understanding and maintaining alignment with three distinct enforcement architectures simultaneously — AT&T’s campaign-level Message Class system, T-Mobile’s brand-level daily allowance structure, and Verizon’s content filter and iconectiv DCA review criteria — plus a cross-carrier SHAFT content policy and an expanding state regulatory layer. A delivery failure that registration alone cannot explain is almost always traceable to one of these network-specific mechanisms. Diagnosing which carrier is blocking traffic, and why, requires knowing how each network’s enforcement system operates.
Operators who treat 10dlc carrier compliance as a completed task after TCR approval discover the gap when delivery metrics surface per-carrier anomalies. Those who track carrier policy changes and model throughput requirements before campaigns launch have the infrastructure to resolve those anomalies before they become operational disruptions.
Access the Carrier Policy Quick Reference at MyTCRPlus — a per-network summary of AT&T, T-Mobile, and Verizon A2P enforcement criteria, updated as carriers publish policy changes, with mapping to the specific compliance actions each policy change requires. Access the Carrier Policy Quick Reference.
