DNC registry complaint: what happens when you file or get reported

Filing a DNC registry complaint can trigger FTC investigations and TCPA lawsuits with $500, $1,500 per-call fines. Here's exactly what happens on both sides.

LeadCompliant Team
24 min read
In This Article

Last updated 2026-07-09

Person at home office desk reviewing paperwork next to a telephone, DNC complaint topic
Person at home office desk reviewing paperwork next to a telephone, DNC complaint topic

TL;DR

A DNC registry complaint filed at donotcall.gov feeds the FTC's enforcement database, which pools reports to build cases against high-volume callers. One complaint alone won't sue anyone, but consumers can file a private TCPA lawsuit worth $500 to $1,500 per call. Singapore runs a separate national DNC registry under the Personal Data Protection Act 2012, with fines up to SGD 1 million.

What is a DNC registry complaint and who handles it?

A DNC registry complaint is a formal report from a consumer saying they got a telemarketing call or text they didn't want, usually because their number sits on the National Do Not Call Registry. In the United States, the Federal Trade Commission runs the registry and collects the complaints. The FTC then shares that data with the Federal Communications Commission and state attorneys general.

The FTC doesn't chase every complaint one at a time. It pools reports to spot patterns. If one company draws hundreds or thousands of complaints from registered numbers, that company climbs the enforcement queue. This pooling model is why individual complainants rarely hear back, and it's also why mass robocall operations get hit hardest.

The FCC enforces the TCPA side, which is 47 U.S.C. § 227. [1] The statute lets the FCC fine carriers and callers directly, and it gives private citizens the right to sue. So one complaint can branch three ways: FTC enforcement, FCC enforcement, and a private civil lawsuit. Most complaints go nowhere. But for a company with a pattern of violations, any one of those branches gets expensive fast.

You file a U.S. complaint at donotcall.gov or by calling 1-888-382-1222. [2] The form asks for your phone number, the date and time of the call, the number that called you, and whether it was a live call or a recording. It takes about three minutes.

How do you file a DNC registry complaint step by step?

Go to donotcall.gov and click the complaint link. It asks whether your number is already registered. If it isn't, you can register and complain at the same time, though registration alone won't stop calls right away. The FTC says a newly added number takes up to 31 days before telemarketers have to honor it. [2]

The form collects your phone number, the date of the unwanted call, the caller's phone number or name if you have it, whether the call was a robocall or a live person, and what the call was selling. No documentation required. Your complaint gets recorded even if you can't identify the caller.

After you submit, you get a confirmation number. Save it. The FTC promises no personal follow-up, but the confirmation means your report is in the system. If a later lawsuit or enforcement action targets the same caller, your complaint may be part of the public record the FTC used to build the case.

A few things people get wrong. Charities, political organizations, survey callers, and companies you already do business with are generally exempt from the registry. [1] Complaining about those calls still helps the FTC's data, but you probably won't see enforcement come from it. And filing with the FTC does not start a lawsuit on your behalf. The private right of action under the TCPA is a separate path, and you'd need an attorney (or small claims court on your own) to use it.

What are the actual penalties for violating the DNC registry?

The FTC can seek civil penalties of up to $53,088 per violation under the Telemarketing Sales Rule (TSR). [3] That figure adjusts for inflation periodically. The FCC, under the TCPA, can impose forfeiture penalties in its own proceedings.

For private lawsuits under 47 U.S.C. § 227(c), the statute says a person who got "more than one telephone call within any 12-month period by or on behalf of the same entity in violation of the regulations prescribed under this subsection" may bring a civil action for up to $500 per violation, trebled to $1,500 if the court finds the violation was willful or knowing. [1] That trebling clause is why plaintiff-side TCPA attorneys take these cases on contingency. A hundred calls to registered numbers is potentially $150,000 in statutory damages.

