How to Start a Collection Agency: State Licenses, FDCPA Compliance, Bonding Requirements, and Startup Costs (2026 Guide)

Not legal advice. Requirements may change — always verify with your local government authority before applying. Last verified: April 18, 2026.

Quick summary: what you need to start a collection agency

1State collection agency license — Required in most states. Key states: FL ($50K bond), NY ($25K bond), IL ($25K bond), NJ ($10K bond), WA ($10K–$35K bond). Multi-state agencies must license in each state where they contact consumers.
2Surety bond — Required in most licensed states. Ranges from $5,000 (some states) to $50,000 (Florida, Nevada). Cost: 1–5% of bond amount annually based on credit. Must be filed with the state licensing agency.
3FDCPA compliance program — Mandatory for all third-party collectors. Requires: mini-Miranda disclosures on every communication, validation notices within 5 days of first contact, prohibition on harassment and false statements, and cease-communication compliance procedures.
4CFPB Regulation F compliance — Effective November 2021. Limits calls to 7 within 7 days, requires model validation notice format, permits email/text with opt-out, and mandates time-barred debt disclosures.
5TCPA compliance — If using an automated dialer or sending text messages, you need prior express consent for cell phone contacts and must honor all opt-out requests immediately. TCPA class actions are routine in the collection industry.
6FCRA furnisher obligations — If you report accounts to credit bureaus, you must comply with FCRA accuracy requirements, investigate e-OSCAR disputes within 30 days, and delete time-barred accounts after 7 years from original delinquency date.
7Trust account / escrow — Contingency collectors must hold consumer payments in a dedicated trust account separate from operating funds. State licensing examiners audit trust account records routinely.

1. Collection agency business models

Before diving into licensing, it is worth understanding that "collection agency" describes two structurally different business models that have different capital requirements, regulatory intensity, and economics.

Contingency collection (third-party collector): The original creditor retains ownership of the debt and hires your agency to collect on their behalf. You earn a contingency fee — typically 25–50% of what you recover. No upfront capital required to acquire debt. You are subject to the FDCPA as a "debt collector." This is the most common model for startup agencies because it requires minimal capital beyond licensing and technology.

Debt buyer: You purchase charged-off debt portfolios from creditors at a discount (pennies on the dollar) and collect for your own account. You own the debt. FDCPA still applies to you as a debt buyer collecting on purchased consumer debt. This model requires significant capital to acquire portfolios but retains 100% of collected amounts. Returns on well-managed portfolios can be significant — 200–500% of purchase price — but collection rates on aged charged-off debt are typically 10–30%.

Specialty collection niches: Medical debt collection (collecting for hospitals, physician practices, labs), commercial (B2B) debt collection (FDCPA does not apply to commercial debt), student loan collection, and government debt collection each have additional regulatory overlays and often require separate expertise.

Start with contingency collection

Most successful collection agencies start as contingency collectors — it requires minimal upfront capital, lets you build operational infrastructure and compliance systems, and generates immediate cash flow. Debt buying can be added later as you develop expertise in specific debt types and accumulate capital for portfolio acquisition.

2. Revenue model: contingency fees vs. purchased debt

The economics of collection agencies differ fundamentally depending on whether you are operating on contingency or as a debt buyer. Understanding both models — including typical fee structures, portfolio pricing, and collection rate benchmarks — is essential for building a viable financial plan.

Contingency fee model

Under the contingency model, you charge a percentage of amounts actually collected — the creditor pays nothing unless you recover money. Contingency rates vary by debt type, age, and volume:

Fresh debt (under 90 days delinquent): 15–25% of collected amount. Higher collection rates (40–70%) make lower percentages viable.
Standard placement (90–180 days): 25–35%. Collection rates typically 20–40%.
Tertiary/aged debt (1–3 years): 35–50%. Collection rates drop sharply to 5–15% on truly aged accounts.
Medical debt: 20–35%. CFPB and state rules around medical debt collection are tightening — verify current rules in each state before accepting medical placements.
Commercial (B2B) debt: 20–30% for fresh commercial; up to 40–50% for aged commercial. Commercial debt is not subject to FDCPA, reducing compliance overhead.

Volume discounts are common — large creditors placing significant monthly volumes negotiate lower contingency rates in exchange for volume commitments. A creditor placing $1 million/month in fresh credit card debt might negotiate 18% versus the standard 25%.

Debt buyer model: portfolio pricing and economics

Debt buyers purchase charge-off portfolios outright. Portfolio pricing — expressed as cents on the dollar of face (nominal) value — is driven by debt type, age, original creditor, documentation quality, and market conditions:

Debt Type	Typical Purchase Price	Expected Collection Rate	Typical ROI Range
Fresh credit card (under 180 days)	$0.06–$0.12	30–55%	200–400%
Aged credit card (1–3 years)	$0.02–$0.06	10–25%	100–300%
Medical debt	$0.01–$0.04	5–15%	50–200%
Personal loans (bank)	$0.05–$0.15	20–40%	150–350%
Telecom/utility debt	$0.01–$0.03	5–12%	50–150%

Portfolio pricing fluctuates with market conditions. These are representative ranges, not guarantees.

Documentation quality matters enormously. Portfolios with complete account documentation — original signed agreements, account statements, payment history, charge-off letters — command higher prices and are significantly easier to collect on (especially if litigation is needed). Portfolios with thin or missing documentation ("bare portfolios") sell for a fraction of well-documented paper and create FDCPA verification exposure.

Hybrid model: start contingency, migrate to buying

Many agencies start purely contingency to build cash flow and expertise, then use profits to acquire their first portfolios at 2–3 years in. This lets you learn which debt types perform best in your market before committing capital to portfolio purchases.

3. FDCPA compliance deep dive

The Fair Debt Collection Practices Act (15 U.S.C. § 1692 et seq.) is the foundation of consumer debt collection law. Every third-party collection agency and debt buyer must have a documented FDCPA compliance program before making a single collection contact.

