5 Steps to Bulletproof Your Call Recording Strategy

Have you ever knowingly recorded a sales call without the prospect’s consent? How about by mistake?

If you delete the recording, is the problem solved? Is call monitoring any different?If you’re a sales leader and have asked yourself these questions, you’re not alone.

Call recording initiatives are now a ‘top three priority’ for two thirds of sales teams, given its many benefits from accelerating rep onboarding (training), lowering time to close (sales management) and pipeline analysis (through AI). However, 80% of organizations with over 100 employees report compliance being the #1 barrier towards implementing call recording, and with good reason.

Large enterprise Bank of America paid an $8.5M settlement last year for non-compliant call recording practices, despite admitting no wrongdoing.

The State of California sets penalties for non-compliant call recording as $5,000 per incident or 3x the proven damage to the customer, whichever is higher. And while call recording laws are old, much of their onerous requirements remain open to interpretation, with only a handful of cases being tried at the state level (Federal Law doesn’t prohibit call recording). With these types of issues being in the public, it’s no surprise that CFOs and Legal departments are requiring sales teams to provide a clear risk mitigation strategy to ensure a positive ROI for these types of projects.

Having helped create this risk mitigation strategy for mid-market and enterprise organizations, we’ve compiled a list of 5 questions that we use in our discovery process.

1. Do we need to record all calls?

Being able to only record a subset of calls greatly mitigates the risk of call recording, since Federal Law and 38 states explicitly permit call recording with consent from only one party (in this case, the rep on the phone). This satisfies the use case of most sales teams as long as reps aren’t divided into territories that lock them into states with onerous laws.

It also creates the option to have reps manually initiate call recording while on a call after doing any disclosure or verifying the customer’s location.

2. Can we determine the location of customers with confidence?

This is usually the Achilles heel of call recording in the mobile world. Legacy calling platforms determined location using area codes. However, the proliferation of virtual phone systems and the ability for prospects to cross state lines with cell phones has made this a non-starter for call recording compliance.

Having accurate CRM data on a contact’s location and the type of device being called is the minimum bar for building a compliant process with automatic call recording.

3. Are our recordings stored in an encrypted and secure format?

Most calling/recording technology in sales tools is built on third party platforms, such as Twilio and other vendors. These vendors do not meet the compliance requirements of many industry standards, such as HIPAA, SOC-2, PCI and others, meaning that they can expose you to many of the liabilities associated with your business.

Moreover, these calling technologies often forego strict access controls to these recordings, making them accessible to anyone with the link inside and outside of your organization. This is a non-starter for call recording in states like California where data in recordings that are tied to some form of monetary loss place the liability on the party who recorded the call. Solving for this problem also has the side benefit of enabling your reps to obtain permission to record calls where auto-recording isn’t appropriate: after all, would you, as a prospect, consent to a call being recorded if you didn’t have full certainty that the data was stored securely?

4. Do we have an audit policy for manually initiated recordings?

One of the outcomes of the Bank of America case was that they had to institute and report on cases where verbal permission for call recording was not obtained, showing that intent and rectifying mistakes is an important part of running a call recording practice.

This can be solved either by building audit practices in-house, outsourcing it to a third party, using AI-based speech-to-text software or any combination of the three depending on how the reps are trained to do disclosures and/or obtain permissions.

5. Can we build disclosure into our automated workflows?

In order for a call to be compliant, the prospect needs to be made aware of the fact that the call may be recorded for training or audit purposes. The more up-front this disclosure is made (vs. being sprung upon a prospect in real-time at the start of a scheduled call), the more likely the argument can be made that the prospect was informed of the practice.

A great example of this is configuring your phone system to announce that calls are recorded on inbound calls, which give the caller ample time to decide whether or not they want to still speak to someone, and allow for a clear audit trail.

Conclusion

To summarize, there is no ‘one-size-fits-all’ solution to make call recording compliant- it all starts with a clear understanding of which calls you need to record, the nature of your customer engagement and a clear understanding of how your technology supports these use cases.

However, one thing is certain: vendors need to be pushed hard to ensure that their systems can provide the necessary guarantees around compliance/security to ensure that customer data is safe, as this is the #1 trigger for customers and agencies to start investigating call recording issues.

Need more information on how your responses to these questions will translate into technical requirements — check out our Ultimate Guide to Call Recording.

Of course, always feel free to reach out to us anytime at sales@truly.co