How to disclose caller identity at the start of a call legally

TCPA and FTC rules require you name yourself and your company within the first few seconds of every outbound call. Here's exactly what to say and why it matters.

LeadCompliant Team
23 min read
In This Article

Last updated 2026-07-11

Person on office phone call making required caller identity disclosure
Person on office phone call making required caller identity disclosure

TL;DR

Federal law under 47 U.S.C. § 227 and FTC rules at 16 C.F.R. § 310.4(d) require every outbound telemarketing call to disclose the caller's name, the company the call is made for, and a phone number or address that reaches the company, all within the first few seconds. Skip or fudge any piece and you open the door to TCPA suits and FTC penalties up to $51,744 per violation.

What does the law actually require you to say at the start of an outbound call?

You have to satisfy two federal frameworks, and they overlap without being identical.

The Telephone Consumer Protection Act (47 U.S.C. § 227) bars any outbound telemarketing call that fails to disclose the caller's identity at the beginning of the call [1]. The statute never counts the seconds. FCC orders and FTC guidance treat the first substantive moment of the call as the window, and if your rep works through a pitch before saying who they are, you are already exposed.

The FTC's Telemarketing Sales Rule (TSR), at 16 C.F.R. § 310.4(d), goes further with a three-part rule [2]. The caller must promptly disclose the identity of the seller, that the purpose of the call is to sell goods or services (when it is), and the nature of those goods or services. "Promptly" is the word that does the work. The FTC reads it to mean before any sales pitch starts.

So the minimum compliant opening sounds like this: "Hi, this is [Your First Name] calling on behalf of [Legal Company Name]. I'm reaching out because we help businesses with [short description of product or service]. Is this a good time?" That single sentence hits all three TSR prongs and the TCPA identity requirement in one breath.

Non-telemarketing calls are different. Appointment reminders and debt collection still trigger the TCPA identity rule, but not the TSR's goods-and-services disclosure. You still have to say who you are and who you represent.

What counts as "the beginning of the call" under TCPA rules?

The FCC never published a hard second-count, and that gap is exactly where teams talk themselves into trouble. They read the silence as flexibility. It isn't.

The FCC's 2012 Report and Order (FCC 12-21) confirmed that identity has to come out before any substantive exchange that could pass for a sales presentation [3]. Open with three rapport-building questions that surface a pain point before you name your company, and a plaintiff's lawyer will argue you buried your identity on purpose. That argument has won.

Treat "the beginning" as the first full sentence out of your rep's mouth after the contact answers. Not the second. Not after the soft opener. The first sentence. Some compliance officers push the company name into the very first clause, which is the safest read. "Hi, I'm Sarah from Acme Solutions" is clean. "Hi, how are you today? Great, I'm Sarah from Acme Solutions" is probably fine but hands the other side a sliver of an argument you never needed to create.

Prerecorded messages get held to a stricter standard. The FCC requires prerecorded calls to identify the business or individual responsible for the call at the beginning of the message and again at the end [3]. Twice. Once at the start, once at the close. Plenty of teams nail the opener and forget the closer entirely.

Does caller ID count as the identity disclosure, or do you have to say it out loud?

Caller ID does not stand in for a spoken disclosure. Full stop. You have to say it out loud, in the call.

The TCPA and TSR both assume an affirmative spoken disclosure, not a passive signal on a screen. The FTC's TSR compliance guidance is direct on this: a company name shown on caller ID does not satisfy the prompt disclosure requirement, because not everyone sees or trusts caller ID and the disclosure has to happen inside the call itself [10].

Caller ID drives a separate TCPA prohibition. Under 47 U.S.C. § 227(e), transmitting caller ID that does not accurately reflect the originating number, or that is built to mislead, is its own violation carrying civil penalties up to $10,000 per violation [4]. So the rules cut two ways at once. Your caller ID has to be accurate, and your verbal disclosure still has to happen no matter what the screen shows.

Teams often ask about showing a trade name on caller ID while the rep uses the legal entity name out loud. That mismatch is usually fine, as long as both names tie to the same real entity and neither is designed to confuse. If your DBA and your legal name look nothing alike, have a lawyer review the setup before you dial.

What information must you give if someone asks who you are or asks you to stop calling?

