The Compliance Crisis
A single TCPA violation carries a penalty between $500 and $1,500. That number sounds manageable until you do the math: one AI calling campaign to 10,000 phone numbers without proper consent creates $5 million to $15 million in potential liability. Overnight. From a single campaign your marketing team launched on a Tuesday afternoon.
AI-powered phone systems are transforming how Fort Wayne businesses handle customer communication. AI Employees answer calls at 2 AM, schedule appointments without hold times, follow up on missed calls, and qualify leads faster than any human team. But the technology has outpaced the legal frameworks most businesses use to deploy it. The result: companies are running AI calling systems that violate federal law without realizing it.
The Math of Non-Compliance
This guide covers everything a Fort Wayne business needs to build a fully compliant AI phone system: the federal rules, the February 2025 FCC ruling that changed the landscape, consent requirements, industry-specific obligations, and the specific compliance features built into Cloud Radix AI Employees. If your business uses or plans to use any form of automated calling, this is the framework that keeps you legal.
What the TCPA Actually Says
The Telephone Consumer Protection Act was signed into law in 1991, long before AI-generated voices existed. Its core principle was simple: you cannot use automated telephone equipment to call or text consumers without their consent. But the statute has been amended, reinterpreted, and expanded by FCC rulings dozens of times since then, creating a compliance maze that trips up even well-intentioned businesses.
Here is what the TCPA prohibits, in plain language:
- Autodialed calls or texts to cell phones without prior express consent (for informational calls) or prior express written consent (for marketing/advertising calls)
- Prerecorded or artificial voice calls to residential landlines without prior express consent
- Calls to numbers on the National Do Not Call Registry without an established business relationship or prior express written consent
- Failure to provide opt-out mechanisms during automated calls
- Calls before 8 AM or after 9 PM in the recipient's time zone
Key Definition
The penalties are structured to be painful. Individual violations carry a $500 statutory penalty, and courts can treble that to $1,500 per call for willful or knowing violations. State attorneys general can bring enforcement actions. The FCC can impose forfeiture penalties up to $10,000 per violation and $1 million per day for continuing violations. And private plaintiffs can file class action lawsuits on behalf of everyone your system called without consent.
For Fort Wayne businesses navigating these requirements alongside other regulatory obligations, our AI Employee Security Checklist provides complementary security frameworks.
The FCC 2025 AI Voice Ruling
On February 8, 2024, the FCC issued a Declaratory Ruling that took effect in early 2025 and fundamentally changed the compliance landscape for AI calling. The ruling specifically classified AI-generated voices as "artificial voices" under the TCPA. Before this ruling, some companies argued that because their AI voices sounded natural and were generated in real-time (rather than prerecorded), they fell outside the TCPA's prohibitions on "prerecorded or artificial voice" calls.
The FCC closed that loophole definitively. The ruling states:
FCC Declaratory Ruling (February 2025)
The practical impact is sweeping. Every AI phone system that generates voice output—whether it sounds robotic or indistinguishable from a human—must comply with the same TCPA consent requirements that apply to traditional robocalls. There is no "quality exemption" for better-sounding AI.
The ruling also expanded the definition of "caller" to include parties who use AI-generated voices on their behalf—meaning businesses cannot shift liability to their AI vendor. If you hire an AI calling platform and it violates the TCPA, your business bears the liability. This makes vendor due diligence and built-in compliance features essential, not optional.
What the Ruling Means for Fort Wayne Businesses
The FCC 2025 ruling has three specific implications that every Fort Wayne business deploying AI calling must internalize:
First, there is no grandfathering. If your AI calling system was deployed before the ruling took effect, you are not exempt. The FCC clarified that the TCPA has always covered artificial voices—the 2025 ruling simply confirmed that AI-generated speech falls within that existing statutory language. Businesses that launched AI calling in 2023 or 2024 under the assumption that real-time AI voices were not "prerecorded" have been in violation since day one.
Second, the ruling applies to all AI voice modalities. Text-to-speech, voice cloning, neural voice synthesis, LLM-generated conversational speech—the FCC drew no distinctions. If software generates the voice instead of a live human, the TCPA's artificial voice provisions apply. This eliminates the argument that "conversational AI" is fundamentally different from a prerecorded message.