Enforcement bodyPenalty authorityMax per violation
FTC (TSR)Civil penalty$53,088 [3]
FCC (TCPA)ForfeitureVaries by order
Private plaintiff (TCPA)Statutory damages$500, $1,500 [1]
State AG (varies)Civil penaltyVaries by state

State attorneys general stack their penalties on top of the federal ones. Florida's Do Not Call Act carries its own fine structure. Indiana and Pennsylvania run similar overlay statutes. Run outbound calls across several states and one campaign can trigger liability in multiple jurisdictions at once. We break down the state rules in our pieces on the florida do not call list and indiana do not call list.

The FTC has won billions in judgments against robocallers over the years, though collecting depends on the defendant having assets. In a 2019 action against a Florida-based health insurance robocall operation, the FTC obtained a $120 million judgment. [4] Most small businesses never face numbers that big. But the per-call math means even a modest campaign with sloppy list hygiene can build seven-figure exposure.

DNC and TCPA violation penalties by enforcement body Maximum per-violation penalties across U.S. and Singapore DNC frameworks FTC/TSR civil penalty (per violat… $53k TCPA private suit, willful violat… $1,500 TCPA private suit, standard (per… $500 Singapore PDPC max fine (approx.… $740k Source: FTC (TSR), 47 U.S.C. § 227, PDPA 2012 / PDPC (2021 amendments)

What happens after a complaint is filed against a company?

Nothing happens right away. The FTC's complaint system is a data-collection tool first. Reports get aggregated, analyzed for patterns, and flagged when a particular company or phone number keeps showing up. [2] No automatic investigation fires off a single complaint.

Once a pattern emerges, the FTC can open an investigation, issue a civil investigative demand (essentially a subpoena for records), negotiate a consent order, or sue in federal court. The FCC follows a similar path with its own procedures. Both agencies go after high-volume violators and fraud operations before one-off complainers.

For a company on the receiving end, the real risk often isn't the FTC. It's the plaintiff's attorney who noticed the same calls. TCPA class actions get filed by lawyers who aggregate complaints or who test-call businesses themselves after registering their own numbers. A company often learns it has a TCPA problem not from a government letter but from a lawsuit sitting in federal court.

Get a demand letter or lawsuit alleging TCPA or DNC violations? Hire a lawyer who knows TCPA defense right away. Don't negotiate alone. Courts have been inconsistent on class certification and on what counts as an "automatic telephone dialing system" since the Supreme Court's 2021 ruling in Facebook v. Duguid, [5] which narrowed the definition of an autodialer. Plenty of liability paths stay open regardless.

Can a business get taken off the FTC complaint radar by scrubbing its call list?

Yes. List scrubbing is the most direct way to shrink your DNC complaint exposure before it turns into a lawsuit. The TSR requires covered telemarketers to check their call lists against the National DNC Registry no more than 31 days before each call. [3] Scrub once at launch and then call that same list 90 days later, and you've broken the rule.

The process: create an account at ftc.gov to access the registry for data downloads, or use a third-party scrubbing service. [6] Download the registered numbers for the area codes you're calling. Remove any matches from your list. Document the date you ran the scrub. Repeat before each new dialing cycle once more than 31 days have passed.

Documentation carries the weight here. If you're investigated or sued, a dated scrub log with a record of the data pull is your first line of defense. "We check the list regularly" without records is not a defense. Specific dated records are.

Beyond the federal list, check state-specific DNC registries. Indiana and Pennsylvania, among others, keep separate lists. You scrub both. Our guide on how do i get the do not call list walks through access for the federal list and the main state ones.

For teams building a compliance process from scratch, LeadCompliant's free compliance kit includes a scrub-log template and a checklist of the exemptions you can legitimately claim.

What is the national DNC registry in Singapore and how does it work?

Singapore runs its own Do Not Call framework under the Personal Data Protection Act 2012 (PDPA). [7] The national DNC registry, administered by the Personal Data Protection Commission (PDPC), lets individuals register Singapore phone numbers to opt out of "specified messages." Under the PDPA, specified messages include marketing calls, texts, and faxes sent to Singapore numbers.