Mini-Miranda disclosure

Every initial communication — written or oral — must state that it is from a debt collector attempting to collect a debt and that any information obtained will be used for that purpose. Subsequent written communications must also carry this disclosure. Your phone script must open with the mini-Miranda, and your collection letters must display it prominently (not buried in fine print).

Validation notice and debt verification (5-day rule)

Within 5 days of the first communication, send a written notice containing the debt amount, creditor name, and a 30-day dispute and verification right statement. Under CFPB Regulation F, this notice must use the model form format (Model Form B-1) to qualify for the safe harbor. Build your letter templates around the Regulation F model form from day one.

When a consumer sends a written dispute within the 30-day window, all collection activity must stop until you provide verification of the debt. Verification requires actual evidence — an account statement, signed agreement, or itemized balance ledger. Simply re-sending the validation notice is insufficient. Your CMS must automatically flag and lock accounts upon receipt of a written dispute.

Cease and desist (cease communication) obligations

Under 15 U.S.C. § 1692c(c), a consumer's written request to cease communication triggers an immediate and permanent stop to all collection contacts except three narrow notifications: advising the consumer that collection efforts are terminating, notifying them of a specific remedy you intend to invoke (such as a lawsuit), or notifying them that a specific remedy is being invoked. Your CMS must have a hard C&D flag that prevents outbound contact to these accounts. Continuing to call or write after a valid cease request — even once — is a per se FDCPA violation.

Prohibited practices: what collectors cannot do

The FDCPA's prohibited conduct provisions (§§ 1692d, 1692e, 1692f) cover three categories:

Harassment and abuse (§ 1692d): Prohibited conduct includes using obscene or profane language; threatening violence; publishing a "shame list" of debtors; causing a phone to ring repeatedly to annoy; and making calls without disclosing identity. The call-frequency rule under Regulation F (7 calls in 7 days) gives specific operational content to the "repeated calls" prohibition.
False or misleading representations (§ 1692e): Cannot falsely represent the character, amount, or legal status of any debt; cannot misrepresent being an attorney or government official; cannot threaten arrest or criminal prosecution for failure to pay a consumer debt (consumer debt non-payment is not a crime); cannot use false, deceptive, or misleading representations in connection with collection; and cannot fail to disclose in subsequent communications that the communication is from a debt collector.
Unfair practices (§ 1692f): Cannot collect any amount not expressly authorized by the agreement or permitted by law (no adding "collection fees" unless the agreement or state law explicitly authorizes it); cannot accept a post-dated check by more than 5 days without notifying the consumer 3–10 business days in advance of deposit; cannot take nonjudicial action to seize property when there is no present right to do so; cannot communicate by postcard (privacy violation); and cannot use envelopes that reveal the communication is from a debt collector on the outside.

FDCPA litigation risk is real

The FDCPA has a private right of action with fee shifting — if a consumer wins, you pay their attorney fees. This creates an active plaintiffs' bar that files high volumes of FDCPA cases, often over technical violations like missing mini-Miranda disclosures or validation notice defects. Errors and omissions (professional liability) insurance is not optional for a collection agency.

4. State licensing requirements: expanded table

Licensing requirements are determined by the state where the consumer is located — not where your agency is headquartered. If you collect debts from consumers in Florida, you need a Florida collection agency license, even if your office is in Texas. The table below covers the 14 most significant states for collection agency licensing.

State	License Required?	Regulator	Bond Amount	Annual Fee	Notes
Florida	Yes	OFR (Ch. 559)	$50,000	$500	Qualifying individual required per location
New York	Yes	DFS + DCWP (NYC)	$25,000	$1,000	Separate NYC license for consumers in 5 boroughs
Illinois	Yes	IDFPR (225 ILCS 425)	$25,000	$750	Trust account required; background checks on principals
Texas	Yes	OCCC (Fin. Code Ch. 392)	None	$10,000	Registration (not license); no bond but high fee
New Jersey	Yes	DOBI	$10,000	$200	Annual renewal; background check required
Washington	Yes	DOL	$10K–$35K	$300	Bond scales with annual collection volume
Massachusetts	Yes	DOB (M.G.L. Ch. 93)	$30,000	$600	Strict state FDCPA analog (209 CMR 18.00)
Michigan	Yes	DIFS	$50,000+	$500	Bond can scale higher based on volume
Nevada	Yes	FID	$50,000	$400	Nevada FDCPA (NRS 649) supplements federal law
Connecticut	Yes	DOB (CGS Ch. 669)	$25,000	$400	State debt collection law adds prohibitions beyond FDCPA
Minnesota	Yes	DOC (Minn. Stat. Ch. 332)	$10,000	$300	Trust account required; NMLS-based licensing
Arkansas	Yes	SBA (A.C.A. § 17-24)	$50,000	$250	High bond requirement for a smaller-population state
Colorado	No state license	—	—	—	FDCPA + CO FDCPA (C.R.S. § 5-16) apply
Georgia	No state license	—	—	—	General business license + FDCPA compliance required

Verify current requirements with each state's licensing authority — fees and bond amounts change annually. States marked "No state license" still require general business licensing and full FDCPA compliance.

5. CFPB Regulation F: contact frequency and electronic outreach rules

CFPB Regulation F (12 CFR Part 1006) is the most significant update to collection compliance in decades. Effective November 30, 2021, it modernizes FDCPA rules for digital communication and imposes specific call frequency limits that every collection agency must operationalize in its CMS.

Call frequency limits: the 7-in-7 rule

Regulation F creates a rebuttable presumption of harassment if a collector calls a consumer more than 7 times within any 7-consecutive-day period, or within 7 days after completing a phone conversation with that consumer about the specific debt. The "7 calls" cap applies per debt — calling on two separate debts does not combine for purposes of the limit. However, if your CMS is not tracking call frequency per account and per debt, you will quickly accumulate violations across a large portfolio.