Third, state attorneys general received explicit encouragement to enforce. The FCC's ruling included language directing state enforcement agencies to use the clarification as a basis for action under their own consumer protection statutes. Indiana Attorney General Todd Rokita has already signaled increased scrutiny of AI-powered telemarketing, making Fort Wayne businesses especially visible targets for enforcement actions.
Vendor Liability Warning
| Factor | Before FCC 2025 Ruling | After FCC 2025 Ruling |
|---|---|---|
| AI voice classification | Ambiguous — some argued AI voices were not 'artificial' | Definitively classified as 'artificial voice' under TCPA |
| Real-time AI speech | Gray area — not clearly 'prerecorded' | Covered regardless of whether generated in real-time |
| Vendor liability | Some vendors claimed common carrier status | Business bears liability for vendor's AI calls |
| State enforcement | Limited state AG activity on AI calling | FCC encouraged state-level enforcement |
| Consent standard for AI marketing calls | Express written consent (same as robocalls) | Express written consent — explicitly confirmed for AI |
| AI disclosure requirement | Recommended best practice | Required at the start of every AI call |
Consent Types: Express vs. Express Written
The TCPA recognizes two levels of consent, and confusing them is one of the most common compliance failures. Understanding the difference is non-negotiable for any business deploying AI calling.
Express consent is the lower bar. It means the consumer has given their phone number to your business in the context of a transaction or inquiry, indicating they're willing to receive calls at that number. A customer filling out a contact form, providing their number at checkout, or calling your business line has generally provided express consent for informational, non-marketing calls.
Express written consent is the higher bar. It requires a signed (electronic signatures qualify) written agreement that specifically authorizes AI-generated or automated calls for marketing or advertising purposes. The agreement must clearly disclose that the consumer is authorizing automated calls, and it cannot be bundled into general terms and conditions.
| Requirement | Express Consent | Express Written Consent |
|---|---|---|
| Form of consent | Verbal or implied from providing number | Signed written agreement (e-sign OK) |
| Use case | Informational calls, appointment reminders | Marketing, advertising, sales calls |
| AI disclosure required | ✓ Yes | ✓ Yes |
| Must be separate from other terms | ✗ No | ✓ Yes |
| Consumer can revoke anytime | ✓ Yes | ✓ Yes |
| DNC list checking required | ✗ No | ✓ Yes |
| Proof of consent needed | Recommended | Required — documented audit trail |
| Covers AI-generated voice calls | ✓ Yes | ✓ Yes |
Critical Distinction
The safest approach: obtain express written consent for all AI calling, even when technically only express consent is required. The cost of upgrading your consent forms is negligible compared to the cost of a class action lawsuit arguing that your "informational" calls contained marketing content.
Consent Scenarios: Real-World Examples
Understanding the consent distinction in practice is where most businesses stumble. Here are concrete scenarios Fort Wayne businesses encounter daily:
Scenario: Dental Office Appointment Reminder
A patient books a cleaning and provides their cell phone number on the intake form. Your AI Employee calls 48 hours before the appointment to confirm. Consent level needed: Express consent. The patient provided their number in the context of scheduling, and the call is purely informational. However, if your AI adds "We also have a special on whitening this month," the entire call becomes a marketing call requiring express written consent.
Scenario: HVAC Lead Follow-Up
A homeowner fills out a web form requesting a furnace repair quote, providing their phone number. Your AI Employee calls to schedule the estimate. Consent level needed: Express consent for the scheduling call, since the consumer initiated the inquiry. But if your AI calls back a month later to offer a seasonal maintenance plan, that follow-up is a marketing call requiring express written consent—the original inquiry consent does not extend indefinitely to promotional outreach.
Scenario: Restaurant Promotional Campaign
A restaurant has a list of customer phone numbers collected over two years of reservations and takeout orders. The owner wants to use AI calling to announce a new catering menu — similar to campaigns we have helped businesses like Factory Direct Homes Center navigate compliantly. Consent level needed: Express written consent. The phone numbers were provided for transactional purposes (placing orders). Using them for promotional outreach requires a separate, signed authorization. Without it, every single call in this campaign is a TCPA violation carrying $500–$1,500 in liability.
