Skip to content
Ledgerline.
Menu

Compliance & trust

Insurance Marketing Compliance for Agents: What Actually Trips People Up

By The Ledgerline TeamPublished June 29, 2026

Insurance marketing compliance for agents covers three layers: federal calling and texting law (TCPA), state advertising and licensing rules, and program-specific rules like CMS Medicare marketing guidelines. Get consent documented, keep claims honest, and apply the TPMO disclaimer where Medicare applies.

Compliance is not the part of marketing agents enjoy. But it is the part that decides whether your lead flow survives an audit, a carrier review, or a plaintiff’s attorney pulling your consent records. Most penalties do not come from bad intent. They come from sloppy documentation and a vague claim nobody checked.

This is a plain-English overview, not legal advice. We run marketing, not a law firm. You are the licensed party, and a compliance attorney in your states is worth the retainer. What follows is how the rules show up in day-to-day lead generation, written by people who place ads and buy leads for a living.

The three layers you actually have to track

Insurance marketing compliance for agents stacks into three layers. Most agents only think about one and get surprised by the other two.

Layer What it governs Who enforces it Where it bites
Federal calling/texting (TCPA) Consent to call, text, autodial, leave voicemail FCC, plus private lawsuits Cold-calling purchased leads, ringless voicemail
State advertising & licensing Ad content, license display, carrier names, claims State departments of insurance Websites, Facebook ads, mailers
Program rules (CMS for Medicare) How you market Medicare Advantage / Part D CMS AEP campaigns, agent sites, call recording

You need all three handled at once. A campaign can be TCPA-clean and still violate a state’s prohibition on implying government affiliation, or be perfectly worded and still miss the CMS TPMO disclaimer.

TCPA: the layer with the lawyers

The Telephone Consumer Protection Act is where the real financial exposure lives, because it carries a private right of action and statutory damages per violation. That is what makes it a magnet for litigation.

The headline 2025 change: the FCC’s one-to-one consent rule was vacated in January 2025 before it took effect. That rule would have required separate consent for each individual seller. With it gone, a single clear consent can still cover multiple sellers. That is good news for the shared-lead model, but it does not remove the core requirement.

What still holds:

  • You need prior express written consent before autodialed or prerecorded marketing calls and texts. Electronic signatures count.
  • The consent disclosure has to be clear and conspicuous, not buried in a footer.
  • The federal Do Not Call registry still applies to numbers without an established relationship or valid consent.
  • You should keep the proof: the form copy the consumer saw, the source URL, IP address, and timestamp, tied to each lead.

If you buy leads, that documentation is the vendor’s job to provide and your job to verify. A lead you cannot prove consent on is a liability, not an asset. We cover the buyer side in depth in our guide to TCPA-compliant lead buying for agents, and the economics of vetting vendors in the true cost per sale of cheap leads.

A practical rule we apply to our own book: if a lead source cannot hand over the consent record per lead on request, we do not run it. That single filter removes most of the risk before a call is ever dialed.

State advertising rules: boring until they aren’t

Every state department of insurance has its own advertising rules, and they are not uniform. The common threads:

  1. No misleading claims. “Free coverage,” “government-approved,” or “guaranteed acceptance” language gets scrutinized fast, especially in final expense and Medicare.
  2. Display your license. Many states require your name and license number on advertising, and prohibit implying you are a government agency or affiliated with Medicare/Social Security.
  3. Accurate carrier use. Using a carrier’s name or logo without authorization, or implying an endorsement you do not have, is a frequent violation.
  4. Some states require ad filing or specific disclosures for certain lines.

For any specific numeric penalty or filing threshold, check your state directly; the figures vary and. The honest move is to treat every ad as if a regulator in your strictest state will read it. We build that standard into our insurance landing page work so the same creative holds up across the states you write in.

CMS Medicare rules: the most specific layer

If you market Medicare Advantage or Part D, CMS adds a detailed rulebook on top of everything above. As a paid agent or broker, you are a Third-Party Marketing Organization (TPMO) in CMS’s eyes, and that triggers obligations.

