Skip to content
Compliance 9 min readApril 19, 2026· Updated April 27, 2026

SMS Compliance for Auto Shops: TCPA, A2P 10DLC, and What You Must Know Before You Text

A plain-English guide to the laws and carrier rules that govern texting customers. What's required, what's recommended, what gets you fined.

AM
Founder, Pitlane

Why compliance actually matters to an independent shop

Two reasons:

  1. TCPA (Telephone Consumer Protection Act) violations are expensive. $500–$1,500 per message, per recipient, and class-action lawsuits are common. A single enthusiastic promotional blast to 2,000 customers without proper consent can end a business.
  2. Carrier filtering is even more common. You may never get sued and still lose 40% of your message deliverability because you're sending promotional content from an unregistered number.

Most shops worry about (1) and get hurt by (2). This guide covers both.

The three frameworks you need to know

  • TCPA — US federal law. Governs consent. Applies to anyone sending promotional SMS to a US number. Full text at the FCC's TCPA resource page.
  • CAN-SPAM — US federal law. Governs commercial email. Applies if you send marketing emails. The FTC CAN-SPAM compliance guide is the canonical reference.
  • A2P 10DLC — Carrier rules, not law. Governs registration of 10-digit numbers used for application-to-person messaging. Since 2023, unregistered traffic is heavily filtered and surcharged. See the CTIA Messaging Principles and Best Practices for the carrier guidelines.

TCPA in practice. The shop owner's cheat sheet

Transactional messages (don't require opt-in, generally):

  • Appointment confirmations
  • Appointment reminders
  • "Your car is ready" notifications
  • Estimate approval links
  • Invoice/payment receipts
  • Post-service thank-you messages
  • Review requests (gray area. Lean conservative)

Promotional messages (require prior express written consent):

  • "20% off oil changes this weekend!"
  • "We're open Saturdays now. Come by!"
  • Win-back campaigns that include offers
  • Any message primarily designed to drive new business rather than service an existing engagement

The line gets blurry. The safe rule: if you're offering a discount or soliciting new work, get explicit consent.

How to get TCPA-compliant consent

Two methods:

  • At the counter / on your booking form. Include a checkbox or sentence: "By providing your phone number, you agree to receive transactional and promotional text messages from [Shop Name]. Message and data rates may apply. Reply STOP to opt out."
  • Double opt-in for promotional lists. Customer provides number, receives a text asking them to reply YES to subscribe. Keep a record of the YES.

Keep consent records for at least 4 years. If a dispute arises, the burden is on you to prove consent.

A2P 10DLC — what it is and why you can't skip it

Since 2023, US carriers (Verizon, AT&T, T-Mobile) require any 10-digit number used to send application-to-person messages (automated messages sent from software, not from a human phone) to be registered under A2P 10DLC. This registration includes:

  • Brand registration. Verifies your business is real (EIN, legal name, address).
  • Campaign registration. Declares what types of messages you'll send.
  • Trust score. Determines how many messages per second you can send.

What happens if you skip it: your messages still send, but carrier filters silently block 30–50% of them, and you pay per-message unregistered surcharges. You won't know which messages failed unless you check delivery receipts obsessively.

Any legitimate SMS platform (Twilio, MessageBird, Bandwidth, and CRMs built on top of them) will handle A2P 10DLC registration for you. It takes 1–3 weeks for approval.

Message content rules

Carriers also filter based on content. Flagged content types:

  • Shortened URLs (bit.ly, tinyurl, etc.) — heavily filtered. Use your own domain.
  • Explicit financial promotions — "Get $500 fast!" triggers filters.
  • Gambling, firearms, adult content — outright blocked on most carriers regardless of registration. Not relevant for most shops but worth knowing.
  • Repeated symbols / ALL CAPS — "!!!" and "URGENT!!!" look like spam to filters.

Write like a human. Don't shout. Don't use sketchy link shorteners.

Required elements in every promotional SMS

  • Shop name identifying the sender
  • Clear opt-out ("Reply STOP to opt out")
  • Frequency disclosure on first promotional message ("Msgs 2–4x/month")
  • "Msg & data rates may apply" on first promotional message

Transactional messages don't strictly need the frequency/rates language, but every message should respect STOP when it comes in. Not honoring STOP is a fast path to a TCPA class action.

Record-keeping requirements

Keep records of:

  • Consent. When it was given, how (form, text, in person), and what they consented to.
  • Message history. What was sent, when, to whom.
  • Opt-outs. When a STOP was received and how it was processed.