Scenario: Auto Shop Service Notification
A customer drops off their vehicle for brake work and provides their cell number so the shop can notify them when the car is ready. Your AI Employee calls to say the vehicle is ready for pickup. Consent level needed: Express consent. This is a transactional, informational call directly related to the service the customer requested. The consent is implied from providing the number in the context of the transaction.
Scenario: Real Estate Open House Follow-Up
A prospective buyer signs in at an open house, providing their name and phone number on a clipboard sign-in sheet. Your AI calls two days later to ask about their interest level and schedule a private showing. Consent level needed: Express written consent. The sign-in sheet must include explicit consent language authorizing AI-generated follow-up calls. A bare name-and-number sign-in sheet does not constitute express written consent for marketing calls. Without proper language on that clipboard, this call is a violation. See how real estate businesses are handling this correctly.
The 'Provided Their Number' Myth
How Compliant AI Calling Works
A TCPA-compliant AI calling system isn't just about getting consent before making calls. Compliance is a workflow—a series of checkpoints that every single call must pass through before, during, and after connection. Here is the compliant workflow, step by step:
Step 1: Consent Capture
Before any call is placed, the system verifies that valid consent exists for the specific number being dialed. Consent records include timestamp, method of capture (web form, in-person, verbal), scope of consent (informational vs. marketing), and the specific language the consumer agreed to.
Step 2: Consent Verification
The system checks that consent has not been revoked, has not expired (if time-limited), and covers the type of call being placed. A consent record for appointment reminders does not authorize a marketing call.
Step 3: DNC List Check
The number is checked against the National Do Not Call Registry, your company's internal DNC list, and any state-specific DNC registries (Indiana maintains its own). Numbers on any DNC list are blocked automatically.
Step 4: AI Disclosure
At the start of every call, the AI system identifies itself as an AI. This is required by the FCC 2025 ruling and multiple state laws. The disclosure must occur before any substantive conversation begins.
Step 5: Call Execution
The AI conducts the call within its authorized scope. Time-of-day restrictions are enforced (no calls before 8 AM or after 9 PM in the recipient's time zone). The AI provides opt-out instructions during the call.
Step 6: Call Recording & Logging
Every call is recorded (with proper notice where required by state law—Indiana is a one-party consent state) and logged with full metadata: timestamp, duration, consent record referenced, AI disclosure confirmation, and opt-out requests.
Step 7: Audit Trail
A complete, tamper-proof audit trail links every call back to its consent record. If a consumer files a complaint or a regulator investigates, your business can produce the chain of evidence proving compliance in seconds.
This seven-step workflow must execute for every single call. Not most calls. Every call. A system that skips any step—even once—creates liability. This is why compliance must be built into the AI platform itself, not bolted on as an afterthought. Learn about the AI Employee architecture that makes this possible.
Building a Consent Framework
The consent form is the legal foundation of your entire AI calling operation. A poorly drafted consent form can invalidate every call your system makes. Here is what a compliant consent form must include:
- Clear disclosure of automated technology: The form must explicitly state that the consumer is authorizing calls made using AI-generated voices and/or automated dialing systems
- Separate from other terms: For express written consent, the authorization cannot be buried in a terms-of-service agreement or privacy policy. It must be a standalone consent or a clearly delineated section with its own signature/checkbox
- Specific to AI calls: Generic language like "we may contact you" is insufficient. The form must reference automated or AI-powered calling specifically
- Revocability disclosed: The form must inform the consumer that they can revoke consent at any time through any reasonable method (phone, email, text, written request)
- Scope defined: Specify what types of calls the consent covers—appointment reminders, service updates, marketing messages, or all of the above
- Not a condition of purchase: Consent to AI calling cannot be required as a condition of purchasing goods or services
Example Consent Language
Every consent record must be stored with: the exact language the consumer agreed to, a timestamp, the method of consent (web form, in-person signature, verbal recording), and the consumer's identity. Cloud Radix AI Employees generate and store these records automatically as part of the consent management system.
