DNC registry services: what they are and how to use them

DNC registry services let you scrub call lists against the National Do Not Call Registry. Learn costs, access rules, and how to stay TCPA-compliant.

LeadCompliant Team
24 min read
In This Article

Last updated 2026-07-09

Hand with pen reviewing a printed phone number list on an office desk
Hand with pen reviewing a printed phone number list on an office desk

TL;DR

DNC registry services give businesses access to the FTC's National Do Not Call Registry so they can scrub call lists before dialing. Telemarketers register, pay fees based on how many area codes they access (up to $17,694 total per year as of FY2025), and re-scrub every 31 days. Call a registered number without consent and it can cost $51,744 per violation.

What is the National DNC Registry and who runs it?

The National Do Not Call Registry is a federal database the Federal Trade Commission manages. Consumers call 1-888-382-1222 or visit donotcall.gov to add their numbers. Once a number lands on the list, telemarketers have to stop calling it within 31 days. [1]

The FTC built the registry in 2003 under the Do-Not-Call Implementation Act, and the FCC layered its own rules on top through the Telephone Consumer Protection Act, 47 U.S.C. § 227. Two agencies, two rulebooks. That split is a big reason DNC compliance confuses small teams. The FTC controls registry access and brings most enforcement against telemarketers. The FCC handles carrier-level issues and TCPA claims like autodialer use and prerecorded messages. [2]

As of mid-2025, the registry holds more than 249 million numbers, and it has grown every year since launch. Run any outbound call campaign to U.S. consumers and you're dialing against a list that needs a scrub before every cycle.

For how the list works from the consumer side, see our guide to the do not call list.

What are DNC registry services and what do they actually do?

A DNC registry service is any tool or provider that gets you access to the National Do Not Call Registry, compares your call list against it, and flags or strips the numbers you can't legally dial. The term covers a range. It can mean the FTC's own Telemarketer Access Portal, the government's direct-access system. It can also mean a third-party scrubbing platform that pulls from the registry (often from state DNC lists too) and hands you back a clean file.

The workflow is boring, which is good. You export your prospect list. You upload it to the scrubbing service or feed it through an API. The service checks your numbers against registry data. It returns a report showing which numbers sit on the DNC list. You pull those before dialing. Then you write down the scrub date. That last step matters because your 31-day safe harbor clock starts the moment you download the registry data. [3]

Third-party services stack extras on top of raw FTC data. They check state-level lists at the same time. They flag reassigned wireless numbers. They give you audit logs you can hand a plaintiff's lawyer if a suit ever lands. None of that is legally required. All of it is worth having once you're dialing at real volume.

See our dnc registry article for how the registry itself is structured.

How do you get access to the registry, and what does it cost?

The FTC runs a paid access system for telemarketers at telemarketing.donotcall.gov. You create an organization account, sign the subscriber agreement, and pay for access by area code. [12]

The fee math is simple but it adds up. You pay per area code, per year. The first five area codes are free, a break the FTC built in for the smallest local businesses. Past five, the meter runs.

Here are the FY2025 fees the FTC set:

Access levelAnnual fee
Up to 5 area codesFree
Each additional area code (beyond 5)$85
Maximum annual fee (all area codes)$17,694

Read that table carefully. The FTC caps the total annual fee at $17,694 for any single entity, no matter how many area codes it needs. Grab all 300-plus U.S. area codes and you pay the same ceiling as a company that grabs 200. [4] Both the per-area-code fee and the cap get adjusted for inflation each year.

Third-party scrubbing vendors bill separately. Pricing is all over the map. Some charge per record scrubbed (roughly $0.001 to $0.01 per number). Some run a flat monthly SaaS fee ($50 to $500 a month is common for small teams). Some meter by API call. Push any vendor hard on two things: whether their data comes straight from the FTC's subscription feed, and how often they refresh it. A vendor serving you 60-day-old registry data when your obligation is 31 days is a problem you'll pay for later.

For a walk through the direct portal, see how do i get the do not call list.

DNC registry: key compliance numbers Thresholds, penalties, and timelines every outbound team needs to know 52k Max FTC civil penalty per call violation 1,500 TCPA statutory damages per call (willful) 500 TCPA statutory damages per call (standard) 18k Max annual registry access fee (FY2025) Source: FTC TSR (16 C.F.R. § 310), 47 U.S.C. § 227, FTC civil penalty adjustments FY2024

What is the 31-day rule and why does it define your scrub schedule?

