DNC registry lookup: how it works and what it actually costs to skip it

Learn how DNC registry lookup works, what a subscription costs, who must scrub, and what fines you face. Real FTC rules, real numbers, no fluff.

LeadCompliant Team
22 min read
In This Article

Last updated 2026-07-09

Landline phone on desk next to printed calling list, DNC compliance concept
Landline phone on desk next to printed calling list, DNC compliance concept

TL;DR

The National Do Not Call Registry is a federal list run by the FTC. Telemarketers must scrub their calling lists against it within 31 days before dialing. Access costs $0 for up to five area codes, then $68 per area code per year, capped at $21,228 for national access. Calling a registered number can cost up to $53,088 per violation under current FTC penalty authority.

What is the DNC registry and who runs it?

The National Do Not Call Registry is a federal database where consumers list phone numbers they do not want telemarketing calls on. The Federal Trade Commission (FTC) built it and runs it under the Telemarketing Sales Rule (TSR), working alongside the FCC, which enforces parallel rules under the Telephone Consumer Protection Act (47 U.S.C. § 227) [1][2].

The registry launched in 2003. By 2024 it held more than 249 million phone numbers [3]. Consumers sign up at donotcall.gov or by calling 1-888-382-1222. Registration is permanent. There is no expiration date. A number stays on the list until the consumer removes it or the number is disconnected and reassigned.

Two agencies enforce compliance, and that matters more than it sounds. The FTC enforces the TSR against most commercial telemarketers. The FCC enforces TCPA obligations, which overlap heavily but differ around consent, autodialers, and text messages. Run outbound sales and you answer to both. Companies have settled with the FTC and then caught a separate FCC action for the same campaign.

For deeper background on what the registry covers, see do not call list.

Who is legally required to do a DNC registry lookup?

Any person or company making telephone solicitations to residential subscribers must access the registry and honor it [1]. The TSR defines a telephone solicitation broadly as any call promoting the purchase of goods or services. That catches most outbound sales calls.

The TCPA directs the FCC to run a national database consumers can join to avoid "telephone solicitations," and to require telemarketers to access and honor it [2]. The statute is blunt: "It shall be unlawful for any person within the United States... to initiate any telephone solicitation to... a residential telephone subscriber who has registered his or her telephone number on the national do-not-call registry." That is the baseline.

Some callers get an exemption. Political organizations, charities, survey researchers with no sales pitch, and callers with an established business relationship (EBR) can call registered numbers under set conditions. An EBR exists when a consumer made a purchase within the past 18 months, made an inquiry within the past 3 months, or gave written permission to call [4]. The EBR exemption is narrow. It only covers calls from that one company, and it dies the moment the consumer tells you to stop.

B2B calling sits in a gray zone. The TSR and TCPA both aim mainly at residential subscribers, so calls to businesses fall largely outside the national registry. Several state lists do include business numbers, though. And if you call mobile phones, which most outbound teams do now, treat them as residential no matter how the subscriber uses the line. The FCC has said so plainly.

See do not call telemarketer list for the rules that hit commercial telemarketers specifically.

How does DNC registry lookup actually work, step by step?

The process is simpler than most people expect. The deadlines and file formats are what trip up small teams.

Start by registering your organization at donotcall.gov. You create an account, verify your identity, and get into the Subscription Management system. Pick the area codes you need, pay the fee (pricing below), and the FTC gives you access to download files of registered numbers for those codes [3].

The download is a flat text file. Numbers show up in ten-digit format. You compare that file against your calling list. Any number that appears in both gets suppressed before you dial. That comparison is called scrubbing. It is not optional, and it is not approximate. Suppress every match.

Here is the deadline rule most teams get wrong. You must scrub against a version of the registry no more than 31 days old at the time of the call [1]. Not 31 days from when you downloaded the file. Thirty-one days from when the consumer data was current. Most compliance teams pull a fresh file monthly and scrub every list before launch. If a campaign runs longer than a month, scrub again mid-campaign.

The FTC updates the registry daily. A consumer who registers today cannot legally be called by a new telemarketer for 31 days after their number appears. That buffer protects consumers, but it also means a number you called legitimately last week might be off-limits next week.

For who provides access and how to get the actual file, see how do i get the do not call list.

