Below is a recap of the essential regulatory updates for contact compliance professionals for February.   

This is a marketing blog and is not intended, nor should it be interpreted, as legal advice. Please seek legal counsel for full interpretations of all rules and laws outlined in this blog.

Reassigned Numbers Database: Key Data Hygiene Tool and Emerging Enforcement Priority 

The Federal Communications Commission (FCC)’s Reassigned Numbers Database (RND) launched in 2021 and identifies telephone numbers that have been permanently disconnected and reassigned. Carriers must report reassigned numbers monthly, and fines apply for inaccuracies, delays, incomplete filings, or failure to submit “no data” reports. Businesses pay a small fee per query, and if a number returns a “no data” result from the RND, TCPA safe harbor protections apply—shielding them from liability for wrong-number claims.

In December 2025, in a surprising new role for RND, the FCC paired the Robocall Mitigation Database (RMD) and RND to identify bad traffic, then target bad actors. That RND and RMD “partnership” yielded 9 consent decrees against providers for reassigned number robocall violations. On its own, RMD initiatives shut down 1,300+ carriers last year. 

In another turn of events, RND has been mandated in a recent court settlement to prevent wrong number violations from happening again: 

Gen Digital (Jackson v. Gen Digital, D. Ariz. Jan 2026) 

$10 million TCPA class settlement for ~300K prerecorded LifeLock alerts to non-customers/reassigned cellular numbers (2021-2025). Calls were ID theft warnings for prior owners, not marketing. Terms mandate RND scrubbing to prevent recurrence. 

Wrong number cases, in general, are increasingly common. Including RND certification as a settlement provision is a relatively new twist. But it’s starting to happen – here’s another one: 

Javarius Puckett v. Western Express, Inc. Case No. 25C1496 

$1.25M TCPA class settlement over autodialed/prerecorded text calls to reassigned numbers without consent (2020-2025). Requires RND subscription for future truck driver telemarketing. Pending final approval. 

Here’s the official “agreed upon” settlement provision:

Regular RND and DNC scrubbing significantly boosts connect rates, cuts complaints, and shields against TCPA litigation for calls and texts. Monthly data hygiene ensures defensible outbound contact. 

Gryphon AI automates RND for seamless compliance.

CFPB Complaints Reached Record Levels in 2025

Does this mean complaints were “too easy” to file?  

The Consumer Financial Protection Bureau (CFPB) received a record number of consumer complaints in 2025, with debt collection cases sharply climbing to approximately 208,000, making 7% of total complaints. Credit reporting complaints dominated at around 4.8 million.  

Consumers most often reported “attempts to collect debt not owed” (45% of debt collection complaints), citing unrecognized debts, identity theft, or calls/texts to reassigned numbers. Harassment via repeated calls and texts, plus ignored cease requests fueled the rise, up fourfold since 2023. Businesses making outbound phone, text, or email contact face heightened TCPA/FDCPA risks, even with 97% company response rates.  

CFPB’s January 30 Federal Register notice seeks comments on renewing its Consumer Response Intake Form, processing 6 million submissions yearly. Trade groups like CDIA propose hurdles:  

• Two-factor authentication limits per phone 
• IP restrictions 
• Mandatory demographics 

The National Consumer Law Center (NCLC) argues this protects credit bureaus (Experian, Equifax, TransUnion) from volume – and may extend to debt collectors. NCLC warns that added barriers could disproportionately silence low-income and elderly filers, shielding furnishers from accountability. 

Fewer complaints can reduce regulatory scrutiny and operational friction for outbound teams—but slow dispute resolution creates downstream risk, customer frustration, and compliance exposure. Proactively scrubbing numbers against the RND and DNC before outreach helps prevent “not owed” and wrong-party disputes at the source, reducing complaints while protecting customer trust. Gryphon AI’s RND certification ensures your organization qualifies for TCPA safe harbor protections, enabling compliant outreach without sacrificing speed or performance.

When “Subscribers” Aren’t Real: FCC’s Lifeline Findings  

Recent work by the Federal Communications Commission (FCC)’s Office of Inspector General (OIG) uncovered serious integrity problems in the Lifeline program, including payments on accounts tied to deceased individuals and duplicate enrollments across multiple states. Investigators found carriers were still receiving support for subscribers who were no longer eligible – or no longer alive – because basic identity and eligibility checks failed.  

“Between 2020 and 2025, Lifeline Providers in opt-out states sought and received nearly $5 million in reimbursements from FCC for deceased individuals” – FCC OIG Advisory Regarding Deceased and Duplicate Lifeline Subscribers

These are not abstract bookkeeping errors; they are improper disbursements of federal funds, and the FCC expects that money back from the carriers that claimed it. If you are being paid with federal dollars, you must be able to prove every “subscriber” is real, unique, and legitimately entitled to the service. 