The rule is short. Under 16 C.F.R. § 310.4(b)(3)(iv), a telemarketer can't call a registered number using registry data that's more than 31 days old at the time of the call. [3] Your scrub buys you a 31-day safe harbor, and then it expires.

Here's the plain version. Scrub on June 1. A consumer registers their number June 15. You're covered until July 2, which is 31 days out from your scrub. After that, you dial that number at your own risk unless you scrub again.

Most teams set a monthly cadence and figure they're safe. Usually they're close. The math can still bite. Scrub on the 1st one month and the 1st the next, and you're at 30 or 31 days depending on the month. Scrub on January 31 and let it slide to March 5, and you've opened a gap you can't defend. The clean fix is a rolling 30-day scrub tied to your campaign launch date, not the calendar page.

Documentation is the part people skip and then regret. You have to prove when you pulled the data and which records you scrubbed. Courts want it. The FTC wants it. No records, no safe harbor.

Who is legally required to register and scrub?

The FTC's Telemarketing Sales Rule (16 C.F.R. Part 310) requires any seller or telemarketer making outbound calls to residential numbers for commercial purposes to access and honor the registry. [3] That net is wider than most people expect.

Calling prospects to sell anything (insurance, solar, home services, financial products, subscriptions) puts you inside it. Lead generators count. Call on behalf of a client and both of you can be on the hook. The FTC has said plainly that responsibility doesn't vanish because you hired a vendor to dial.

There are exemptions. Calls made with the consumer's prior express written consent clear DNC restrictions under TCPA. An existing business relationship (EBR) buys you an 18-month window after a purchase or a 3-month window after an inquiry. Pure business-to-business calls generally fall outside the residential registry rules, though some states pull B2B in anyway. Tax-exempt nonprofits, political groups, and survey firms are carved out of the FTC rules, but the FCC's TCPA robocall rules still reach them. [2]

Calling mobile numbers ratchets the rules up and the exposure with them. Our piece on the mobile phone do not call list covers that nuance.

What are the penalties for ignoring the DNC registry?

The numbers are real and they're large. Under the FTC Act and the TSR, the FTC can seek civil penalties up to $51,744 per violation as of 2024, a figure adjusted every year under the Federal Civil Penalties Inflation Adjustment Act. [5] Each call to a registered number is its own violation.

Under TCPA at 47 U.S.C. § 227(c)(5), a private individual can sue for $500 per violation or actual damages, whichever is greater. Find the violation willful or knowing and a court can triple it to $1,500 a call. [2] There's no class-action bar on TCPA claims, so plaintiffs' attorneys routinely certify classes of thousands and press for seven-figure settlements.

The FTC has landed DNC penalties of $120 million against Dish Network (2017) and $299 million against Affordable Enterprises of Arizona (2023). [6] Those are big companies. Small teams get hit too. A solo lead-gen operator running 500 calls a day builds theoretical exposure north of $25 million before a single complaint gets filed.

So here's the takeaway. A scrubbing service at $200 a month isn't a cost center. It's insurance against a number that can close the company.

For how violations turn into lawsuits, see our do not call list report guide.

How do state DNC lists fit in with the federal registry?

Plenty of states run their own do-not-call lists, and you comply with whichever rule is stricter. The federal registry and most state lists overlap on process. The details are where they split.

Florida runs its own list through the Florida Department of Agriculture and Consumer Services. Its call-time window (8 a.m. to 8 p.m.) mirrors the federal rule, but Florida adds a separate telemarketer registration requirement and its own penalties under Florida Statutes § 501.059. [7] Pennsylvania runs a similar parallel system. Indiana keeps its own list on top of the federal registry, enforced by the state attorney general. [8]

For a multi-state caller, the working approach is to scrub against the federal registry and every relevant state list before you dial. Some third-party services bundle state lists into the product. Others charge extra. Ask the vendor which states are actually included before you sign.

See our state guides for florida do not call list, indiana do not call list, and do not call list pa.

What should you look for in a third-party DNC scrubbing service?

Dozens of vendors work this space. Some are excellent. Some resell stale data behind a shiny dashboard. Here's what actually splits good from bad.

Data freshness. The vendor should pull straight from the FTC's subscription feed and refresh at least monthly. Ask the exact date of their last registry update and how you can verify it. A vendor who can't answer that cleanly is a red flag.

State list coverage. Call into several states and you want one vendor checking every relevant state list in the same scrub. Cross-referencing five state portals by hand is a workflow that snaps under volume.