If a contact asks who you are, you owe them a complete answer on the spot. The TSR at 16 C.F.R. § 310.4(d)(3) requires that during any call the seller or telemarketer provide, on request, the name of the individual caller and the name, address, and telephone number of the seller [2]. Someone who asks "who is this exactly" or "what company are you with" gets the full answer immediately. Stalling, dodging, or handing over half of it is a violation.

The do-not-call piece sits on top of that. Under 16 C.F.R. § 310.4(b)(1)(iii)(A), a seller must keep a company-specific do-not-call list and give out a company-specific DNC number during the call to anyone who asks [2]. That number has to actually work. A dead line or a voicemail nobody checks is the same as having no process at all.

You can see how company-specific DNC duties fit with the national registry in our do not call list guide.

The FTC has gone after companies that gave real names but fake or dead callback numbers. Identity disclosure is more than saying a name. It includes a contact point someone can actually reach.

Do prerecorded and robocall messages have different disclosure rules?

Yes. They are stricter in one specific way: you have to identify yourself twice.

For prerecorded telemarketing calls, the FCC's rules require the business name (or the name of the individual responsible for the call) at both the start and the end of the recorded message [3]. The 2012 Report and Order called this out so consumers know who called even when they miss the top of a message. Voicemail drops get this wrong constantly.

Prerecorded calls also have to include a telephone number that lets the called party make a do-not-call request during regular business hours [3]. That number cannot be a toll call. No hiding the opt-out behind a 900-number or a premium-rate line.

AI voices changed nothing about the disclosure. The FCC's February 2024 declaratory ruling made clear that AI-generated voices in robocalls fall under the existing TCPA robocall consent rules [5]. The identity disclosure rules apply the same way. There is no carve-out because a machine spoke the words instead of a person.

Live-agent calls placed with an auto-dialer follow the same disclosure rules as any manual call. The dialer never changes what the human rep has to say the moment the contact picks up.

What are the real penalties if you get the identity disclosure wrong?

The TCPA pays plaintiffs $500 for each negligent violation and $1,500 for each willful or knowing one [1]. There is no per-plaintiff cap in a private suit, and class certification is common in TCPA cases. That is the math that turns one scripting mistake into a seven-figure problem.

Look at the litigation. TCPA class actions against companies with systemic disclosure failures have produced large settlements. The cash app tcpa class action settlement and the credit one tcpa settlement show how fast exposure climbs when the alleged violation touches high call volume. Neither turned solely on identity disclosure, but both show that TCPA failures are not hypothetical.

The FTC has its own civil penalty authority under the TSR. As of 2024, TSR civil penalties reach $51,744 per violation, adjusted annually for inflation [6]. The FTC can also seek injunctions and consumer redress.

State attorneys general can bring parallel cases under their own telemarketing statutes, many of which track the TSR but carry separate penalty schedules.

Here is the practical risk that gets underrated: a missing or misleading identity disclosure is often what flips a manageable complaint into a willfulness finding. A court that sees your team was trained to stall before naming the company, or scripts written to blur identity, will reach for the $1,500 number instead of the $500 one.

Key TCPA and TSR penalty thresholds for caller identity violations Per-violation figures callers need to know before dialing $500 TCPA: negligent violation (… call) $1,500 TCPA: willful/knowing viola… call) $10k Caller ID spoofing: civil penalty (per violation) $52k TSR: civil penalty per violation (2024) Source: 47 U.S.C. § 227 [1]; FTC Civil Penalty Adjustments [6]

How does this apply to B2B calls versus consumer calls?

The safe answer for B2B: follow the same disclosure rules you would on a consumer call. The distinction sounds meaningful and gets slippery fast.

The TCPA covers calls to residential lines and to mobile phones [1]. Business-to-business calls into a company's general office line traditionally carried lighter TCPA exposure. That is the part people overweight.

The FTC's TSR applies to telemarketing calls whether the recipient is a consumer or a business, with narrow exceptions for calls between two businesses where the recipient is not a consumer in the transaction [2]. For most B2B cold calling, getting the exception wrong costs more than a compliant opening line ever would. So use one.

Mobile phones collapse the distinction entirely. Dial a mobile number and the TCPA's rules apply in full, even when that number belongs to a business contact. Most decision-makers you want to reach answer a cell. Assume TCPA applies to every one of them.

