TCPA Compliance for Final Expense Agents: The 2026 Rules

If you're buying leads and dialing them, you are subject to TCPA. That's true whether you know it or not, and whether your lead vendor told you about it or not.

Most final expense agents get their first TCPA education from a demand letter. That's the wrong way to learn. Fines start at $500 per violation and can reach $1,500 for willful violations — and "I didn't know" is not a defense the FCC or a plaintiff's attorney will accept.

This guide covers what TCPA actually requires for agents working final expense leads, how to audit your lead vendors, and what to do if a complaint lands in your inbox.

What TCPA Actually Covers

The Telephone Consumer Protection Act restricts calls and texts made with automated telephone dialing systems (ATDS), pre-recorded voice messages, and artificial voices. If your lead vendor uses a power dialer, a predictive dialer, or any system that automatically dials numbers, TCPA applies to every call that results. Final expense agents are squarely in scope — the leads you buy were acquired through digital forms, and when you dial them with automation, you need documented prior express written consent.

TCPA has two distinct consent tracks:

• Prior express consent — required for informational calls. Lower bar.
• Prior express written consent — required for telemarketing calls. This is the one that applies to final expense sales calls.

Written consent must be signed (electronic signature counts), must clearly authorize the calls, must name the seller, and must state that consent is not a condition of purchase. If any of those elements are missing from the form your lead filled out, consent may be invalid.

The 1-to-1 Consent Movement and What It Means for Lead Buyers

The FCC has pushed toward requiring "1-to-1 consent" — meaning each lead gives explicit consent to a specific company, not a blanket agreement to be contacted by "insurance companies." The regulatory path has shifted through legal challenges, but the direction of travel is clear: regulators and courts are moving toward narrower, more specific consent requirements.

What this means in practice: the old model of a lead filling out a generic form consenting to calls from "insurance providers" and then getting sold to multiple agents is increasingly legally risky. Lead vendors who bundle your company name into their consent disclosure are giving you better protection. Vendors who sell shared leads from a generic landing page are giving you a shakier foundation.

Even before any specific rule takes final effect, the litigation landscape reflects this shift. Plaintiff's attorneys who specialize in TCPA cases aggressively challenge vague consent language. The safest position is to operate as if 1-to-1 consent is already the standard.

How to Know If Your Leads Are TCPA-Compliant

Auditing a lead vendor's TCPA compliance takes about 15 minutes and protects you from significant liability. Ask these specific questions before buying leads from any new source:

1. What is the URL of the form where consent is collected? Visit the page yourself. Read the consent language at the bottom. Is it specific? Does it name your company or category of seller?
2. Can you provide a copy of your consent disclosure language? Any vendor who hesitates to share this is a red flag. Reputable vendors have clean consent language they're proud of.
3. Are leads sold exclusively or shared? Shared leads are higher TCPA risk by definition — the lead is being called by multiple sellers, and if consent isn't specifically tailored to each of them, you're exposed. Exclusive leads, where only your company is named, are lower risk.
4. Do you maintain timestamp and IP records for each lead? If you ever face a TCPA claim, you need proof of consent with a timestamp. Vendors should store this and make it available to you on request.
5. What is your DNC scrubbing process? Leads should be scrubbed against the National DNC Registry before delivery. Ask how frequently this is done.

If a vendor answers these questions clearly and confidently, they're operating responsibly. If they dodge, get vague, or pressure you to just start dialing, walk away.

For a deeper look at how different lead sources stack up on quality and compliance, see our guide on exclusive vs. shared final expense leads.

The Do Not Call Registry: A Separate Compliance Layer

TCPA consent and DNC compliance are separate issues that agents often conflate. A lead can have valid TCPA consent and still be on the National Do Not Call Registry. Calling a registered number for telemarketing purposes — which includes insurance sales — carries a $500 per call penalty regardless of whether the lead opted in to receive calls.

The established DNC safe harbor requires:

• Your company has an active subscription to the DNC Registry (free for businesses making fewer than 5,000 calls per year; fee-based above that)
• You scrub your calling list against the registry within 31 days before calling
• You maintain an internal DNC list of anyone who tells you not to call them
• You honor opt-out requests within 30 days

Most reputable lead vendors scrub against the DNC before delivering leads. But "scrubbed at delivery" doesn't protect you if you sit on a lead list for 60 days before dialing. You are responsible for re-scrubbing stale lists.

Building a TCPA-Compliant Dialing Workflow

Compliance isn't a one-time checkbox — it's a workflow. These steps reduce your exposure at every point in the lead lifecycle.

