Master A2P Brand & Campaign Compliance Checklist

Modified on Thu, 17 Apr at 12:03 PM

✅ 1. Required Documents

☐ CP575 Notice (PDF Version) If in other countries, check this list: [Here]

☐ Legal Business Name & Address (Must match CP575 Notice/Tax Paperwork)

☐ Authorized Representative Information

☐ Branded Email (preferred) or Freemium Email (if it includes the business name, e.g., abcindustries@gmail.com).

☐ Personal Phone Number (No Twilio/LC numbers)

✅ 2. Business Profile & Website Compliance

☐ Business Name & Address match the CP575 Notice exactly.

☐ Email used for business must match website email in T&S or Contact Us Page (e.g., name@yourbusiness.com or yourbusiness@gmail.com).

Website Compliance:
☐ Active domain with fully functional pages (Home, About Us, Contact Us, etc.).
☐ No HighLevel links, must be published with customer’s domain (No Sub-Domains).
☐ Working buttons, no broken links.

Example: If they have a FB button, it should go to their page, not Facebook.com.

☐ Forms collecting phone numbers must include opt-in CTA disclosures.
☐ "About Us", "Contact Us", “Services” sections included.
☐ Clear to anyone viewing their website from the public what they do / offer.
☐ Email address on site must match the email submitted in brand registration.
☐ Age-gate for age-restricted products (e.g., alcohol), with proof (if applicable).

✅ 3. A2P Registration Process

☐ Access Trust Center to start A2P registration.
☐ Complete Brand Verification and Campaign Verification:

☐ Brand Verification: Confirms legitimacy.
☐ Campaign Verification: Approves messaging use case.
☐ Choose appropriate Volume Standard (Low or High).

✅ 4. Brand Compliance Checklist

Message Category Verification:
☐ Ensure the campaign does not fall under a forbidden message category:

Debt relief, consolidation, and forgiveness programs are prohibited.
Promotional campaigns for lending and investment brands are disallowed.
Websites mentioning data sharing with affiliates or third parties will likely be rejected.

Avoid Deceptive Advertising:
☐ Ensure website content does not include:

False claims about products/services
Missing key disclosures
Misleading information
Hidden terms in small print
Unverified comparative claims

Ensure Consistency in Campaign Details:
☐ Business name, company email, sample message, and website details must be consistent.
☐ Freemium emails (Gmail, Hotmail, Yahoo, etc.) are generally not allowed; a branded email is required.

✅ 5. Sample Messages

☐ Provide compliant sample messages that reflect the business’s actual messaging.
☐ Include Sender ID (business name) in all sample messages.

✅ 6. Additional Guidelines

☐ Direct Lending businesses can only send transactional messages (appointment reminders), no marketing.

Tip: Any brand that looks like stock, crypto, financial, or other investment vertical would be in the same category as direct lending.

☐ Document all opt-in flows in a Google Doc (screenshots + explanations).
☐ Explain $3 A2P Fast Track with SLA details (24-72 hours for submissions, 2-7 days for appeals).
☐ Advise customers not to use the "Text Start" option due to common rejections.

Campaign-Related Compliance

✅ 7. Use Case Description

☐ Detailed description of SMS usage (transactional, marketing, etc.).
☐ No pre-made templates used; aligned with sample messages provided.
☐ Sample messages must reflect actual messages sent, including Sender ID.

Tip: If marketing and transactional messages are both being sent, provide 1 sample of marketing and 1 transactional. AVOID generic "you missed your appointment call us" and be specific depending on the use-case description.

✅ 8. Opt-in Form Compliance

☐ Phone number field is NOT mandatory (no asterisk).
☐ Proper opt-in verbiage & CTA disclosures used.
☐ Display Sender ID (business name) in the form.
☐ Message frequency disclosure included.
☐ Opt-out option (Reply STOP to unsubscribe).
☐ Include links to Privacy Policy & Terms of Service.

✅ 9. Opt-in Methods & Documentation

☐ Multiple opt-in methods documented (e.g., website form, verbal, kiosk).
☐ Google Doc with screenshots and step-by-step explanations for each opt-in method (If applicable).
☐ Opt-in method(s) match the use case description.

Opt-in Methods:
☐ Verbal Opt-in (Marketing consent can’t be collected verbally)
☐ Keyword Opt-in
☐ Website Opt-in
☐ Paper Form/Kiosk Opt-in

✅ 10. Privacy Policy & Terms

☐ Privacy Policy must specify that SMS data is not shared with third parties (excluding SMS providers).
☐ Include a T&C boilerplate for opt-in and opt-out instructions.

✅ 11. Website Compliance Checklist

Minimum Website Standards:

Clear Business Information:
☐ "About Us" page with company details, mission, and values.
☐ "Contact Us" page with a physical address, phone number, and email.
☐ Team member bios (if applicable) with real names and professional photos.

Transparent Business Model:
☐ Clear and detailed description of products/services.
☐ Transparent pricing structure.
☐ Unique value proposition outlined.

Trust Signals & Legal Compliance:
☐ Dedicated Privacy Policy and Terms of Service pages.
☐ Secure website encryption (HTTPS).
☐ Authentic customer testimonials or reviews.
☐ Logos of recognized partners, certifications, or affiliations (if applicable).

Functional & Professional Design:
☐ Well-structured, user-friendly layout.
☐ No broken links or 404 errors.
☐ No placeholder text.

Example: Such as lorem ipsum text. Be specific to the end brand, and less generic one size fits all.

☐ High-quality, professional images.
☐ Comprehensive FAQ section addressing common queries.

Social Proof & External Presence:
☐ Links to verified business social media profiles.
☐ Press mentions or blog articles (if available).
☐ Active blog or news section demonstrating business activity.

✅ 12. Opt-in Page Compliance Checklist

Requirements:

Accessibility:
☐ Easily accessible from the homepage with a visible redirect button.

Phone Number Field:
☐ Can be a required field but if so, checkboxes must be optional.

Consent Checkbox Requirements:
☐ Users must manually select a checkbox to opt in to SMS messaging.
☐ Clear description of message types received.

Example: Be more specific than "transactional" -- appointment reminders, account updates, password resets, shipping notifications, event updates, restock updates, loan status, application status, etc.

☐ Separate consent checkboxes for marketing messages.
☐ Business name clearly identified.
☐ Disclosure of potential fees ("Message and data rates may apply.").
☐ Service delivery frequency stated (e.g., "4 messages per month").
☐ Customer support details included (e.g., "Text HELP for help").
☐ Clear opt-out instructions (e.g., "Text STOP to unsubscribe").

Required Privacy Policy Verbiage:
☐ Privacy Policy must explicitly state that SMS data is not shared with third parties, except SMS providers.

“All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties, excluding aggregators and providers of the Text Messaging services.”