For the broader mechanics of compliant outbound calling, the cold calling and cold call guides cover the wider framework.

What should the exact script language look like to be compliant?

Here is a compliant opening built around the TSR's three prongs and the TCPA's identity rule. This is not legal advice, and your own counsel should review your final scripts, but this structure lands you in the right place.

For a live telemarketing call: "Hi [Contact Name], this is [Rep First Name] calling from [Legal Company Name]. The reason for my call is that we offer [brief description of service or product]. Is this a good time to chat for two minutes?"

For a prerecorded message: "Hello, this is a message from [Legal Company Name]. My name is [Rep or System Name], and I'm calling because [brief purpose]. If you'd like to be removed from our call list, please call [toll-free opt-out number] during business hours. Again, this message is from [Legal Company Name]. Thank you."

Notice the prerecorded version closes with the company name again. That is the FCC's end-of-message requirement, and it is the piece teams forget.

Three things your script must never do: use a fake company name that traces back to nothing, give a callback number that never reaches your DNC team, or describe your product in a way that hides what it is ("we have some information for you" instead of admitting you are selling something).

The LeadCompliant compliance kit includes script templates built around these exact requirements, plus a checklist your team can run before a new campaign goes live.

If you run text message marketing alongside voice, the identity disclosure obligation carries over to SMS, though the mechanism differs from voice.

Are there state-level identity disclosure rules that go further than federal law?

Yes. Several states set a higher bar than the federal floor, and a few enforce it hard.

California: Business and Professions Code § 17592 restricts prerecorded calls and requires disclosures that meet or exceed federal rules. California gives no established business relationship exemption for prerecorded calls to residential numbers [7].

Florida: The Florida Telephone Solicitation Act (FTSA), revised in 2021, imposes consent rules stricter than the TCPA in some respects and carries its own identity disclosure framework for solicitation calls [8]. Florida has a private right of action with $500 per call statutory damages, parallel to the TCPA.

Texas: Business and Commerce Code Chapter 305 governs telephone solicitations and requires callers to identify themselves and the purpose of the call, with the Texas Attorney General holding enforcement authority [9].

The working rule is simple. Find the most restrictive state law that reaches your contact population and build your program to that standard. Call into Florida and California regularly and your scripts have to satisfy those states, above the federal baseline. A call that clears the TCPA can still draw a Florida FTSA claim.

Which states' cell numbers you dial matters for the mobile phone do not call list question too, since state DNC rules often tie back to identity disclosure.

What records do you need to keep to prove your disclosure was made?

This is where small outbound teams have their biggest gap. Making the disclosure is step one. Proving you made it is what wins the case.

For prerecorded and autodialed campaigns, keep the audio file of the message (dated and versioned), the list of numbers called in each batch, the timestamp of every dial, and the call disposition (answered, voicemail, no answer). Hold these for at least four years to cover the TCPA's statute of limitations and the TSR's retention rule [2].

For live-agent calls, the standard moves are call recording (with proper notice, since many states require two-party consent), script version control so you can prove what the rep was trained to say on a given date, and CRM call logging. Script version control is the one nobody does. If a plaintiff claims your rep never named the company, and you can hand over the training records, the recording, and the versioned script requiring that exact language, your defense gets a lot stronger.

The TSR's record retention rules at 16 C.F.R. § 310.5 require sellers to keep records of advertising and promotional materials and verifiable authorizations for 24 months [2]. Treat call scripts and recording samples as advertising materials and retain them accordingly.

If you use any dialing technology to run outbound volume, confirming your system logs meet these retention rules is a good first move. LeadCompliant's free compliance checkers at leadcompliant.com can flag gaps in your documentation.

How do FCC enforcement actions define what "misleading" caller identity looks like?

The FCC's enforcement docket shows the line better than any statute. The FCC has issued forfeiture orders against companies that transmitted caller ID showing a different entity than the actual caller, used numbers tied to government agencies, or cycled through numbers belonging to unrelated businesses [4].

The Truth in Caller ID Act, at 47 U.S.C. § 227(e), prohibits causing any caller ID service to transmit misleading or inaccurate information "with the intent to defraud, cause harm, or wrongfully obtain anything of value" [4]. Intent carries weight here. An accidentally off number is different from deliberately spoofing a local area code to make a call look local. The FCC treats those differently, but both can draw a look.