DNC registry violation penalty ceilings by enforcement authority Maximum per-call or per-violation exposure under each authority (2024 figures) FTC civil penalty (TSR, per viola… $53k TCPA willful violation (private s… $1,500 TCPA negligent violation (private… $500 Florida FTSA (state, per call) $500 Source: FTC (16 CFR Part 1, 15 U.S.C. § 6101), FCC (47 U.S.C. § 227), 2024

What does a DNC registry lookup subscription cost?

The FTC charges for registry access, but the pricing makes small-volume use essentially free [3].

Area Codes NeededAnnual Cost
1 to 5 area codes$0 (free)
6 area codes$68 total ($68 for the 6th code)
Every additional code$68 per code per year
National access (all area codes)$21,228 per year (2024 cap)

The national cap adjusts each January for inflation. It was $20,992 in 2023 and moved to $21,228 in 2024 [3]. Call nationally and need every area code? The flat national fee is the cheapest route.

Third-party providers also sell registry scrubbing as a service. You upload your list, they scrub it against a licensed registry copy, and they send back the clean list. Prices swing wide. Simple per-record scrubs often run $0.001 to $0.01 per record. Managed compliance platforms bundle registry scrubbing into a monthly subscription that can run from a few hundred to several thousand dollars, depending on volume.

LeadCompliant offers a free phone number checker and a one-time compliance kit that covers scrubbing basics for small teams. Worth a look if you are early-stage and do not want to pay for an enterprise platform yet.

One thing to keep straight: paying for access does not shield you from liability. The subscription buys you the legal right to the data. You still have to run the scrub and document that you did.

What happens if you call a number on the DNC registry?

The exposure is real and it scales fast. The FTC can impose civil penalties up to $53,088 per violation as of 2024, adjusted annually under the Federal Civil Penalties Inflation Adjustment Act [5]. The FCC's TCPA maximum is $500 per call for negligent violations and $1,500 per call for willful ones, and private plaintiffs can sue directly in federal court without waiting on the FCC [2].

The private right of action is what makes TCPA so sharp for small businesses. A consumer who got a call on their registered number can sue you personally. Class action attorneys recruit these plaintiffs actively. A single campaign that dialed 50,000 numbers with 2,000 DNC-registered numbers in the batch is looking at up to $3 million in TCPA exposure from private suits alone, before the FTC even opens a file.

Enforcement is not theoretical. In 2023 the FTC and DOJ sued a homeownership assistance company for calling registered numbers and won a judgment with injunctive relief and monetary penalties [5]. The FCC has issued multi-million dollar forfeiture orders against lead generators and auto warranty robocall operations. The numbers get big because each call is its own violation.

The established business relationship defense exists, but courts and the FTC read it narrowly. You cannot claim an EBR after the fact if you did not document the relationship before the call. Get audited and you need records.

For how these penalties get calculated and what enforcement looks like in practice, see do not call list report.

Does the DNC registry cover cell phones and text messages?

Yes. Mobile numbers can be registered on the national DNC registry, and once they are, the same calling restrictions apply [6]. Consumers have been able to add cell numbers since 2003. The FTC has confirmed repeatedly that registered mobile numbers get the same protection as landlines.

Text messages are a layered question. The FCC treats texts as "calls" for the autodialer restrictions at 47 U.S.C. § 227(b), which means you need prior express written consent to send marketing texts to cell numbers using an autodialer or prerecorded voice, whether or not the number is on the registry [2]. The DNC registry stacks on top. Even with consent, if the number is now on the registry and the consent predates that registration, you have to check whether you still have a valid exception.

So, practically, a marketing text to a mobile list needs three things: proper TCPA consent, immediate opt-out honoring, and a DNC scrub if the message counts as a telephone solicitation. Running one check and skipping the other is how teams get caught.

See mobile phone do not call list for how mobile-specific rules sit against registry obligations.

How do state DNC lists differ from the federal registry?

About a dozen states run their own do-not-call lists alongside the federal registry, and several are stricter [7]. Call into those states and you scrub against both the federal registry and the state list.

