Skip to main content

Are there TCPA exemptions for financial institutions?

Let's Chat About Compliance

Financial institutions are sometimes exempt from the Telephone Consumer Protection Act’s (TCPA) prohibition on the use of Automatic Telephone Dialing Systems (ATDS) when they send time-sensitive, voice or text messages which address financial issues related to the customer’s account, so long as no part of the message could be considered marketing.

In order to exercise the exemption for financial institutions, some basic rules must also be followed:

  • Must Be Free for The Customer
    Financial institutions are responsible for making arrangements with telephone providers so that no communications count against the consumer’s plan minutes or texts. 
  • Use Provided Phone Number Only
    Calls and texts may only be sent to the telephone number provided by the consumer.
  • No Marketing Allowed
    Calls and texts are strictly limited to the purposes specified above and must not include any marketing or advertising content. 
  • Protected Numbers
    No calls or texts may be made to protected phone lines such as emergency or toll-free lines without the called party’s prior express consent. 
  • Debt Collection
    Calls and texts for the purposes of debt collection are not exempt and still require prior express consent. 

Frequency of Calls Limit
A financial institution may call or message a customer, who has not given their prior express consent, no more than three times over a three-day period.

  • Call limits apply per event, regardless of which exemption is triggered.
  • Any contact beyond the limited number of three calls or messages per event, over a three-day period, is not exempt and requires the express consent of the consumer.

Consent Requirements
Calls or texts from financial institutions may be sent to customers for the purpose of:

  • Notifying the customer of transactions and events that suggest a risk of fraud or identity theft. 
  • Notifying the customer of a possible breach of the security of the customer’s personal information. 
  • Conveying measures consumers may take to prevent identity theft following a data breach. 
  • Informing them of actions needed to arrange for a receipt of pending money transfers.


  • Calls and text messages must state the name and contact information of the company calling (for voice calls, these disclosures must occur at the beginning of the call). 
  • Calls and text messages must be concise, generally one minute or less in length for voice calls (unless more time is needed to obtain customer responses or answer customer questions) and 160 characters or less in length for text messages.

Financial institutions must include in their messages a method for recipients to easily opt-out of future calls and messages.

  • Live Phone Call
    Automated voice calls that could be answered by a live person must include an automated, interactive voice and/or key press activated opt-out mechanism that enables the recipient to make an opt-out request prior to terminating the call. 
  • Answering Machine
    Voice calls that could be answered by an answering machine or voice mail service must include a toll-free number that the consumer can call to opt-out of future financial calls 
  • Text Message
    Text messages must inform recipients of the ability to opt-out by replying “STOP”. 
  • Financial institutions should honor opt-out requests immediately.