LendingIQ logo

Use case #0003

TRAI compliance: how Email & SMS AI ensures every message meets DND and consent rules

A single non-compliant SMS sent to a DND-registered number, or a commercial message sent without a valid TRAI-registered template and sender ID, is a regulatory event — not a campaign metric failure. TRAI's Telecom Commercial Communications Customer Preference Regulations (TCCCPR) govern every promotional and transactional SMS an NBFC sends to a borrower. Violations produce regulatory complaints, TRAI enforcement notices, and in aggregate, the kind of Ombudsman and telecom regulator attention that no institution wants. The Email & SMS Campaign Agent AI runs a compliance gate on every outgoing message — not as a post-campaign audit, but as a real-time pre-send check that prevents non-compliant messages from being sent at all.

A single non-compliant SMS sent to a DND-registered number, or a commercial message sent without a valid TRAI-registered template and sender ID, is a regulatory event — not a campaign metric failure. TRAI's Telecom Commercial Communications Customer Preference Regulations (TCCCPR) govern every promotional and transactional SMS an NBFC sends to a borrower. Violations produce regulatory complaints, TRAI enforcement notices, and in aggregate, the kind of Ombudsman and telecom regulator attention that no institution wants. The Email & SMS Campaign Agent AI runs a compliance gate on every outgoing message — not as a post-campaign audit, but as a real-time pre-send check that prevents non-compliant messages from being sent at all.

The TRAI regulatory framework: what it governs and what it requires

TRAI's TCCCPR framework, most recently updated with the DLT (Distributed Ledger Technology) requirements in 2021, requires that every commercial SMS sent in India meets four conditions simultaneously. First, the sending entity (the NBFC) must be registered on the TRAI DLT platform. Second, every message template must be pre-registered on DLT — unregistered templates cannot be sent and will be blocked by telecom operators. Third, the sender ID (the 6-character alphanumeric header that appears as the sender) must be registered on DLT and must match the category of message being sent (transactional or promotional). Fourth, promotional messages may not be sent to recipients registered on the National Customer Preference Registry (NCPR, commonly called DND) in the relevant category — financial services falls under category SC (Service and Financial Communications), and recipients who have opted out of SC cannot receive promotional messages from financial institutions.

Transactional messages — messages that are sent in response to a specific customer action or that contain legally required disclosures — are exempt from DND restrictions and can be sent to all recipients. But the classification of a message as transactional or promotional is regulated, not self-declared. A message that includes an offer or a CTA to a product the borrower did not initiate is promotional, regardless of how the institution labels it internally.

"A message that the institution labels 'transactional' but that contains a promotional offer is a promotional message under TRAI regulation — and will be treated as one by the telecom operator's DLT system."

The pre-send compliance gate: 12 checks on every message

TRAI Compliance Gate — Pre-Send Audit · T11 (NACH Bounce) · Shanthi Devi · Nov 5, 2025
12 compliance checks · All pass required · Message type: Transactional · Sender ID: IBFINC
12Checks total
12Passed
0Failed
ClearedSend approved
Group 1 — Sender and entity registration (checks 1–3)
Check 1: Sender entity registered on TRAI DLT platformEntity ID: FIN-2021-XXXXXXXXXX · Active registration · No pending compliance actions · Verified against DLT registry Nov 5, 2025 ✓
Check 2: Sender ID (header) registered on DLT and matches message categorySender ID "IBFINC" is registered as Transactional-Financial · T11 is classified Transactional · Header-category match confirmed ✓
Check 3: Message template registered on DLT — template ID matchedTemplate ID: TXN-NACH-BOUNCE-001 · Registered on DLT · Variables: [Name], [Amount], [UPI-link] · Template match verified · Operator will not block ✓
Group 2 — Recipient consent and DND status (checks 4–7)
Check 4: DND status verified for this mobile number (NCPR lookup)Shanthi Devi · +91-9XXXXXXXXXX · NCPR status: Not registered in DND · No preference restrictions applicable for Transactional category ✓
Check 5: DPDP Act consent recorded — borrower has consented to transactional communicationsConsent record ID: CST-2024-XXXX · Scope: Transactional (loan account notifications) · Date: Aug 2024 (at loan origination) · Not expired · DPDP-compliant ✓
Check 6: Promotional consent verified if message category is promotionalT11 is Transactional — promotional consent check not required · If message were promotional: borrower has SC category opt-in on NCPR ✓ (noted for cross-sell sends)
Check 7: Opt-out history checked — has borrower previously unsubscribed from this message categoryNo unsubscribe record for Transactional category · If unsubscribed: Transactional messages are not suppressible under TRAI (they are legally required communications) · Noted ✓
Group 3 — Message content classification (checks 8–10)
Check 8: Message content matches declared category (Transactional vs Promotional)Content scan: message contains bounce notification, EMI amount, retry schedule, UPI link for same loan. No new product offer. No rate quote for new product. Classification: Transactional confirmed ✓
Check 9: Message does not contain prohibited content (TRAI and RBI FPC)Content scan: no threatening language · No third-party contact instruction · No inaccurate legal representation · No collection outside permitted context · FPC-clean ✓
Check 10: Message length within channel limits (SMS: 160 chars per segment)Message length: 148 characters (within single-segment limit) · No multi-part SMS required · Operator delivery probability: high ✓
Group 4 — Timing and frequency compliance (checks 11–12)
Check 11: Send time within permitted hours — TRAI: no promotional SMS before 9 AM or after 9 PMSend time: 14:36 (2:36 PM) · Within 09:00–21:00 window · Transactional messages have no time restriction but good practice applied ✓
Check 12: Message frequency within policy — no more than 3 promotional messages per borrower per day across all campaignsShanthi Devi promotional messages today: 0 · Transactional messages today: 1 (this will be 2) · No frequency cap breach · Message cleared ✓
● All 12 checks passed · Message cleared for send · Compliance record logged: audit trail maintained for 24 months ● If any check had failed: message held · Compliance officer alerted · No send without manual override and documented reason