Any organization sending marketing messages to Singapore numbers has to check the DNC registry before sending, unless an exception applies. The main exceptions are clear and unambiguous consent from the recipient, or an ongoing business relationship where certain conditions are met. [7]

The PDPC can investigate complaints and impose financial penalties. Before the 2020 amendments to the PDPA, DNC fines were capped at SGD 10,000. After the amendments took effect in 2021, organizations can face fines up to SGD 1 million or 10% of annual turnover for serious breaches. [8] Most DNC-specific actions have landed smaller fines (thousands to tens of thousands), but the ceiling is high.

To file a Singapore DNC registry complaint, a consumer submits a report through the PDPC's online portal at pdpc.gov.sg. The PDPC reviews it, may contact the alleged violator, and can open formal proceedings if warranted. Singapore's model differs from the U.S. system in a real way: the PDPC takes a more direct investigatory role even on individual complaints, while the FTC mostly aggregates. Neither system guarantees any single complainant a response.

Organizations marketing into Singapore from abroad get no free pass. Send SMS or make calls to Singapore mobile numbers as part of a campaign, and the national DNC registry rules apply no matter where your servers or call center sit.

How is the Singapore DNC registry complaint process different from the U.S. process?

The structural differences matter if you run cross-border campaigns, or if you're a U.S. operator curious how another regime handles the same problem. In the U.S., the FTC aggregates complaints and the consumer's main legal tool is the private TCPA lawsuit. In Singapore, the PDPC investigates complaints more directly, and there's no equivalent private right of action for individuals to sue in civil court under the PDPA's DNC provisions. Enforcement is regulator-driven, not plaintiff-attorney-driven. [7]

That changes the risk picture. U.S. TCPA litigation runs on a plaintiff's bar that works on contingency because per-call damages pile up fast. Singapore enforcement depends on the PDPC's priorities and resources. That doesn't make Singapore soft. The PDPC has publicly reprimanded and fined household-name organizations for DNC breaches. The mechanism is just different.

Registry access differs too. U.S. businesses subscribe to the national registry and download number data. In Singapore, organizations don't download the registry. They use PDPC-approved DNC checking services that return a yes/no result for each number. [7] That keeps the underlying data more controlled but makes bulk scrubbing a bit more process-heavy.

FeatureU.S. National DNC RegistrySingapore National DNC Registry
Governing lawTCPA (47 U.S.C. § 227)PDPA 2012
RegulatorFTC / FCCPDPC
Consumer lawsuit rightYes (TCPA private action)No direct equivalent
Max per-violation fine$53,088 (FTC/TSR) [3]SGD 1 million [8]
Registry check methodDownload number listsAPI/approved service
Complaint portaldonotcall.govpdpc.gov.sg

Which calls and texts are exempt from DNC registry rules?

Both the U.S. and Singapore systems carry real exemptions. Getting them right is what separates a clean outbound program from a liability.

Under U.S. law, these categories generally sit outside the National DNC Registry. Political calls: campaigns and PACs are exempt from the TSR's DNC requirements, though the TCPA's autodialer and prerecorded voice rules still apply. Charitable solicitations from nonprofits calling on their own behalf. Survey and research calls, as long as no sales pitch rides along. Calls to existing customers under an established business relationship (EBR), which has limits and can lapse. Calls where the consumer gave written prior express consent. And business-to-business calls, since the DNC registry protects residential numbers (though mobile numbers can be on the registry too). [1]

The EBR exemption trips up companies most often. Under the FTC's rules, a transaction-based EBR lasts 18 months from the last purchase or delivery. An inquiry-based EBR lasts only 3 months from the date of inquiry. [3] Plenty of companies treat old customer lists as permanently exempt. They aren't.

In Singapore, the main exemptions are prior consent (clear, specific, and documented) and an ongoing business relationship, with narrower conditions than the U.S. version. The PDPA also carves out certain non-commercial messages. [7]

For a full breakdown of who can and can't call registered numbers, see our piece on the do not call telemarketer list.