If you run local presence dialing (showing a local number for each market), know that the FCC has flagged concern about local presence that leaves answered calls with a displayed number nobody can call back. The FCC's 2024 one-to-one consent rulemaking also touched caller ID transparency in lead generation calls [5]. The direction points toward more transparency, not less.

The safe position: your caller ID should show a number that ties to your company, can be called back to reach your team or a working DNC opt-out, and displays a CNAM entity name that matches or clearly relates to the company your rep names on the call.

A pass through the tcpa fundamentals is a good baseline before you build out your caller ID and disclosure process.

Frequently asked questions

Do I have to identify myself by full name or just my company name at the start of a call?

The TSR requires the name of the seller and allows, but does not always require, the individual caller's name. The TCPA requires disclosure of the caller's identity, which courts and the FCC read to include the company. Best practice is to give both your first name and company name. It is one sentence and it removes all ambiguity. A first name with no company is a likely violation.

What happens if I'm calling on behalf of a client, not my own company? Whose name do I disclose?

Both. You disclose your name (or your company's name as the calling agent) and the name of the seller or principal you are calling for. The TSR at 16 C.F.R. § 310.4(d) requires disclosure of the seller's identity, above the calling agent's identity. If you are a third-party lead gen firm or outsourced sales team, name the client company clearly.

Can I use a script that opens with a question before identifying myself?

You can ask 'Is this [Contact Name]?' before identifying yourself, since confirming you reached the right person is not a substantive sales act. But anything that reads like rapport-building or qualification before the disclosure is risky. The FTC expects the disclosure to come promptly, and a pattern of delaying it after you confirm contact draws scrutiny. Disclose the second you know you reached the right person.

Does the identity disclosure rule apply to voicemails left after the call goes unanswered?

Yes. Leave a voicemail for a telemarketing purpose and the TSR and TCPA identity requirements apply to that message. You must give your name, your company, and a callback number. For prerecorded voicemail drops, the FCC requires the company name at both the beginning and the end. A voicemail that just says 'call us back at this number' with no entity identification is a violation.

Is the rule different for calls to cell phones versus landlines?

The identity disclosure requirements are the same for both. What differs is the consent and dialing-technology rules that decide whether you can call the number at all. Cell phones carry stricter TCPA consent rules for autodialed or prerecorded calls. But once you are live with a cell or a landline user, the disclosure duty is identical: name yourself and your company promptly.

What if the contact hangs up before I finish the disclosure? Am I still in violation?

If the call lasted a second or two and the contact ended it before you could speak, you almost certainly are not in violation, because no meaningful call took place. Courts look at whether a substantive call happened. The real risk is reaching contacts and delivering a pitch before or without any disclosure. Document your scripts and training to show your process requires immediate disclosure.

Do I need to disclose a physical address at the start of every call?

No. You do not have to volunteer an address in every opening line. The TSR requires you to provide an address on request during the call. Some companies include it anyway, which is fine. What you must give without being asked is your company name and a reachable phone number. Address becomes mandatory only when the contact asks, and then you provide it immediately.

How does TCPA caller identity disclosure interact with the National DNC Registry?

They are separate obligations. Scrubbing against the National DNC Registry governs whether you can make the call at all. Identity disclosure governs what you say on a call you are allowed to make. You can violate one without the other. A call to a non-DNC number with no proper identity disclosure is still a TCPA problem. See our do not call list guide for the registry side.

Can AI voice agents or chatbot dialers satisfy the identity disclosure requirement?

Yes, but the AI agent has to make the same disclosure a human would. The FCC's February 2024 declaratory ruling confirmed AI-generated voices in robocalls fall under existing TCPA robocall rules. The AI script must identify the company and caller identity at the call's start. Some states are adding AI-specific requirements on top, including a duty to state that the call is AI-generated.

If I'm calling to collect a debt rather than to sell something, do the same disclosure rules apply?

The TCPA's identity disclosure requirement applies to outbound calls generally, above just telemarketing. The TSR's goods-and-services disclosure does not apply to debt collection, but the Fair Debt Collection Practices Act (FDCPA) has its own identity and purpose disclosure requirements at 15 U.S.C. § 1692d and § 1692e. Debt collection calls must identify the caller and the debt collection purpose without misleading the consumer.

