OFCOM Compliant – Are you really? Prove it!

17th September 2016

In February this year, OFCOM’s consultation closed for their proposed revised policy on “the persistent misuse of an electronic communications network or service”.

Anyone who uses dialler technology is waiting with baited breath to see whether OFCOM will implement “ZERO TOLERANCE” on abandon calls, and also whether abandoned calls that arise from automated voice solutions where the customer is transferred to an agent and none is available will also be included in the abandon rate calculation

The revised statement is due to be published anytime between now and Q1 2017, or in the immortal words of Humphrey Bogart in Casablanca, “..maybe not today, maybe not tomorrow but someday soon..”

In the Collections industry we have been working tirelessly since 2006 to strive to ensure our operations remain compliant with the Policy, even if we secretly believe that its marketing and sales organisations where OFCOM should focus their attention.

I have worked with diallers since the 1990s and over the last few years working as a consultant I have had the opportunity to work with many clients, as well as actively contributing to many dialler forums. My experiences have lead me to question whether, as an industry, we all fully understand the policy and have adequate controls in place.

Like everything regulatory related it is often in the interpretation where we can cause ourselves some unnecessary problems. Here are a few examples I have come across:

  • Some businesses have implemented the “24 hour policy” even though they do not have AMD switched on. They believe they are complying with the policy and have adopted a strategy that is not only not required, but is also having a detrimental impact on customers and the effectiveness of their operation.
  • Other companies have AMD switched on and are adding “False Positives” to the abandon rate calculation. However, when probing a little further on what testing they carried out to arrive at the false positive rate, often they did not carry out any testing and have adopted the rate provided by their dialler supplier which as we all know OFCOM won’t accept.
  • Over reliance on the word /expertise of the dialler vendor.
  • Some organisations are not compliant and have no monitoring or reporting in place

On the flip side many businesses are compliant, however being compliant and proving you are compliant is a different matter.

Imagine the scenario: OFCOM come knocking on your door tomorrow morning and advise you that they are here to review your dialler operation. They ask you to provide them with all relevant documentation and control measures you have in place showing your compliance to the regulations for the previous 6 months. Would such a request make you feel uncomfortable?

There are four questions you need to ask yourself here:

  1. Have I got this information?
  2. If not who do I need to speak to, to get this?
  3. How long will it take to gather the information?
  4. How confident am I that I have adequate controls in place and an in fact compliant?

If you have answered yes to question 1 then you are in a good place, however many organisations appear not to be able to say.

A personal example of where I thought the business was in a good place but it turned out we were not.

At the time, I had strategic ownership of collections dialling. I understood the regulations and could put my hand on my heart and say we were compliant. I was the resident expert, of course we were compliant. Could I prove it and did I have good controls in place? I thought so, until it was discovered that a disgruntled member of staff had switched AMD on two weeks before they left the organisation.

How did we find out about it? I could say it was the controls I had put in place, but that was not the case. In fact it was the member of staff who confessed what he had done after having too much to drink on his leaving do. If he had not confessed who knows how long it would have been before we found out?

The point I am trying to make here is, thinking you are compliant and having adequate controls to be able to prove it either internally or to OFCOM is not the same thing. To answer my own questions in retrospect, I would have had to answer 1) No, 2) Probably me, 3) A long time, 4) Not confident.

Needless to say I immediately implemented independent robust controls and checks to prove compliance at all levels.

Do not think this does not affect you if you are one of the many organisations who have outsourced their telephony function. Outsourcing does not relinquish your responsibility and if OFCOM find persistent misuse by your BPO then you may also be fined up to a maximum of £2M. Therefore ask yourself how stringent were your checks at tender, and when you carry out your performance audits do you check for OFCOM compliance?

The OFCOM regulations are here to stay and irrespective how far reaching or not the revised Policy will be, so I suggest asking operations, risk and compliance teams “Are we compliant, and can we prove it?”

If you are interested in learning more on OFCOM compliance and how Arum can help you embed a robust framework, please contact us today or visit our website for more information.

Walter Mather, Lead Consultant