The pieces that catch agents most often:

  • The TPMO disclaimer. CMS requires the standardized disclaimer on websites, emails, print, and other marketing materials. The current standard language: “We do not offer every plan available in your area. Any information we provide is limited to those plans we do offer in your area. Please contact Medicare.gov or 1-800-MEDICARE to get information on all of your options.” On calls it must be stated before plan benefits are discussed.
  • Consent to share data. Beneficiary data collected for Medicare marketing may only be shared with another TPMO when the individual gives prior express written consent.
  • Call recording. Marketing, sales, and enrollment calls generally must be recorded and retained.
  • No unsolicited contact. Cold outreach to beneficiaries without a permission-to-contact is restricted.

These rules tighten and shift each contract year, so AEP creative has to be re-checked annually rather than reused on autopilot. If Medicare is your line, the disclaimer and consent mechanics should be wired into your funnel from the start, which is the backbone of how we approach Medicare marketing for agents. For the rule detail itself, our breakdown of CMS Medicare marketing rules and AEP marketing strategy goes deeper than this overview can.

Platform rules are a compliance layer too

The ad platforms enforce their own version of fairness law. Meta classifies insurance under its Special Ad Category, which strips out age, gender, ZIP, and detailed targeting to prevent discrimination. You can still run insurance ads; you just qualify with creative and offer instead of granular targeting. Knowing this up front changes how you build a Facebook campaign for insurance so you do not waste budget fighting the system.

A short pre-launch checklist

Before any campaign goes live, run it past this:

  • Is consent captured, disclosed clearly, and documented per lead?
  • Does every claim tie to something true and provable?
  • Is your license number present where the state requires it?
  • For Medicare: is the TPMO disclaimer on the page and in the script?
  • Does the targeting comply with the platform’s special-category rules?

Treat compliance as a trust signal, not a tax. Agents who can show clean consent and honest creative close better, because skeptical seniors and their families can smell a corner-cutter.

If you want a second set of eyes on whether your current funnel holds up, that is exactly what a free marketing audit is for. We will look at your consent flow, ad claims, and disclaimers and tell you where the gaps are before a regulator or a lawyer does.

This article is general information for marketing purposes and is not legal or compliance advice. Verify all requirements with counsel and the departments of insurance in the states where you are licensed.

Frequently asked questions

Is buying insurance leads still legal after the FCC one-to-one consent rule was vacated?
Yes. The FCC's one-to-one consent rule was vacated in January 2025, so a single TCPA consent can still cover multiple sellers if the disclosure is clear. Buying leads remains legal, but the consent language, the source URL, and the timestamp must be documented per lead. The vacated rule does not erase the underlying TCPA consent requirement.
Do I need the CMS TPMO disclaimer on my agent website?
If you market Medicare Advantage or Part D plans, yes. CMS requires the standardized TPMO disclaimer on websites, emails, print, and other marketing materials, and it must appear before plan benefits are discussed on calls. The disclaimer states you do not offer every plan available and points beneficiaries to Medicare.gov or 1-800-MEDICARE.
What counts as prior express written consent under the TCPA?
Prior express written consent means a signed agreement (electronic signatures count) where the consumer clearly agrees to receive autodialed or prerecorded calls and texts at a specific number, naming the seller or sellers. The disclosure cannot be hidden. Keep the form copy, IP, timestamp, and number so you can produce the record if challenged.
Are insurance advertising rules the same in every state?
No. State advertising rules vary by department of insurance. Most prohibit misleading claims, require accurate use of carrier names and your license number, and restrict terms implying government affiliation. Some states require ad filing or specific disclosures for life and final expense. Always check the rules in each state where you are licensed and advertising.
Can I target by age or ZIP code in Facebook insurance ads?
Not freely. Meta classifies insurance, credit, and employment ads under the Special Ad Category, which removes age, gender, ZIP, and many detailed targeting options to prevent discrimination. You can still run insurance ads, but you target broad interests and geographies and lean on creative and offer to qualify the right prospects.

See exactly where your agency is leaking leads.

15 minutes. We screen-share our own live lead dashboard and tear down your funnel line by line — no pitch deck, just numbers.