Can companies be fined for complaining themselves, or for filing false complaints?

This one comes up less often, but it comes up. The short answer is no. There's no enforcement mechanism aimed at consumers who file DNC complaints, even if the call turns out to have been technically exempt. The complaint forms say plainly that you don't need to verify exemption status before filing. The FTC investigates, not the consumer.

For businesses, filing a false complaint against a competitor is a different legal matter. That would likely fall under tortious interference or fraud, not DNC law. Nobody in this space has much reason to fabricate complaints, and the FTC's aggregation model means a handful of planted reports wouldn't move the enforcement needle anyway.

What companies should actually watch for is complaints from their own test buyers or from plaintiffs' attorneys running pre-litigation discovery. A single attorney can register dozens of phone numbers, wait for calls from a targeted company, and then file a class action. That isn't a false complaint. It's a legal strategy, and courts have not consistently found it to be abuse of process. [5]

How long does it take for a DNC complaint to result in enforcement action?

Nobody has good data on average time-to-enforcement across all FTC cases, because the agency doesn't publish it. The public record shows that major enforcement actions can take years from first complaint to settlement. The 2019 Florida health insurance case mentioned earlier involved conduct dating back to at least 2015. [4] Smaller cases move faster when the violator cooperates.

Private TCPA lawsuits run on a different, often shorter clock. A plaintiff's attorney who has a viable target can file within months of the offending calls. TCPA cases in federal court carry a four-year statute of limitations under 28 U.S.C. § 1658 (courts have generally applied this period, with some circuit variation). [9] Calls made up to four years ago can still support a lawsuit filed today.

So the risk from a past campaign doesn't evaporate quickly. If your team ran an outbound push two years ago with shaky list hygiene, you're still inside the window.

State enforcement timelines vary. Some state AGs move faster than the FTC, especially in states with strong consumer protection units. Florida and Indiana have been relatively active in DNC enforcement compared to the federal average.

To track how many complaints have been filed in your area or against specific industries, the FTC publishes complaint data reports annually. The ftc do not call list page covers how that data gets used.

What should a company do immediately after receiving a DNC complaint or demand letter?

Stop calling the number in question. That's the first move, full stop. Every additional call after you've been put on notice makes the case worse and can turn a negligent violation into a willful one, which is the gap between $500 and $1,500 per call in statutory damages. [1]

Next, pull your records. When did your system first call that number? How many times? What list did it come from? Was the list scrubbed against the DNC registry, and when? What data version did you use? Document everything before memories fade or logs roll over.

If it's a demand letter from a plaintiff's attorney, don't respond without counsel. These letters often claim wildly high damages to soften you up for a settlement. That doesn't mean they're bluffing about liability, but the opening demand is almost never the final number. Have a TCPA defense attorney review the letter and assess whether the claim has merit.

An inquiry from the FTC or FCC deserves the same seriousness. Both agencies can escalate from informal inquiry to formal investigation. Cooperate professionally, and get counsel involved.

Building a documented compliance program now, before a complaint lands, is far cheaper than reacting to one. Our piece on the do not call list report covers what the FTC expects to see in a company's internal compliance records.

LeadCompliant's one-time compliance kit gives smaller teams a scrub-log template, an EBR tracking sheet, and a consent documentation checklist that would hold up in a TCPA audit.

Are mobile phones protected by the DNC registry?

Yes. Mobile numbers can be registered on the National DNC Registry, and once registered they carry the same telemarketing protections as landlines. [2] There's a stubborn myth that the registry only covers landlines. That was never quite true, and it's definitely not true now.

The TCPA adds a second layer for mobile numbers on top of the DNC registry. Under 47 U.S.C. § 227(b), using an autodialer or prerecorded voice to call a cell phone requires prior express consent, whether or not the number is on the registry. [1] So even an unregistered mobile number, called or texted without consent using an autodialer, violates the TCPA's consent requirement.

