TCPA Compliance Checklist for Home Service Contractors

TCPA compliance isn't just a legal technicality — it's the difference between a $1,500 fine and a routine follow-up text. For contractors who rely on SMS to book jobs, confirm appointments, and follow up on estimates, understanding the rules isn't optional. It's table stakes.

This checklist breaks down exactly what the Telephone Consumer Protection Act requires, what triggers penalties, and how to stay clean while still running an aggressive follow-up system.

What Is the TCPA and Why Should Contractors Care?

The Telephone Consumer Protection Act (TCPA) is a federal law enacted in 1991 and updated repeatedly since. It governs how businesses can contact people via phone, SMS, and automated systems. The FCC enforces it, and private individuals can sue you directly — no government involvement required.

Here's why this matters specifically for home service contractors:

• Most contractors use SMS to reach new leads fast
• Many use automated systems or CRMs to send those texts
• The TCPA draws a hard line between "conversational" and "automated" messaging
• One non-compliant text can generate a lawsuit

The plaintiffs' bar has gotten sophisticated. There are law firms that specifically target small businesses sending texts without proper consent. An HVAC company with 200 customers in its database is exactly the kind of target they're looking for.

The Core TCPA Rules for Contractors

Rule 1: You Need Written Express Consent Before Sending Marketing Texts

This is the most important rule and the most commonly violated one.

If you're sending any text that promotes your business — a promotional offer, a "we have openings this week" message, or a referral ask — you need prior express written consent from the recipient.

"Written" does not mean a signature. It means a documented opt-in: a web form checkbox, a digital form with clear disclosure language, or a text opt-in keyword. A verbal "yeah you can text me" does not count.

What consent must include:

• The consumer's signature (or electronic equivalent — a checked box counts)
• A clear disclosure that they're agreeing to receive autodialed texts
• The name of the business that will be texting
• A statement that consent is not required to purchase

The last point is critical. You cannot gate a quote or service estimate behind agreeing to marketing texts.

Rule 2: Transactional Texts Have More Flexibility — But Still Have Rules

Not all texts are marketing texts. Appointment confirmations, technician-on-the-way alerts, and payment receipts are considered transactional. These require less formal consent — implied consent generally covers them when the customer gave you their number and initiated the service relationship.

That said, even transactional texts can't be sent with an autodialer without some form of consent. If your CRM blasts confirmation texts automatically, you need to ensure customers have agreed to receive them when they booked.

Rule 3: The Do-Not-Call Rules Apply to Texts Too

The National Do Not Call Registry isn't just for phone calls. If someone is on the DNC registry, texting them is also prohibited — unless they've given you express consent (in which case consent overrides the DNC registration).

Additionally, if someone tells you to stop texting — by replying STOP or any equivalent — you must honor that within 10 business days. Continuing to text after an opt-out is one of the clearest TCPA violations.

Rule 4: Time-of-Day Restrictions

TCPA prohibits contacting consumers before 8am or after 9pm in their local time zone. This applies to texts as well as calls. If you're in the Central time zone and you're texting a lead in the Eastern time zone at 8:05pm your time, you're texting them at 9:05pm their time — that's a violation.

Automated systems need to be configured with time-zone awareness.

Rule 5: Autodialers and Ringless Voicemail Are Heavily Regulated

An ATDS (Automatic Telephone Dialing System) is defined broadly under TCPA. The FCC's interpretation has evolved through litigation, but in practice: if your CRM or marketing platform is sending texts automatically based on triggers or in bulk, it may qualify as an autodialer. Courts have not settled on a precise technical definition, so the safe approach is to treat bulk and automated texts as if they require full written consent.

Ringless voicemail — those "voicemail drops" that go straight to the inbox without the phone ringing — is still contested in court. Some jurisdictions have ruled it's subject to TCPA. If you're using this tactic, review current case law or skip it.

TCPA Rules and Penalties Quick Reference

| Violation | Penalty per Message | Notes | |-----------|-------------------|-------| | Unsolicited marketing text to cell phone | $500 | Per text, not per campaign | | Willful/knowing violation | Up to $1,500 | Treble damages available | | Texting after opt-out | $500–$1,500 | Compound rapidly | | Using ATDS without consent | $500–$1,500 | Bulk texts multiply fast | | Texting numbers on DNC without consent | $500 minimum | FTC can also act | | No-op opt-out (ignoring STOP) | $500–$1,500 | Class action exposure |

These are per-message penalties. A contractor who sends 200 texts without proper consent isn't looking at one $500 fine — they're looking at up to $300,000 in exposure. That's before attorney's fees in a class action.

The TCPA Compliance Checklist

Use this checklist before you send any outbound SMS campaign or set up a new automated text sequence.