States with active, enforceable separate DNC programs as of 2024 include Florida, Indiana, Pennsylvania, Wyoming, Colorado, Mississippi, Missouri, Oklahoma, Oregon, Tennessee, Texas, and Wisconsin, among others. Fees and access rules vary. Some lists are free. Some charge a nominal fee. Some require a separate registration step before you can pull the file.

Florida earns its own paragraph. The Florida Telephone Solicitation Act (FTSA) carries some of the strictest consent and calling limits in the country, and a violation can cost $500 per call under state law on top of federal exposure [8]. The florida do not call list rules are genuinely different from the federal baseline.

Indiana and Pennsylvania run their own programs that need separate scrubbing steps. Call into those states with any volume and you need separate subscriptions or API access to their lists. See indiana do not call list and do not call list pa for state-specific requirements.

The safest posture for a team calling nationally is straightforward. Scrub the federal registry first. Then flag any state with a separate list and add those scrubs before dialing into those area codes.

What records do you need to keep to prove you ran the lookup?

Documentation is where small teams are most exposed. Running the scrub is necessary but not enough. You have to prove you ran it, when you ran it, which registry version you used, and which lists you applied it to.

The TSR requires telemarketers to keep records of their subscription and scrubbing activity [1]. In practice: save your subscription confirmation and renewal receipts, log the date of every file download, record when each campaign list was scrubbed and against which registry version, and keep the suppression file used for each campaign.

There is no required format for these records. A spreadsheet with campaign name, scrub date, registry file date, and number of records suppressed is enough to start. Something beats nothing every time a plaintiff's attorney or FTC investigator comes asking.

Retention runs 24 months from the date a record is created under the TSR [1]. Some state laws want longer. Build a 24-month default into whatever system you use.

Use a third-party scrubbing service and you should get a written confirmation or audit log for each job. Their confirmation becomes part of your compliance record. If they get breached or fold and you cannot produce the scrub log, the liability lands on you.

What is the "safe harbor" and can you rely on it?

The TSR and TCPA both offer a safe harbor for telemarketers who call a registered number by mistake. The bar to qualify is specific [4].

To claim the TCPA safe harbor, you must have: written procedures to comply with the do-not-call rules, trained personnel on those procedures, a company-specific do-not-call list, a registry access within the required 31-day window, and a call made by genuine error despite all of that [4].

That last piece confuses people. Safe harbor is not "we tried our best." It is a structured legal defense that needs documented systems, not good intentions. No written procedures and no training records means no safe harbor.

The FTC's TSR standard mirrors this. Per the rule, a seller or telemarketer avoids liability "if the seller or telemarketer can demonstrate that... the violation was the result of error and that as part of its routine business practice it meets" the required standards [1].

Safe harbor genuinely helps with honest operational slips, like a number registered right after your last scrub. It does nothing for systematic failures, sloppy process, or a decision not to subscribe at all.

How often should you scrub your list against the DNC registry?

The legal minimum is every 31 days. Most compliance pros scrub more often than that, especially with large lists or lists from multiple lead vendors.

Here is why frequency matters. The registry adds numbers every single day. A consumer who registers today is protected from new telemarketers after 31 days. If your campaign runs six weeks and you scrub only at the start, you are calling people in their last two weeks of that buffer who may have registered after your initial scrub. Scrubbing weekly or bi-weekly shrinks that gap.

Lead vendor lists compound the problem. Those lists were compiled at some earlier point, and you do not know when the vendor last scrubbed them, or whether they ever did. Buying a list does not push liability onto the vendor. You own every call you make from it. Scrub purchased lists yourself before any dial.

For a longer campaign, calendar your re-scrubs during planning. Do not leave it to someone's memory. Set a recurring task, document the output each time, and keep the logs.

The government do not call list page covers the registry's official access policies and what counts as a compliant subscription.

What tools actually do DNC registry lookups?

You have three real options: direct FTC access, third-party scrubbing services, and compliance platform integrations.

Direct FTC access through donotcall.gov is the authoritative source. You download the registry files, run them through your own scrubbing logic, and suppress matches. Free for up to five area codes, cheap for small operations. The catch is you have to build or buy the tooling to compare files against your list, and you manage the whole process yourself.

Third-party scrubbing services let you upload a list and get a clean one back. Gryphon Networks, Contact Center Compliance (C3), and DataMaster all offer this. Pricing is volume-based. These services hold a licensed registry copy and turn scrubs around fast. Many cover state lists in the same pass, which saves real time if you call into multiple states.

