Ensuring compliance in contact center operations


On a recent business trip to England, the topic of conversation turned to compliance in the contact center. The evolving regulatory landscape for customer contact and collections in both Europe and the United States continues to make this a formidable challenge. The following developments and statistics should give businesses a reason to reevaluate their current efforts:

In a recent survey of U.K. contact centers, nearly 37 percent of respondents believed that their operations were in compliance with the Payment Card Industry Data Security Standard (PCI-DSS). However, 89 percent indicated that they didn’t understand the law’s requirements or penalties.

On data security and confidentiality, the U.K. Financial Services Act restricts the recording of interactions when sensitive details such as credit card information are involved. Since many contact centers record interactions as a matter of course, they must take extra precautions when storing data to avoid violating the PCI-DSS.

In the United States, the Do Not Call list, created by the Federal Communications Commission in 2004, now has nearly 200 million numbers on it. This has severely affected telemarketing, but the growth of cell phones is impacting customer service and collections too. In fact, Pew Research recently reported that 83 percent of U.S. adults now have cell phones.

And the cloud exacerbates compliance even further. In August the PCI-DSS released new guidance about virtualization. Much more to come on this front.

So what do all these developments mean for the contact center? Vendors should build (and companies should ensure) that any solution is:

  • Flexible—As legislation and regulatory agencies struggle to keep pace with technological advances, it’s impossible to predict what the next year or five years will hold.
  • Nimble and responsive—Rigid platforms that can’t be easily adapted to emerging needs can impede companies from pursuing opportunities.
  • Transparent—Ignorance of violations is no defense, so contact center managers must be aware of agent interactions and detect potential risk.

In compliance, vigilance and an understanding of regulatory and enforcement trends are critical. The right technology solution must provide the capabilities to support these efforts.