SMS Compliance Basics: What Nonprofits Need to Know

This article was provided by Mogli.

SMS, also known as text messaging, is one of the most powerful nonprofit marketing strategies because of its immediacy and personal feel. When supporters receive a text message from your organization, they’re likely to read it right away—much faster than they would read a lengthy email buried in their inbox. They can even respond in seconds to start a two-way conversation.

To tap into these benefits, however, you also have to stay compliant with several SMS regulations. Navigating the landscape of SMS compliance can be confusing, so we’ve compiled a quick guide to introduce the basics.

When an organization or business sends automated text messages to individuals, it’s known as Application-to-Person (A2P) messaging and is subject to several regulations by the Federal Communications Commission (FCC). These rules aim to reduce commercial spam and other types of unsolicited messages for everyday consumers.

SMS marketing laws don’t just apply to businesses—nonprofits, political campaigns, and other organizations using A2P messaging must follow them, too.

Mogli’s guide breaks down the core regulations you need to know:

• Telephone Consumer Protection Act (TPCA): This is the main FCC law that governs mass texting. It protects consumers by regulating robocalls and requiring organizations to get express written consent before texting them.
• CAN-SPAM Act: This act requires businesses to clearly identify themselves in text messages, honor opt-outs, and only text individuals they already have relationships with.
• Cellular Telecommunications & Internet Association (CTIA): Although not an official regulatory body, this organization provides widely accepted best practices for text messaging.
• California Consumer Privacy Act (CCPA): Businesses that text individuals in California must follow additional data protection laws.

You should familiarize yourself with all of these regulations before you start texting. However, the most important guidelines concern collecting consent via opt-ins, protecting consumer data, and allowing any recipient to opt out of your messages.

Registered 501(c)(3) organizations are exempt from a few aspects of the above regulations. Most notably, nonprofits only need “express consent” (rather than “express written consent”) to send SMS messages, meaning that you can technically text anyone who has given your nonprofit their phone number directly.

However, it’s still best to get express written consent from all donors before texting them. This extra step ensures that your supporters aren’t surprised when they see a text and prevents them from receiving unwanted messages.

Additionally, SMS regulations are complex and subject to change, so you should consult legal counsel or a regulatory compliance team if anything is unclear.

It may not be as detrimental as getting your 501(c)(3) status revoked or losing the ability to solicit donations, but you can incur significant fines and lose donors’ trust if you’re not compliant with SMS regulations. Specifically, not complying with the TPCA can result in fines of $500 to $1500 per violating text message.

While you can technically start messaging anyone who’s given your nonprofit their phone number, it’s safer to only text supporters who opt in to receive texts in writing. Therefore, setting up compliant opt-in opportunities should be a core part of your text marketing strategy.

Fortunately, there are plenty of ways to get opt-ins from your donors. Common tactics include:

• Checkboxes on donation and sign-up forms: Add a line at the bottom of your donation, event registration, and volunteer sign-up forms that says, “I want to receive text messages from [Your Nonprofit] about [XYZ].” By checking this box, donors can easily give their written consent to receive your texts.
• Pop-up forms on your website: Consider prompting website visitors to opt in with a basic pop-up box. Businesses more commonly use this strategy to offer deals to those who sign up for texts, but it can work well for nonprofits, too.
• Opt-in keywords: Set up a unique keyword and short code with your SMS provider that anyone can text to opt in. Then, promote the keyword across marketing channels. For example, you might create social media graphics that read “Text ADVOCATE to 55555 to receive our latest updates and calls to action via text!”
• QR codes on flyers and at events: According to re:Charity, QR codes are much more convenient for donors than written links, and they’re easy to set up through free QR code generation websites. All supporters have to do is scan the code to opt in!

For an added layer of security, you can also implement a double opt-in strategy. This way, no matter how supporters sign up for your texts, they’ll receive a confirmation message that asks them to confirm their opt-in (typically by replying “YES”).

Double opt-ins instill more trust in your audience and reduce the number of opt-outs you may get down the line. By adding the extra step, you’ll ensure that no one signs up for your messages by accident and that every recipient understands what they’re opting into. If someone doesn’t respond to your double opt-in request, remove them from your SMS list.

After collecting opt-ins, your organization must make it easy for supporters to opt out of your messages at any time. This aspect of SMS compliance is simple.

To stay compliant with opt-out regulations, all you need to do is:

• Include opt-out language in all your messages, such as “Text STOP to opt out” or “STOP2END.”
• Remove contacts who opt out of your SMS list. You should keep supporters’ contact information if they’ve given it to you, but make sure to take them off any texting lists and automated SMS workflows.
• Stop texting those numbers unless they decide to opt in again in the future.

Honoring opt-outs is much easier and less prone to errors with automation software. For instance, you can use a TPCA-compliant bulk texting app to automatically remove contacts from your opt-in list when they opt out, handling the whole process for you. These tools can also automate double opt-ins, text message personalization, and entire SMS marketing streams.

Remember, these are only the basics of SMS compliance. You may also need to update your privacy policies, invest in A2P texting software, and audit your current contact list before you start texting. The right partner will make staying compliant simple, but it’s ultimately up to your organization to understand and follow these rules.