Audit logs. You need timestamped records of every scrub: which numbers got checked, against which data version, on what date. This is your proof when a plaintiff claims you called a registered number. Logs that live only on the vendor's servers are a risk. Export them and keep your own copies.

Wireless number identification. Many services flag whether a number is a cell phone, which matters because TCPA sets different consent rules for calls to cellular numbers using an autodialer or prerecorded voice. Combine DNC suppression with wireless ID and you've got one fewer database to babysit.

Internal opt-out suppression. Federal law makes you keep your own company-specific do-not-call list and honor it. A good service lets you upload that internal list and suppress against it alongside the federal and state lists.

LeadCompliant's free number checker tools help smaller teams validate individual numbers before a full scrub. For multi-state campaigns at real volume, though, you want a dedicated suppression vendor with a current FTC subscription.

For what belongs on the do not call telemarketer list, that article covers the seller-side view.

This is where teams trip. They assume consent clears every DNC obligation. It mostly does. Not entirely.

Under TCPA at 47 U.S.C. § 227(c), a registered consumer's prior express invitation or permission is a complete defense to a DNC claim. [2] Someone hands you their number and asks you to call? You can call, registry or not. The consent has to be clear and documented.

The trap is scope. Consent to hear about one product doesn't stretch to a different product from the same company, let alone an affiliate. The FCC's 2012 rules required prior express written consent for most telemarketing calls using autodialers or prerecorded messages, and later rulemaking tightened the screws. The FCC's January 2025 order went after lead generators specifically, restricting how a single consent can move from a lead form to a caller. [9]

What that means in practice: even if you bought a list where everyone supposedly consented, you have to confirm the consent named your company (or you by clear name), that it was in writing, that it covered this kind of call, and that nobody revoked it. Trusting a list seller's word without documentation is one of the most expensive mistakes in this business.

For how the government do not call list meets consent rules, that piece runs the FTC and FCC frameworks side by side.

What's the process for registering a number on the DNC list (for consumers)?

This matters to businesses too. Understanding how consumers register helps you reason about your own list hygiene.

A consumer registers by calling 1-888-382-1222 from the number they want listed, or by visiting donotcall.gov and submitting up to three numbers per email address. [1] Registration is permanent. The FTC killed the old five-year expiration in 2008 under the Do-Not-Call Improvement Act. Numbers stay on the registry until the consumer cancels them or gives up the line. [11]

Number reassignment is a live hazard. When a carrier hands a disconnected number to a new subscriber, that new person may not be on the DNC list at all, or may carry their own separate registration. Meanwhile your records might still flag that number as a DNC match from the last owner. The reverse burns you too: you scrub, the number's clean, you call, and the new subscriber who just got the line hasn't registered yet but is furious anyway. There's no clean fix. Checking numbers against the FCC's Reassigned Numbers Database cuts the exposure. [10]

Consumers can also report violations at donotcall.gov. The FTC mines those complaints for patterns and targets enforcement. One complaint rarely moves the needle. Fifty against the same company in a month does.

How do you set up an internal DNC compliance program that holds up?

The federal scrub is the floor, not the ceiling. A program that survives scrutiny stacks a few layers on top.

First, keep your own company-specific do-not-call list. 16 C.F.R. § 310.4(b)(1)(iii) requires anyone calling consumers to have a written policy for maintaining that list and to honor opt-out requests within a reasonable time, which the FTC reads as no later than your next attempt to reach that person. [3] The list has to cover every brand and product line you run.

Second, train everyone who touches an outbound call. Sales reps, lead qualifiers, even account managers doing follow-up. If they dial, they need to know what the DNC list is, how your scrub works, and what to do when a prospect asks to be added to your internal list.

Third, keep records at least four years. The TSR's general record-keeping rule at 16 C.F.R. § 310.5 sets a two-year minimum for most telemarketing records, but TCPA's four-year statute of limitations lets a plaintiff reach back further. Keep them longer than the floor. [3]

Fourth, have a written process for incoming complaints. A consumer who calls to complain about a DNC violation just handed you something legally significant. Log it, honor it, and don't dump it in a voicemail box nobody checks.

LeadCompliant's one-time compliance kit includes a policy template for company-specific DNC lists, a scrub-log spreadsheet, and a complaint intake form built to the TSR documentation requirements. Starting from zero, that kit cuts setup time hard.

For specific do not call list number obligations, that article covers registration and lookup mechanics.

