How to submit your list to the DNC registry (step by step)

Learn exactly how to scrub your call list against the National DNC Registry, what access costs, and how to stay TCPA-compliant. Updated 2026.

LeadCompliant Team
21 min read
In This Article

Last updated 2026-07-10

Person reviewing call list spreadsheets at a desk before DNC scrubbing
Person reviewing call list spreadsheets at a desk before DNC scrubbing

TL;DR

To submit (scrub) your call list against the National Do Not Call Registry, register as an organization at donotcall.gov, pay the annual fee (free for up to 5 area codes, up to $17,088/year for national access as of FY2025), download the registry data, and remove any matching numbers before dialing. You must re-scrub at least every 31 days.

What does 'submitting a list to the DNC registry' actually mean?

You never hand your call list to the government. That's the first thing to get straight. The FTC doesn't take your list, check it, and hand it back clean. What you actually do is download the registry data, compare your list against it, and remove the matches. The industry calls this 'scrubbing.'

So when someone asks how to submit a list to the DNC registry, what they really mean is: how do I access the registry and check my numbers against it? That's the process this article walks through.

The National Do Not Call Registry is maintained by the Federal Trade Commission and enforced jointly by the FTC and the FCC under 47 U.S.C. § 227, the Telephone Consumer Protection Act [1]. Telemarketers covered by the rule must access the registry, more than be aware it exists. Knowing a number is on the list but calling it anyway is a violation regardless of whether you formally checked.

Who is required to scrub against the DNC registry?

If you make outbound sales calls to U.S. consumers, you almost certainly have to scrub. The Telemarketing Sales Rule (16 C.F.R. Part 310) applies the obligation to any seller or telemarketer who calls consumers to sell goods or services [2]. That's a wide net.

There are real exemptions. Calls to consumers who have given you express written consent are exempt from the registry prohibition, even if those consumers are registered [3]. Calls to people with whom you have an established business relationship (EBR) are also exempt, though the EBR protection expires 18 months after the last purchase or transaction and 3 months after the last inquiry. Political organizations, charities, and survey researchers get different treatment under the rules. But if you're in outbound B2C sales, assume you're covered.

B2B calls get more latitude. The FTC's TSR does not cover calls to businesses, so a purely B2B operation doesn't need to scrub the national registry for those calls. State laws can be stricter. Some states extend DNC protections to business lines in certain circumstances, so check your state rules before assuming B2B is entirely clear. The do not call list article covers that in more detail.

How do you register for access to the DNC registry?

Go to donotcall.gov, the official FTC-operated portal [4]. You'll create an organization account, not a personal one. The FTC keeps two doors separate: consumer registration (free, for people adding their own number) and telemarketer access (fee-based, for organizations that need to download data).

Here's the step-by-step registration process:

1. Go to https://www.donotcall.gov and click the telemarketer/seller access option. 2. Create an account with your organization's legal name, primary contact, and email. 3. Select the area codes you need access to. This is where the fee structure kicks in. 4. Pay the annual subscription fee (more on pricing below). 5. Download the registry data files for your selected area codes.

Once your account is active, you can log back in and re-download updated data. The registry updates daily, but for compliance purposes the FTC requires you to access it no more than 31 days before calling any given number [2]. Call a number today that you last checked 32 days ago, and you're exposed, even if that number wasn't on the list when you checked.

If you're a small operation calling in a handful of area codes, registering directly and downloading the files is cheap and manageable. If you're running high-volume campaigns across all 50 states, most teams use a third-party DNC scrubbing service that handles the API queries and keeps the subscription current. Both approaches satisfy the rule as long as you can document what you checked and when.

Annual DNC registry access cost by area code volume FY2025 FTC fee schedule for telemarketer subscriptions 1-5 area codes $0 10 area codes $395 25 area codes $1,580 50 area codes $3,555 100 area codes $7,505 National (all area codes) $17k Source: FTC Annual Registry Fee Schedule, FY2025

What does DNC registry access cost?

Access is free for up to five area codes and runs to $17,088 a year for the full national file, as of the FY2025 FTC fee schedule [5]. The FTC charges on a sliding scale based on how many area codes you pull.

Access levelAnnual fee
Up to 5 area codesFree
Each additional area code (6th and beyond)$79 per area code
All area codes (national access)$17,088

Those numbers come directly from the FTC's published fee schedule [5]. The national rate looks steep, but the math flips at scale. At 217 or more area codes, the per-area-code rate exceeds the flat national fee, so national access becomes the cheaper buy.

The FTC adjusts fees every year, usually in small increments tied to the cost of running the registry. Check donotcall.gov before you renew because the numbers do shift. The free tier for up to five area codes is genuinely free, which matters for a hyper-local operation like a single-market roofing company.