At lead purchase

• Get consent documentation from your vendor in writing (email is sufficient)
• Confirm leads are DNC-scrubbed within 31 days of delivery
• For Facebook leads specifically, confirm the form captures consent language that names your company or category

Before dialing

• If your leads are more than 30 days old, re-scrub against DNC before calling
• Maintain an internal opt-out list and check it before every outreach campaign
• If you're using a power dialer, confirm it's configured in manual-dial mode or understand the ATDS implications for your specific setup

During calls

• Identify yourself and your company within the first 15 seconds of every call
• If someone says "take me off your list," log the opt-out immediately and honor it same-day — your CRM should handle this automatically
• Do not call back a number that has opted out, even if a new lead comes in for the same number

Record keeping

• Keep lead records — including consent documentation — for at least 4 years. TCPA has a 4-year statute of limitations.
• If you use a CRM, make sure it timestamps dispositions and can export records if needed
• Store original lead intake data (IP address, timestamp, form URL) from your vendor alongside the lead record

For agents who are just building their systems, see our guide on how to build a follow-up system for final expense leads — a TCPA-compliant workflow starts with good records from the first touch.

Special Consideration: Facebook and Social Media Leads

Facebook leads deserve specific attention because the consent mechanism is different from a standard web form. When a prospect fills out a Facebook Lead Ad form, the consent language is embedded in the form's privacy policy disclaimer and custom fields. That consent may or may not name your company — it depends entirely on how the form was built.

If you're running your own Facebook ads, you control the form and can build proper consent language. If you're buying leads from a vendor who runs Facebook ads, you need to confirm:

• The Facebook form includes TCPA-compliant consent language
• Your company name is either listed specifically, or the consent language is broad enough to cover your calls
• The vendor can produce the original form URL and consent text on request

For a full breakdown of how Facebook leads compare to other final expense lead sources on both ROI and compliance risk, see Facebook leads vs. direct mail for final expense agents.

What to Do If You Get a TCPA Complaint

TCPA demand letters are a real and growing part of the insurance distribution landscape. Plaintiff's firms specifically target agents and IMOs because the per-call fines make even small-volume violations financially significant. If you receive a demand letter:

1. Stop calling that number immediately. Do not contact the complainant again under any circumstances.
2. Preserve all records. Do not delete any lead data, call logs, or communications related to that number. Destroying evidence creates additional legal exposure.
3. Pull your lead documentation. Locate the original lead record from your vendor, including the consent timestamp, IP address, and form URL. This is your primary defense.
4. Contact a TCPA attorney before responding. Do not respond to the demand letter yourself. A TCPA attorney can assess whether the claim has merit and negotiate appropriately. Many cases settle for far less than the initial demand when you have clean consent documentation.
5. Notify your E&O insurer. Check whether your errors & omissions policy covers TCPA claims. Some do, some exclude them.

The worst thing you can do is ignore a demand letter. A non-response often leads to a federal court filing, which is considerably more expensive and time-consuming to resolve.

How Lead Quality and TCPA Compliance Are Connected

There's a direct correlation between lead quality and TCPA compliance. Reputable lead vendors who generate high-intent, properly consented leads cost more per lead for a reason. They invest in clean landing pages, specific consent language, DNC scrubbing, and lead exclusivity.

Cheap leads — especially co-registration leads and bulk aged leads from unknown sources — often come with weak or non-existent consent documentation. When you're paying $3 per lead, someone is cutting a corner somewhere. That corner is usually compliance.

The $3 lead that triggers a $500 TCPA fine is not a deal — it's a $497 liability. And if the same vendor sold that number to a dozen other agents who are all getting complaints, your exposure compounds with each call made.

For a realistic look at lead pricing and what different price points actually deliver, see our final expense lead cost breakdown.

Frequently Asked Questions

Does TCPA apply if I'm calling manually, one number at a time?

If you're dialing each number yourself with no automation — no auto-dialer, no pre-recorded messages, no artificial voice — TCPA's automated-dialing provisions don't apply to those calls. You still need to comply with the National DNC Registry and honor opt-out requests. Manual dialing is lower risk from a TCPA perspective, but documented consent is still good practice if you're making telemarketing calls.

Can I text final expense leads?

SMS text messages sent for marketing purposes are subject to TCPA and require prior express written consent. The same consent requirements that apply to automated calls apply to marketing texts. If your CRM sends automatic SMS follow-ups to new leads, those texts are regulated. A lead opting in to receive calls does not automatically authorize you to send texts — the consent form must specifically mention text contact.

My IMO told me the leads are compliant. Is that enough?

An IMO or FMO saying "the leads are compliant" is not documentation. Ask them to provide the consent language and lead source URL in writing. If they can't produce it, source your leads from a vendor that can. Your IMO's verbal assurance will not hold up in a TCPA action brought against you as the calling agent.

How long do I need to keep lead records?

The TCPA statute of limitations is four years from the date of the alleged violation. Keep all lead records, consent documentation, and call logs for a minimum of four years. Your CRM should maintain records automatically, but also confirm that your lead vendor retains and can retrieve the original lead intake data if you need it to defend a claim.