Skip to main content
Why Kadence Products AI Agents How It Works The Edge Results FAQ
DNC scrubbing do not call list DNC compliance internal DNC list scrubbing TCPA outreach compliance insurance sales 7 min read Updated

What Is DNC Scrubbing in Insurance Sales?

DNC Scrubbing: DNC scrubbing is the process of comparing an outbound call or SMS list against the National Do Not Call Registry, applicable state registries, and an agency's internal opt-out list to remove protected numbers before any dial or text is sent. Federal rules require this scrub at minimum every 31 days, and per-call federal penalties for non-compliance can reach $53,088 under the current Telemarketing Sales Rule.

DNC scrubbing in insurance sales is the process of cleaning outbound call and SMS lists against the National Do Not Call Registry, applicable state registries, and a company-specific internal suppression list before any dial is placed. Federal rules require this scrub at minimum every 31 days, and penalties for skipping it can reach $53,088 per call under the current Telemarketing Sales Rule.

What is DNC scrubbing and why is it mandatory for insurance sales?

DNC scrubbing is the mandatory process of cleaning, removing, or flagging phone numbers from outreach lists that appear on the National Do Not Call Registry, state-specific registries, wireless registries, and company-specific opt-out lists. Federal TSR rules require insurance agencies to scrub outbound call lists against the National DNC Registry at least every 31 days before any campaign dial is placed.

Insurance agencies must scrub against four critical data sources simultaneously: the National DNC Registry, state DNC registries, internal company opt-out lists, and the Reassigned Number Database. Per the LineShield DNC Scrubbing Compliance for Insurance Dialers 2026 report, modern scrubbing software can process up to 200,000 records per minute, making daily scrubs operationally straightforward for any team using dedicated compliance tooling. Accessing the National DNC Registry costs $82 per area code after the first five free area codes, capped at $22,038 annually for full national coverage in 2025, per InsideCBM's registry fee reporting. Proactive scrubbing costs a fraction of a single enforcement action.

How often are insurance agencies required to scrub call lists?

Insurance agencies must scrub outbound call lists against the National DNC Registry at least every 31 days under FTC Telemarketing Sales Rule requirements. This 31-day window is a floor, not a ceiling: high-volume agencies running daily outbound campaigns should scrub more frequently, since the registry updates continuously as consumers register new numbers.

Agencies running multi-state campaigns must layer state registries on top of the federal scrub, not instead of it. If the consumer consent on file is older than 45 days, a Reassigned Number Database check is also required to confirm the number has not changed ownership since consent was captured. For a detailed breakdown of state-by-state requirements, see Navigating State-Level Mini-TCPA Laws: Operational Rules for Multi-State Outbound Campaigns. Kadence's outbound system can trigger list scrubs on a recurring schedule tied to campaign launch, so the compliance clock resets automatically rather than relying on manual reminders.

What are the financial risks and TCPA penalties for unscrubbed cold calls?

Federal penalties for illegal telemarketing calls can reach $53,088 per violation under the current Telemarketing Sales Rule, per research compiled from FTC penalty schedules. TCPA willful violations add $1,500 per call on top of federal DNC exposure, while non-willful TCPA violations carry a $500 per-call civil fine. An unscrubbed list running 100 calls per day averages a 5% DNC hit rate, which translates to approximately 1,825 violations annually.

The arithmetic is punishing at scale. State-level penalties compound federal exposure: Florida law allows up to $10,000 per call for willful DNC violations, per DNC.com's TCPA Compliance Guide for Insurance Providers. Relying on a list broker's claim that a lead was pre-scrubbed is not a valid legal defense; the agency of record carries the compliance obligation. Per research from Gryphon AI, over 80% of TCPA class action lawsuits target agencies calling known TCPA litigators, making list hygiene a direct line-item risk management decision.

Violation Type Per-Call Penalty
Federal TSR DNC registry violation Up to $53,088
TCPA willful violation $1,500
TCPA non-willful violation $500
Florida state DNC willful violation Up to $10,000
Other state-level DNC violations $100 to $25,000

How does state-level DNC compliance differ from federal regulations?

State DNC registries operate as a second compliance layer that must be scrubbed in addition to, not instead of, the National DNC Registry. Eleven states maintain their own lists, and state-level violation fines range from $100 to $25,000 per call, with states like Florida imposing up to $10,000 per call for willful violations under Florida state law.

Federal outbound calling time windows are restricted to 8:00 AM through 9:00 PM in the recipient's local time zone, but some states impose tighter windows: Florida and Louisiana restrict calling past 8:00 PM. Agencies running multi-state campaigns must apply the most restrictive rule that applies to each recipient's location. State rules also interact with Medicare outreach restrictions: cold calling for Medicare-related products is strictly prohibited regardless of whether the number passed any DNC scrub at the federal or state level, per CMS regulations. Kadence's outbound routing system can apply time-zone and state-level calling windows at the record level to prevent inadvertent violations.

