Newsletter Sign-up

It's no secret that telemarketers aren't exactly welcome. They call during dinnertime, they want to sell consumers products or services they often don't need, and these days they're getting through even though millions of people have registered with the Do-Not-Call list.

While some consumers may feel powerless to stop pesky callers, the industry insists complying with new rules is a priority.

He hopes that telemarketing companies will "look at compliance not as something that has to be done, but something that they want to do." He also says that the telemarketing industry could follow lessons from the insurance industry, which is built around a culture of compliance.

"The issue that compliance officers are struggling with the most is DNC legislation," says Joseph Sanscrainte, director of regulatory affairs and general counsel for Glen Cove, N.Y.-based Call Compliance Inc., which offers "teleblock" technology that allows outbound callers to screen outbound calls against federal and state DNC lists and, as appropriate, block them as they are being made. The federal DNC law went into effect June 27, 2003. Within 72 hours, 10 million consumers had signed up. As of mid-2005, 97 million numbers were registered. According to Searcy, this represents more than 60 million people.

"There are people with more than one phone line, and a lot of people also registered their cell phones, under the misconception that these could be called by telemarketers, which is not the case," he says.

Compliance with the DNC lists is crucial, because the fine is $11,000 per violation.

To date, the Federal Trade Commission has received more than 500,000 complaints. However, this is only the tip of the iceberg, according to Sanscrainte. "While the DNC law went into effect in 2003, the FTC and Federal Communications Commission are only now beginning to gear up to heavily enforce the rules," he says. "As such, while there have been some enforcement actions in the past, we expect to see even more in the future."

In investigating complaints, the FTC and FCC look for what the FCC calls "fail-safe Do-Not-Call compliance mechanisms." That is, it is not enough to just have some procedures in place to scrub numbers. "You need an extra layer of protection that acts as a fail-safe against potential for human error," says Sanscrainte.

Companies must also comply with relevant state laws. For Steve Maclaskey, president of Kristel Marketing in Blakeslee, Pa., the biggest challenge his company faces is making sure it doesn't violate state or federal Do-Not-Call laws. "If we're not calling people on the DNC lists, that prevents 90 percent to 99 percent of our problems," says Maclaskey, whose company encourages people to visit resorts. When Pennsylvania's DNC law went into effect three years ago, Kristel Marketing had already been "cleaning" its leads.

However, the company still found itself in violation of the new state law. "Since that time, we have created a program designed to come into compliance, and we haven't had any problem since then with the law," he says.

Maclaskey also encourages companies to have their own private DNC lists that go beyond federal and state lists. For example, if a person recently placed their number on a DNC list, that number won't show up for a couple of months. But telemarketers may reach the client in the interim.

"The operators need to explain the delay and put that person on a private DNC list," he says.

In addition, if an outbound call ends before someone answers, and if the designated recipient of the call uses caller ID, he or she may call back to see what the call was about.

"As such, you need well-trained, professional operators who can explain what the call was about and, if the person is not interested, to make sure to put them on your own DNC list," adds Maclaskey.

PRIVATE DATA DEMAND

According to Larry Ponemon, chairman of the Ponemon Institute, privacy and information security, such as protecting against identity theft, are issues that are of much greater concern to people these days than in years past.

Earlier this year, millions of people were affected after hackers managed to steal credit-card data from data warehouses.

"Because of technological advances, risk exposures are increasing much faster than companies are responding with risk management strategies," says Ponemon, whose Elk Rapids, Mich., firm works with large corporations and the federal government.

That is, security and privacy breaches are often not factored into a company's risk management model, but they need to be. The reason is that, while they are expensive in terms of having to notify consumers of a potential or actual problem, larger losses lurk beneath the surface.

"The real cost is the loss of customers who no longer want to do business with you, believing that you are incapable of protecting their private information," he says.

The challenge for companies involved in telemarketing is to provide a level of service that customers expect, while at the same time guaranteeing privacy of information. "However, no one has yet created the ideal privacy answer," admits ATA's Searcy. "While part of the problem is unethical people seeking access to this information, the larger problem is lack of internal policies and procedures designed to counteract the potential for employee error."

"Close coordination between the call-center vendor and the client is critical to carry out privacy directives," states Reid Houser, compliance officer for the Omaha, Neb.-based outsourced customer interaction services provider, Sitel. "As with any legally regulated area, compliance with privacy laws must be documented, visible and consistent." He suggests developing a privacy policy, publishing it and monitoring it to make sure it is being followed.