Documentation Best Practice
Inbound vs. Outbound AI Calls
The compliance requirements for AI calling differ significantly depending on whether the consumer initiates the call or your business does. This distinction matters because most Fort Wayne businesses use AI Employees for both inbound and outbound communication—and the rules are different for each.
| Compliance Factor | Inbound AI Calls | Outbound AI Calls |
|---|---|---|
| Who initiates the call | Consumer calls your business | Your AI system calls the consumer |
| Prior consent required | No — consumer-initiated | Yes — express or express written |
| AI disclosure required | ✓ Yes | ✓ Yes |
| DNC list checking | Not required | Required for marketing/sales |
| Time-of-day restrictions | N/A — consumer chooses when to call | No calls before 8 AM or after 9 PM |
| Opt-out mechanism required | For future outbound follow-ups only | Required during every call |
| Call recording notice | Recommended (IN is one-party consent) | Recommended (IN is one-party consent) |
| Audit trail | Recommended | Required — full compliance documentation |
| Typical use cases | Customer service, scheduling, FAQs | Appointment reminders, follow-ups, marketing |
Inbound AI calls carry fewer restrictions because the consumer voluntarily initiated the interaction. However, the FCC 2025 ruling still requires AI disclosure even on inbound calls—the consumer must know they are speaking with an AI system. If the inbound call triggers an outbound follow-up (such as a callback or confirmation), the follow-up call is subject to full outbound TCPA requirements.
Outbound AI calls carry the full weight of the TCPA. Every outbound call requires verified consent, DNC checking, time-of-day compliance, AI disclosure, and an opt-out mechanism. Marketing or advertising calls require the higher standard of express written consent.
The Follow-Up Trap
Hybrid Call Scenarios
Most Fort Wayne businesses do not fit neatly into "inbound only" or "outbound only" categories. The typical AI Employee deployment involves hybrid scenarios where a single customer interaction spans both inbound and outbound calls. These hybrid scenarios create the most compliance risk because the rules change mid-interaction.
| Hybrid Scenario | Inbound Phase Rules | Outbound Phase Rules |
|---|---|---|
| Customer calls, AI schedules callback | AI disclosure required; no prior consent needed | Express consent required; capture during inbound call |
| Customer calls, AI sends follow-up reminder | AI disclosure required; customer initiated | Express consent for informational reminder text/call |
| Customer calls with complaint, AI follows up with resolution | Standard inbound rules apply | Express consent sufficient — related to original inquiry |
| Customer calls, AI follows up with promotional offer | Standard inbound rules apply | Express written consent required — marketing content |
| Missed call, AI returns the call | N/A — no inbound interaction occurred | Full outbound rules apply — missed call is not consent |
Best Practice for Hybrid Calls
The missed-call scenario deserves special attention. Many Fort Wayne businesses configure their AI to automatically return missed calls. A missed call is not consent. The consumer may have dialed the wrong number, may have been a minor, or may have hung up intentionally. Returning a missed call with an AI system without verified consent is an outbound AI call that requires all standard outbound compliance measures. The safest approach is to have the AI send an inbound-triggered text saying "We noticed you called [Business Name]. Would you like us to call you back?" and treating an affirmative response as express consent for a single callback.
Industry-Specific Rules
TCPA compliance is the baseline, but specific industries face additional layers of regulation that intersect with AI calling. Fort Wayne businesses in healthcare, financial services, real estate, and food service each need to understand their sector-specific requirements.
Healthcare: HIPAA + TCPA Overlap
Healthcare AI calling faces a dual compliance burden. TCPA governs how calls are made. HIPAA governs what information can be discussed. An AI system that calls a patient to confirm an appointment must not disclose the nature of the appointment to anyone who answers the phone other than the patient.
- AI must verify patient identity before disclosing any PHI
- Voicemails must use minimum necessary information (name and callback number only)
- Call recordings containing PHI must be stored with HIPAA-compliant encryption
- Business Associate Agreements (BAAs) required with AI calling vendors
For comprehensive healthcare guidance, see our HIPAA-Compliant AI Employee guide.
Financial Services: CFPB Rules
Banks, credit unions, debt collectors, and financial advisors face CFPB regulations on top of TCPA requirements. The CFPB has issued specific guidance on AI-powered communication in financial services.
- Debt collection calls have additional frequency limits (7 calls per 7-day period per debt under Regulation F)
- AI must provide "mini-Miranda" warnings on debt collection calls
- Financial marketing calls must comply with Truth in Lending Act disclosure requirements
- Call recordings must be retained for regulatory examination periods
Real Estate: DNC + TCPA
Real estate agents and brokerages in the Fort Wayne metro area using AI to prospect or follow up with leads must navigate both TCPA and the Real Estate Settlement Procedures Act (RESPA).
