Your agents market in your name every day. When one of them crosses the line on a call or text, the law doesn't ask what they did — it asks what your organization did to prevent it. We build the documented posture that answers that question: a full risk audit, a custom program, and an owner who shows up in person — for insurance teams of 100 agents or 100,000.
Written prohibitions every agent signs. Mandatory training with timestamped records. Screening tools that are required and used. A vendor-vetting policy. An identifiable person who owns it. When a court asks "what did this company do to prevent this?", you answer with a functioning, documented program — and the violation becomes one agent's failure, not yours.
Authority to market in your name, with nothing in writing about how. No training, no tools, no vetting, no records — and commissions accepted from the campaign anyway. To a regulator, the absence of a written prohibition reads as implied permission, and silence reads as a choice. The violation becomes proof of a company-wide failure.
Two companies. The identical agent violation. One contains it to a single agent's mistake and moves on. The other lands in the same ledger as the carriers and agencies that have settled TCPA claims for millions — and a multi-year consent decree. The only variable is which side of this line they were standing on.
These aren't hypotheticals. They're real judgments and fines against companies that didn't oversee their outreach — or the people making calls on their behalf.
A record do-not-call judgment — later resolved for $210M — holding Dish liable for tens of millions of illegal calls placed by its own third-party retailers and contractors.
The largest fine in the FCC's history, for a health-insurance robocall operation that knowingly dialed roughly a billion calls — many to numbers on the Do Not Call registry.
One of the largest TCPA class-action settlements on record, resolving claims over autodialed calls placed to consumers' cell phones.
per call or text — that's TCPA exposure in private lawsuits, and willful violations treble to the top of that range. When thousands of people make calls in your name, a single unscreened campaign can become an existential event.
This isn't a warning about some other sector. These are real settlements and fines paid by insurers, health plans, agencies, and the lead-gen marketplaces that feed them — the exact ecosystem your agents work in every day.
An online health-insurance marketplace, later shut down by Prudential, agreed to a settlement of up to $21.875M over alleged prerecorded-voice calls placed without proper consent.
A traditional life insurer agreed to a $14M TCPA class-action settlement over alleged unwanted calls — proof that established carriers, not just robocallers, end up here.
One of several insurance brands reported to reach eight-figure TCPA settlements tied to alleged call violations — a national name pulled in by outreach it didn't tightly control.
Reached a $7M robocall settlement reported to involve its agents and a third-party marketer — the clearest proof a brand gets pulled in for calls made through the people working under it.
The company that benefited from the marketing got pulled into the claim — even when the call or text came through an agent, a lead provider, a dialer, a CRM, or an outside marketing partner. Carriers, health plans, marketplaces, and agencies have all paid. The defense is the same every time: screen numbers before outreach, document consent, honor opt-outs immediately, vet your vendors, and keep records that prove you did.
Settlement and fine amounts as publicly reported; several companies denied wrongdoing and settled to resolve the claims. Figures are illustrative of industry exposure and do not predict any specific outcome.
Under the FCC's 2013 Declaratory Ruling, common-law agency principles apply to the TCPA. A company isn't automatically liable for a contractor's call — but it can be, through three theories of vicarious liability. The whole game is keeping all three doors closed.
The label in a contract is not dispositive. Courts look past it to the totality of the circumstances — and the essential ingredient is the extent of control you actually exercise over the contractor's work.
This cuts both ways. Real independence protects you. But if a contractor is deeply integrated — your shared systems, your reporting, your performance management — plaintiffs will argue the relationship was never truly arm's length, and the label collapses.
The court held a seller was not vicariously liable for TCPA-violating calls by a vendor's telemarketers — because they were true independent contractors. The vendor controlled who to call, when, and how. The seller didn't exercise enough control. The court applied the Restatement (Second) of Agency's 10-factor test, and it remains a leading precedent for the independent-contractor defense.
The clearest way to see where liability begins. Picture a major national brand, and someone texting consumers in its name.
A person with no relationship to the brand starts texting consumers saying "I work with them." The brand did nothing to create any appearance of authority. No actual authority, no apparent authority, no ratification — the texter is a fraud actor committing trademark infringement, not the brand's agent.
A distribution contractor texts consumers in the brand's name, against their agreement. Now courts examine the totality of the relationship: were they on the distributor list? Did the brand provide materials? Did the brand benefit from sales? A real relationship opens all three vicarious-liability doors at once.
Your agents are never strangers. Every contractor in your distribution network has a real relationship with your company — which means all three liability theories are structurally available to a plaintiff the moment one of them sends a rogue text. A documented compliance program is the mechanism that keeps you in the protected zone instead of the liability zone.
Across every research source and case, the same factors separate a company that absorbs the liability from one that sheds it. This is the line, item by item.
The agent's conduct is identical in both scenarios. What changes is everything the company did — or failed to do — before it happened.
