Maintaining compliance in inbound customer service call centers

The takeaway: Compliance doesn’t just happen – call centers need to deploy the right tools and strategies.

It would be difficult to overstate the importance of compliance in the call center. Compliance is a factor for organizations in just about every sector – whenever sensitive data is being handled, these firms need to make sure their customer service agents abide by all relevant regulations during every instance of customer engagement.

Naturally, this is easier said than done. To better ensure they are achieving and maintaining compliance, here are three tips for call center leaders.

1. Deploy speech analytics for redaction

One of the most common complications that call centers run into in the realm of compliance relates to call recordings. Call recordings are obviously a valuable resource, serving as documentation for liability purposes, to provide info to improve customer service going forward and to create a record of agent performance that managers can subsequently examine.

But there are serious compliance issues that need to be addressed when it comes to recordings – particularly recordings of financial information. The Payment Card Industry Data Security Standard (PCI DSS) sets a number of key standards for the processing, transmission and storage of credit card information. Notably, PCI DSS forbids virtually all merchants from storing CVV2 data from customers’ credit cards.

The compliance issue, then, crops up when clients and agents need to discuss this information in the course of call resolution. When recordings are in play, a call center can immediately be at risk of violating this regulation, as CIO contributor and compliance expert Michael McAlpen explained

In such situations, speech analytics combined with automated redaction software is the answer. Redaction software eliminates the storage of sensitive information, enabling call centers to ensure that when particular issues are discussed between the agent and customer, all of the pertinent information remains while CVV2 numbers are erased from the record. This applies not just to PCI DSS, but also to just about any other compliance standard regarding the storing of sensitive client information. And because these solutions are automated, there is no risk of agent or managerial oversight that could lead to a compliance violation.

2. Agent training

While speech analytics-based redaction software has the advantage of operating independently of agents, it is also important to recognize the need for agent training to ensure compliance.

Speaking to Bank Innovation, Ori Bach, director of solution management and interactions optimization with NICE Systems, emphasized that agents need to know what information they can present to customers. Otherwise, firms will run the risk of violating the Consumer Financial Protection Bureau’s compliance regulations.

Bach emphasized that only intensive coaching and training can protect companies from this danger. However, he also acknowledged that this can have a negative impact on agent attrition rates. Call center decision-makers need to find the right balance here between compliance risk management and agent satisfaction.

Technology tools can play a key role here, as well. When gamification is used in training, for example, agents can learn more about what is and isn’t compliant in a more engaging, entertaining fashion than traditional training sessions.

3. Compliance-improving policies

It is also critical for call centers to embrace policies that further encourage compliance. With such policies, call center leaders can reduce the risk of inadvertent violations.

For example, industry expert Justin Hamilton-Martin told Call Centre Helper that call centers should consider adopting “white room” policies. In these cases, agents are not allowed to bring their phones, pens, paper or flash drives into the call center environment. Without these resources available, the chances that an agent will make a personal record that violates compliance regulations are greatly reduced.

What recommendations do you have for improving compliance in the call center?