TCPA Compliance for Property Managers: The 2025 Consent Playbook

TCPA rules cost property managers $500–$1,500 per violation. This 2025 playbook covers consent workflows, 10DLC registration, and opt-out procedures.

TCPA Compliance for Property Managers: The 2025 Consent Playbook

Property management offices send hundreds of texts and dozens of outbound calls every week — maintenance alerts, assessment reminders, lease renewal nudges, gate code resets. Most teams do this without a documented consent workflow, assuming a phone number on file equals permission to use it. That assumption is expensive. The Telephone Consumer Protection Act carries statutory damages of $500 per violation for negligent violations and up to $1,500 per willful violation — and plaintiffs' attorneys have found fertile ground in property management portfolios where consent records are thin or nonexistent. TCPA compliance for property managers is no longer a legal department concern reserved for large operators. This playbook gives you a step-by-step workflow — updated for the January 2025 FCC rule change — to collect, document, and honor consent before your next campaign goes out.

  1. Map your message types — separate transactional from marketing messages; the consent bar differs for each.
  2. Audit your contact database — classify what documented consent, if any, exists for every contact.
  3. Build consent capture into every intake touchpoint — lease signing, HOA onboarding, work-order portals, and website forms.
  4. Register your 10DLC campaigns — carrier compliance now runs alongside TCPA obligations.
  5. Create an opt-out handling procedure — process, confirm, and suppress within the required window.
  6. Train the team — written guidance plus a one-page quick-reference card at every workstation.
  7. Run a quarterly consent audit — catch drift before it becomes liability.

Know What You Are Sending — Transactional vs. Marketing Messages

Before you can fix consent, you need to know what messages are going out. Pull the last 90 days of outbound texts and calls from your phone system or communication platform and sort them into two buckets.

Message Type Consent Standard Example
Transactional / informational Prior express consent (oral or written acceptable) Water shutoff notice, maintenance appointment confirmation, package alert
Marketing / promotional Prior express written consent required Renewal incentive offer, referral bonus, add-on service upsell

If your team cannot confidently sort a message into one bucket, treat it as marketing and require written consent. The cost of over-collecting consent is near zero; the cost of under-collecting it is not. The output of this phase is a written message-type register listing every recurring campaign, its classification, and the consent standard it requires.

How to Audit Your Contact Database for TCPA Compliance Gaps

Open your CRM or resident management software and add a consent-status field to each contact record. For every record, ask: do you have documented proof — not just an assumption — that this person agreed to receive texts or autodialed calls at this number?

Acceptable proof includes a signed lease or HOA onboarding form with a clear SMS consent checkbox, a recorded verbal agreement with a timestamp, or a text-based opt-in reply. A phone number written on a paper check or a verbal "call me sometime" does not meet the written consent standard for marketing messages.

Flag every contact in one of three categories:

  1. Documented consent — verified. Keep sending; preserve the record.
  2. Consent claimed but not documented. Do not send marketing messages until you re-obtain written consent.
  3. No consent on record. Suppress from outbound campaigns immediately; use only for inbound-response communication until consent is collected.

For teams managing hundreds of units, platforms that link every conversation to a per-contact timeline make this audit far faster than rebuilding from spreadsheets. See how to track every call, email, and text without a paper trail for practical logging approaches.

Done when: Every contact record has a populated consent-status field and all Category 2 and 3 contacts are suppressed from marketing sends.

Consent should be collected the first time a resident or owner interacts with your office — not retroactively after a complaint arrives. Every consent disclosure must include these required elements under CTIA Messaging Principles and Best Practices:

  • Message frequency disclosure — e.g., "Message frequency varies" or "Up to 4 msgs/month"
  • Message and data rates notice
  • Opt-out instruction (STOP to cancel)
  • Link to your SMS privacy policy

These property manager SMS consent requirements apply whether you use a short code or a 10DLC long-code number. The following SMS opt-in examples for property managers can be adapted for any intake form.

SMS Opt-In Template — Lease or HOA Onboarding Packet:

By checking this box, I agree to receive text messages and autodialed calls from [Management Company Name] at the mobile number provided above. Messages may include maintenance updates, account notices, and community announcements. Message frequency varies. Message and data rates may apply. Reply STOP at any time to opt out or HELP for assistance. View our privacy policy at [URL].

SMS Opt-In Template — Work Order or Resident Portal Form:

By submitting this form, you consent to receive automated text messages from [Company Name] at the number provided regarding the status of your maintenance request. Msg & data rates may apply. Reply STOP to opt out.

For a broader library of HOA text message compliance language covering common community scenarios, see our guide to SMS compliance without slowing your response time.

Inbound calls: When a resident calls in for the first time, train staff to ask: "Would you like to receive text message updates on your maintenance requests? It's optional and you can stop at any time." Log the response immediately with date and time in the contact record.

Done when: All intake documents and digital forms include a compliant consent disclosure and a checkbox that triggers a timestamped record.

Effective January 27, 2025, the FCC's one-to-one consent rule requires that a consumer's written consent name one specific company — not a broad category of businesses. A resident's consent given to a lead aggregator, listing platform, or third-party communication tool no longer flows to your management company. You must collect consent directly.

This rule closes a loophole that allowed lead-generation platforms to obtain a single broad consent and share it with dozens of companies. For property managers who use third-party platforms to market to prospective residents or collect contacts, this is a material change. Any consent collected through a shared portal before January 27, 2025 that did not name your company specifically should be treated as undocumented and re-collected before you send marketing messages. Review the FCC's guidance on lead-generation consent for the full regulatory context.