- Cold-calling prospects with AI requires express written consent — no exceptions
- DNC registry must be checked within 31 days of any outbound campaign
- AI follow-up calls on open house sign-in sheets require consent language on the sign-in form
- Property-specific promotional calls need to comply with fair housing advertising rules
Restaurants & Hospitality: Generally Lower Risk
Restaurant reservation confirmations, order-ready notifications, and service updates generally fall under the "informational" category and require only express consent. However, boundaries must be maintained.
- Reservation confirmations and order updates = informational (express consent sufficient)
- Promotional calls about specials, events, or loyalty programs = marketing (express written consent required)
- AI disclosure still required for all automated calls regardless of purpose
- Customer who provides phone number for reservation has given express consent for that transaction only
Indiana and Fort Wayne Specific Regulations
Fort Wayne businesses face a layered regulatory environment. Federal TCPA rules provide the baseline, but Indiana state law adds requirements that are frequently overlooked by businesses focusing solely on federal compliance.
Indiana Code 24-5-14 (Telephone Solicitation of Consumers Act) establishes Indiana-specific rules for automated calling that supplement the TCPA:
- State DNC registry: Indiana maintains its own Do Not Call list through the Attorney General's office, separate from the federal registry. Businesses must check both the federal and Indiana state registries before any outbound solicitation call. Failure to scrub against the Indiana list is a separate state-level violation.
- Registration requirement: Certain automated calling systems used for telephone solicitation in Indiana must be registered with the Indiana Attorney General's office. This includes AI calling platforms used for commercial solicitation purposes.
- Caller identification: Indiana law requires that automated calling systems transmit accurate caller ID information. Spoofing or masking the originating number on AI calls is a separate violation under Indiana Code, independent of federal Caller ID rules.
- Prompt disconnection: Under IC 24-5-14-8, automated calling systems must disconnect within five seconds after the called party hangs up. AI systems that continue speaking or fail to detect call termination violate this provision.
- Indiana Attorney General enforcement: The Indiana AG has independent authority to investigate and penalize TCPA and state telemarketing violations. AG Todd Rokita's office has issued specific guidance on AI-powered calling and has pursued enforcement actions against businesses operating non-compliant automated calling systems in the Fort Wayne metro area.
Fort Wayne Municipal Considerations
Regardless of industry, the safest approach is to build a consent framework that meets the highest applicable standard. It is far easier to obtain express written consent upfront than to litigate whether a specific call qualified as "informational." For pricing guidance across industries, see our AI Employee Pricing Guide.
The Compliance Checklist
Use this checklist to audit your current AI calling system or evaluate a new platform. Every item marked with a green border is a requirement—not a recommendation. Failing any single item means your AI calling operation is legally exposed.
Consent Management System
Centralized database storing all consent records with timestamps, method of capture, scope of authorization, and revocation status. Consent verified programmatically before every outbound call.
DNC Registry Integration
Automatic checking against the National Do Not Call Registry, your internal DNC list, and Indiana's state DNC registry before every outbound call. Registry data refreshed at least every 31 days.
AI Disclosure at Call Start
Every call begins with a clear disclosure that the caller is an AI-powered system. This disclosure occurs before any substantive conversation, cannot be bypassed, and is logged in the call record.
Call Recording & Storage
All calls recorded with full metadata (timestamp, duration, consent record ID, AI disclosure confirmation). Recordings stored with encryption and retained for a minimum of five years.
Comprehensive Audit Logging
Tamper-proof audit trail linking every call to its consent record, DNC check result, AI disclosure event, and any opt-out requests. Audit logs exportable for regulatory review or litigation defense.
Opt-Out Mechanism
Consumers can opt out during any call by saying "stop," "remove me," or similar phrases. The AI recognizes opt-out requests in real-time, immediately stops the call, and updates the consent record. Opt-out requests processed within 24 hours for all future campaigns.
Time-of-Day Enforcement
System automatically blocks all outbound calls before 8:00 AM and after 9:00 PM in the recipient's local time zone. Time zone determined by area code and updated for daylight saving transitions.
Indiana Telephone Privacy Act Compliance
Indiana Code 24-5-14 adds state-level requirements beyond federal TCPA. Includes compliance with Indiana's Telephone Solicitation of Consumers Act, registration requirements for certain automated calling systems, and state attorney general enforcement provisions.