This double exposure is why mobile marketing carries more legal risk than landline telemarketing. A registered cell number hit by an autodialed robocall can violate both the DNC registry rules and the TCPA's consent requirement at once. Each call is a separate violation count.

For teams calling into cell phones, see our guide on the mobile phone do not call list for the rules on cell-phone outreach.

Frequently asked questions

Does filing a DNC complaint actually stop the calls?

Filing at donotcall.gov doesn't directly block the caller. It adds your report to the FTC's enforcement database. The only reliable ways calls stop are if the FTC acts against the caller or you pursue a private TCPA lawsuit. If your number isn't already registered, adding it gives telemarketers 31 days to comply. Some callers, particularly scammers, ignore the registry entirely.

How many complaints does the FTC receive about DNC violations?

The FTC received over 1.8 million DNC-related complaints in fiscal year 2023, based on its Consumer Sentinel Network data reports. Robocalls and impostor scams make up the largest share. Volume has shifted toward cell phones as landline use declines. The FTC publishes annual data breakdowns at ftc.gov.

Can I sue a company myself for calling my number on the DNC registry?

Yes. Under 47 U.S.C. § 227(c), if you got more than one telemarketing call within 12 months from the same entity after your number was on the registry, you can file a private lawsuit for up to $500 per call, or $1,500 if the violation was willful. Small claims court works for a few calls. For larger volumes, plaintiff-side TCPA attorneys often take cases on contingency.

What's the difference between a TCPA complaint and a DNC complaint?

A DNC complaint is specifically about getting calls when your number is on the Do Not Call Registry. A TCPA complaint is broader and covers any violation of the Telephone Consumer Protection Act, including autodialing cell phones without consent, sending unsolicited marketing texts, and using prerecorded voices without permission. Many calls trigger both. The FCC handles TCPA enforcement; the FTC handles DNC registry enforcement.

How does a company register to access the national DNC registry?

Covered telemarketers create a Subscription Account Number (SAN) at ftc.gov to access the registry. Fees are based on how many area codes you need. As of 2024, the first five area codes are free; additional area codes cost roughly $80 each per year. You download number data, scrub your lists, and must re-scrub at least every 31 days. Detailed instructions are at donotcall.gov.

Are text messages covered by the DNC registry?

The registry was built around voice calls, but the FTC and FCC treat commercial text messages (SMS) as covered under the TCPA's rules against autodialed messages to cell phones. Marketing texts to numbers on the DNC registry, if sent using an autodialer, can violate both the DNC rules and 47 U.S.C. § 227(b). Courts have generally backed this reading since at least 2012.

How do I file a DNC registry complaint in Singapore?

Singapore consumers submit complaints through the Personal Data Protection Commission's online portal at pdpc.gov.sg. You give your phone number, the date of the unwanted message or call, the sender's identity if known, and a description of the content. The PDPC reviews complaints and may investigate. Unlike the U.S. system, Singapore offers no private right of action; enforcement runs through the regulator directly.

What is the Personal Data Protection Act 2012 in Singapore and how does it relate to DNC complaints?

The PDPA 2012 is Singapore's main personal data law. Part IX sets up the Do Not Call registry framework, requiring organizations to check the registry before sending specified marketing messages to Singapore numbers. The Personal Data Protection Commission enforces both the data protection and DNC provisions. After 2021 amendments, fines for serious breaches can reach SGD 1 million or 10% of annual turnover.

Does the established business relationship exemption protect companies from DNC complaints?

Partially. A transaction-based EBR shields a company from DNC rules for 18 months after the last purchase or delivery. An inquiry-based EBR lasts only 3 months. Once those windows close, the number is fully protected by the registry again. Many companies get burned by treating old customer lists as permanently exempt. If the EBR has lapsed, the call can generate a valid complaint and lawsuit.

What records should my company keep to defend against a DNC complaint?

