"You can still send marketing messages to active customers and members, provided that they have not previously opted-out or unsubscribed."

 

 

 

 

 

"Maintaining (and using) an updated opt-out file is the single most important thing you can do to avoid email marketing problems."

CAN-SPAM — Three Years Later ...

The CAN-SPAM Act of 2003 became effective January 1, 2004. Since inception, it has become a baseline standard for permission-based email marketing. What does it mean for financial institutions? How has it been implemented and with what results? With over 150 financial institution clients, ClickRSVP stands uniquely qualified to provide you with an overview of what how CAN-SPAM affects you.

» How CAN-SPAM affects Financial Institutions

» Strategic Implications for Financial Institutions

» How ClickRSVP and EmailConductor are Meeting the Challenge

First, some definitions and key points. CAN-SPAM stands for “Controlling the Assault of Non-Solicited Pornography and Marketing”. Unlike Gramm-Leach-Bliley, this legislation was clearly not aimed at financial institutions.

Here's a summary of the law's main provisions from the Federal Trade Commission (www.ftc.gov/spam/)

  • It bans false or misleading header information. Your email's "From," "To," and routing information – including the originating domain name and email address – must be accurate and identify the person who initiated the email.
  • It prohibits deceptive subject lines. The subject line cannot mislead the recipient about the contents or subject matter of the message.
  • It requires that your email give recipients an opt-out method. You must provide a return email address or another Internet-based response mechanism that allows a recipient to ask you not to send future email messages to that email address, and you must honor the requests. You may create a "menu" of choices to allow a recipient to opt out of certain types of messages, but you must include the option to end any commercial messages from the sender.

    Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your commercial email. When you receive an opt-out request, the law gives you 10 business days to stop sending email to the requestor's email address. You cannot help another entity send email to that address, or have another entity send email on your behalf to that address. Finally, it's illegal for you to sell or transfer the email addresses of people who choose not to receive your email, even in the form of a mailing list, unless you transfer the addresses so another entity can comply with the law.

  • It requires that commercial email be identified as an advertisement and include the sender's valid physical postal address. Your message must contain clear and conspicuous notice that the message is an advertisement or solicitation and that the recipient can opt out of receiving more commercial email from you. It also must include your valid physical postal address.

How CAN-SPAM affects Financial Institutions

  • The law differentiates between "transactional messages" and "commercial electronic mail messages." Messages that are part of a commercial transaction, or that provide information on accounts and balances (e-statements, for example) are considered to be “transactional” and are exempt from CAN-SPAM regulations. The law does not at this time prohibit including marketing content as part of these messages. However, the primary purpose of the message must be to deliver account or transaction information.
  • Subject line and other header information cannot be false or misleading, regardless of whether or not the message is transaction/relationship or commercial. This is straightforward.
  • Unless a recipient has expressly opted-in to receive marketing emails from you, your marketing message must be identified as such, and you must include your physical mailing address (not a PO Box). Subject lines with phrases such as “Special Offer,” “Member Savings” or “E-News” clearly indicate the intent of the message. And, as long as the subject line is not misleading, the message body itself can serve notice of the message content. It just has to be clear and conspicuous.
  • Commercial messages must contain a clear, conspicuous and functional way for the recipient to opt-out of receiving further marketing messages. This can include a working reply email address, or an unsubscribe link. In either case, unsubscribe requests must be honored within 10 days of receipt.
  • Once a recipient has opted out, you can no longer send commercial messages to that email address.
  • CAN-SPAM is administered by the Federal Trade Commission (FTC) and supersedes all local and state anti-spam laws. Fines can range from $100,000 for individuals up to $500,000 for organizations, depending upon the severity and criminality of the offenses.

Strategic Implications for Financial Institutions

While CAN-SPAM was created primarily to control the seedier side of unsolicited email, there are some implications for financial institutions. Listed below are some basic action steps.

  • Non-opt-in messages are OK but different. You can still send marketing messages to active customers and members, provided that they have not previously opted-out or unsubscribed. These are “relationship-based” messages and are allowed, provided they follow the rules above.
  • Build your opt-in list. If you plan to use email as a marketing tool, start collecting explicit permission.
    • Use web signup forms to capture your customer email addresses. These can be simple “Sign up for E-News” or full-scale multiple-interest and demographic forms. Be sure to promote your signup form on your home page, your online banking page and other high-traffic pages. For better results, show samples of your e-newsletter. And be sure to explain your opt-out and privacy policies (in plain terms) as part of your signup verbiage.
    • Offer new customers the opportunity to receive your e-newsletter. (Just be sure that your e-newsletter actually contains some informational content.)
    • Use in-branch sign-ups, statement stuffers and front-line involvement to build your list and your program’s visibility.
    • Do not use “passive opt-in” techniques, such as requiring the user to uncheck a box in order to opt-out, and be sure that the opt-in terms are “clear and conspicuous.”
    • Your record-keeping should include some documentation about the fact that permission was given, including sign-up date, and the IP address of the originating request. (This is automatic with ClickRSVP.)
    • Offer more choices, with different types of content (consumer, business, rate alerts, etc.) Customers don’t mind hearing from you via email – in fact they enjoy it. It just has to be relevant.
  • Consolidate your opt-out processes. CAN-SPAM is very clear about not sending commercial messages to recipients who have opted out. Maintaining (and using) an updated opt-out file is the single most important thing you can do to avoid email marketing problems.

    For many financial institutions, especially those with multiple business units, maintaining an up-to-date opt-out file will be a challenge. Remember that the law gives the sender 10 days to comply with an opt-out request. If you maintain opt-out information in an MCIF that is updated monthly, and you market via email regularly, this could be problematic.

    Ultimately, all opt-out information needs to interact with the email marketing engine and/or database. Processes – automated or manual – need to be in place to ensure that all opt-out requests are suppressed from future mailings.

How ClickRSVP and EmailConductor are Meeting the Challenge

As a permission marketer with extensive financial service experience, ClickRSVP has long been prepared to meet the challenges of both GLB and CAN-SPAM. Our applications and resources are designed to enable financial institutions to market effectively via email and the Internet.

Hosted on a Fiserv network, our EmailConductor platform provides centralized, secure email list management service that can interface with any data source (core data, MCIF, CRM, etc.) As a true relational database, EmailConductor can maintain permission and opt-out status for customers across multiple business units.

Other CAN-SPAM compliant features include:

  • Ability to support relationship-based email programs within compliance guidelines
  • Robust support for single opt-in or double (confirmed) opt-in
  • Multiple opt-out methods (web-based and reply mail)
  • Automatic and instant opt-out acknowledgment and notification to multiple recipients
  • Automatic logging of the opt-in date, time and originating IP address
  • Active reply mail accounts to accept and process mail from recipients

ClickRSVP continues to develop and maintain a service level of "best practices" for the financial industry. If you would like a complimentary review of how to implement CAN-SPAM Compliant email marketing for your institution, please contact our sales department at 877-807-2027 or sales@clickrsvp.com.

Click here to download a PDF version.

Close Window
  ©Copyright 2007, ClickRSVP, Inc.                                www.clickrsvp.com                                   877.807.2027