The 7-in-7 rule is a floor, not a ceiling. Some states have more restrictive call frequency requirements. California, for example, has additional restrictions under the Rosenthal Act and the CCPA that effectively reduce permissible contact further. Multi-state agencies should track the most restrictive applicable rule for each consumer.

Electronic communication permissions and opt-out

Regulation F explicitly permits debt collectors to use email, text messages, and social media private messages to contact consumers — a significant change from prior FDCPA interpretive uncertainty. However, each channel has specific opt-out requirements:

Email: Must include a clear, conspicuous, and easy-to-use opt-out mechanism. Upon receipt of an opt-out request via email, the collector must honor it and cease email contact. Cannot use the consumer's employer email address if there is reason to know the employer prohibits personal use.
Text message: Same opt-out requirements as email. Must honor opt-out requests immediately (STOP responses). TCPA's prior express consent requirements for ATDS-generated texts apply independently.
Social media: May send private (direct) messages only if the consumer can see the collector's true identity on the account. Cannot send friend/connection requests in order to collect. Cannot post on the consumer's public timeline or in comments about the debt.

Model validation notice and safe harbor

Regulation F includes Model Form B-1 — a standardized validation notice template. Collectors who use the model form substantially as written receive a safe harbor from § 1692g claims about the adequacy of the validation notice. The model form includes: debt amount and creditor information fields, a Spanish-language availability disclosure, and a detachable dispute and contact-request coupon. Design your standard first-notice letter around the model form — deviating from it without good reason creates unnecessary litigation exposure.

Time-barred debt disclosure obligations

If you collect on a debt that is past the applicable statute of limitations (time-barred), Regulation F requires specific disclosures. You may not sue on time-barred debt — doing so is an FDCPA violation under § 1692e (false threat of legal action). When the debt is time-barred but you are still attempting to collect through non-litigation means, you must disclose that the debt is time-barred and that you cannot sue to collect. If the debt is also past the 7-year credit reporting period, you must additionally disclose that you cannot report it to the credit bureaus.

CMS configuration is compliance

Regulation F compliance is fundamentally a systems problem, not a training problem. Your collection management software must enforce call frequency limits, block contact on opted-out channels, flag cease-communication accounts, and track statute of limitations dates automatically. Manual compliance tracking at any meaningful account volume is not reliable. Invest in CMS configuration before you make your first collection contact.

6. Credit reporting: FCRA furnisher obligations

Reporting collection accounts to Equifax, Experian, and TransUnion is one of the most powerful collection tools available — a negative tradeline creates significant consumer motivation to resolve the debt. But FCRA furnisher obligations are extensive, and violations are heavily litigated.

Becoming a data furnisher

To report accounts to credit bureaus, you must execute a Data Furnisher Agreement with each bureau (Equifax, Experian, TransUnion). Each bureau has its own application process. Approval requirements typically include: a physical business location, a minimum monthly reporting volume (often 100+ accounts/month), proof of compliance infrastructure (policies, procedures, dispute-handling process), and reference checks. New agencies may need to wait 6–12 months before bureau approval — plan ahead.

Reporting must be done in the Metro 2 format as specified by the Credit Reporting Resource Guide (CRRG), maintained by the Consumer Data Industry Association (CDIA). Your CMS should have native Metro 2 export capabilities — this is a standard feature of most professional collection software platforms.

Accuracy requirements and dispute handling

Under 15 U.S.C. § 1681s-2, you must maintain reasonable policies and procedures to ensure that the information you furnish is accurate and complete. Specific obligations:

Disputed accounts: When the credit bureau sends you an e-OSCAR dispute notice, you have 30 days (45 days if the consumer provides additional information) to investigate and report back. If the information is inaccurate or cannot be verified, you must delete or correct it.
Paid/settled accounts: Update reporting promptly when accounts are paid in full or settled. Do not continue reporting a balance after payment. Report "paid" or "settled" status with the correct date.
Bankruptcy discharges: When a consumer's debt is discharged in bankruptcy, you must update reporting to reflect the discharge. Continuing to report a discharged debt as owed is an FDCPA violation and potentially a contempt of the bankruptcy discharge order.
Seven-year limit: Collection accounts must be deleted 7 years from the date of first delinquency (DOFD) on the original account — not 7 years from the date you acquired the debt or the charge-off date. Your CMS must track DOFD for each account to automate accurate deletion timing.

Zombie debt reporting is a federal violation

Reporting accounts past the 7-year DOFD limit — sometimes called "zombie debt" — is an FCRA violation and a common source of consumer litigation. Agencies that purchase debt portfolios without proper DOFD documentation are particularly at risk of inadvertently re-aging debts. Always obtain and verify DOFD at the time of portfolio acquisition.

7. Skip tracing: technology and legal limits

Skip tracing — locating consumers who have moved, changed phone numbers, or disconnected contact — is a core operational function. Modern collection agencies use a combination of commercial data aggregators, real-time phone validation, and batch portfolio refresh tools to maintain current consumer contact information.

Primary skip tracing platforms

The four leading platforms used by professional collection agencies:

LexisNexis Accurint: Industry standard for comprehensive consumer locate data. Aggregates public records (court filings, property records, voter registration, DMV), utility connections, and credit header data. Per-inquiry pricing $0.25–$1.50; requires data use agreement and FCRA permissible purpose certification. Best-in-class for address and employment history.
TransUnion TLO: Strong mobile phone number coverage and utility connection data. Acquired by TransUnion; deep integration with TransUnion's credit data. Competitive with Accurint on pricing. Popular for telecom, medical, and credit card portfolio work.
IDIdata BatchData: Particularly useful for batch portfolio refreshes — submit a file of account records and receive appended address, phone, and employment data. Per-record pricing $0.05–$0.30 for batch appends. API integration available for CMS automation.
Tracers Information Specialists: Cloud-based platform popular with smaller agencies. Lower monthly minimum than Accurint/TLO. Per-search comprehensive reports start around $1.00–$3.00. Good choice for agencies under 500 active accounts.