What's the difference between the FTC's and FCC's roles in DNC enforcement?

Both agencies have authority over do-not-call violations, and they use it differently. Knowing who does what helps you decide which rules to sweat most.

The FTC enforces the Telemarketing Sales Rule under 16 C.F.R. Part 310. Its main tool is civil enforcement: it files in federal court for injunctions, civil penalties, and sometimes disgorgement of profits. It also shares registry data with state attorneys general, who can run their own parallel cases. [6]

The FCC enforces the TCPA (47 U.S.C. § 227) through fines and forfeitures, and it opens the door for private plaintiffs to sue directly. The private right of action under § 227(c)(5) drives most DNC litigation, because attorneys don't need the government to act first. They file class actions for thousands of consumers and settle for seven figures even when individual damages are small. [2]

The FCC's 2023 declaratory ruling confirmed that reassigned numbers still create TCPA liability for the caller, even with no intent. [10] The FTC's recent focus has been lead generators and the companies buying leads without checking the underlying consent. The two agencies coordinate through the FTC's Consumer Sentinel Network, which pools consumer complaints.

For most small outbound teams, the FCC's TCPA and the plaintiff's bar are the near-term threat. The FTC's penalty authority is heavy, but its cases take time. A TCPA class action can turn into a demand letter in weeks.

See our full guide to the ftc do not call list for the FTC's enforcement history.

Frequently asked questions

How often do I need to scrub my call list against the DNC registry?

Every 31 days at a minimum. The FTC's TSR at 16 C.F.R. § 310.4(b)(3)(iv) says your registry data can't be more than 31 days old at the time of each call. Most teams scrub before every new campaign launch and on a rolling 30-day cycle for ongoing work. Calendar-date monthly scrubs work, but watch for months where the gap between scrubs creeps past 31 days.

Do I have to scrub mobile numbers against the DNC registry?

Yes, if those mobile numbers are personal consumer lines. The National DNC Registry covers all phone numbers, wireless and landline. Consumers have registered mobile numbers since the registry launched. Separately, calling a mobile number with an autodialer or prerecorded message needs prior express written consent under TCPA no matter its DNC status. Those are two different obligations that often hit at the same time.

What is the 'established business relationship' exemption and how long does it last?

The established business relationship (EBR) exemption lets you call a registered number if the consumer bought from you within the past 18 months, or asked about your products within the past 3 months. Once those windows close, DNC protections come back. The EBR sits under 16 C.F.R. § 310.4(b)(1)(iii)(B). If the consumer asks you to stop, the EBR ends right then, no matter the time window.

Can I use a third-party list that the seller says is already DNC-scrubbed?

You can, but the legal risk stays with you. If that scrub happened 45 days ago, you're already outside the 31-day safe harbor the moment you get the list. Document when the scrub happened and re-scrub if it's older than 31 days. The FTC has been clear that buyers of telemarketing leads carry compliance responsibility, alongside the lead generators who sold the list.

How many phone numbers can I access for free from the federal DNC registry?

The FTC's Telemarketer Access Portal gives free access to numbers in up to five area codes per year for any single organization. Past five, fees apply per area code, up to an annual cap of $17,694 for all-area-code access as of FY2025. Small, purely local callers may never pay a dime. Anyone dialing regionally or nationally hits the paid tier fast.

What records do I need to keep to prove I complied with DNC rules?

At minimum: a copy of your DNC policy, timestamps for every registry scrub showing the data version used, your internal company DNC list with dates entries were added, training records for staff who place calls, and logs of any consumer complaints or opt-out requests. The TSR sets a two-year retention minimum, but TCPA's four-year statute of limitations makes keeping records at least four years the safer call.

Are B2B calls exempt from the National DNC Registry?

Generally yes. The National DNC Registry focuses on residential numbers, and purely business-to-business calls fall outside the FTC's TSR do-not-call provisions. Some state DNC laws do reach B2B, though. TCPA consent rules still apply to autodialed or prerecorded calls to business lines that are actually mobile phones. And if a business line is registered as a personal number, it gets complicated fast.

What happens if a consumer files a DNC complaint against my company?

Complaints flow to the FTC's Consumer Sentinel Network through donotcall.gov. A single complaint rarely triggers direct action. The FTC hunts for patterns across many complaints pointing at the same company. The FCC takes complaints through its Consumer Complaint Center. The bigger risk: any complaint can prompt a plaintiff's attorney to research your company and file a class action under TCPA's private right of action.

