Business texting compliance

A2P SMS Compliance: 10DLC, Consent and Best Practices

Understand how A2P business messaging works, what information is needed for brand and campaign registration, how to document consent, how to handle STOP and HELP requests, and how to maintain a compliant messaging program.

A2P 10DLC registration Consent and opt-out records Monitoring and documentation

What is A2P SMS messaging?

Application-to-person messaging occurs when software sends SMS or MMS messages to a person. The category includes more than advertising.

01

Marketing messages

Promotions, product launches, discounts, loyalty offers, re-engagement campaigns, and event invitations.

02

Transactional messages

Order updates, appointment reminders, delivery notices, account alerts, and service notifications.

03

Authentication messages

One-time passcodes, verification messages, login alerts, and security-related communication.

Registration and consent solve different problems

A2P registration identifies the business and declared messaging use case. Consent records show why each recipient should receive the message. A responsible program needs both.

Build your messaging program

What is A2P 10DLC?

A2P 10DLC is the United States framework used for business messaging sent through standard ten-digit long-code phone numbers.

Brand registration

The business identity is registered using accurate legal information, tax or registration details, address, contact information, and website data.

Campaign registration

The messaging use case is registered with the opt-in process, message samples, expected content, HELP and STOP behavior, links, phone numbers, and other campaign details.

Number assignment

Approved phone numbers are connected to the appropriate messaging service and registered campaign before production traffic is sent.

Information commonly required for registration

Incomplete, inconsistent, or generic submissions can delay review. Registration details should match the real business and real customer journey.

  • Legal business name and organization type.
  • Tax identification or business registration details.
  • Physical business address.
  • Business website and support contact information.
  • Authorized contact name, phone number, and email.
  • Messaging use case and campaign description.
  • Complete opt-in and consent flow.
  • Sample messages that identify the sender.
  • Expected message frequency and volume.
  • HELP response and support information.
  • STOP response and suppression workflow.
  • Privacy policy and terms links when applicable.
  • Whether messages include links or phone numbers.
  • Whether the program uses age-gated or sensitive content.

A2P SMS compliance checklist

Use this checklist before registration, before campaign launch, and during recurring compliance reviews.

Area What to verify Evidence to retain
Business identity Legal name, address, website, tax information, and contact details are accurate and consistent. Registration records, business documents, website screenshots, and provider confirmation.
Campaign purpose The registered use case matches the actual messages and audience. Campaign description, internal approval, message samples, and use-case documentation.
Consent The recipient knowingly agreed to the specific messaging program. Disclosure text, source page, timestamp, phone number, IP or source data, and confirmation record.
Sender identification Messages clearly identify the business or program. Approved templates and production message logs.
Opt-out STOP and other supported revocation requests are processed and suppressed. Opt-out logs, confirmation messages, suppression-list history, and escalation records.
HELP support Recipients can request support and receive useful sender and contact information. HELP template, support address or number, and response logs.
Message content Copy, offers, links, and claims match the registered program and applicable rules. Approved templates, landing pages, offer terms, and review history.
Data protection Access is limited and phone numbers, consent records, and message history are protected. Access policies, retention schedule, vendor agreements, and security controls.
Monitoring Delivery, filtering, complaints, opt-outs, and unusual traffic are reviewed. Dashboards, audit reports, incident notes, and corrective actions.

Consent and opt-in requirements

Consent should be specific, understandable, connected to the sender, and supported by records that can be retrieved later.

Website and checkout forms

Place the disclosure near the phone-number field or signup action. Avoid preselected consent and avoid hiding important terms behind unrelated links.

Keyword opt-in

Advertise the keyword, sender, program purpose, expected frequency, message and data-rate notice, HELP information, and STOP instructions.

QR-code opt-in

The landing page or prefilled message should clearly explain what the user is joining and which business will send messages.

Paper and in-person signup

Preserve the form or digital record and make sure staff do not describe the program differently from the written disclosure.

Imported customer data

A customer relationship or possession of a phone number does not automatically prove permission for every message type. Validate the original collection purpose.

Third-party leads

Confirm that consent names the correct seller or sender and covers the intended message type. Do not rely on vague or generic consent language.

Example opt-in disclosures

These examples are starting points only. The disclosure must match the real program, sender, frequency, purpose, and applicable requirements.

Marketing program example

By submitting this form, you agree to receive recurring promotional text messages from [Business] at the number provided. Consent is not a condition of purchase. Message frequency varies. Message and data rates may apply. Reply STOP to opt out and HELP for help. View Terms: [URL] and Privacy Policy: [URL].

Appointment reminder example

By providing your mobile number, you agree to receive appointment confirmations, reminders, and service updates from [Business]. Message frequency varies. Message and data rates may apply. Reply STOP to opt out or HELP for help.

Keyword promotion example

Text JOIN to [number] to receive recurring offers and updates from [Business]. Message frequency varies. Message and data rates may apply. Reply STOP to cancel or HELP for help. Terms: [URL]. Privacy: [URL].

STOP, HELP, and consent revocation

A compliance program needs automated keyword handling and a manual process for less structured requests such as “do not text me again.”