The consent management workflow: from loan origination to every subsequent message

01
Loan origination · Consent collection

Explicit, granular consent collected at loan origination — separate consent for transactional and promotional

At loan origination, the borrower signs a loan agreement that includes a DPDP Act-compliant consent notice. The consent is granular: separate consent is collected for transactional communications (loan account updates, EMI notifications, regulatory disclosures — required for the loan to function), and for promotional communications (product offers, cross-sell, marketing). Consent is stored in the consent management system with a timestamp, the consent version (the exact text the borrower agreed to), and the channel scope (SMS, email, WhatsApp). Consent for transactional communications is mandatory for loan disbursement. Promotional consent is optional and clearly marked as such.

→ Transactional consent: mandatory at origination · Promotional consent: optional · Both recorded with version and timestamp · DPDP-compliant
02
Every send · Pre-send consent check

Consent is verified at send time — not at campaign creation time

Consent can change between campaign creation and message send. A borrower who was eligible for promotional messages at the time the campaign was built may have opted out in the intervening period. The Email & SMS Campaign AI checks consent status at the moment of send — not at the moment the campaign was configured. If consent has been withdrawn, the message is suppressed automatically regardless of what the campaign configuration says. This real-time consent check is the most important compliance gate — it prevents the scenario where a campaign built legitimately sends a non-compliant message to a borrower whose consent lapsed.

→ Consent verified at send time, not campaign build time · Withdrawal respected immediately · No override without compliance officer authorisation
03
Opt-out handling · Any channel

Opt-out from any channel immediately updates all channels — no silo

A borrower who replies STOP to an SMS is immediately opted out of promotional SMS. But the Email & SMS Campaign AI also cross-updates: if the borrower has opted out of promotional SMS, the opt-out is applied to promotional email and WhatsApp as well — unless the borrower has separately consented to those channels. The same logic applies in reverse: an email unsubscribe updates the SMS and WhatsApp promotional consent. Opt-outs are honoured within 24 hours per TRAI regulation; the Email & SMS Campaign AI applies them within 60 seconds.

→ Opt-out from any channel: cross-channel update within 60 seconds · TRAI requires 24 hours · Zero promotional messages after opt-out
Annual consent refresh · DPDP Act requirement

Promotional consent refreshed annually — T34 trigger fires automatically at 12-month mark

The DPDP Act requires that consent be kept current and relevant. The Email & SMS Campaign AI tracks the date of each borrower's promotional consent and fires T34 (consent update required) at the 12-month mark — a clear, non-manipulative consent renewal request that explains what data is used for what purpose and gives the borrower an easy mechanism to update their preferences. Borrowers who do not renew promotional consent are moved to transactional-only communication. No promotional messages are sent to lapsed promotional consent until renewal.

→ T34 fires at 12-month consent anniversary · Clear renewal request · Non-manipulative · Lapsed consent: transactional-only until renewed
12Pre-send compliance checks — sender registration, template registration, DND status, DPDP consent, content classification, timing, frequency
60 secOpt-out applied across all channels — TRAI requires 24 hours · Email & SMS AI applies within 60 seconds · No promotional message after opt-out
Send-timeConsent verified at send time — not campaign build time · Prevents lapsed-consent sends when consent changes between campaign creation and dispatch
24 monthsCompliance audit trail maintained — every send logged with check results · Regulatory inquiry produces complete send record within minutes

A compliance gate is not a speed bump — it is the mechanism that keeps the institution's communication programme legal

Every one of the 18,841 messages fired by the Email & SMS Campaign AI in the first 14 days of November passed 12 compliance checks before it was sent. The 12 checks add approximately 200 milliseconds to each send — an overhead that is invisible to the borrower and prevents the message from becoming a TRAI violation, an Ombudsman complaint, or a regulatory notice. An institution that does not run these checks is not running a faster campaign — it is running an unchecked one. When the TRAI enquiry arrives, or when the Ombudsman asks for evidence that opt-out instructions were followed, the audit trail produced by the compliance gate is the only document that proves the institution operated lawfully. The Email & SMS Campaign Agent AI's compliance gate is not a constraint on campaign velocity — it is the infrastructure that makes the campaign programme sustainable at scale, without legal risk accumulating behind every send.

← Back to Email & SMS Campaign Agent AI