If your business makes outbound sales calls to other businesses, the Corporate Telephone Preference Service is not optional background reading. It is a legal requirement that sits at the centre of every compliant B2B telemarketing operation in the UK. Ignoring it, or treating it as something you only need to worry about occasionally, is the kind of oversight that has cost businesses hundreds of thousands of pounds in regulatory fines. Using a reliable CTPS checker before every calling campaign is one of the most straightforward and cost-effective compliance steps a sales or marketing team can take.
At AccuraData, we provide a fast, accurate CTPS checker service that screens your calling data against the live Corporate Telephone Preference Service register, returning results quickly and at competitive rates. Whether you are running a one-off campaign or managing ongoing outbound activity, we make it straightforward to stay on the right side of the law without it becoming a drain on your team’s time or budget. This guide explains everything you need to know about the CTPS, why compliance matters more now than ever, and how to build a checking process that protects your business reliably.
What Is the CTPS and Why Does It Exist?
The Corporate Telephone Preference Service, commonly referred to as the CTPS, is the UK’s official opt-out register for business telephone numbers. It allows companies, limited liability partnerships, schools, government departments, hospitals, and other corporate bodies to register their telephone numbers and formally indicate that they do not wish to receive unsolicited sales and marketing calls. Once a number is registered and the 28-day activation period has passed, it is a legal requirement that businesses do not call it for marketing purposes without explicit prior consent from the subscriber.
The CTPS was launched in June 2004, created to give smaller and medium-sized businesses a mechanism to manage the volume of unsolicited supplier calls they were receiving. It sits alongside the Telephone Preference Service (TPS), which fulfils the same function for individual consumers, sole traders outside Scotland, and certain partnerships. The two registers are managed by TPSL, a subsidiary of the Data and Marketing Association (DMA), under contract with the Information Commissioner’s Office (ICO). The ICO is responsible for enforcement of both registers under the Privacy and Electronic Communications Regulations 2003 (PECR).
The CTPS register currently contains approximately 2.3 million business telephone numbers. That is a substantial proportion of the UK business telephone universe, and it means that any calling campaign run without a CTPS screen is almost certainly going to include numbers it is illegal to dial. The scale of the register is one reason why treating CTPS compliance as an occasional task, rather than a standard pre-campaign step, creates genuine legal exposure for businesses of every size.
How a CTPS Checker Works
A CTPS checker compares a list of business telephone numbers against the live Corporate Telephone Preference Service register. Any number that appears on the register is flagged and should be suppressed before calling commences. Numbers that do not appear on the register are clear to call, subject to your other compliance obligations, including checking against your own internal do-not-call list and ensuring you are not calling numbers where a previous objection has been recorded.
The process is, in principle, straightforward. In practice, the reliability of a CTPS checking service depends on several factors: how recently the register data used by the checker was updated, how quickly results are returned, and how the flagged data is presented so that your team can act on it without friction. A CTPS checker that is slow to process, returns unclear results, or uses a version of the register that is more than a few days old introduces both operational and compliance risk into the process.
At AccuraData, our CTPS checking service is built around speed and accuracy. We process submissions quickly and return clean, clearly formatted results that tell you precisely which numbers in your dataset are registered on the CTPS and should be suppressed. Pricing is competitive and transparent, with no hidden costs for volume or turnaround. For businesses running regular campaigns, we can discuss screening arrangements that align with the 28-day re-screening cycle required by law.
The 28-Day Rule: Why Regular CTPS Screening Is a Legal Requirement
One of the most important, and most frequently misunderstood, aspects of CTPS compliance is the 28-day rule. Under PECR, businesses making outbound marketing calls are legally required to screen their calling data against the TPS and CTPS registers at least once every 28 days. This is not a recommendation or a best practice guideline. As TPS Services states directly, it is the law.
The reason the 28-day rule exists is that new numbers are added to the CTPS register continuously. A business can register its telephone numbers at any time, and once 28 days have passed from registration, calls to that number become unlawful. A calling list that was screened two months ago is therefore already stale in legal terms, because numbers that were clean at the point of screening may have been added to the register since. Calling those numbers is a breach of PECR regardless of whether you knew they had been registered.
A common misconception, identified clearly by TPS Services, is that purchasing data that has already been screened against the CTPS negates the need for ongoing screening. This is incorrect. A one-time screen at the point of data purchase gives you a snapshot of the register at that moment. After 28 days, you are required to use a CTPS checker again, regardless of when the data was first checked. Responsibility for compliance sits with the business making the calls, not the data supplier who provided pre-screened records.
The ICO’s own guidance, published on their direct marketing pages, is explicit on this point. As the ICO notes, it can take 28 days for a TPS or CTPS registration to become active, which means that if a check was done more than 28 days ago, you may inadvertently call numbers where the registration has since become active. The clear implication is that businesses should treat their CTPS check as a recurring operational task, not a one-time setup step.
The Legal Stakes: What Happens If You Don’t Use a CTPS Checker
The financial consequences of failing to comply with CTPS regulations have escalated significantly. For many years, the maximum penalty the ICO could impose for serious PECR breaches, including unlawful calls to TPS and CTPS-registered numbers, was £500,000. That ceiling was already substantial enough to cause genuine damage to any business, particularly an SME. Under the Data (Use and Access) Act 2025, which received Royal Assent in June 2025, the maximum penalty for serious PECR violations has been aligned with UK GDPR levels, reaching up to £17.5 million or 4% of global annual turnover, whichever is higher. This is not a theoretical risk; it is the regulatory environment that UK businesses are now operating in.