10DLC Registration for Property Management SMS Campaigns

TCPA compliance for property managers now runs in parallel with carrier-level 10DLC registration for property management. Since 2023, US carriers have required that any business sending texts via a 10-digit long-code number register their brand and campaigns through The Campaign Registry (TCR). Unregistered traffic is filtered or blocked, so even a technically compliant message may never arrive if the sending number is not registered.

To register your 10DLC campaigns:

  1. Register your brand — legal company name, EIN, and contact details.
  2. Create a campaign describing your use case ("property management notifications" is a recognized category).
  3. List your opt-in method, opt-out keywords (STOP, UNSUBSCRIBE), and help keyword (HELP).
  4. Assign your sending number(s) to the approved campaign.

Your SMS platform or phone system provider typically handles the technical submission. Your job is to supply accurate information and confirm that the opt-in flow described in the registration matches exactly what residents see — TCR audits this consistency. For tools that handle both call logging and SMS compliance in one place, see top call logging tools for property management companies.

Done when: Brand and campaign are approved in TCR and all sending numbers are assigned to a registered campaign.

Opt-Out Handling and the Do Not Call List

The TCPA, carrier rules, and the National Do Not Call Registry all require that opt-out requests be honored promptly. For property management outbound call compliance, the DNC registry adds a separate obligation: before making outbound marketing calls (not transactional calls), you must scrub your call list against the registry. Residential landlines and cell phones on the DNC list cannot receive unsolicited marketing calls regardless of any prior business relationship.

Your opt-out procedure must cover three scenarios:

  • Text STOP reply: Your SMS platform should auto-suppress and send a one-time confirmation: "You have been unsubscribed from [Company] and will receive no further messages. Reply START to re-subscribe." Confirm the suppression flag is recorded in your CRM, not just the SMS platform.
  • Verbal opt-out on a call: The staff member must mark the contact record immediately — date, time, and initials. A shared inbox for email and text helps ensure opt-out requests are not missed across multiple channels.
  • Written opt-out (email or letter): Process within 24 hours and suppress across all channels — phone, text, and email — since a general opt-out should be read broadly.

Done when: A written opt-out procedure is documented, all staff can recite it, and your CRM has a suppression flag checked before every outbound campaign.

State Law Overlays: California, Florida, and Texas

Federal TCPA sets the floor — several states add stricter requirements that affect property managers directly.

  • California: The CCPA requires a clear privacy policy disclosing what data you collect and how it is used, including phone numbers. The Rosenthal Fair Debt Collection Practices Act extends similar restrictions to rent-related communications. California residents have the right to opt out of the "sale" of their personal data, which can include contact information shared with third-party marketing platforms.
  • Florida: The Florida Telephone Solicitation Act (FTSA) broadly restricts autodialed texts and calls and created a private right of action similar to TCPA. Florida courts have seen a surge in FTSA class actions since 2021. The FTSA has been amended multiple times and its current scope is actively litigated — Florida portfolios require Florida-specific counsel.
  • Texas: Texas Business and Commerce Code Chapter 305 restricts telephone solicitations and requires prior written consent for automated calls. Texas also maintains its own do-not-call list that runs alongside the national registry.

If you operate in any of these states, layer the applicable state rules on top of every phase above and have qualified local counsel review your consent language. The CFPB's plain-language TCPA overview is a useful starting point before you engage counsel.

Common Mistakes That Create TCPA Violations in Real Estate

Consent collected but never logged. A staff member verbally confirms consent during onboarding but never enters it in the CRM. Six months later, no one can prove it existed. Fix: make consent logging a required field in your intake checklist — the interaction is not complete until the record is updated.

Marketing messages sent to transactional-only contacts. A well-meaning staff member adds all residents to a referral bonus campaign without checking consent status. Fix: segment your CRM so marketing sends are only possible against a "marketing-consented" list, not the full contact database.

Opt-out requests siloed in one platform. A resident texts STOP, gets suppressed in the SMS tool, but receives an email campaign the following week. Fix: maintain a master suppression list that every platform checks before sending.

Assuming third-party consent transfers to you. Under the January 2025 FCC one-to-one consent rule, it does not. Any contact collected via a listing site or lead aggregator requires fresh, direct consent naming your company before you send marketing messages.

Compliance Metrics to Track for TCPA Compliance for Property Managers

Metric What to Measure Target
Consent documentation rate % of active contacts with verified consent record 100% for marketing; 90%+ for transactional within 60 days
Opt-out processing time Hours from opt-out request to CRM suppression Under 4 business hours (text/call); under 24 hours (written)
10DLC registration status Active sending numbers with confirmed TCR registration 100% — zero unregistered numbers sending outbound SMS
TCPA complaints received Demand letters or complaints per quarter Zero; any non-zero result triggers an immediate consent audit
Staff training completion % of staff with annual TCPA training sign-off 100% before any new campaign launches

Frequently Asked Questions

Written by

Derrick Threatt
Derrick Threatt
Author at QuorumVoice

Derrick Threatt is an AI Automation Engineer and marketing operations leader who builds AI-driven systems, automations, and data workflows to improve revenue, operations, and team productivity.

View all posts →
Last Updated
July 19, 2026