Consent Revocation Processing
When a consumer revokes consent through any channel—verbal during a call, text message, email, web form, or written letter—the system must process the revocation within 24 hours and prevent all future automated calls to that number. The revocation must be logged with a timestamp and the method used. Partial revocations (e.g., "stop marketing calls but keep appointment reminders") must be supported and correctly categorized.
Call Frequency Limits
While the TCPA does not specify exact call frequency limits for most industries, excessive calling to the same number can constitute harassment and create additional legal exposure. Your system should enforce reasonable frequency caps: no more than three outbound AI call attempts per phone number per week, with automatic suppression after two consecutive unanswered calls. Debt collection calls are subject to the stricter Regulation F limit of seven calls per seven-day period per debt.
Staff Training Documentation
All staff members who configure, manage, or monitor AI calling campaigns must receive documented TCPA compliance training. Training records should include the date, topics covered, trainer name, and attestation from each employee. Courts have found that inadequate training can support a finding of "willful" violation, which trebles damages from $500 to $1,500 per call. Annual refresher training is recommended.
Compliance Audit Schedule
Getting It Wrong: TCPA Violations
The TCPA is one of the most litigated statutes in the United States. Understanding what has gone wrong for other companies provides critical context for why compliance is not optional. These are real cases with real penalties.
$225 Million — Health Insurance Robocalls
These headline numbers involve large companies, but small and mid-sized businesses are not immune. TCPA class action attorneys specifically target companies with 10,000 to 100,000 calls because settlements are lucrative and the businesses lack the resources for prolonged litigation. Fort Wayne businesses with AI calling systems operating outside compliance are prime targets.
The Class Action Pattern
More Cases That Should Keep You Up at Night
The headline-grabbing settlements involve major corporations, but the cases that should concern Fort Wayne businesses most are the ones involving mid-market companies—businesses with 20 to 500 employees that thought compliance was someone else's problem.
Lowe's — $6.3 Million Settlement (2024)
Lowe's settled a TCPA class action for $6.3 million after sending automated marketing texts and calls to customers who had opted out. The core issue: their system did not process opt-out requests consistently across channels. A customer who texted "STOP" continued to receive automated calls because the text opt-out did not sync with the calling system. This exact scenario is common in businesses that use separate systems for texting and calling without a unified consent management database.
Midland Credit Management — $10.6 Million Settlement
A debt collection agency using automated calling technology settled for $10.6 million after calling consumers who had revoked consent. The company argued that revocations were "ambiguous" because consumers said things like "please don't call me anymore" rather than the word "stop." The court ruled that any reasonable expression of the desire not to be called constitutes revocation. AI systems must be trained to recognize the full spectrum of opt-out language, not just keyword triggers.
Home Depot — $72.5 Million Settlement (2023)
Home Depot settled a massive class action arising from text marketing messages sent to customers who had not provided express written consent. The plaintiffs argued that providing a phone number during checkout was express consent for order updates—not marketing texts about unrelated promotions. The court agreed. The case established a clear boundary: transactional consent does not extend to promotional communication. This principle applies directly to AI calling campaigns.
Small Business Risk: The $500-Per-Call Multiplier
The pattern is consistent: companies that skip consent verification, fail to check DNC registries, or neglect AI disclosure requirements face catastrophic liability. The common thread in every major TCPA case is the absence of a documented compliance framework. Businesses that can produce consent records, DNC check logs, and audit trails rarely face successful TCPA claims. The investment in compliance is a fraction of the cost of a single violation.
To understand how proper security and compliance infrastructure protects your business, review our AI Employee Security Checklist.
Cloud Radix Compliance Features
At Cloud Radix, TCPA compliance is not a feature you enable—it is the foundation every AI Employee is built on. Our AI calling platform was designed from day one with enterprise-grade security for businesses that cannot afford to get compliance wrong. Here is what that looks like in practice:
- Automatic consent tracking: Every interaction with your AI Employee captures and stores consent data with tamper-proof timestamps. The system categorizes consent by type (express vs. express written) and scope (informational vs. marketing), and blocks any call that lacks the required consent level.
- DNC list integration: Your AI Employee checks the National DNC Registry, Indiana's state registry, and your company's internal DNC list before every single outbound call. Registry data is refreshed automatically every 15 days—twice the federal minimum.