  • Process standard STOP keywords immediately through the messaging platform.
  • Recognize reasonable natural-language revocation requests.
  • Suppress the recipient from the relevant sender and messaging program.
  • Record the opt-out date, source message, phone number, and campaign.
  • Send only the permitted confirmation after the opt-out.
  • Do not automatically re-enroll an opted-out number from an old list import.
  • Provide a clear HELP response with the sender and support contact.
  • Train support staff to recognize and escalate consent complaints.
  • Synchronize suppression data across campaigns, services, and integrations.
  • Test STOP and HELP behavior before production launch.

Message content and campaign consistency

Registration approval is based partly on the declared use case, opt-in flow, and sample messages. Production traffic should remain consistent.

Identify the sender

The recipient should be able to recognize the business or program, especially in the first message and after long periods of inactivity.

Match the registered use case

Do not register a customer-care campaign and then use it primarily for unrelated promotional blasts.

Use accurate links and domains

Links should resolve correctly, use domains associated with the business, and lead to a page that matches the message.

Avoid deceptive urgency

Deadlines, prizes, discounts, account warnings, and claims should be accurate and supported by the landing page or business process.

Control frequency

Send at the frequency disclosed or reasonably expected. Review overlapping campaigns that may create excessive combined volume.

Review sensitive categories

Financial, healthcare, age-restricted, lending, lead-generation, and other sensitive use cases may require additional review or restrictions.

Consent and compliance records to retain

A record should explain who consented, what they agreed to, when they agreed, how they agreed, and what happened afterward.

  • Phone number and subscriber identifier.
  • Date, time, and time zone of consent.
  • Signup source, page, form, keyword, or event.
  • Exact disclosure language shown at signup.
  • Program name and sender identity.
  • IP address, user agent, or source reference when available.
  • Confirmation or double-opt-in activity.
  • Message history and delivery events.
  • HELP and support interactions.
  • STOP or revocation request and suppression date.
  • Complaint, investigation, and resolution notes.
  • Registration versions and approved campaign samples.

Monitoring an active A2P messaging program

Compliance is not finished when a campaign is approved. Changes in content, audience sources, vendors, and business processes can create new risk.

Delivery and filtering

Review delivery errors, carrier filtering, blocked content, unusual throughput changes, and number-level performance.

Opt-out and complaint trends

A sudden increase can indicate poor targeting, list-source problems, excessive frequency, confusing identification, or an inaccurate offer.

Consent-source quality

Compare opt-outs and complaints by form, keyword, partner, event, list import, and acquisition channel.

Template and link review

Confirm that production templates, landing pages, domains, offer terms, and support information remain current.

User-access review

Remove unnecessary access, review administrator roles, and monitor who can import contacts or launch campaigns.

Quarterly program audit

Recheck registration details, consent language, privacy links, message samples, integrations, and suppression synchronization.

Common A2P compliance mistakes

Many failures are caused by inconsistent business information, weak opt-in evidence, mismatched use cases, or operational gaps.

Generic campaign descriptions

Descriptions such as “marketing messages” do not explain the audience, message purpose, customer journey, or opt-in process.

Sample messages without identification

Samples should show how the business identifies itself, communicates the purpose, and handles required instructions.

Missing privacy or terms pages

Broken, generic, or unrelated policies can make the opt-in flow incomplete and reduce reviewer confidence.

Using purchased or unclear lists

A spreadsheet containing phone numbers is not proof that recipients agreed to the specific sender and messaging program.

Failing to synchronize opt-outs

A recipient who opts out through one workflow should not be accidentally messaged by another campaign using stale data.

Changing the campaign after approval

New use cases, brands, domains, lead sources, or sensitive content may require a registration update or new campaign.

Legal and compliance notice

A2P 10DLC registration, carrier rules, CTIA guidance, federal law, state law, industry-specific rules, and provider policies are related but separate requirements. Approval by a registry or messaging provider does not guarantee that every message is legally compliant.

This page provides general educational information and is not legal advice. Businesses should consult qualified legal counsel for their specific use case, consent language, audience, industry, and jurisdictions.

Build compliance into the campaign workflow

Organize brand registration, campaign details, consent evidence, STOP handling, contact management, and reporting before launch.

Get started with TextBlast

Frequently asked questions

What is A2P SMS compliance?

It is the combination of legal, carrier, registration, consent, privacy, content, and operational requirements that apply when software sends text messages to people.

What is A2P 10DLC?

It is a United States business-messaging framework for application-to-person traffic sent through standard ten-digit long-code phone numbers.

What information is needed for A2P 10DLC registration?

Registration commonly includes legal business details, website and contact information, campaign use case, opt-in flow, sample messages, expected volume, links, and HELP and STOP behavior.

Does A2P registration replace consumer consent?

No. Registration identifies the sender and messaging purpose. It does not replace appropriate consent, disclosures, opt-out handling, or compliance with applicable law.

What records should an SMS sender keep?

Keep the consent source, disclosure, timestamp, program joined, message history, confirmation activity, opt-out history, and complaint or support records.

What happens when a recipient replies STOP?

The sender should suppress future messages from the relevant program, record the opt-out, and send only the confirmation or other communication permitted by the applicable workflow and rules.

Launch a more organized A2P messaging program

Register the sender, document permission, manage opt-outs, monitor campaign health, and maintain clear compliance records.

Start your SMS program

Ready to Turn SMS Into Real Growth?

You’ve seen the potential with SMS marketing now take the next step. Start a free trial today or book a quick demo to see TextBlast.pro in action.

Start Free Trial

SMS Marketing by Industry

Browse sms marketing resources by industry.