Under TCPA rules, using autodialers, prerecorded voices, or artificial voices to contact insurance prospects requires prior express written consent from the consumer. Consent language must name the specific agency placing the calls, not a generic insurance category reference, and records must be retained for at least five years to verify TCPA compliance.

The specificity requirement is routinely underestimated. Per AgentTech's TCPA Compliance for Insurance Call Centers guidance, generic references to insurance companies do not satisfy the consent standard. The Reassigned Numbers Database adds a further checkpoint: if consent on file is older than 45 days, agencies must verify the number has not changed ownership before dialing with an autodialer or sending an automated SMS. Per the Ritter IM guide on TCPA compliance for health insurance agents, SMS messages are classified as calls under TCPA, so text-based follow-up sequences require the same express written consent and 31-day scrub cycle as voice campaigns.

How does an established business relationship impact an agency's DNC obligations?

An established business relationship based on a completed purchase or transaction permits calling a consumer for up to 18 months after that transaction, even if the number appears on the National DNC Registry. A mere inquiry or application creates a shorter 3-month EBR window only, under FTC TSR rules at 16 CFR 310.2(q) and the matching FCC rule.

The EBR exemption does not override an individual's direct, personal opt-out request to the agency: once a consumer explicitly asks to stop receiving calls, the agency must honor that request regardless of any existing business relationship. One hard exception applies unconditionally: cold calling for Medicare-related products is strictly prohibited regardless of any established business relationship or whether the number passed a DNC scrub, per CMS outreach rules. TCPA consent for any automated or robocall outreach must still satisfy prior express written consent requirements separately from the EBR exemption.

EBR Trigger Permitted Calling Window
Completed purchase or transaction Up to 18 months
Inquiry or application only Up to 3 months
Consumer direct opt-out request Immediately revoked, no window
Medicare-related products No cold calling permitted under any EBR

What steps are required for an insurance agency to claim Safe Harbor under the TCPA?

To secure Safe Harbor protections for inadvertent DNC dialing mistakes, an insurance agency must demonstrate written compliance procedures, trained outbound personnel, and active enforcement and monitoring of those procedures. Safe Harbor does not excuse willful violations or repeated errors on the same number; it applies only to genuinely inadvertent registry misses.

Documentation is the operational core of Safe Harbor: agencies need timestamped scrub logs, written training records for all outbound staff, and audit trails showing the compliance procedures are enforced, not just written. Agencies must also retain consumer consent records for at least five years, per DNC.com. Kadence's compliance-aware outbound system ties scrub logs, consent capture, and opt-out flags directly to the dialer record, giving operators a single documented audit trail rather than spreadsheets scattered across systems.

How do agencies manage internal do not call lists and processing times?

A consumer opt-out request must be added to the agency's internal suppression list within 10 business days and honored permanently. This internal DNC list is separate from the National Registry scrub and must be maintained and checked independently on every campaign, regardless of lead source.

The 10-business-day clock starts the moment the opt-out is received, whether the request comes through a live call, an inbound voicemail, an SMS reply, or a web form. Agencies must retain documentation of consent records and scrub logs for a minimum of five years, per DNC.com. Kadence's compliance-aware outbound system ties consent capture and honored opt-outs directly to the dialer, so a suppression flag applied in the CRM automatically blocks the number from any subsequent Voice AI outbound sequence without a manual reconciliation step.

If you want to see how Kadence handles consent capture, DNC suppression, and outbound routing in a single system, to walk through the compliance workflow.

Sources

Frequently asked questions

Can an agency rely on a list vendor's assurance that leads are pre-scrubbed?

No. Relying on a list broker's claim of pre-scrubbing is not a valid legal defense if a violation occurs. The agency placing the call carries the compliance obligation and must run its own scrub against the National DNC Registry, applicable state registries, and its internal suppression list before every campaign.

What records does an agency need to keep to prove DNC compliance?

Agencies must retain consent records and scrub logs for at least five years. Documentation should include the date and source of each consent, the timestamp of every list scrub, and the log of all opt-out requests received and the dates they were added to the internal suppression list, per DNC.com guidance.

Does DNC scrubbing apply to Medicare sales outreach?

DNC scrubbing is necessary but not sufficient for Medicare sales outreach. Cold calling prospects about Medicare-related products is strictly prohibited regardless of whether the number passed a DNC scrub. Outbound Medicare contact must be consumer-initiated or made under specific CMS-regulated conditions.

How does the Reassigned Numbers Database fit into a DNC scrubbing workflow?

The Reassigned Numbers Database identifies phone numbers that have changed ownership since consent was originally captured, flagging records where the consent is older than 45 days. Agencies must check it as a separate step from the DNC scrub to avoid contacting a new number owner who never provided consent.

Share

Written by

Kadence Team

Kadence is the growth system for life insurance teams: a CRM with Voice AI, an AEO website, and done-for-you content. We write about speed to lead, AI search, CRM hygiene, and the systems that help agencies win more policies.

This article was created with AI assistance.

Book a demo