FCRA and FDCPA limits on skip tracing

All skip tracing using consumer data platforms requires a FCRA permissible purpose — debt collection is a recognized permissible purpose under 15 U.S.C. § 1681b(a)(3)(A). You must certify permissible purpose to each data provider when establishing your account and with each batch submission.

Under FDCPA § 1692b, when you contact third parties to obtain location information about a consumer, you must: identify yourself (but only your name, not your employer unless asked); state that you are confirming location information; and not disclose that the consumer owes a debt. You may contact any given third party only once per location inquiry unless you have reason to believe the first information was wrong. You may never skip-trace through the consumer's attorney if you know they are represented.

Phone number validation and scrubbing

Before dialing any phone number — particularly on acquired portfolios — run it through a phone validation service to confirm it is active and to identify whether it is a landline or mobile number. Calling a mobile number with an ATDS without prior express consent is a TCPA violation. Services like Neustar, Twilio Lookup, or batch phone append from LexisNexis/TLO can classify numbers and verify activity. This scrub should be part of your standard portfolio-intake workflow.

8. Trust account and escrow requirements

Handling consumer payments correctly is one of the most regulated aspects of collection agency operations. For contingency collectors, every dollar paid by a consumer is client property until remitted and your fee is earned — commingling these funds with your operating account creates regulatory, legal, and criminal exposure.

Why trust accounts are mandatory

State collection agency statutes in Florida, Illinois, Minnesota, New York, and other licensed states explicitly require that collected funds be held in a segregated trust account. Even in states that do not have explicit trust account statutes, the fiduciary relationship between a collection agency and its creditor clients creates an implied obligation to maintain segregated funds. Using client funds for operating expenses — even temporarily — constitutes conversion, and state licensing agencies can and do revoke licenses for trust account violations.

Trust account mechanics

Open a dedicated bank account labeled as a "Client Trust Account" or "Collection Escrow Account." Some states require the word "trust" in the account title.
Never deposit agency operating funds — payroll, vendor payments, rent — into the trust account.
Deposit consumer payments into the trust account within the timeframe required by your state (commonly 72 hours in Florida, next business day in Illinois).
Record each deposit with the consumer account reference and client attribution so the trust account balance can be reconciled to individual client ledgers.
Remit client funds on the schedule specified in your contingency contract — typically weekly, bi-weekly, or monthly. At remittance, transfer your earned contingency fee to your operating account.
Reconcile the trust account monthly: the sum of all client ledger balances should equal the trust account balance. Document your monthly reconciliation and retain records for at least 5 years (longer if required by your state).

Examination and audit risk

State licensing examiners routinely audit trust account records as part of collection agency examinations. Common findings that result in license discipline: depositing agency funds into the trust account (commingling); delayed remittances to clients; inadequate account-level record-keeping; and failure to reconcile. Build your trust account accounting practices before you collect the first dollar — retrofitting proper records after the fact is difficult and risky.

Use accounting software designed for collection agencies

Most professional collection management systems (Collect!, DAKCS, Columbia Ultimate) include trust account ledger functionality built in. This is not the same as QuickBooks — collection-specific accounting tracks trust account activity at the individual account and client level, automates remittance calculations, and produces the client statements you need for compliance. Do not attempt to manage trust account obligations with general accounting software.

9. Technology and compliance infrastructure

A modern collection agency cannot operate manually. You need purpose-built collection management software, call recording (required for compliance), skip tracing tools, and a dialer system — all configured to enforce FDCPA, Regulation F, and TCPA requirements automatically.

Collection management software

Your collection management system (CMS) is the core of your operation. It tracks account status, call history, payment records, dispute flags, cease-communication flags, and letter generation. Leading platforms: Collect! (entry-level, $200/month), DAKCS Beyond ARM, Columbia Ultimate (mid-market), Simplicity Collect (cloud-based). Ensure your CMS enforces Regulation F call frequency limits (7 calls/7 days) automatically and flags accounts with active disputes or cease-communication requests.

Call recording

Recording every collection call is essential for FDCPA compliance defense. When a consumer alleges a violation, call recordings are your primary evidence. Cloud-based recording systems integrate with most VoIP phone platforms. Ensure two-party consent disclosure ("this call may be recorded") is given at the start of every call in states requiring it (California, Florida, Washington, etc.).

Skip tracing integration

Skip tracing is the process of locating consumers who have moved or changed phone numbers. Providers: LexisNexis Accurint, TransUnion TLO, Tracers Information Specialists, and IDIdata. These services aggregate address history, phone numbers, employment history, and other data to locate consumers. Costs: $0.10–$2.00 per inquiry depending on data depth and volume. Most professional CMS platforms offer direct API integrations with skip tracing providers so locate requests can be initiated from within the account record.

Dialer and communication systems

Predictive and power dialers automate outbound calling efficiency significantly. Cloud-based dialer platforms for collection agencies include TCN, DAKCS, and Noble Systems. All dialer systems must be configured to: enforce the Regulation F 7-in-7 call frequency cap per account; block calls to numbers on your internal DNC list and accounts with cease-communication flags; provide call recording; and comply with state-specific call time restrictions (typically 8 AM – 9 PM consumer's local time).