- AI disclosure at call start: Every call—inbound and outbound—begins with a clear AI disclosure. This disclosure is hardcoded into the system and cannot be disabled, overridden, or skipped by any user or administrator.
- Full audit trail: Every call generates a complete compliance record: consent verification result, DNC check result, AI disclosure timestamp, opt-out request handling, and call recording reference. These records are stored for seven years and can be exported instantly for regulatory review or litigation defense.
- Real-time opt-out processing: When a consumer says "stop," "remove me," "do not call," or any similar phrase, the AI recognizes the intent immediately, acknowledges the request, ends the call gracefully, and updates the consumer's consent record. The number is blocked from all future outbound campaigns within seconds.
- Indiana Telephone Privacy Act compliance: Beyond federal TCPA, our system is configured for Indiana-specific requirements under IC 24-5-14, including state registration provisions and Indiana Attorney General enforcement standards.
- Time-zone-aware calling: Outbound calls are automatically restricted to the 8 AM–9 PM window in the recipient's local time zone, including automatic adjustment for daylight saving time transitions.
Compliance by Default
For businesses handling sensitive data alongside calling compliance, our AI Employees also support HIPAA-compliant configurations with encrypted call recording storage, PHI access controls, and BAA coverage. See our pricing page for compliance-tier options.
Frequently Asked Questions
Q1.Does the TCPA apply to AI-generated voice calls?
Yes. The FCC's February 2025 Declaratory Ruling specifically classified AI-generated voices as 'artificial voices' under the TCPA. Any call using AI-generated speech is subject to the same consent requirements as traditional robocalls, regardless of how natural the AI voice sounds. This includes text-to-speech systems, voice cloning technology, LLM-generated conversational speech, and any other software-generated voice output. The ruling drew no distinction between real-time generated AI speech and prerecorded messages—both are covered.
Q2.What is the difference between express consent and express written consent?
Express consent means the consumer has provided their phone number in a context indicating willingness to receive calls (e.g., filling out a contact form, providing their number during checkout, or calling your business). Express written consent requires a signed written agreement—electronic signatures qualify—that specifically authorizes automated or AI-generated calls for marketing or advertising purposes. The written consent must be a standalone authorization, not buried in general terms and conditions. Marketing and advertising calls always require express written consent; purely informational calls such as appointment reminders or order status updates typically require only express consent. When in doubt, obtain express written consent for all AI calling to eliminate classification risk.
Q3.Can I use AI calling for appointment reminders without written consent?
Generally yes, if the customer provided their phone number in the context of scheduling the appointment. Appointment reminders are typically classified as informational calls requiring only express consent. However, the line between informational and marketing is strictly enforced. If the reminder includes any promotional content—'While you're here, ask about our new service,' 'We have a special this month,' or even a reference to a loyalty program—the entire call is reclassified as marketing and requires express written consent. The safest approach for Fort Wayne medical offices, dental practices, and service businesses is to keep appointment reminder scripts strictly transactional and obtain express written consent separately if you want to include any promotional messaging.
Q4.Do I need to disclose that the caller is an AI?
Yes. The FCC 2025 ruling and multiple state laws require AI disclosure at the start of every call. This applies to both inbound and outbound calls. The disclosure must occur before any substantive conversation begins and must be clear and unambiguous—something like 'Hi, this is an AI assistant calling on behalf of [Business Name].' Attempting to disguise the AI as a human, or burying the disclosure after substantive conversation has begun, violates both the FCC ruling and consumer protection principles. Cloud Radix AI Employees handle this automatically on every call with a hardcoded disclosure that cannot be disabled.
Q5.What are the TCPA penalties for a Fort Wayne business?
The penalty structure is multi-layered. Individual violations carry a $500 statutory penalty under federal TCPA, which courts can treble to $1,500 per call for willful or knowing violations. The FCC can impose forfeiture penalties up to $10,000 per violation and $1 million per day for continuing violations. Indiana's Telephone Solicitation of Consumers Act (IC 24-5-14) adds state-level penalties of up to $10,000 per violation enforced by the Attorney General. Class action lawsuits aggregate per-call penalties across entire campaigns—a 5,000-call campaign with $500 per violation creates $2.5 million in baseline liability before treble damages. The average TCPA class action settlement exceeds $6.6 million. These penalties apply regardless of business size.