What is the statute of limitations for TCPA identity disclosure violations?

The TCPA carries a four-year federal statute of limitations under 28 U.S.C. § 1658, which applies because the TCPA is a federal statute. Some plaintiffs add state law claims that run on their own clocks, sometimes shorter, sometimes longer. The practical takeaway: keep call records, scripts, and training documentation for at least four years to defend against any claim that surfaces.

Generally yes, as long as the DBA is a legitimately registered trade name tied to your company and not built to confuse the contact about who they are dealing with. The FCC and FTC look at whether the name lets the consumer identify and reach the company. A widely recognized DBA tied to a real, traceable entity passes. A made-up name nobody can verify does not.

How do I get on the do-not-call list to stop unwanted calls myself?

Register at donotcall.gov, the FTC's official National Do Not Call Registry. Registration is free and takes effect within 31 days for most telemarketers. Your number stays on the list permanently unless you remove it. For detail on how to access or use DNC list data as a caller, see our how do i get the do not call list guide.

Are there specific FCC or FTC safe harbor provisions for identity disclosure mistakes?

No formal safe harbor exists for identity disclosure failures the way it does for some DNC violations. The TCPA's established business relationship exemption does not excuse a failure to disclose identity. Your best protection is a documented compliance program showing trained reps, scripts that required proper disclosure, and a monitoring process. Courts weigh good-faith compliance when assessing willfulness, which decides whether damages run $500 or $1,500 per call.

Sources

  1. U.S. Code, 47 U.S.C. § 227, Telephone Consumer Protection Act: TCPA prohibits outbound telemarketing calls that do not disclose caller identity at the beginning of the call; statutory damages are $500 per violation and $1,500 for willful violations
  2. FTC, Telemarketing Sales Rule, 16 C.F.R. Part 310: TSR 16 C.F.R. § 310.4(d) requires prompt disclosure of seller identity, call purpose, and goods/services nature; § 310.4(b)(1)(iii)(A) requires company-specific DNC number; § 310.5 sets 24-month record retention
  3. U.S. Code, 47 U.S.C. § 227(e), Truth in Caller ID Act: Transmitting misleading or inaccurate caller ID with intent to defraud is prohibited; civil penalties up to $10,000 per violation
  4. FTC, Adjustments to Civil Penalty Amounts (16 C.F.R. § 1.98): As of 2024, TSR civil penalties can reach $51,744 per violation, adjusted annually for inflation
  5. California Legislative Information, Business and Professions Code § 17592: California imposes restrictions on prerecorded calls to residential numbers with no established business relationship exemption
  6. Florida Legislature, Florida Telephone Solicitation Act (FTSA), F.S. § 501.059: Florida's revised 2021 FTSA includes its own identity disclosure framework and a private right of action with $500 per call statutory damages
  7. Texas Legislature, Business and Commerce Code Chapter 305, Telephone Solicitation: Texas requires telephone solicitation callers to identify themselves and the purpose of the call, with AG enforcement authority
  8. FTC, Complying with the Telemarketing Sales Rule: FTC guidance states that displaying a company name on caller ID does not satisfy the TSR's prompt disclosure requirement because disclosure must be made in the call itself
  9. U.S. Code, 15 U.S.C. § 1692d and § 1692e, Fair Debt Collection Practices Act: FDCPA requires debt collection callers to identify themselves and the debt collection purpose without misleading the consumer
  10. U.S. Code, 28 U.S.C. § 1658, Federal Statute of Limitations: TCPA claims carry a four-year federal statute of limitations
  11. FTC, National Do Not Call Registry, donotcall.gov: Consumers can register numbers on the National DNC Registry for free; registration takes effect within 31 days

Disclaimer: LeadCompliant is a compliance review tool, not a law firm. We do not provide legal advice. Consult with a TCPA attorney for legal guidance on specific compliance questions. Compliance scores, audits, and risk assessments are informational only.

LeadCompliant Team

LeadCompliant provides expert guidance and tools to help you succeed. Our content is reviewed for accuracy and kept up to date.

Related Articles

Related Glossary Terms

LeadCompliant
Build My Kit