10. Collection agency startup checklist

1.Form your business entity — LLC or corporation. Collection agencies should not operate as sole proprietorships — FDCPA liability exposure makes entity protection important.
2.Identify target states — Where will you collect? Identify every state where consumers will be located and research each state's collection agency licensing requirements.
3.Obtain surety bonds — Apply for bonds in each state that requires them. Work with a surety broker who specializes in collection agency bonds.
4.Apply for state licenses — File applications with each state's licensing authority. Many states use NMLS for collection agency licensing. Allow 30–90 days for processing.
5.Draft FDCPA compliance policies — Written policies covering mini-Miranda procedures, validation notice timing, prohibited conduct list, dispute handling, and cease-communication compliance. Work with a collection law attorney.
6.Select and configure CMS software — Configure call frequency limits, dispute flags, cease-communication flags, trust account ledgers, and letter templates using the Regulation F model form.
7.Open trust account — Open a dedicated client trust / escrow account at your bank. Configure your CMS to post all consumer payments to the trust ledger. Set up monthly reconciliation procedures.
8.Set up phone system with recording — Configure call recording, two-party consent disclosure, and DNC/cease list integration.
9.Obtain E&O and cyber insurance — Errors and omissions coverage for FDCPA/FCRA claim defense; cyber liability for consumer financial data protection.
10.Sign first client contracts — Contingency agreements with creditor clients specify your commission rate, reporting requirements, trust account remittance schedule, and compliance representations.
11.Integrate skip tracing — Establish accounts with at least one primary skip tracing provider (LexisNexis Accurint or TransUnion TLO) and configure the API integration with your CMS.
12.Train all collectors — FDCPA and state law training before any collector makes a collection contact. Document training with signed acknowledgment forms. Repeat annually and when regulations change.

Form your business entity

Before applying for permits, you need a registered business. LegalZoom makes LLC formation fast and simple.

Form your LLC with LegalZoom →

Affiliate disclosure · no extra cost to you

Frequently asked questions

What licenses does a collection agency need to operate?

Collection agency licensing requirements vary significantly by state — some states require no license at all, while others have comprehensive licensing schemes with bonding, background checks, and annual renewals. Here is the landscape as of 2026: States with dedicated collection agency licenses: The majority of states require a separate collection agency license or registration. Key states and their requirements: California: No dedicated state collection agency license, but collection agencies must comply with the Rosenthal Fair Debt Collection Practices Act (Cal. Civ. Code § 1788 et seq.) and must be registered as a business. Collectors contacting consumers by phone need to comply with California's strict TCPA analog. New York: Collection agencies must obtain a license from the New York City Department of Consumer and Worker Protection (DCWP) if collecting from NYC residents, plus a state-level Debt Collection Agency License through the Department of Financial Services (DFS) for statewide operation. DFS license requires a $25,000 surety bond, background checks on principals, and proof of a physical place of business in New York or a registered agent. Florida: Requires a Consumer Collection Agency License from the Office of Financial Regulation (OFR), Chapter 559 Florida Statutes. Fees: $400 application + $100/year. Surety bond: $50,000. Requires a qualifying individual (a licensed consumer collection agency manager) for each location. Texas: Requires a Third-Party Debt Collector or Credit Bureau registration with the Office of Consumer Credit Commissioner (OCCC) under Texas Finance Code Chapter 392. No surety bond required at the state level, but $10,000 registration fee. Illinois: Requires a Collection Agency License from the Illinois Department of Financial and Professional Regulation (IDFPR) under the Collection Agency Act (225 ILCS 425). Bond: $25,000. Annual license fee: $750. New Jersey: Requires a Collection Agency License from the NJ Department of Banking and Insurance. Bond: $10,000. Washington: Requires a Collection Agency License from the Department of Licensing. Bond: $10,000–$35,000 based on volume. States without dedicated collection agency licenses: Including Colorado, Georgia, Idaho, Iowa, Kansas, Missouri, Montana, North Dakota, Oklahoma, Oregon, South Carolina, South Dakota, Tennessee, Vermont, and Wyoming. However, even in unlicensed states, you must still comply with FDCPA, CFPB Regulation F, and general business licensing requirements. Local licenses: Some cities and counties require local business licenses for collection agencies operating within their jurisdiction. Always check local requirements in addition to state licensing. Federal registration: While not a "license," collection agencies should be aware that the CFPB supervises larger market participants in debt collection. Agencies collecting more than $10 million in annual receipts from consumer debt collection are subject to CFPB supervisory examinations.

What is the FDCPA and what are its key requirements?

The Fair Debt Collection Practices Act (FDCPA), 15 U.S.C. § 1692 et seq., is the primary federal law governing third-party debt collectors. It was enacted in 1977 and is enforced by both the CFPB and the FTC. The FDCPA applies to "debt collectors" — companies or individuals who regularly collect debts owed to another — collecting "consumer debts" (debts incurred for personal, family, or household purposes). It does not apply to original creditors collecting their own debts or to commercial (business-to-business) debt collection. Key FDCPA requirements that every collection agency must follow: Mini-Miranda warning (15 U.S.C. § 1692e(11)): Every initial communication — whether oral or written — must disclose that the communication is from a debt collector attempting to collect a debt and that any information obtained will be used for that purpose. This disclosure must appear in every written communication (not just the first one) and must be given verbally in every phone call. Validation notice (15 U.S.C. § 1692g): Within 5 days of the initial communication, you must send a written validation notice that contains: the amount of the debt, the name of the creditor, a statement that the debt will be assumed valid unless the consumer disputes it within 30 days, a statement that if the consumer disputes in writing within 30 days you will verify the debt, and a statement that upon written request within 30 days you will provide the creditor's name and address. Under CFPB Regulation F (effective 2021), the validation notice must follow a specific format including a "tear-off" dispute form. Prohibited conduct (15 U.S.C. § 1692d–f): — No harassment or abuse: Cannot use threatening, obscene, or abusive language; cannot call repeatedly to harass — No false representations: Cannot misrepresent the amount owed, falsely claim to be a government entity or attorney, threaten legal action that is not intended or permitted — No unfair practices: Cannot collect amounts not authorized by the agreement or law; cannot deposit post-dated checks early; cannot communicate with third parties about the debt (with limited exceptions) Contact restrictions (15 U.S.C. § 1692c): Cannot contact consumers at inconvenient times (presumed 8 AM – 9 PM local time); cannot contact at the consumer's workplace if you know or have reason to know the employer prohibits such contact; must cease all communication if the consumer sends a written cease-communication request (except to notify of specific actions). Attorney representation: If you know the consumer is represented by an attorney regarding the debt, you must communicate only with the attorney. Civil liability: FDCPA violations expose the agency to individual lawsuits (statutory damages up to $1,000 per violation, actual damages, plus attorney fees) and class action liability (aggregate damages up to $500,000 or 1% of net worth). The FDCPA is one of the most heavily litigated consumer protection statutes — FDCPA class actions and individual suits are routine.