Third-party scrubbing vendors charge on top of (or instead of) the direct FTC subscription. Prices run roughly $0.001 to $0.01 per record checked, depending on volume and contract structure. Nobody has published a rigorous market survey on this. Those ranges come from publicly stated pricing on vendor sites as of 2025, and your mileage will vary.

How do you actually scrub your list against the registry data?

You compare your call list to the registry files and delete every number that appears in both. Once you have registry access, the FTC gives you downloadable text files organized by area code. Each file holds phone numbers registered on the DNC list. Your job is the match-and-remove.

The technical process most teams use:

1. Export your call list as a CSV with one column of phone numbers in a consistent format (strip spaces, dashes, and country codes, or normalize everything to the same format). 2. Download the current registry files for every area code present in your list. 3. Run a match operation. In SQL that's a LEFT JOIN with a WHERE NOT EXISTS clause, in Excel it's a VLOOKUP or MATCH, in Python it's a set intersection. 4. Remove all matched numbers from your outbound queue. 5. Log the date and version of the registry data you checked against.

That last step matters a lot. If you get sued or investigated, your record of when you scrubbed and which version of the data you used is your primary defense. Keep those logs for at least four years, which matches the TCPA's statute of limitations.

For higher-volume teams, a real-time API through a third-party scrubbing provider is more reliable than the batch file download. Those services query a continually updated database and return a clean or suppressed flag per number, often within milliseconds. LeadCompliant's free DNC checker is one option for spot-checking individual numbers before you build out a full process.

One more thing: the national registry is necessary but not sufficient. Several states run their own separate DNC registries with different rules. If you're calling in Florida, Indiana, or Pennsylvania, you need to check those lists too.

How often do you need to re-scrub your list?

At least every 31 days. The TSR requires that you access the registry no more than 31 days before calling a given number [2]. Most compliance teams scrub monthly on a fixed schedule, some scrub weekly, and high-volume operations scrub daily or in real time.

Here's the risk with a 31-day cycle. A consumer could register their number on day 1, and you're technically safe to call them on day 30 because you pulled a list that predates their registration. The 31-day window exists to give callers a reasonable update cycle, not to hand you a guaranteed grace period for calling newly registered numbers. Courts and regulators haven't broadly read it as a safe harbor for calling someone you would have caught with fresher data. When in doubt, scrub more often.

The 31-day rule applies per number, not per campaign. Run a multi-touch sequence where you first touch a lead on day 1 and reach back out on day 35, and you need to re-scrub before that day-35 call. Keeping a timestamp on every number's last-scrub date in your CRM is the cleanest way to manage this at scale.

What are the penalties for calling a number on the DNC registry?

The real threat is math. Private plaintiffs can sue for $500 per call, trebled to $1,500 for a willful violation, and class actions stack those numbers fast. The FTC can seek civil penalties of up to $51,744 per violation under the TSR as of 2024, and it adjusts that figure for inflation annually [6]. The FCC has its own penalty authority under the TCPA [1].

To put real numbers on this: the FTC and DOJ reached a settlement with Dish Network for $280 million in 2017 after the company was found to have made millions of calls to DNC-registered numbers [7]. That's the largest DNC/TCPA settlement on record as of this writing. Smaller companies face smaller cases, but even a 50-plaintiff class action at $1,500 per call gets painful fast.

The TCPA's private right of action is the bigger day-to-day threat for small teams. Consumers and their attorneys don't need the FTC to act. They can sue directly in federal court for each call to a registered number, and the plaintiff's bar files these cases constantly. One common pattern: a professional plaintiff registers a number, waits for calls, and sues. You don't need to have hurt anyone to owe damages.

See the do not call list report article for more on how consumer complaints can trigger enforcement attention.

Does scrubbing the DNC registry also cover cell phones?

Yes, and this trips people up. Cell numbers can be registered on the national DNC registry, and a registered cell gets the same protection as a landline under the TSR. Call a registered cell number and you carry the same exposure as calling a registered landline.

Cell phones have a second layer of protection under TCPA Section 227(b), which prohibits using an autodialer or prerecorded message to call a cell phone without prior express consent, regardless of whether the number is on the DNC list [1]. That restriction sits entirely apart from the DNC registry. So even if a cell number isn't registered, you still need consent before calling it with an ATDS (automated telephone dialing system) or a prerecorded voice.

The mobile phone do not call list article covers the consent and ATDS rules for cell phones in more detail. For scrubbing purposes, treat cell numbers the same as landlines when checking the national registry, then layer on the consent requirements separately.

What records do you need to keep after scrubbing?