A good SMS platform stores all of this automatically. A shop texting from a personal cell phone stores none of it.

Common shop-owner mistakes

  • Buying a list and blasting it. Illegal. Easy to prove. Lawsuits follow.
  • Texting customers who asked you to stop. Violates TCPA, easily proven from the carrier logs.
  • Sending promotional content from a transactional-registered campaign. Violates carrier rules, your trust score drops.
  • Using an advisor's personal cell phone. No consent tracking, no opt-out processing, no compliance audit trail.

The safe setup

  1. Register your number under A2P 10DLC. Your SMS platform handles this.
  2. Include consent language on every form where a customer provides a phone number.
  3. Keep transactional and promotional messages separate. Use separate campaigns on your platform if possible.
  4. Always honor STOP requests immediately.
  5. Keep records.

Do these five and your TCPA and carrier-compliance risk drops to nearly zero.

How Pitlane handles this

Pitlane runs on a fully A2P 10DLC-registered SMS infrastructure. Transactional and promotional campaigns are tracked separately. Opt-outs are honored automatically and synced across every channel. Consent timestamps are stored on the contact record. You don't have to think about compliance. It's built in.

Learn more about Pitlane →

Frequently asked

Do auto shops need to register for A2P 10DLC?

Yes. Any business sending automated SMS from a 10-digit number to US customers must register under A2P 10DLC since 2023. Major carriers — Verizon, AT&T, T-Mobile. Silently filter 30–50% of unregistered traffic and apply per-message surcharges. Skipping registration means most of your messages don't get delivered, and you won't know unless you check delivery receipts obsessively. Modern SMS platforms handle registration for you; it takes roughly 1–3 weeks once you submit EIN, legal business name, and campaign types.

Do appointment reminder texts to auto shop customers require TCPA consent?

Transactional messages. Appointment confirmations, reminders, ready-for-pickup alerts, estimate approvals, payment receipts. Generally don't require prior express written consent under TCPA because they service an existing engagement. Promotional messages. Discounts, weekend hours, win-back offers. Do require consent. Review requests sit in a gray area; the conservative approach is to include consent language on your intake form covering both types.

How much can TCPA fines cost an auto shop?

$500 to $1,500 per message, per recipient. A single promotional text blast to 2,000 customers without proper consent could expose the shop to $1M–$3M in statutory damages, often pursued as class actions. Most shop owners worry about fines and underestimate the bigger day-to-day risk: carrier filtering, which silently kills 30–50% of unregistered traffic. Both problems are solved by registering A2P 10DLC and keeping clean consent records.

What's the difference between TCPA, CAN-SPAM, and A2P 10DLC?

TCPA is US federal law governing telemarketing and SMS consent. It applies to any commercial text sent to a US number. CAN-SPAM is US federal law governing commercial email. A separate framework with similar themes (unsubscribe required, sender ID, etc.). A2P 10DLC isn't a law at all. It's a carrier-imposed registration requirement for application-to-person SMS sent from 10-digit numbers. You can be fully TCPA-compliant and still get filtered if you skip A2P registration. Auto shops need to comply with all three.

What SMS consent language do auto shops need on their intake form?

A short consent line covering transactional and promotional use, with clear opt-out instructions. Sample wording: By providing your phone number, you agree to receive transactional and promotional text messages from [Shop Name]. Message and data rates may apply. Reply STOP to opt out. Keep records of when consent was given, how it was collected, and what types of messages it covered. For at least four years. The burden of proof is on the business if there's ever a dispute.

Every system in this post runs automatically in Pitlane.

Reviews, follow-ups, win-backs, digital inspections, card payments — set it up once, it runs forever. Under 10 minutes to get started.

Start 30-day free trial See a live demo

Keep reading

All articles
Compliance

Customer Data Your Shop Keeps. And the Law

Names, VINs, phone numbers, service history, credit card receipts. What you're required to keep, what you should delete, and how the rules changed in 2026.

6 minApril 23, 2026
Customer retention

Should Your Auto Shop Run a Loyalty Program? A Cost-Benefit for Independent Repair Shops

Loyalty programs sound great in theory and quietly flop at most shops. When a loyalty program makes sense, when it doesn't, and how to run one.

7 minMay 10, 2026
Payments

Stripe for Auto Shops: The Shop Owner's Guide to Accepting Card Payments (Without the 3% Fee)

Card processing fees can eat $10k+ a year at a busy shop. How to connect your own Stripe, keep 100% of revenue, and skip platform fees.

6 minMay 8, 2026
All articles