A licensed independent agent purchases a third-party list of 2,400 numbers and sends automated SMS solicitations using the company's name. The vendor's opt-in consent applied to the vendor only — no qualified written consent existed for these contacts. Within 60 days, 12 demand letters arrive and three plaintiff firms make contact.
Same agent. Same 2,400 texts. The compliant company answers the court's one question — "what did you do to prevent this?" — with a documented program. The other answers it with silence. That silence is the difference between one agent's problem and a company-ending one.
The TCPA carries a four-year statute of limitations — violations live on long after an agent is gone. Ending exposure takes a documented protocol, executed fast. We build it before you need it.
Immediately. A documented timeline; delay is read as acceptance.
Document the violation and the contract clause it broke. Defeats ratification.
Identify and refuse every lead, application, and commission from the campaign.
The agreement, prohibition clause, communications, and logs — your defense exhibits.
Especially on a demand letter — response windows and tolling are time-sensitive.
Documented audits of remaining contractors rebut a systemic-ratification theory.
A Civil Investigative Demand is the federal government's version of a subpoena — and it arrives before any lawsuit is filed.
A CID compels your company to produce documents, data, written responses, and sworn testimony — under penalty of perjury. You don't need to be sued; you only need to be on the agency's radar. And unlike litigation, there's no discovery period and no judge to protect you. You build the record the regulator uses against you — which means your compliance program decides whether that production is a strong defense or a self-indictment.
FTC and FCC complaint databases auto-flag entities above threshold. Thousands of agents without guardrails can cross that line with no single plaintiff intending anything.
TCPA firms routinely cross-refer the companies they're already litigating — regulatory pressure amplifies their settlement leverage.
A federal class action is filed and immediately searchable. Agency staff attorneys monitor these filings and open parallel investigations.
They don't just sue — they file pre-documented, professionally formatted regulatory complaints that carry real weight with agencies.
The Enforcement Bureau issues the demand to your registered agent. Often the first notice is the CID itself, with a non-negotiable deadline.
In a regulatory proceeding, that sentence is not a clean answer — it's a confession. The absence of a record is a record: the record of a company that chose not to act. You either have the training logs, scan results, and vetting policies, or you don't.
Total CID-related cost — and the investigation closes without action. The compliance record is presented and the matter ends quietly.
Before penalties — then FCC forfeitures up to $10,000 per violation with no aggregate cap, FTC penalties per violation per day, and a likely escalation to formal proceedings.
Start with the tool, or go all the way to a custom, owner-led compliance program. On the call, we'll recommend the right fit for your organization.
Scan before you dial — one number, or your whole organization's lead flow.
A complete, owner-led program built for organizations from 10 agents to 100,000. We don't hand you a PDF — we build the posture and put it in place.
It begins with a full discovery audit — then we assemble the right components for your organization.
Before we build anything, we run a comprehensive review of your current systems and procedures — how leads are sourced, scrubbed, assigned, and dialed across your organization. We surface the shortfalls and highest-risk gaps and address those first, so the program is built on what your business actually needs, not a template.
The owner of PropHog flies directly to your corporate headquarters to lead the engagement in person — not a vendor, the principal.
A comprehensive, board-ready plan presented to your legal team and leadership to mitigate and reduce TCPA and DNC exposure.
Get every agent to actually understand where the risk comes from and exactly how to comply in day-to-day outreach.
Internal certifications — run the way carriers handle AML — that put on the record that your agents were trained.
Recurring sessions that keep compliance live and current — not a one-time memo that ages out the day it's sent.
A real part-time Compliance Officer role inside your company, so your posture reflects the highest regard for compliance.
A written rule on its own is the starting line, not the finish. Courts distinguish enforced programs from paper-only policies — so we build all five, and we build the documentation that proves they were real.
Express TCPA/DNC prohibition in every IC agreement, signed acknowledgment, indemnification clause, and E&O requirement.
Mandatory onboarding and refreshers with timestamped completion records and signed certifications.
A required scan of every outside-vendor lead before contact — regardless of the vendor's own compliance claims — with records retained.
Random audits, a complaint-intake system, strike-based discipline, and a documented enforcement history.
Clear documentation of which tools are company-provided and which aren't — so enablement can't be assumed.
The difference between a company that pays millions and one that doesn't often comes down to posture: did you take compliance seriously, document it, and act decisively? An aggressive compliance posture — backed by real action — is exactly what regulators and courts look for.
That's why the owner of PropHog will personally fly to your headquarters, sit with your legal team, present the plan, and put it into motion. And when the engagement calls for it, he can hold a real, part-time Compliance Officer role inside your company — signaling, on the record, that your organization holds compliance in the highest regard.
When an agency asks "who at your company was responsible for this?", a documented compliance officer answers with a functioning program. A company without one answers with silence. Embed a PropHog compliance lead on a fractional basis — to own your policies and oversight and be the documented person accountable when regulators or courts ask. It's the single most important structural defense against a CID.
We'll assess your exposure, recommend the right level — from scanning to a full custom program — and give you a clear plan. No pressure, no scripted pitch.