Keep your compliance records for at least four years. The TSR requires covered sellers and telemarketers to maintain compliance records for 24 months [2], but the TCPA's private right of action carries a four-year statute of limitations under 28 U.S.C. § 1658, so most compliance attorneys tell you to keep records for four years to cover both.

The records you should keep:

  • Date and time of each registry data pull
  • Which area codes or the full national file you downloaded
  • The version or timestamp of the registry data file
  • The list you ran the scrub against (or a hash of it if the full list is large)
  • The resulting suppression list
  • Documentation of who performed the scrub

If you use a third-party scrubbing service, get a certificate or confirmation from them for each scrub run. Those certificates are your documentation. Don't rely on the vendor's internal records alone.

One practical note. If your CRM or dialer has built-in DNC scrubbing, verify that it's actually pulling the national registry and more than an internal suppression list. Some tools use the term 'DNC scrub' to mean 'check our own opt-out database,' which doesn't satisfy the TSR. Ask your vendor directly which data source they're querying.

Does the DNC registry apply to text messages (SMS)?

Yes. The FCC treats text messages as 'calls' for TCPA purposes [8]. The FTC's TSR also applies to telemarketing conducted via text in most circumstances. So a number registered on the national DNC registry can't be texted for telemarketing without consent, just as it can't be called.

The FCC issued rules in 2023 and 2024 tightening consent for robotexts and commercial SMS, with requirements around one-to-one consent and limits on lead generator consent aggregation [9]. Those rules sit on top of the registry requirement, not in place of it. Run SMS campaigns and you need to scrub the registry and keep proper consent documentation.

For SMS, consent is the cleaner path than registry scrubbing. If someone explicitly opted in to your texts, their registry registration doesn't block you. Most compliant SMS programs run entirely on consent, which makes the registry question less central than it is for cold calling.

What about state DNC lists, do you need to check those too?

Yes, in many cases. Roughly a dozen states maintain their own do-not-call lists that run separately from the federal registry [10]. Some of these state lists cover numbers not on the national registry. Calling into a state that requires it without checking its list is a separate violation from any federal TSR problem.

States with their own registries or stricter rules include Indiana, Wyoming, Missouri, Montana, and Texas, among others. Indiana's list, for example, is run by the Indiana Attorney General and has its own registration and access process. Florida has state-level telemarketing rules under the Florida Telemarketing Act that layer on top of federal requirements.

The safest workflow: after you scrub against the national registry, identify which states your remaining numbers are in, then check each relevant state list. Third-party scrubbing services often bundle state lists into a single query, which is the main practical argument for a vendor over the DIY file-download approach.

For a fuller picture of how the federal registry works and what it does and doesn't cover, the government do not call list article is a good next read.

What if you're a small business or solo operator, is there a simpler path?

Yes. If you call in a handful of area codes at modest volume, start with the free five-area-code tier at donotcall.gov. Register, download the files for your area codes, and run the match in a spreadsheet before each campaign. It takes maybe an hour the first time and 20 minutes on later scrubs once you have a process.

The LeadCompliant compliance kit has templates for documenting your scrub process and tracking the required records, which is the part most small teams skip until they're facing a complaint. Building the documentation habit from day one costs almost nothing and saves a lot if you ever need to show a regulator or plaintiff's attorney what you did.

For a team calling only within a single metro, a single-city B2B operation with established relationships, or a very low-volume outreach program, the risk profile is lower. Lower risk isn't no risk. The $500-per-call private right of action has no minimum volume threshold. One bad call to a DNC-registered number by an aggressive plaintiff can still cost you $1,500.

Frequently asked questions

How long does it take to get access to the DNC registry after registering?

Typically within one business day. The FTC's donotcall.gov portal processes paid subscriptions and grants download access once payment clears. Free five-area-code access is often immediate. Once your account is active, you can download the registry data files right away. Keep your account credentials somewhere secure because you'll need them each time you pull a fresh download.

Can I submit my list directly to the FTC to have it checked?

No. The FTC doesn't accept or check your call lists. You download the registry data yourself and run the comparison. Think of it like a blocklist you maintain, not a service the government runs for you. The duty to check and suppress matching numbers falls entirely on you as the telemarketer or seller.

What format does the DNC registry data come in?

The FTC distributes the registry as flat text files, one per area code, containing phone numbers in a standard numeric format. The files download from your account at donotcall.gov. Most SQL databases, Python scripts, and spreadsheet tools import them directly. The FTC also provides an API for higher-volume programmatic access.

Do I need to re-register with the FTC every year?

Yes. Registry access is an annual subscription. You'll get renewal notices from the FTC before your subscription expires. If your subscription lapses and you keep calling without scrubbing current data, you lose the protection that comes with documented compliance. Mark the renewal date in your calendar as a hard deadline.

What is the established business relationship exemption and how long does it last?