Source: FCC OIG Advisory Regarding Deceased and Duplicate Lifeline Subscribers

For outbound contact programs, the Lifeline advisory and the FCC OIG’s FY 2026 Challenges Report points in the same direction: regulators now see identity, data quality, and program integrity as frontline compliance, not backoffice detail. The Lifeline finding that support flowed to deceased and duplicate “subscribers” is a stark reminder that weak verification can just as easily corrupt your consent logs, dialer lists, and texting databases. 

The OIG report (page 11) also calledout heightened enforcement on robocalls, scams and fraud:

Recommendations for contact compliance teams: 

• Treat identity, number validation, and status checks as core TCPA/TSR and text controls, especially at enrollment and before large campaigns. 
• Build monitoring that flags patterns regulators would view as “abuse,” such as repeated use of the same contact details, unexplained spikes in activations, or optout behavior that does not match your documented consent. 
• Tie these practices to the OIG’s emphasis on data governance, cybersecurity, and safeguarding federal programs, and reflect that alignment in written policies, testing, and leadership reporting. 

In practical terms, every outbound call and text should be backed by accurate identity, a valid number, and a defensible consent record, and you should be able to prove it. 

FCC Tightens RMD Rules and Highlights STIR/SHAKEN Wins; March 1 is Important for Contact Compliance 

The Federal Communications Commission (FCC) strengthened Robocall Mitigation Database (RMD) rules (effective February 5, 2026) and reminds filers of steep fines for errors like false info ($10K) or late updates ($1K daily until fixed). These steps aim to keep illegal robocalls off networks. 

Key RMD Changes and Deadlines 

• Profile Updates: CORES registration info must reflect changes within 10 business days; violations trigger $1K daily fines until fixed (CORES data auto-populates, so delays compound risks) 
• Annual Recertification: Due March 1, 2026 (and every March 1 thereafter) with a $100 filing fee. Late or inaccurate filings face $10K base penalties. 
• Security and Enforcement: Two-factor authentication rolls out; “red-light” rule blocks delinquent providers from originating traffic.  
• MVNOs Now Required: On February 20, 2026, the FCC issued a Public Notice  mandating Mobile Virtual Network Operators (MVNOs) (voice service resellers) to file RMD certifications and robocall mitigation plans, effective since Feb. 26, 2024. MVNOs must respond to traceback requests within 24 hours, include know-your-customer (KYC) processes in plans, and face RMD removal/blocking for non-compliance, aligning with all voice providers. 

The FCC’s December 2025 report celebrates STIR/SHAKEN progress: over 1,200 providers blocked in 2025 via phased enforcement; initial/final orders, public notices, then RMD removal, slashing scam calls. Large U.S. carriers now exceed 95% implementation, but gateway providers remain a weak link for foreign fraud. Calls with valid attestations mean higher answer rates for legit calls. 

Voice providers must certify mitigation/STIR/SHAKEN accurately or risk phased takedown: warnings, cure periods (e.g., 14 days), public notices, then network blocks. Daily audits and CORES syncs are essential to stay listed. 

Businesses with outbound programs such as telemarketing calls, debt collection texts, appointment reminders, grind to a halt if carriers slip (the FCC posts warnings publicly). Email and SMS campaigns often share infrastructure with voice and may be impacted by same outage risk. Monitor provider notices quarterly, demand RMD status, and prep backups. No compliant carrier, no reach. 

Key Takeaways

• RMD failures disrupt reach via public enforcement phases
• Confirm partner RMD status and recertification plans today
• Lock in compliance before March 1 to stay connected

AI Regulation Tug-of-War: Federal Retreat, State Advance with Washington State Spotlight on Chatbots 

State and federal regulators are moving in opposite directions on AI, and contact-centric businesses now sit squarely in the middle of that tension. Washington State is emerging as one of the clearest examples of how that push and pull will shape day-to-day compliance for telemarketing, texting, and email programs. 

Federal Pullback, State Acceleration 

The Trump administration’s December 2025 executive order directs agencies to pursue a “minimally burdensome” national AI framework and created a DOJ AI Litigation Task Force to challenge state AI laws viewed as barriers to innovation. DOJ has signaled it will attack state statutes on preemption and interstate commerce grounds, explicitly targeting the growing patchwork of AI regulations. At the same time, federal enforcement is narrowing toward cases involving demonstrable consumer harm, not just theoretical risks from neutral AI tools. 

States are moving in the opposite direction. New York’s new RAISE Act and related transparency laws require AI developers and deployers to publish safety protocols and undergo audits, with significant penalties for noncompliance. State attorneys general have also formed bipartisan AI task forces and coalitions, stressing that in the absence of federal guardrails they “can’t wait” to protect consumers from harmful chatbots, deepfakes, and other AI abuses. 

Washington’s AI Roadmap Targets Contact Channels 

Washington’s AI Task Force has proposed detailed guardrails, including NIST-aligned ethics principles, public transparency on training data, and heightened governance for “high-risk” AI systems impacting health, safety, or rights—explicitly warning that unregulated AI entrenches discrimination and erodes privacy. 

