Our Card Provider is stating we must assure them we have "express" consent to use a mobile phone number for auto-dial contact about potential/actual fraud, breaches, etc.; that we must tell than "how" the customer wishes to be contacted; and that we need to send out Opt-out "options" to our customers. However, the ABA believes we have "express" consent when the customer gave us his/her number to use for bank related items; that we only have to be able to "handle" an opt-out if the customer informs us he does not want the phone calls, and I had not heard that we had to know "how" the customer wanted to be contacted. In addition, our document provider says we have to send out new Terms and Conditions that include a disclosure about TCPA. We do not input into our Core system if a phone is a cell or landline, nor do we ask "how" they want to be contacted. Lastly, ordering all new Terms and mailing these to all our customers will be time consuming and expensive, especially when it does not appear we should have to do so. And getting customer's written "express" consent will be hard, and since most would surely want a "breach" related call, we would not want to fail to place such a call because we had not received some thing additional that was "express" consent. How are other banks handling (and interpreting ) TCPA?