Keep dated scrub logs showing when you checked your list against the registry and what data version you used. Document the basis for any EBR claims, including transaction date, product, and customer consent. Store records of prior express consent with timestamps and source. The FTC's Telemarketing Sales Rule requires keeping these records for at least 24 months. Courts and regulators expect organized, dated documentation.

Do political calls and charity fundraising calls violate the DNC registry?

Generally no. Political campaigns, PACs, and charities calling on their own behalf are exempt from the FTC's Telemarketing Sales Rule DNC provisions. But if a third-party telemarketing firm makes those calls on behalf of a charity or campaign, the exemption may not cover the firm. The TCPA's autodialer and prerecorded voice rules still apply to political and charitable callers regardless of DNC exemption status.

How is the DNC registry complaint process different for B2B calls?

The National DNC Registry protects residential telephone numbers only. Calls to business numbers fall outside the registry's opt-out framework. But if a business employee uses a mobile phone for work and that number is personally registered on the DNC list, courts have handled the ambiguity differently by jurisdiction. B2B calling is not a blanket exemption from the TCPA's autodialer consent rules.

Can a company face DNC penalties even if it outsourced its calling to a vendor?

Yes. The FTC and courts have held companies liable for DNC violations committed by vendors calling on their behalf. The test is whether the company had direct control or authority over the calling practices. Outsourcing does not transfer liability. Companies that hire calling vendors should contractually require DNC compliance, audit vendor scrub logs, and document their oversight. 'My vendor did it' is not a complete defense.

What's the fastest way to check if a number is on the DNC registry?

The FTC's subscription system lets you download full number lists by area code for your call lists. For spot-checking individual numbers, third-party compliance tools and lead verification platforms offer real-time DNC lookups. You can also review the government access process through the FTC's donotcall.gov portal, which covers both bulk and individual lookup options for registered telemarketers.

Sources

  1. U.S. Congress, Telephone Consumer Protection Act, 47 U.S.C. § 227: Statutory text establishing $500–$1,500 per-violation private right of action under 47 U.S.C. § 227(c) and prohibition on autodialed calls to cell phones without consent under § 227(b)
  2. FTC, National Do Not Call Registry: Registration takes up to 31 days before telemarketers must honor it; complaint filing process and instructions
  3. FTC, Telemarketing Sales Rule, 16 CFR Part 310: TSR requires scrubbing call lists against DNC registry within 31 days before each call; civil penalties up to $53,088 per violation; EBR windows of 18 months (transaction) and 3 months (inquiry)
  4. FTC, Press Release: FTC Stops Health Insurance Robocallers: FTC obtained $120 million judgment against Florida-based health insurance robocall operation, referenced as a 2019 enforcement action
  5. U.S. Supreme Court, Facebook, Inc. v. Duguid, 592 U.S. 395 (2021): Supreme Court narrowed the TCPA's definition of an automatic telephone dialing system in 2021, limiting autodialer liability
  6. FTC, Accessing the National Do Not Call Registry: Telemarketers create a Subscription Account Number and download registered numbers by area code; first five area codes free
  7. Singapore Personal Data Protection Commission, Do Not Call Registry: Singapore PDPA Part IX establishes DNC registry; organizations must check registry before sending specified marketing messages; exceptions for consent and ongoing business relationship; organizations use PDPC-approved checking services
  8. Singapore Personal Data Protection Commission, PDPA Amendment 2020: 2021 PDPA amendments increased maximum fines for serious breaches to SGD 1 million or 10% of annual turnover
  9. U.S. Code, 28 U.S.C. § 1658, Limitations on Actions: Four-year federal statute of limitations generally applied to TCPA private actions

Disclaimer: LeadCompliant is a compliance review tool, not a law firm. We do not provide legal advice. Consult with a TCPA attorney for legal guidance on specific compliance questions. Compliance scores, audits, and risk assessments are informational only.

LeadCompliant Team

LeadCompliant provides expert guidance and tools to help you succeed. Our content is reviewed for accuracy and kept up to date.

Related Articles

Related Glossary Terms

LeadCompliant
Build My Kit