Do I need to register with the FTC to use the DNC registry?

Yes. Telemarketers create an account at the FTC's Telemarketer Access Portal (telemarketing.donotcall.gov), agree to the subscriber terms, and certify their intended use. Access is limited to sellers and telemarketers making calls for legitimate commercial purposes. Using registry data for any other purpose, or handing it to unauthorized parties, breaks the subscriber agreement and federal law.

What is the penalty for calling someone on the DNC list?

The FTC can seek up to $51,744 per violation (FY2024 figure, adjusted annually). Under TCPA's private right of action at 47 U.S.C. § 227(c)(5), each call to a registered number can bring $500 in statutory damages, or $1,500 if the violation was willful. Since each call counts on its own, even a short campaign against a bad list can build seven-figure theoretical liability.

Yes. Prior express invitation or permission from the consumer is a complete defense to a DNC-based TCPA claim under 47 U.S.C. § 227(c). But the consent has to be specific to your company, in writing for most telemarketing calls, and not revoked. The FCC's January 2025 order tightened consent-transfer rules, so consent collected on a third-party lead form has to name your company specifically to hold up.

Do state DNC lists require separate registration from the federal registry?

Most states with their own DNC lists require separate registration and sometimes separate fees. Florida, Indiana, Pennsylvania, and Texas all run databases alongside the federal registry. You comply with both. Some states accept the federal list as enough; others don't. Check each state's attorney general or consumer protection office site for current rules, and confirm whether your third-party vendor includes state lists in its product.

How do reassigned phone numbers affect my DNC compliance?

A number a carrier reassigns to a new consumer may or may not sit on the DNC registry under the new owner. Scrub, find it clean, call, and you can still reach an angry consumer who then complains or sues under TCPA. The FCC's Reassigned Numbers Database lets callers check whether a number has been reassigned since they last had consent. Using it alongside DNC scrubbing cuts, but never erases, this exposure.

Can I get a list of all numbers on the DNC registry?

No. You can't download the full registry as a flat file. The FTC's system lets you query by area code or submit your list for comparison, returning only the matches. That's by design. The FTC built it that way to keep the registry from becoming a marketing database. You get what you need for compliance (which numbers to suppress) without a browsable list of every registered consumer.

Sources

  1. FTC, National Do Not Call Registry (donotcall.gov): Consumers register at donotcall.gov or 1-888-382-1222; telemarketers must stop calling within 31 days
  2. U.S. Congress, Telephone Consumer Protection Act, 47 U.S.C. § 227: TCPA private right of action allows $500 per violation ($1,500 for willful violations) for calls to DNC-registered numbers; prior express permission is a defense
  3. FTC, Telemarketing Sales Rule, 16 C.F.R. Part 310: TSR requires registry data used for scrubbing to be no older than 31 days; requires company-specific DNC lists and two-year record retention
  4. FTC, National Do Not Call Registry (business information and fees): FY2025 fee cap for registry access is $17,694 per organization annually; up to five area codes are free per organization
  5. FTC, adjustments under the Federal Civil Penalties Inflation Adjustment Act: FTC civil penalty per DNC violation is up to $51,744 as of FY2024, adjusted annually for inflation
  6. FTC, Cases and Proceedings: FTC has obtained DNC enforcement penalties including $120 million (Dish Network, 2017) and $299 million (Affordable Enterprises of Arizona, 2023)
  7. Florida Legislature, Florida Statutes § 501.059 (Florida Telemarketing Act): Florida maintains its own DNC list with separate registration requirements and penalty structure for telemarketers
  8. Indiana Attorney General (Consumer Protection): Indiana operates its own state DNC list that runs alongside the federal registry
  9. U.S. Congress, Do-Not-Call Improvement Act of 2007 (Pub. L. 110-187): The 2008 Do-Not-Call Improvement Act made DNC registration permanent, eliminating the original five-year expiration
  10. FTC, Telemarketer Access Portal: Telemarketers must register at telemarketing.donotcall.gov to access the National DNC Registry; access is granted only to sellers and telemarketers

Disclaimer: LeadCompliant is a compliance review tool, not a law firm. We do not provide legal advice. Consult with a TCPA attorney for legal guidance on specific compliance questions. Compliance scores, audits, and risk assessments are informational only.

LeadCompliant Team

LeadCompliant provides expert guidance and tools to help you succeed. Our content is reviewed for accuracy and kept up to date.

Related Articles

Related Glossary Terms

LeadCompliant
Build My Kit