What is CFPB Regulation F and how does it affect collection agencies?

CFPB Regulation F (12 CFR Part 1006) is the CFPB's implementation rule for the FDCPA, finalized in 2020 and effective November 30, 2021. Regulation F significantly updates and clarifies FDCPA requirements for the modern digital collection environment. Key provisions of Regulation F: Phone call frequency limits: Regulation F creates a rebuttable presumption that calling a consumer more than 7 times within 7 consecutive days, or within 7 days after a phone conversation with the consumer, is a violation of the FDCPA's prohibition on repeated or continuous calls. This is a significant operational constraint — most collection agencies must implement call-frequency tracking software to comply. Electronic communication rules: Regulation F explicitly allows debt collectors to contact consumers via email, text message, and social media — but with restrictions: — Email: Collectors must use opt-out compliant email; must include a clear method for the consumer to opt out of future electronic communications — Text: Same opt-out requirements; TCPA still applies separately — Social media: Cannot send private messages on social media to collect a debt without consent; cannot post publicly about the debt Model validation notice: Regulation F includes a model form (Model Form B-1) for the validation notice required under 15 U.S.C. § 1692g. Using the model form provides a safe harbor for validation notice compliance. The model form includes a "tear-off" coupon with dispute and contact-request checkboxes. Time-barred debt disclosures: If you collect on time-barred debt (debt past the applicable statute of limitations), Regulation F requires specific disclosures when the debt is no longer legally enforceable. You cannot sue on time-barred debt, and you must disclose its time-barred status in certain circumstances. Record-keeping: Regulation F implicitly requires record-keeping sufficient to demonstrate compliance — particularly call logs documenting frequency, written communication records, and proof that required disclosures were made.

What TCPA requirements apply to debt collection phone and text outreach?

The Telephone Consumer Protection Act (TCPA), 47 U.S.C. § 227, creates significant compliance obligations for any collection agency using predictive dialers, auto-dialers, or pre-recorded messages to contact consumers — which is to say, virtually every medium-to-large collection operation. TCPA applies to collection calls because: Most collection agencies use automated dialing systems (predictive dialers, power dialers) that qualify as "automatic telephone dialing systems" (ATDS) under the TCPA. The Supreme Court's 2021 decision in Facebook, Inc. v. Duguid narrowed the ATDS definition, but many dialer systems still qualify. Key TCPA requirements for collection agencies: Prior express consent for ATDS calls to cell phones: If using an ATDS to call a cell phone number, the TCPA requires prior express consent from the called party. For debt collection calls, prior express consent is typically obtained when the consumer provides their cell phone number to the original creditor as part of the credit application or account setup. This consent transfers to the collector — but you must document it. Do Not Call registry: Collection agencies calling on consumer debts must honor the National Do Not Call Registry. However, the DNC registry exemption for established business relationships does not straightforwardly apply to third-party collectors. Consult with a TCPA compliance attorney. Call time restrictions: TCPA reinforces the FDCPA 8 AM – 9 PM restriction. Many states (California, Florida, etc.) impose even stricter restrictions. Text messaging: Texts sent using ATDS equipment require prior express consent. Under Regulation F, collectors may use texts but must honor opt-out requests immediately. Statutory damages: TCPA private right of action is significant — $500 per violation, up to $1,500 per willful violation. Class actions are common. A single campaign of unauthorized text messages to thousands of consumers can result in catastrophic liability. Compliance infrastructure: Every collection agency using automated dialers or text messaging must implement: a Do Not Call / Do Not Text internal list; documented consent records for cell phone contacts; call-frequency tracking (per Regulation F); and TCPA-specific training for all collection staff.

What surety bond is required to open a collection agency?

Surety bond requirements for collection agencies vary significantly by state. The bond protects consumers and the state from financial harm caused by unlicensed or improper collection practices. Key bonding requirements by state: High-bond states: — New York: $25,000 — Florida: $50,000 — Massachusetts: $30,000 — Michigan: Varies by volume — can exceed $75,000 — Nevada: $50,000 — North Carolina: $10,000 Moderate-bond states: — Illinois: $25,000 — New Jersey: $10,000 — Washington: $10,000–$35,000 (based on annual volume) — Minnesota: $10,000 — Connecticut: $25,000 — Arkansas: $50,000 Low or no bond states: — Texas: No state surety bond required (but $10,000 registration fee) — Colorado, Georgia, and other unlicensed states: No state bond required How surety bonds work: A surety bond is a three-party agreement between the agency (principal), the surety company (issuer), and the state/public (obligee). If a claim is filed against your bond — by a consumer harmed by your agency's unlawful collection practices — the surety company pays the claim up to the bond amount. You are then obligated to reimburse the surety. A bond is not insurance for the agency; it is a credit facility protecting the public. Bond cost: Surety bond premiums for collection agencies typically run 1–5% of the bond amount per year, depending on the owner's personal credit score and business financials. A $25,000 bond might cost $250–$1,250/year. A $50,000 bond might cost $500–$2,500/year. Poor personal credit significantly increases premium rates. Filing: Bonds are typically filed directly with the state licensing agency as part of the initial license application and must be maintained continuously. Many states require 30-day advance notice of bond cancellation so the state can revoke the license before coverage lapses.

Can a collection agency report debts to credit bureaus, and what does FCRA require?

