Auditing: The End of the Road

You started this journey by attending innumerable webinars, reviewed articles and blogs, and have read the 100+ page FCC Declaratory Ruling at least 10 times. Your next step was probably to talk to your technology vendor and attorney to determine if that thing you use to make calls can be viewed as an ATDS (Automated Telephone Dialing System). You took all of the information you gathered and made changes in your systems, client contracts and express consent language, and your scripts and collector training. Now, you need to be certain that what you think you did, actually was done and is working correctly.

Whether you agree or disagree with the FCC on the definition of an ATDS, or whether you believe the express consent language given to your client applies to you, the bottom line is, changes had to be made to comply the environment we have today. How can you be certain that the changes you developed are working, that your collectors and agents are understanding and using the scripts you wrote and trained? The best way to be certain is to audit. And the best audit to conduct for this compliance is a process audit.

ISO 9000, Quality Management Systems—Fundamentals and Vocabulary, third edition, 2005, clause 3.4. defines a process as: A set of interrelated or interacting activities that transforms inputs into outputs. In this case, from the placement of an account with your company to the contact of the consumer by telephone. Placement = input and Call = output. A process audit reviews and documents the steps that follow that process. Review every piece of the process to ensure you don’t have exposure. When an account is placed, is your system scrubbing phone numbers provided to identify cell phones? Once those phones are identified does your system or client documentation provide proof the consumer gave express consent for you to call that phone using automated equipment? If you put something in place to review answering machine messages to be certain you aren’t calling John Smith but reaching Jane Doe? If you believe your system is not an ATDS because of the level of human interaction required, is that interaction happening on every call? Are your collectors asking the consumer if you have permission to call again on that number using technology?

Each step on the road is part of your overall process. All of those steps can be put into tree or turtle diagrams and process flow charts. Then each step is analyzed for activity or purpose, compliance and determination if the checks and balances in place can catch any failures in the process. Get the stake holders involved to ensure that your checklists and flow charts document all pieces of the process and to gauge the understanding of requirements of everyone involved. This will include your technology teams, your compliance and QA associates, the collectors and their managers along with senior leadership.

Closing the audit should include plans to remediate any findings, a follow up date to check things again and a final report that is documented, logged and saved to provide proof to clients or regulators of your compliance efforts around this critical new process.

Overall, the industry is not fully satisfied with the Declaratory Ruling. There are several challenges working through the courts. While we wait for those cases to adjudicated, compliance with the ruling and our audits of our compliance are our best defense.