Governor Ferguson backs companion bills (SB 5984/HB 2225) aimed at AI chatbots, requiring self-harm detection, sexually explicit content blocks for minors, and recurring AI disclosures every 3 hours (hourly for youth) – enforceable under the Consumer Protection Act.  

Direct Impact on Calling, Texting, Email 

These rules hit contact compliance head-on: 

• Texting/Email: SMS/email chatbots for debt reminders or lead nurturing must display “clear and conspicuous” AI reminders, layering onto TCPA consent and opt-out rules – noncompliance risks state AG action atop federal penalties.  
• Calling: AI scripting robocalls or selecting lists qualifies as “high-risk,” demanding governance disclosures that align with FCC robocall rules and TSR transparency.  
• Cross-Channel: Predictive dialing + AI chat follow-ups need bias audits and youth safeguards to avoid discriminatory targeting or manipulative engagement violations. 

For AI-driven outbound programs, federal preemption is no compliance free pass. Enterprises must embed AI disclosures, data governance, and high-risk controls now to navigate Washington’s – and other states’ – hardening rules. 

VoIP Numbering Rules Tighten: What Outbound Call and Text Programs Need to Know 

Interconnected VoIP providers are facing a new wave of numbering and certification obligations that directly touch outbound calling and texting compliance. The Federal Communications Commission (FCC)’s December 2025 Third Report and Order in its longrunning “Numbering Policies for Modern Communications” proceeding tightens rules for providers that obtain direct access to NANP numbers, extending uniform robocall, public safety, and national security certifications that previously applied only to postAugust 8, 2024 applicants. 

The accompanying Third Further Notice, summarized in the Federal Register, seeks comment on reclaiming numbers from VoIP providers whose authorizations are revoked (to combat illegal robocalls and fraud) and on possible restrictions tied to the FCC’s national security focused Covered List.  

The Wireline Competition Bureau announced key dates: 

• Comment deadline: March 16, 2026 
• Reply Comments: April 13, 2026 

In parallel, VPS and others are pressing the Commission in the IPtoIP interconnection docket to clarify VoIP’s regulatory status and consider a new category that supports network cost recovery without over broad constraints.  

For brands that depend on high volume calling and texting, this means vetting numbering providers more carefully and making sure your voice and messaging platforms are tightly aligned with TCPA, TSR, and text compliance in daily operations. 

March Holiday Solicitation Bans

Please be aware of the following U.S. holiday telephone solicitation bans for the month of March 2026*:

1. On Tuesday, March 3, 2026, (the Tuesday before Ash Wednesday), the states of Alabama (Mobile and Baldwin counties only) and Louisiana prohibit unsolicited sales and marketing calls in observance of Mardi Gras Day. 

*Other holidays may be proclaimed by the Governor in each state throughout the year. 

Please be aware of the following Canadian holiday telephone solicitation bans for the month of March 2026:

1. On Tuesday, March 17, 2025, unsolicited marketing calls are prohibited to residents of the provinces of Newfoundland and Labrador in observance of St. Patrick’s Day. 

Gryphon AI has updated its existing service parameters to reflect these solicitation bans. Please contact us with any questions at 866-366-6822. 

New York State of Emergency Issued through March 24, 2026 

Consistent with prior communications, Executive Orders declaring disaster emergencies in the State of New York trigger telemarketing restrictions under the Nuisance Call Act.   

The Nuisance Call Act makes it unlawful for any telemarketer to make unsolicited telemarketing sales calls to areas of the state under an emergency declaration.     

Executive Order 57.1 related to healthcare staffing shortages in designated counties, threatening public health and safety, and the ability to provide critical care. Effective through February 24, 2026.  

Executive Order 57 related to extreme temperatures and road treatment for hazardous weather conditions, has been issued effective through March 19, 2026.  

Executive Order 52.6 declaring a State Disaster Emergency in the State of New York arising from concerns due to Federal Actions related to vaccine access, has been issued effective through March 20, 2026. 

Executive Order 58 related to a nor’easter expected to cause hazardous conditions posing imminent danger to public transportation, utility service, public health, and public safety systems throughout multiple counties, has been issued effective through March 24, 2026. 

Gryphon AI has extended State of Emergency blocks for New York to March 24, 2026, to ensure compliance with the above Executive Orders.   

Contact the Gryphon AI Helpdesk with any questions at 866-366-6822.

About Gryphon AI 

Staying updated with the latest regulatory changes is crucial for any enterprise aiming to minimize risk and maximize reach. Gryphon AI is the only automatic, real-time, intelligent contact compliance solution on the market that delivers compliant, real-time intelligence into every customer conversation.      

With Gryphon AI, enterprises can stay ahead of the regulatory curve and efficiently manage all regulatory changes, ensuring seamless compliance and operational excellence.      

To learn more about how Gryphon AI can help you manage these updates, reach out to us today.