Yes, collection agencies can report debts to consumer reporting agencies (credit bureaus — Equifax, Experian, TransUnion) — and credit reporting is one of the most effective collection tools available. However, reporting is governed by the Fair Credit Reporting Act (FCRA), 15 U.S.C. § 1681 et seq., and requires specific procedures. Furnisher obligations under FCRA (15 U.S.C. § 1681s-2): Any entity that furnishes information to a consumer reporting agency is a "furnisher" subject to FCRA. Key furnisher obligations: Accuracy: You must have reasonable policies and procedures to ensure the information you furnish is accurate and complete. Do not report debts that have been paid, settled, discharged in bankruptcy, or are subject to a valid dispute without noting the disputed status. Dispute investigation: When the credit bureau notifies you of a consumer dispute (an e-OSCAR dispute), you must investigate and report back within 30 days. If the information is inaccurate, you must correct or delete it. Deletion after discharge: Accounts discharged in bankruptcy must be updated to reflect the discharge. Debts that have been settled must show the settled status. Seven-year reporting period: Collection accounts may remain on a consumer's credit report for 7 years from the original delinquency date (not the charge-off date or the date you acquired the debt). Reporting a debt beyond 7 years is an FCRA violation. Metro 2 format: Credit reporting requires submission of data in the Credit Reporting Resource Guide (CRRG) Metro 2 format. Access to the credit bureaus' furnisher portals requires a Data Furnisher Agreement with each bureau. New collection agencies should apply directly to Equifax, Experian, and TransUnion for furnisher access — approval typically requires a physical location, minimum monthly reporting volume, and proof of compliance infrastructure. Liability: FCRA violations expose agencies to individual and class action liability — actual damages, statutory damages of $100–$1,000 per willful violation, and attorney fees.

What does it cost to start a collection agency?

Collection agencies can be started with relatively modest capital compared to capital-intensive businesses like manufacturing or healthcare. The major costs are licensing/bonding, technology (collection software and dialers), and initial staffing. Licensing costs: — State collection agency license fees: $100–$1,000 per state (average $300–$500) — Multi-state licensing (10 states): $3,000–$10,000 in application fees — Surety bonds (per state): $250–$2,500/year depending on bond amount and credit — NMLS registration (for states using NMLS): $100–$300 per state — Attorney fees for licensing assistance: $2,000–$10,000 Technology: — Collection management software (Collect!, DAKCS, Columbia Ultimate, Simplicity): $200–$1,500/month for small agencies — Predictive dialer system: $200–$1,000/month for cloud-based systems; $10,000–$50,000 for on-premise — Skip tracing services (LexisNexis, TransUnion TLO, Tracers): $200–$1,000/month — Letter printing / mail house: $0.50–$2.00 per letter (outsourced) — Credit bureau access (Metro 2 reporting): Negotiated based on volume — Phone system and recording (required for FDCPA/TCPA compliance): $100–$500/month Staffing (first-year estimates): — Collection agents: $35,000–$55,000/year each (plus commission) — Compliance officer (part-time or shared): $20,000–$50,000/year — Office manager / bookkeeper: $35,000–$50,000/year Office space: — Home-based startup (sole operator): Minimal — Small office (5–10 agents): $1,000–$3,000/month Insurance: — General liability: $2,000–$5,000/year — Errors and omissions (professional liability): $3,000–$10,000/year — critical for FDCPA/FCRA claim defense — Cyber liability (for data containing consumer financial information): $2,000–$8,000/year Portfolio acquisition capital: If you are purchasing debt portfolios to collect as a debt buyer (rather than collecting on behalf of creditors on a contingency basis), you need capital to purchase portfolios. Charged-off credit card debt typically sells for $0.03–$0.10 on the dollar; medical debt for $0.01–$0.05; personal loans for $0.05–$0.15. A $100,000 portfolio at $0.05/dollar face value costs $5,000. Total startup range: — Solo collector (1 state, contingency only): $15,000–$40,000 — Small agency (3–5 collectors, 5 states, contingency + debt buying): $75,000–$200,000 — Mid-size regional agency (10+ states, 15+ agents): $300,000–$700,000

What are validation of debt rights under FDCPA and how must agencies respond?

The validation of debt process under 15 U.S.C. § 1692g is one of the most frequently litigated areas of FDCPA compliance. When a consumer disputes a debt or requests verification within the 30-day window stated in the initial validation notice, the collector must stop collection activity until it provides the required verification. What triggers the verification requirement: The consumer must send a written dispute or verification request within 30 days of receiving the initial validation notice. An oral dispute does not trigger the verification obligation under federal law (though some state laws provide broader rights). The dispute can be mailed, faxed, or under Regulation F, submitted electronically through a channel the collector has designated for electronic disputes. What the collector must provide: Upon receiving a written dispute, the agency must obtain and mail verification of the debt — or a copy of a judgment if one exists — to the consumer before resuming collection efforts. Verification means evidence that the debt exists and the amount is correct: typically an account statement, signed credit agreement, or itemized ledger showing how the balance was calculated. Simply re-sending the original validation notice is not adequate verification. Ceasing collection during verification: From the moment a timely written dispute is received until verification is mailed to the consumer, the collector must cease ALL collection activity on the disputed account. This includes calls, letters, credit reporting updates (other than noting the account is disputed), and legal action. Continuing to collect after receiving a written dispute is a per se FDCPA violation. Overshadowing violations: The validation notice must not be "overshadowed" by other demands in the same communication. If your initial letter demands immediate payment in bold type while the validation rights are buried in small print, courts have found this to be a § 1692g violation even if the required language technically appears. Balance the letter design so consumer rights are clearly visible. Dispute logging in your CMS: Your collection management software must flag and lock accounts upon receipt of any written dispute until verification is completed and documented. This is not a manual process — it must be systematically enforced to prevent collectors from inadvertently continuing activity on disputed accounts.

What are cease and desist rights and how must a collection agency handle them?