"Train your personnel on the policy and on the law, and let them know how important what they do every day is to helping their employer remain compliant," Houser says. He offers five specific recommendations:

- Do not allow telephone service representatives to have access to e-mail and, if possible and appropriate, pens, pencils and paper.

- Build secure, password-protected databases.

- Avoid having any confidential information entered onto the call center's computer system, rather than the client's system.

- Do not permit hard copies with confidential consumer information to be made or retained by the call center.

- Require call-center employees to destroy any notes or consumer information after they have entered that information onto the client's computer system.

Searcy adds an additional recommendation: "One useful solution that should be considered involves encoding or encrypting private information so it can't be stolen via intratransaction," he says.

Finally, make sure employees cannot access all customer information from one location. If one employee does end up having access to all information, this should show up in an audit.

COSTS AND BENEFITS OF OUTSOURCING NOT CLEAR CUT

There is no argument that overseas call-center operations are less expensive to manage than domestic operations, at least from a price perspective. For instance, the 2003 Asian Call Centre Industry Benchmark Study conduced by Callcentres.net found that the average cost to make a call in India is 29 cents, 37 cents in the Phillipines and Thailand, and 52 cents in China. This compares to about $2 a call in the United States. On average, a call-center employee in India earns between $5,000 to $10,000 a year, compared to $20,000 to $35,000 for a U.S. worker.

While the upfront price abroad is cheaper, actual costs are sometimes higher due to the risks associated with employing people thousands of miles away, having to pay for "accent neutralization" programs, trying to manage people with diverse cultural backgrounds, coping with the growing shortage of experienced workers and supervisors in countries that are "hot" because of cheap wages, and dealing with the constant turnover of workers and supervisors as shortages and competition grow.

There is a potentially more serious problem that is not as obvious. A 2004 study by Kelly Services of consumers who had placed a call to a company call center within the last 30 days found that 65 percent said it would negatively affect their buying behavior if they found out that the call center was located in a foreign country.

Most respondents cited the importance of keeping jobs stateside in order to hold unemployment rates low. Others cited concern for private information being shared with people outside of the United States.

In response, in 2004, 27 bills were introduced in 19 state legislatures, and two bills were introduced at the federal level, seeking the addition of "location disclosure" and/or financial data privacy protection related to offshore call centers. Most bills would require call-center representatives to disclose where they are physically located and would require specific permission from consumers before their private financial information could be shared with people overseas.

One bill, introduced by Sen. Hillary Clinton, D-N.Y., prohibits private information, including name, address or phone number, from leaving the borders of the United States, says ATA's Searcy.

While companies involved in telemarketing need to follow these legislative efforts closely, subsequent laws are not a sure thing. One reason is that the bills face hurdles associated with international trade treaties between the United States and foreign countries, which might render the legislative attempts futile.

In addition, it's not as much of a political hot button as it was last year.

"'Location disclosure' legislation was popular during the 2004 presidential election," notes Searcy. "It hasn't gone any further, though, but it will probably get hot again in the next presidential race."

While none of the bills became law in 2004, they are still active in the legislative process in 2005.

Some states are also considering "redirect" legislation. That is, if customers do not want to talk to someone offshore, the call center would be required to reroute the calls back to the United States. "Such laws could pose some substantial problems related to compliance," cautions Searcy.

Regardless of whether you are creating a relationship with a domestic or an overseas call center, there are several things you should do to protect yourself.

"Engage in due diligence with the call-center provider," suggests William B. Bierce, an attorney with the New York law firm Bierce & Kenerson. His firm advises clients on purchasing call-center services and call-center legal issues. "Get to know them well," he says. "See if there have been any enforcement actions against them by the FTC or FCC or by state regulators."

Also, make sure they have proper bonding in the states where they operate and call. And, of course, make sure they operate with DNC list compliance.

Bierce also recommends a comprehensive contract that is unique to your situation. "A boilerplate one may not work," he states. The contract should include details related to responsibilities for complying with U.S. telemarketing regulations, indemnification provisions if compliance is not met, specific procedures for data collection, use of technology for maintaining compliance with requirements such as the DNC list, an auditing program, procedures for contract cancellation if necessary, and a business-continuity plan in case of disruption (such as from a natural disaster).

"It is also a good idea to provide rewards to call centers for risk-based levels of effort," emphasizes Bierce. "That is, beyond rewarding them for performance-based business outcomes, reward them for compliance!"

JOHN WILLIAMS, an Indiana-based freelance writer, is a frequent contributor to Risk & Insurance®.

September 15, 2005

Copyright 2005© LRP Publications