An established business relationship (EBR) lets you call a DNC-registered number if the consumer previously bought from you or inquired about your products. The EBR lasts 18 months after the last purchase or transaction, and 3 months after the last inquiry or application. Once those periods expire, the registry registration controls and you can't call without consent.

If a consumer registers their number on the DNC list, how long before it takes effect?

Under the TSR, telemarketers must honor registrations within 31 days of the registration date [2]. If someone registers today, you have up to 31 days before you're legally required to have suppressed that number. In practice, because you download data at most every 31 days, a freshly registered number might not show up in your suppression list until your next download cycle.

Does the DNC registry cover calls from political campaigns or charities?

The national registry and the TSR primarily cover commercial telemarketing. Political calls, charitable solicitations, and survey calls get different treatment and are largely exempt from the federal registry prohibition. Individual states may have different rules, and TCPA Section 227(b) restrictions on autodialers and prerecorded messages still apply to those callers for cell phones regardless of the DNC exemption.

Can I use a third-party vendor instead of downloading the registry files myself?

Yes, and for high-volume operations it's often the better approach. Third-party DNC scrubbing services query the national registry, state lists, and sometimes internal suppression lists in a single step. You still need to document that you used a compliant service and retain those records. Ask any vendor for proof of their own FTC subscription and data refresh frequency before relying on them.

What happens if I accidentally call a DNC-registered number?

A single accidental call, promptly documented and backed by a real compliance program, is unlikely to generate a large judgment. Courts have recognized good-faith errors. The TSR provides a safe harbor if you can show you have written procedures, train personnel, maintain a process for honoring opt-outs, and your contact of a registered number was the result of error [2]. The safe harbor is not a blank check. You need a real program, not a paper policy.

Does my company need to maintain its own internal DNC list on top of the national registry?

Yes. When a consumer tells you they don't want to be called, you must add them to your company-specific suppression list and honor that request for at least five years. Your internal list and the national registry work independently. A number not on the national registry can still be on your internal list, and you must suppress both. The TSR requires you to honor do-not-call requests from your own callers within a reasonable time, not to exceed 30 days [2].

Where do I report a telemarketer that violated the DNC registry rules?

Consumers can file complaints at donotcall.gov or by calling 1-888-382-1222. The FTC collects these complaints and uses them to spot patterns for enforcement. State attorneys general also accept complaints and sometimes move faster on local violators. Filing a complaint doesn't automatically trigger an investigation, but complaints feed into enforcement targeting.

How do I find out what area code covers a specific phone number I want to call?

The first three digits of a U.S. phone number after the country code are the area code. You can also use NANPA (the North American Numbering Plan Administration) at nanpa.com to look up which geographic area an area code covers. If you're unsure whether a number falls in an area code you've subscribed to, subscribe to that area code before you legally confirm its registry status.

Sources

  1. Cornell LII, 47 U.S.C. § 227 (TCPA): The TCPA creates the private right of action for $500-$1,500 per violation and restricts calls to cell phones using autodialers or prerecorded messages.
  2. FTC, Telemarketing Sales Rule 16 C.F.R. Part 310: The TSR requires telemarketers to access the registry no more than 31 days before calling, maintain records for 24 months, honor opt-out requests within 30 days, and provides the safe harbor for good-faith compliance programs.
  3. FTC, National Do Not Call Registry FAQ for Telemarketers: Calls to consumers who have given express written consent, or with whom the caller has an established business relationship, are exempt from the registry prohibition.
  4. FTC, donotcall.gov official portal: The FTC's donotcall.gov is the official portal for both consumer registration and telemarketer access to the national registry.
  5. FTC, National Do Not Call Registry (telemarketer fees and data): FY2025 fee schedule: free for up to 5 area codes; $79 per additional area code; $17,088 for national access.
  6. FTC, Bureau of Consumer Protection (civil penalty authority): The FTC can seek civil penalties up to $51,744 per TSR violation as of 2024, adjusted annually for inflation.
  7. U.S. Department of Justice, Office of Public Affairs: Dish Network paid $280 million in 2017, the largest DNC/TCPA settlement on record, after millions of calls to DNC-registered numbers.
  8. NCSL, State Telemarketing Laws: Roughly a dozen states maintain their own do-not-call lists that operate separately from the federal registry and require independent compliance.

Disclaimer: LeadCompliant is a compliance review tool, not a law firm. We do not provide legal advice. Consult with a TCPA attorney for legal guidance on specific compliance questions. Compliance scores, audits, and risk assessments are informational only.

LeadCompliant Team

LeadCompliant provides expert guidance and tools to help you succeed. Our content is reviewed for accuracy and kept up to date.

Related Articles

Related Glossary Terms

LeadCompliant
Build My Kit