The TCPA Compliance Guide I Wish I Had when I Started

I'd heard the horror stories. A property manager in Florida got hit with a class action for sending marketing texts without proper consent. Another operator in California faced 1,500 per message in penalties because they didn’t include the right opt−out language. The math was terrifying —send 1,000 texts without proper compliance, and you′re looking at 1.5 million in exposure.

I knew I needed to text guests. Response times directly impacted bookings, reviews, and revenue. But every time I hit send on a bulk SMS, I wondered: Am I about to bankrupt my business?

The problem? Most TCPA guidance is written by lawyers for lawyers. It's dense, confusing, and doesn't give you a simple playbook for what to actually do.

So here's the guide I wish I had when I was managing my portfolio—the mistakes I was terrified of making, the simple checklist that would've saved me hours of anxiety, and how we built TCPA compliance into Conduit by default.

Why Property Managers Are Sitting Ducks for TCPA Violations

The Telephone Consumer Protection Act (TCPA) is a strict liability statute. That means even if you accidentally violate it—even if you had good intentions—you're still liable.

Here's what that looks like in dollars:

• $500 per violation (unintentional)

• $1,500 per violation (intentional or willful)

• Uncapped statutory damages (penalties add up fast)

And here's the kicker: most TCPA litigation isn't targeting scammers or spam marketers overseas. It's targeting legitimate U.S. businesses that use SMS and phone calls for marketing or customer service. Why? Because professional TCPA litigators know you have money to pay.

According to a U.S. Chamber Institute of Legal Reform study, 60% of TCPA lawsuits over a 17-month period were brought by just 44 law firms. These attorneys are highly skilled at slipping into lead generation programs, building massive class-action lawsuits, and extracting settlements.

If you're a property manager sending SMS to guests, leads, or owners, you're a target. And if you're doing it wrong, you're exposed.

The 5 Most Common TCPA Mistakes Property Managers Make

When I was deep in the weeds of guest communication, these were the landmines I was most worried about stepping on:

1. Not Getting Proper Consent

This is the big one. Under TCPA, you need prior express written consent before sending marketing texts to a mobile number using an autodialer or prerecorded voice.

What counts as proper consent?

• Must be in writing (digital signature counts)

• Must clearly state the recipient is consenting to receive texts and calls

• Must include the phone number the texts will come from

• Must state that consent is not required for purchase

The mistake: Using vague website language like "By submitting this form, you agree to our Terms of Service" without explicit SMS consent.

The fix: Use clear, standalone consent language. Here's an example:

> "By checking this box, I give my electronic signature and expressly consent to receive text messages for marketing purposes from [Your Company] at the contact information I provided, including by autodialer. My consent is not required for purchase. Msg & data rates may apply. Reply STOP to opt-out."

2. Missing Opt-Out Language

Every marketing text you send must include a clear way for recipients to opt out.

The mistake: Not including "Reply STOP to opt-out" in your initial message or subsequent texts.

The fix: Every SMS should include opt-out instructions. And when someone replies STOP, CANCEL, END, QUIT, or UNSUBSCRIBE, you must immediately honor that request and confirm their opt-out.

3. Ignoring State-Specific Rules

TCPA is federal, but some states have their own "mini-TCPA" laws that are even stricter.

Florida is the worst offender. In 2021, Florida passed CS/SB 1120, which transformed the state's telemarketing laws into a mini-TCPA. The result? A flood of litigation targeting businesses that text Florida residents.

The mistake: Assuming federal compliance is enough and ignoring state laws like Florida's.

The fix: If you operate in Florida, California, or other high-risk states, review state-specific requirements or work with a compliance tool that handles this automatically.

4. Failing to Disclose Message Frequency

TCPA requires you to tell people how often you'll text them.

The mistake: Sending "approximately 4 messages per month" without disclosing this upfront in your consent language.

The fix: Include message frequency in your consent form: "You will receive approximately [X] messages per month."

5. Not Documenting Consent

If you ever face a TCPA lawsuit, your first line of defense is proof of consent. If you can't produce documentation showing that a specific person consented to receive texts, you're in trouble.

The mistake: Collecting consent verbally or not storing it in a way that's easily retrievable.

The fix: Store consent records with timestamps, IP addresses (for online forms), and the exact consent language shown. Treat this like legal ammo you may need later.

The Simple TCPA Compliance Checklist

Here's the checklist I would've taped to my wall if I'd had this guide back in 2022:

Before You Send Any Marketing Texts:

• Have I obtained prior express written consent?

• Does my consent language explicitly mention text messages and phone calls?

• Does it state that consent is not required for purchase?

• Does it include the phone number I'm texting from?

• Does it disclose message frequency (e.g., "approx. 4 msgs/month")?

• Does it say "Msg & data rates may apply"?

In Every Marketing Text:

• Does it include opt-out instructions ("Reply STOP to opt-out")?

• Is it clear who is sending the message (your company name)?

After Someone Opts Out:

- Have I stopped texting them immediately?

- Did I send a confirmation message that their opt-out was successful?

For Ongoing Compliance:

• Am I storing consent records (timestamp, consent language, contact info)?

• Have I reviewed state-specific laws for the states I operate in?

• Am I scrubbing my lists against the National Do Not Call Registry (for voice calls)?

How We Built TCPA Compliance Into Conduit

When we started building Conduit, I knew from experience that compliance couldn't be an afterthought. Operators are already stretched thin—asking them to manually track opt-outs, document consent, and stay updated on state laws is unrealistic.

So we made it automatic.

Here's how Conduit handles TCPA compliance by default:

1. Automatic Opt-Out Handling When a guest, lead, or owner replies with STOP, CANCEL, END, QUIT, or UNSUBSCRIBE, Conduit instantly removes them from your SMS list and confirms their opt-out. No manual work required.

2. Consent Documentation & Audit Trails Every conversation is logged with timestamps and full context. If you ever need to prove consent, you have a complete audit trail.

3. State-Aware Compliance Logic Conduit's AI agents understand state-specific rules. If you're texting someone in Florida, it applies Florida's stricter requirements automatically.

4. Policy-Compliant Messaging Our AI agents follow your SOPs and ensure sensitive data is protected. You can set guardrails so your AI never sends a message that violates your compliance policies.

The result? You get the speed and conversion benefits of SMS without the constant fear of a lawsuit.

Final Thoughts

TCPA compliance isn't sexy. It's not going to show up in your revenue dashboard or get you featured in a case study. But it's the invisible foundation that protects your business from catastrophic risk.

When I was running my portfolio, I spent way too much time worrying about this stuff. I didn't have a clear playbook, and I didn't have tools that made compliance automatic. So I played it overly safe, which meant I was slower to respond and less aggressive with my outreach.

Now? With Conduit, compliance is baked in. Our customers don't have to think about it. They can focus on what actually matters—converting leads, delighting guests, and scaling their operations.

If you're sending marketing texts and you don't have a clear TCPA compliance strategy, use the checklist above. And if you want to stop worrying about it entirely, let's talk. We built Conduit to solve exactly this problem.