Consent Collection

• [ ] Web form has a clearly visible consent checkbox (not pre-checked)
• [ ] Checkbox language explicitly mentions SMS/texts and names your business
• [ ] Consent language states agreement is not required to receive service or a quote
• [ ] Consent records are stored with timestamp, IP address, and the exact language shown
• [ ] You are not purchasing lead lists and texting them without documented consent

Opt-Out Handling

• [ ] Every marketing text includes opt-out language ("Reply STOP to unsubscribe")
• [ ] Your SMS platform processes STOP, UNSUBSCRIBE, CANCEL, END, and QUIT keywords
• [ ] Opt-outs are honored within 10 business days (ideally immediately)
• [ ] Opted-out numbers are suppressed from all future campaigns automatically
• [ ] Opt-out records are retained in case of dispute

Timing and Geography

• [ ] Automated texts are restricted to 8am–9pm in the recipient's local time zone
• [ ] Your CRM or SMS platform has time-zone detection configured
• [ ] Messages are not sent on dates or times that could be considered harassing

Do-Not-Call Compliance

• [ ] Your house list is scrubbed against the National DNC Registry (required every 31 days for telemarketing)
• [ ] Internal Do-Not-Call requests are processed immediately
• [ ] You maintain an internal DNC list for customers who have asked to stop receiving contact

Automated System Review

• [ ] You understand whether your CRM or SMS platform qualifies as an ATDS
• [ ] Any bulk or trigger-based SMS sends have written consent backing them
• [ ] Transactional texts (confirmations, reminders) are clearly labeled as such in your system

Record Keeping

• [ ] Consent records retained for a minimum of 4 years
• [ ] Opt-out requests logged with date and method
• [ ] Evidence of DNC scrubs retained

Real Scenarios: Where Contractors Get Caught

Scenario 1 — The Purchased Lead List A roofing contractor buys a list of homeowners in ZIP codes hit by a recent hailstorm. He loads them into his CRM and sends a "We're doing roof inspections in your neighborhood" text to 500 numbers. Zero of these people consented to receive texts from his company. Exposure: up to $750,000.

Scenario 2 — The Reactivation Campaign A plumbing company exports its customer list from the past five years and blasts a "We miss you — book your annual inspection" text to 1,200 people. Some of those customers haven't been active in three years. Their consent may have lapsed, and many hadn't checked a consent box anyway — they just called in originally. Exposure: varies, but significant.

Scenario 3 — The Ignored STOP A cleaning company uses a platform that tracks STOP replies but doesn't automatically suppress them from future campaigns. A customer opts out in January. In March, they get included in a seasonal campaign. Two violations, now the customer has a case.

Scenario 4 — The After-Hours Text An HVAC contractor sets up automated appointment reminder texts to go out at 8pm. His business is in Illinois (Central time). He has customers in Indiana and Michigan (Eastern time). Those customers are getting texts at 9pm. Violation.

How to Check Your Current Setup

Before assuming you're compliant, audit these three things:

1. Where does your consent language live? Go to every touchpoint where customers give you their phone number — your website form, booking page, Facebook Lead Ads, any intake forms. Screenshot each one. Does it explicitly mention SMS? Is the checkbox unchecked by default?

2. What does your opt-out flow actually do? Text STOP to your own business number. What happens? Does the reply confirm the opt-out? Does your CRM suppress the number immediately? Test it.

3. What is your platform doing automatically? Review every automated text your CRM sends. Map each one to the type of consent that covers it. If you can't identify a consent basis, the text shouldn't be going out.

The fastest way to audit your current TCPA exposure is the LSS TCPA Compliance Checker. Answer 10 questions about your current setup and get an instant risk assessment with specific remediation steps. It's free and takes under three minutes.

Building a Compliant SMS System From Scratch

If you're starting fresh or rebuilding after finding gaps, here's the right order of operations:

Step 1: Fix your consent collection first. Add a compliant checkbox to every form where you collect phone numbers. Don't send another text until this is done.

Step 2: Scrub your existing list. Export your current contacts. Any number without documented consent should be removed from marketing sends. You can still contact them in a transactional context if they're active customers, but not for promotions.

Step 3: Set up proper opt-out handling. Confirm your platform honors STOP keywords and suppresses automatically. If it doesn't, find a platform that does.

Step 4: Configure time-zone rules. Most enterprise SMS platforms support this natively. If yours doesn't, restrict your send windows to 8am–9pm in the latest US time zone you serve — Eastern — and you'll be safe nationwide.

Step 5: Document everything. Compliance isn't just about doing the right thing. It's about being able to prove you did it. Set up logging for consent records and opt-outs from day one.

The Bottom Line

TCPA compliance isn't complex — it's just often ignored until something goes wrong. For contractors running SMS follow-up sequences, the rules are clear: get documented consent, honor opt-outs immediately, stay within time-of-day windows, and don't text numbers that haven't asked to hear from you.

The contractors who build compliant systems up front don't just avoid lawsuits — they also build cleaner lists that perform better. A list of 500 people who genuinely opted in will always outperform a list of 2,000 that was scraped or purchased.

Run your current setup through the LSS TCPA Compliance Checker to see where you stand. It flags the specific gaps in your current process and tells you exactly what to fix.