TCR
STARTER KIT

Problem: Sample messages lack clear opt-out instructions or use non-standard language.

Carrier Requirement: Every marketing message must include: "Reply STOP to opt out" or substantially similar language using the keyword STOP.

Fix:

• Add "Reply STOP to opt out" to all sample messages
• Use exact keyword STOP (not "unsubscribe," "cancel," "end")
• Place opt-out language prominently (not buried in fine print)
• Resubmit campaign with updated samples

Problem: Carriers cannot access privacy policy, or policy lacks required SMS disclosures.

Common Causes:

• Privacy policy link returns 404 error
• Policy requires login/authentication to view
• Policy missing from website footer or main navigation
• Policy does not mention SMS/text messaging

Fix:

• Verify privacy policy URL loads from homepage
• Ensure public accessibility (no login required)
• Add SMS-specific section covering data collection, storage, usage, and opt-out
• Add "Privacy Policy" link to website footer
• Resubmit campaign after verification

Problem: Consent documentation insufficient or does not meet TCPA requirements.

Carrier Concerns:

• Consent language too vague or ambiguous
• Frequency disclosure missing or unclear
• Terms and conditions not linked
• Consent conditional on purchase

Fix: Revise consent language to include all required elements (explicit agreement, frequency, rates, opt-out, help, policy links). Ensure consent is separate checkbox (not pre-checked) and not conditional on completing purchase.

Problem: Business name on registration does not match branding on website.

Example: Legal name "ABC Marketing LLC" but website only shows "ABC" or "ABC Marketing"

Fix:

• Add legal business name to website footer
• Include "DBA [trade name]" on About page
• Ensure brand consistency across registration and website
• Consider registering with DBA/trade name if substantially different

Problem: Sample messages contain SHAFT content or other restricted categories.

Restricted Categories:

• Adult content/services
• Cannabis/CBD (all forms)
• Debt relief/credit repair
• Get-rich-quick schemes
• Cryptocurrency/NFT promotions
• Payday loans
• Phishing simulation (requires pre-approval)

Fix: Remove prohibited content from samples, select different use case if primary business is restricted, add age-gating documentation for alcohol, or provide state licensing for cannabis (where applicable).

A: Brand registration typically completes in 1-3 business days with standard vetting. Campaign registration takes 1-10 business days depending on Trust Score and use case complexity. High Trust Score campaigns (75+) often approve within 48 hours. Lower scores trigger manual review extending timelines to 7-10 days.

A: One brand registration covers your entire business. Each phone number requires its own campaign registration if use cases differ. For example, one number for marketing and another for customer service would require two campaign registrations under the same brand.

A: Yes, but changes trigger re-review. Minor updates (contact information, message volume estimates) typically process quickly. Major changes (use case category, sample messages, business name) may require full re-approval. Consult your CSP before making changes.

A: Your CSP receives rejection reason with error code. Review error details, correct the issue, and resubmit. Common fixes take 2-4 business days to implement (website updates, consent language revisions). Resubmission review typically completes in 3-7 business days.

A: External vetting ($40) can increase scores 10-25 points. Building online presence (reviews, domain age, Google Business verification) helps for future resubmissions. Establishing successful messaging history with low spam complaints gradually improves reputation over 6+ months.

A: Yes. Trust Score is assigned at brand level and influences throughput limits for all campaigns under that brand. Higher scores unlock premium tiers (4,500 msg/min) while lower scores restrict to basic tiers (60-600 msg/min).

A: Publicly traded companies in Russell 3000 index receive pre-vetted status based on market capitalization and regulatory oversight. This grants Trust Scores 75+ without additional verification. Provide stock ticker symbol during registration to claim this benefit.

A: Express written consent requires explicit agreement via electronic signature, checkbox, or SMS keyword with full disclosure of frequency, rates, and opt-out. Required for marketing. Transactional consent is implied through service relationship (e.g., account creation) and sufficient for order updates, security alerts, appointment reminders.

A: Customer-initiated contact establishes consent for that conversation. However, ongoing messages require explicit consent. Include in first response: "By texting us, you agree to receive responses via SMS. Reply STOP to opt out." Marketing messages always require separate express written consent regardless of who initiated.

A: Minimum 4 years to cover TCPA statute of limitations. Industry best practice: 5-7 years. Records must include timestamp (with timezone), IP address or device identifier, exact consent language presented, and user's affirmative action.

A: No. Physical exchange of contact information does not constitute TCPA consent. You must obtain express written consent through proper disclosure (frequency, rates, opt-out) and documented agreement before sending marketing texts.

A: Customer Care covers service-related messages directly supporting a transaction or account (order confirmations, appointment reminders, password resets). Marketing includes promotional content, sales, offers, or calls-to-action not required for service delivery. Marketing has higher scrutiny and requires express written consent.

A: Only when you genuinely need to send both promotional and transactional messages from the same campaign. Mixed requires comprehensive consent covering all types, samples for each category, and business justification. If you can separate into distinct campaigns, that's typically easier for approval.

A: Requires resubmission and re-approval. Use case changes are considered major modifications triggering full carrier review. Plan use case carefully during initial registration to avoid delays.

A: Throughput is maximum messages per minute your campaign can send. Determined by Trust Score and use case. Low throughput (60 msg/min) limits campaigns to 86,400 messages per day. High throughput (4,500 msg/min) supports 6.48 million messages per day. Critical for time-sensitive campaigns or large subscriber bases.

A: Yes, if your CSP supports MMS on 10DLC numbers. Same registration requirements apply. Sample messages should indicate if images will be included. MMS messages consume more throughput capacity than SMS (typically 2-3x the "cost" per message).

A: Messages queue for delayed delivery or are rejected depending on CSP configuration. Consistent overage triggers carrier scrutiny and potential throughput reduction. Monitor volume carefully and upgrade use case or add campaigns if approaching limits.

A: Brand registration: $4 one-time. Campaign registration: $10-60/month depending on use case (Marketing highest at $60/month). External vetting (optional): $40 one-time. Carrier pass-through fees vary by CSP but typically $0.0025-0.01 per message. Budget $200-500 for first year depending on volume.

A: No. Your CSP (messaging provider) handles TCR billing. Fees appear on your CSP invoice as line items. TCR does not bill businesses directly.

A: Campaign registration expires. Messages from that number will be blocked by carriers. Reactivation requires paying past-due fees and may trigger re-review of campaign details.

A: HIPAA-covered entities must ensure messaging provider signs Business Associate Agreement (BAA). TCR registration process is identical, but privacy policies must address HIPAA compliance. Use case selection typically Customer Care or 2FA. Consent must address protected health information (PHI) handling.

A: Non-profit use case category exists but does not reduce fees or accelerate timelines. 501(c)(3) organizations follow standard registration process. However, established non-profits often achieve high Trust Scores due to public filing requirements and online presence.

A: Higher scrutiny due to fraud concerns. Must clearly identify as financial institution. Sample messages should demonstrate legitimate account servicing. Avoid content that could be interpreted as phishing (e.g., requesting sensitive information via text). GLBA compliance required for privacy policies.