Q6.Does Indiana have its own telemarketing laws beyond the TCPA?
Yes. Indiana Code 24-5-14 (the Telephone Solicitation of Consumers Act) adds state-level requirements including: registration with the Indiana Attorney General's office for certain automated calling systems; compliance with Indiana's state Do Not Call registry (separate from the federal registry); accurate caller ID transmission requirements; a five-second disconnect requirement after the called party hangs up; and independent enforcement authority for the Indiana Attorney General with penalties up to $10,000 per violation. Fort Wayne businesses must comply with both federal TCPA and Indiana state law simultaneously. Cloud Radix AI Employees are configured for dual federal-state compliance.
Q7.Can consumers revoke consent for AI calls?
Yes, and they can do so through any reasonable method at any time. Courts have broadly interpreted what constitutes a valid revocation. This includes saying 'stop,' 'remove me,' 'don't call again,' or any similar phrasing during a call; sending a text message; calling your business; emailing; submitting a web form; or mailing a written request. Your system must process revocations within 24 hours and prevent all future automated calls to that number. Consumers can also make partial revocations—for example, revoking consent for marketing calls while maintaining consent for appointment reminders. Your system must support this granularity. Cloud Radix processes opt-outs in real-time during the call and applies them across all campaign types within seconds.
Q8.How long should I keep consent records?
We recommend a minimum of five years after the last call made under that consent. The TCPA statute of limitations is four years for private actions and longer for FCC enforcement actions, so a five-year retention period provides a buffer. Records should include: the exact consent language agreed to, a timestamp, the method of capture (web form, e-signature, in-person, verbal recording), the consumer's identity, and a log of every call made under that consent. Cloud Radix stores all consent and compliance records for seven years with tamper-proof timestamps and makes them exportable for regulatory review or litigation defense at any time.
Q9.What happens if my AI vendor violates the TCPA on my behalf?
Your business bears the liability. The FCC 2025 ruling explicitly rejected the 'common carrier' defense for AI calling platforms and expanded the definition of 'caller' to include businesses that use AI-generated voices through third-party vendors. You cannot contractually transfer TCPA liability to your AI platform provider. This makes vendor selection and due diligence critical—you need a platform with built-in compliance safeguards, not just a Terms of Service that says 'compliance is the customer's responsibility.' Cloud Radix's compliance framework is architecturally embedded, ensuring every call meets TCPA and Indiana state requirements regardless of how your campaigns are configured.
Q10.Can I return missed calls using AI without consent?
Returning a missed call with an AI system is classified as an outbound AI call and requires all standard outbound compliance measures, including verified consent. A missed call is not consent—the person may have dialed the wrong number, may have been a minor, or may have hung up intentionally before connecting. The safest approach is to have your system send an inbound-triggered text saying 'We noticed you called [Business Name]. Would you like us to call you back?' and treat an affirmative response as express consent for a single callback.
Q11.Do these rules apply to B2B calls or only B2C?
The TCPA's cell phone protections apply regardless of whether the called number belongs to a consumer or a business contact. If you are calling a cell phone using AI-generated voice, TCPA consent requirements apply even for B2B outreach. The DNC registry provisions have a limited exemption for established business relationships, but the autodialer and artificial voice provisions do not distinguish between B2B and B2C calls to cell phones. Calls to business landlines have fewer restrictions, but AI disclosure requirements still apply under the FCC 2025 ruling.
Sources
- FCC — FCC Makes AI-Generated Voices in Robocalls Illegal
- FTC — Telemarketing Sales Rule (TSR)
- Indiana Code — IC 24-5-14 Telephone Solicitation of Consumers
- American Bar Association — TCPA Compliance in the Age of AI Calling
- CFPB — Supervisory Guidance on AI in Consumer Financial Services
- NCSL — State Telemarketing Laws and Regulations
- CompliancePoint — TCPA Compliance Framework and Best Practices
- WebRTC Legal — TCPA Implications for AI Voice Technology
Build a Compliant AI Phone System
Don't risk a TCPA violation that could cost your business millions. Cloud Radix AI Employees are built with compliance at the foundation—consent tracking, DNC integration, AI disclosure, and full audit trails included by default.