Compliance platform integrations live inside your CRM or dialer. When a rep goes to call, the system checks the number against the registry in real time and either blocks the call or throws a warning. Most convenient operationally. It adds cost, and the real-time check is only as fresh as the platform's last registry refresh.

LeadCompliant's free checker is a light option for spot-checking single numbers or small lists, good for early-stage teams or a second opinion before a campaign.

Whatever you pick, document that you used it. The tool, the date, and the result all belong in your compliance record.

What is the FTC's role versus the FCC's role in DNC enforcement?

The two agencies have overlapping but distinct authority, and both can come after the same conduct.

The FTC enforces the Telemarketing Sales Rule, issued under the Telemarketing and Consumer Fraud and Abuse Prevention Act (15 U.S.C. § 6101 et seq.) [9]. The TSR covers most commercial telemarketing. The FTC can sue violators in federal court for civil penalties and injunctions. The TSR has no private right of action, so only the government brings an FTC case.

The FCC enforces the TCPA (47 U.S.C. § 227), passed by Congress in 1991 and implemented through FCC rules [2]. The TCPA hits harder for consumers because it includes a private right of action. Any consumer can sue a telemarketer directly, no government enforcement required. That is why most TCPA litigation comes from private plaintiffs and class action firms, not the FCC.

The FCC also issues guidance through declaratory rulings and orders. Its 2015 Omnibus TCPA Order, for example, clarified the definition of an autodialer and how to handle reassigned numbers. Courts have since reworked some of those interpretations, but FCC orders still steer compliance.

For the FTC's specific registry, see ftc do not call list. For the underlying registry structure and how numbers get listed, see dnc registry.

Frequently asked questions

How do I look up a specific number on the DNC registry?

The FTC has no public tool where you type one number and see if it is registered. The data goes only to organizations with paid subscriptions. As a consumer, you can verify your own registration at donotcall.gov. As a business, you access the full area-code files through the subscription system and compare your list against those files. There is no single-number search for the public.

Is DNC lookup required for B2B calling?

The national registry mainly covers residential subscribers, so pure B2B calls fall largely outside its scope. But cell phones used for business are still treated as residential for TCPA purposes. Several state DNC lists also cover business numbers. If your team calls any cell numbers or dials into states with broad lists, assume you need to scrub regardless of whether the prospect is a business contact.

How long does it take for a new registration to appear in the DNC registry?

Registrations process and appear in the database within about 24 hours. But a newly registered number is not protected from new telemarketers until 31 days after it appears. If you called a number before it appeared on the registry, that call was lawful. Calls made after the 31-day period ends are not. Keep the timing straight and log your scrub dates.

Can I call someone on the DNC list if they gave me their number?

Maybe. If the person gave prior express written consent specifically agreeing to receive telemarketing calls, that consent can override DNC registration for TCPA purposes. An established business relationship (within 18 months of a purchase or 3 months of an inquiry) can also provide a TSR exemption. Document the basis before you dial. Verbal consent alone is not enough for autodialed or prerecorded calls.

What does the DNC registry fine actually look like per violation?

The FTC maximum is $53,088 per call as of 2024, adjusted annually for inflation. The TCPA private lawsuit maximum is $500 per call for negligent violations and $1,500 for willful ones. Courts have awarded the full statutory maximum in class actions where the conduct was systematic. Individual cases often settle for less, but the per-call math means a batch dial of 10,000 registered numbers is millions in potential exposure.

How do I register my organization to access the DNC registry?

Go to donotcall.gov and use the Subscription Management portal. Create an organizational account, verify identity, select the area codes you need, and pay any fee. Five area codes are free. Each additional code costs $68 per year. National access is capped at $21,228 annually. Then download the registry files for your selected codes and scrub them against your calling lists before dialing.

Do I need to scrub against state DNC lists separately?

Yes, if you call into states that run their own lists. Florida, Indiana, Pennsylvania, and roughly a dozen other states have active state DNC programs. They operate alongside the federal registry, not instead of it. State lists often need a separate registration and fee. Some states have stricter consent rules and higher per-violation penalties than federal law, so the state obligation can matter more in some markets.

