U.S. carriers have created A2P messaging channels, such as short codes, Toll-Free numbers, and 10-digit long codes (A2P 10DLC) in order to give senders a sanctioned channel for messaging that will ensure consumers reliably receive wanted messages. Messaging campaigns that are non-compliant with carrier requirements may be subject to carrier penalties for the offending traffic.
Carrier policies are included in Twilio's policies. Any failure by Twilio to stop non-compliant traffic is not a basis to contest. If these penalties are assessed, they will be passed through by Twilio to the customer. Below you can find a breakdown of the existing non-compliance fines, best practices for maintaining compliance, and our FAQ regarding these fines.
- AT&T and T-Mobile carrier fines for unregistered long code messaging (March 1, 2022)
- T-Mobile Penalties for Non-Compliant Messaging
- How to Avoid Carrier Penalties for Non-Compliance
- Non-Compliant Messaging Penalties FAQ
AT&T and T-Mobile Carrier Fines for Unregistered Long Code Messaging
Effective September 1st, 2023, all SMS and MMS messages sent to U.S. phone numbers using +1 10DLC phone numbers must be sent via an approved application-to-person (A2P) campaign. Messages sent to the U.S. using unregistered +1 10DLC numbers will be blocked. Blocked messages will return error code 30034, “US A2P 10DLC - Message from an Unregistered Number”. Twilio messaging rates will still apply, even for blocked messages, but no per-message carrier fines will be charged. For more details, see What pricing and fines are associated with the A2P 10DLC service?
T-Mobile Penalties for Non-Compliant Messaging
The current fines outlined below are specific to T-Mobile. These fines, if assessed by T-Mobile (or potentially other U.S. carriers) will be passed through to customers by Twilio.
Content violating carrier policies – as also reflected in Twilio's Acceptable Use Policy and/or Messaging Policy – including spam, phishing, and SHAFT violations (Sex, Hate, Alcohol, Firearms, Tobacco).
Fine: $10,000 per violation
Enforcement: This fine is issued at T-Mobile's discretion and they will issue a warning prior to enforcement. Twilio will relay this warning to you via an email to the users on your Twilio account who are opted-in to Compliance and Regulatory related alerts. This initial warning will give you an opportunity to come into compliance, without getting a fine.
If another violation occurs after the warning, Twilio will report the violation to you and pass this fine through directly on behalf of T-Mobile.
Messaging Program Evasion
Using filtering evasion techniques, such as snowshoeing and recycling numbers (releasing/purchasing new numbers), to dilute number reputation. (See our Messaging Policy for more context.)
Enforcement: Twilio will report these violations to customers and pass these fines through directly on behalf of the carriers.
Sev-0 Fines on Prohibited A2P Traffic
T-Mobile has introduced A2P 10DLC non-compliance fines for messages including prohibited content. If T-Mobile detects any messages that violate the tiers listed below, they will issue a Sev-0 violation (the most severe consumer violation), a non-compliance fine, and Twilio will immediately block the offending messages.
This applies to all commercial messaging non-consumer A2P products (SMS or MMS short code, toll-free, and 10DLC) that traverse the T-Mobile network.
Because Sev-0 violations also infringe on Twilio’s acceptable use and messaging policies, Twilio will pass on these fines to you for every Sev-0 violation, starting February 15, 2024. These fines include, but are not limited to, the following:
Tier 1: $2,000: phishing (including simulated phishing sent for security testing or similar purposes), smishing, and social engineering
- Social Engineering is a technique used to manipulate someone into sharing private information, like passwords or credit card numbers.
- Tier 2: $1,000: illegal content (content must be legal federally and in all 50 states)
- Tier 3: $500: all other violations in commercial messaging including but not limited to, SHAFT (sex, hate, alcohol, firearms, and tobacco) that do not follow federal and state law and regulations (e.g. age-gate).
These non-compliance fines apply to violations across any A2P messaging product (SMS/MMS short code, toll-free, and 10DLC).
T-Mobile reserves the right to permanently suspend any brands, campaigns, and your company’s access to the T-Mobile Network in the event violations are deemed to be excessive. If you are subject to these fines, Twilio will send you a Sev-0 violation notice and will subsequently charge the respective fine amount.
For more information, review T-Mobile’s Code of Conduct Section 5: Prohibited Campaign Content.
How to Avoid Carrier Fines for Non-Compliant Messaging
Ensure Compliance with Twilio’s Policies
The best way to avoid fines for non-compliance is to make sure your traffic aligns with Twilio’s Messaging Policy and T-Mobile’s Code of Conduct. You can also refer to CTIA’s Best Practices documentation and adopt industry standards into your operations and/or services.
Register your traffic for A2P 10DLC
To make sure your messaging traffic is compliant, ensure that you have registered your US traffic for A2P 10DLC as described in How Do I Register My Traffic for A2P 10DLC?
Monitor Your Traffic
Message filtering and Opt-Out rates can be an early sign of non-compliant messaging. Monitoring your traffic through Messaging Insights is a good best practice to ensuring your traffic is compliant.
Non-Compliant Messaging Fines FAQ
How will penalties be issued to customers?
Fines issued through Twilio will be passed through directly to customers and show up directly on the customers' invoice.
What does “snowshoeing” mean in the context of messaging?
Snowshoeing is defined as spreading similar or identical messages across many phone numbers with the intent or effect of evading unwanted messaging detection and prevention mechanisms.
I use multiple numbers in my Messaging Service for my use case. Would that be considered snowshoeing?
It is not considered snowshoeing unless you are intentionally spreading the same or similar message across more numbers than you need to evade detection/filtering, or to dilute a numbers reputation, ie. to keep it from being marked a ‘spam’ by the carriers.
An example of not snowshoeing: You could use Area Code Geomatch with multiple numbers to create localized experiences.
Will the Content Violation notification come from Twilio specifically?
Customers will receive notifications and passthrough fines for non-compliance directly from Twilio.
Is a Sev-0 fine counted per message segment or per violation?
Each Sev-0 fine applies to the violation. If a customer was issued a Sev-0 violation for a phishing attack sent across 1000 message segments, they would receive one Sev-0 fine for the total violation.
Will Twilio suspend my traffic and help with remediation BEFORE the fine?
T-Mobile will issue a warning prior to levying the discretionary Content Violation fine described above in which Twilio will relay this warning to you via an email to the users on your Twilio account who are opted-in to Compliance and Regulatory related alerts.
However, for automatic violations such as the SEV-0 fines, there is no such warning and those fines are passed through at the same time as other enforcement measures.
Please note that Twilio does also proactively enforce its own policies independently from carriers through outreaches and other remediation efforts, including account restrictions or suspension. However, Twilio makes no guarantee that it will intervene in your non-compliant traffic before carriers levy the fines.
Are ISVs responsible for non-compliance fines on-behalf of their End Users?
The ISV is responsible for its End Users and would be considered the “content provider”. If an End User's act(s) results in a fine imposed on Twilio, then Twilio will hold the ISV responsible for the same. Twilio imposes no restriction on the ISV from independently passing through the fine to its customers.
Is there an appeals process if I believe I have been incorrectly fined for a compliance violation?
Twilio will conduct independent investigation into any reported compliance violations raised by carriers, and will work with you to appeal if the penalty appears to have been applied in error.