Under 15 U.S.C. § 1692c(c), a consumer may send a written request that the debt collector cease all further communication. This is colloquially called a "cease and desist" letter, though the statute uses the term "cease communication." Mishandling a cease communication request is one of the most common — and costly — FDCPA violations. What triggers the obligation: Only a written cease communication request triggers the absolute stop. An oral request does not obligate the collector to cease under federal law (though continuing to call after an oral request can still constitute harassment under § 1692d). Best practice: treat all oral cease requests as binding and document them immediately in your CMS. What the collector may do after receiving a C&D: Once a valid written cease request is received, you may only contact the consumer for three purposes: (1) to notify the consumer that further collection efforts are being terminated; (2) to notify the consumer that the collector may invoke specified remedies (such as filing a lawsuit) that are ordinarily invoked by the collector; or (3) to notify the consumer that the collector intends to invoke a specified remedy. Outside these narrow exceptions, all collection communication — calls, letters, emails, texts — must stop permanently. Account locking protocol: Your CMS must have a "C&D flag" that prevents any outbound communication to a cease-communication account. When a cease request arrives (by mail, email, or fax), the account must be locked in your system before any further collection activity. Assign a dedicated process for processing incoming mail and flagging C&D accounts on the same business day received. Credit reporting after C&D: A cease and desist letter does not prevent you from continuing to report the account to credit bureaus — reporting is not "communication" under the FDCPA. However, if the account is also disputed, the disputed status must be noted in your credit bureau reporting. Effect on the debt: A cease communication request does not extinguish the debt, waive your right to sue, or eliminate your right to sell the account to another collector. If you sell the account, the new collector starts with fresh FDCPA obligations — the cease notice does not automatically transfer. However, if the new collector is notified of the prior cease request at the time of purchase, they should honor it. Documentation: Retain copies of all received cease-communication letters and the corresponding CMS lock records. In FDCPA litigation, these records are your primary defense evidence.

What skip tracing tools do collection agencies use to locate consumers?

Skip tracing — locating consumers who have changed their address, phone number, or employment — is a core operational capability for any collection agency. The term comes from the older concept of a debtor "skipping town." Modern skip tracing uses a combination of commercial data aggregators, public records, and proprietary data networks. Primary skip tracing platforms: LexisNexis Accurint: The industry standard for professional skip tracing. Accurint aggregates data from public records (court filings, property records, voter registration, DMV records), utility connections, credit header data, and proprietary sources to build comprehensive consumer profiles. Pricing is volume-based, typically $0.25–$1.50 per comprehensive search. Requires a signed data use agreement and certification that searches are for permissible FCRA purposes. TransUnion TLO: TLO (The Last One) was acquired by TransUnion and competes directly with Accurint. Strong coverage of phone numbers including mobile numbers, utility connections, and property records. Pricing similar to Accurint. Popular for skip tracing medical and telecom debt portfolios. Tracers Information Specialists: A cloud-based skip tracing platform popular with smaller agencies. Lower entry cost than Accurint or TLO, with per-search pricing starting around $1.00–$3.00 for comprehensive reports. API integration available for CMS automation. IDIdata: Another professional data platform with strong phone-number and address-verification capabilities. IDIdata's BatchData product is particularly useful for refreshing contact information on large portfolios. Batch skip tracing: For debt buyers working large portfolios, batch skip tracing is cost-effective — submit a file of account records and receive updated contact information for the entire portfolio. Most platforms charge $0.05–$0.30 per record for batch appends depending on data depth. Run batch skips on newly acquired portfolios before beginning collection activity. FCRA permissible purpose requirement: All skip tracing using consumer data must be for a FCRA permissible purpose — collection of a debt is a recognized permissible purpose under 15 U.S.C. § 1681b(a)(3)(A). You must certify permissible purpose to every data provider and maintain records of your certifications. Using skip tracing data for purposes other than collection (personal curiosity, stalking) is a federal FCRA violation. Skip tracing ethics and legal limits: The FDCPA restricts how you may contact third parties when trying to locate a consumer (§ 1692b). You may contact third parties only to obtain location information; you may not disclose that the consumer owes a debt; you may not communicate with any given third party more than once (unless they request it or you believe their first response was erroneous); and if the consumer is represented by an attorney, you must contact only the attorney.

What are the trust account and escrow requirements for collection agencies?

One of the most critical operational requirements for any contingency collection agency is the proper handling of consumer payments — specifically, the obligation to hold collected funds in a separate trust or escrow account rather than commingling them with the agency's own operating funds. Why trust accounts are required: When you collect on behalf of a creditor client, money paid by the consumer is not yours — it belongs to your client (minus your contingency fee). Commingling client funds with operating funds is a serious regulatory violation in virtually every licensed state, and it creates criminal exposure for misappropriation or conversion of client property. State-by-state requirements: Most states that license collection agencies either explicitly require trust accounts by statute or regulate them through the licensing conditions. Florida's Chapter 559 requires that all money received from consumers on behalf of clients be deposited in a trust account within 72 hours of receipt. Illinois requires separate trust accounts under the Collection Agency Act. New York DFS licensing conditions address trust account maintenance. Even in states without explicit statutory requirements, standard operating procedure and liability exposure make separate trust accounts essential. Trust account mechanics: — Open a dedicated bank account labeled as a trust account or escrow account for collection proceeds — Never deposit agency operating funds (payroll, rent, vendor payments) into the trust account — Record each deposit with the corresponding account/consumer reference — Reconcile the trust account monthly against client ledgers — Distribute client funds per the contractual remittance schedule (weekly, bi-weekly, or monthly) — Retain your contingency fee by transferring it from the trust account to your operating account at the time of remittance Client remittance agreements: Your contingency collection contracts with creditor clients should specify the remittance schedule, the method for calculating your contingency fee, and the process for handling disputed or returned payments. Some clients require monthly trust account reconciliation statements. Insufficient funds and chargebacks: Consumer checks that bounce or ACH payments that are returned create complications for trust account accounting. Your CMS should track returned payments and your contracts should address whether you have authority to re-present returned payments. Audit risk: State licensing examiners routinely audit trust account records during collection agency examinations. Inadequate record-keeping, commingling of funds, or late remittances to clients are common citation findings that can result in license suspension or revocation.