How long does a number stay on the DNC registry?

Permanently, unless the consumer removes it or the number is disconnected and later reassigned to a new subscriber. There is no expiration date. The old rule required re-registration every five years, but Congress killed that requirement in 2008 through the Do-Not-Call Improvement Act, making all registrations permanent.

No. Buying a scrubbed list from a vendor does not transfer their compliance obligation to them. You stay liable for every call your organization makes. Vendor scrubs can be stale by the time the list reaches you. Always re-scrub any purchased list against a fresh registry file before dialing. Keep records of both the vendor's certification and your own independent scrub.

What records do I need to prove I ran a DNC lookup?

Keep your subscription receipts, the date of each registry file download, the date each campaign list was scrubbed, and the number of records suppressed per scrub. If you use a third-party service, get a written confirmation for each job. Retain these records for at least 24 months as the TSR requires. A simple spreadsheet or folder of dated export logs is enough for a small operation.

Does the safe harbor protect me if I accidentally call a registered number?

Only if you can document a full compliance program: written DNC procedures, trained staff, a company-specific internal DNC list, and a scrub against the national registry within the last 31 days. The safe harbor covers genuine errors inside a documented system. It does not cover choosing not to subscribe, skipping a scrub cycle, or having no written procedures at all.

Are texts subject to DNC registry rules?

Marketing texts can qualify as telephone solicitations under the TCPA and TSR, so DNC registry obligations can apply. On top of that, the TCPA's autodialer consent rules apply separately to texts sent to cell phones. If your texts are promotional, scrub the recipient list against the DNC registry and confirm you have proper written consent. Both obligations exist independently and both need to be satisfied.

Sources

  1. FTC, Telemarketing Sales Rule (16 CFR Part 310): Telemarketers must access and honor the national DNC registry, scrub lists no more than 31 days before calling, and retain records for 24 months.
  2. U.S. Code, 47 U.S.C. § 227 (Telephone Consumer Protection Act): The TCPA makes it unlawful to initiate a telephone solicitation to a residential subscriber who has registered on the national do-not-call registry; violations carry $500 to $1,500 per call.
  3. FTC, National Do Not Call Registry Data Book FY 2024: The registry held more than 249 million phone numbers as of 2024; annual subscription costs $68 per area code beyond five free, capped at $21,228.
  4. FCC, TCPA rules (47 CFR § 64.1200), via Cornell Legal Information Institute: The established business relationship exemption covers calls within 18 months of a purchase or 3 months of an inquiry; safe harbor requires written procedures, trained staff, and timely registry access.
  5. FTC, Federal Civil Penalty Inflation Adjustments (16 CFR Part 1): The FTC maximum civil penalty for TSR/DNC violations is $53,088 per violation as of 2024, adjusted annually.
  6. FTC, National Do Not Call Registry (consumer information): Mobile numbers can be registered on the national DNC registry and receive the same protections as landlines.
  7. National Association of Attorneys General / State DNC program summary: Approximately a dozen states maintain separate do-not-call lists with independent registration and fee requirements that operate alongside the federal registry.
  8. Florida Legislature, Florida Telephone Solicitation Act (Fla. Stat. § 501.059): Florida's FTSA imposes $500 per-call penalties for violations and has consent requirements stricter than the federal TCPA baseline.
  9. U.S. Code, 15 U.S.C. § 6101 et seq. (Telemarketing and Consumer Fraud and Abuse Prevention Act): This statute authorizes the FTC to promulgate and enforce the Telemarketing Sales Rule, including DNC registry obligations.
  10. FTC, National Do Not Call Registry for businesses: Telemarketers access national DNC registry files through the FTC's Subscription Management portal at donotcall.gov; five area codes are free, additional codes cost $68 each per year.

Disclaimer: LeadCompliant is a compliance review tool, not a law firm. We do not provide legal advice. Consult with a TCPA attorney for legal guidance on specific compliance questions. Compliance scores, audits, and risk assessments are informational only.

LeadCompliant Team

LeadCompliant provides expert guidance and tools to help you succeed. Our content is reviewed for accuracy and kept up to date.

Related Articles

Related Glossary Terms

LeadCompliant
Build My Kit