The ICO’s enforcement record demonstrates that it actively investigates and penalises non-compliance. According to the ICO’s own published reporting, the ICO has issued more than £2.59 million in fines against companies responsible for nuisance calls, texts and emails since April 2023 alone, with investigations frequently beginning from a single complaint. Fines in recent years have included £240,000 for a company making calls to TPS-registered numbers, £150,000 for a business making over 2.6 million calls to registered numbers whilst hiding its identity, and £100,000 for a company making 600,000 unlawful calls whilst misrepresenting itself as a local council.
Critically, company directors can now be held personally liable under PECR enforcement, not just the corporate entity. The ICO has the power to fine individual company officers directly, a provision introduced specifically to prevent rogue directors from escaping penalties by dissolving companies and starting again. And in 2025, the ICO fined two energy firms a combined £550,000 for making unlawful automated marketing calls, with the enforcement action illustrating the regulator’s continued focus on the direct marketing sector.
The financial arithmetic is straightforward. A CTPS checking service from AccuraData costs a fraction of even the smallest ICO fine. The time investment in building a 28-day re-screening process into your campaign workflow is minimal compared to the operational disruption of an ICO investigation. For any business running outbound calling, CTPS compliance is not a cost centre. It is risk management that pays for itself before the first campaign has been sent.
CTPS vs TPS: Understanding the Difference for B2B Callers
Businesses engaged in B2B outbound calling need to screen against both the CTPS and the TPS, not just one of them. The distinction between the two registers is important, but the overlap between them makes it essential to run both checks rather than assuming one covers the other.
The CTPS covers corporate subscribers: limited companies, PLCs, schools, government departments, hospitals, and other public bodies. If a limited company registers its telephone numbers on the CTPS, you cannot call those numbers for marketing purposes. The TPS covers individual consumers, including sole traders and most partnerships outside Scotland. Because many business telephone numbers, particularly those belonging to sole traders, freelancers, and small partnerships, are registered on the TPS rather than the CTPS, running only a CTPS check and assuming all business numbers not on the CTPS are clear to call would leave a significant compliance gap.
If you run B2B campaigns you should screen against both the TPS and CTPS before dialling. The subscriber type, whether corporate or individual, is what determines which register applies, and in practice many B2B calling lists will contain a mix of both corporate and individual subscriber numbers. Running both screens simultaneously is the only reliable way to ensure your list is fully compliant before you pick up the phone.
AccuraData’s CTPS checking service can be combined with TPS screening to provide a comprehensive compliance check in a single process. For businesses that want to cover both registers without managing two separate workflows, we can return combined results that flag numbers appearing on either register, simplifying suppression and record-keeping before campaign launch.
Who Needs to Use a CTPS Checker?
The legal requirement to check against the CTPS applies to any organisation making unsolicited sales or marketing calls to business telephone numbers in the UK. This includes limited companies, charities, voluntary organisations, and public bodies, as well as private sector businesses. There is no size threshold: the obligation applies equally to a sole trader making cold calls and to a corporate contact centre running thousands of dials per day. And the ‘we did not know’ defence has been explicitly and repeatedly rejected by the ICO as a basis for avoiding penalty.
In practical terms, the following types of businesses and teams should be using a CTPS checker as a matter of routine:
B2B sales teams using purchased or prospected contact lists for outbound calling. Any call to a business number that was not inbound-initiated and has not provided explicit prior consent to receive your calls must be screened before dialling.
Telemarketing agencies running calling campaigns on behalf of clients. The party making the call is the party responsible for CTPS compliance. If you are an agency calling on behalf of a client and the numbers have not been CTPS-screened, the agency bears the legal exposure.
In-house marketing teams supplementing their CRM data with third-party contact lists. Even if the data supplier claims to have screened the list, that screen is valid only for the 28 days following the check. If more than 28 days have passed between the supplier’s screen and your campaign launch, you are required to re-screen before calling.
Businesses using autodialers or predictive dialling technology. Automated or recorded marketing calls face even stricter regulations than live calls under PECR, requiring prior consent rather than simply a clean CTPS check. But the CTPS screen remains a necessary step even where consent is in place, because contacting a registered number without documented consent is a separate breach from any consent-related violation.
Building a CTPS Checker Process That Actually Works
Having access to a CTPS checker is the first step. Building the checking process into your campaign workflow in a way that is reliable, repeatable, and documented is what actually keeps your business compliant. The ICO’s enforcement investigations frequently reveal not that businesses were unaware of the CTPS, but that their internal processes for managing compliance were inconsistent, poorly documented, or not followed by the teams making calls.
Screen With a CTPS Checker Before Every Campaign Launch
The CTPS check should be a mandatory step in your campaign preparation process, not something that happens when someone remembers. Build it into your campaign checklist at the same level as approving copy or setting up your dialler. Every calling list should go through a CTPS screen before the first call is made, and the date and outcome of that screen should be recorded. If a campaign extends beyond 28 days, re-screen before continuing.
Maintain an Internal Suppression List
The CTPS register tells you which numbers have formally opted out through the official register. It does not capture every number that should be suppressed. Any business that has told you directly not to call them, any number where a previous call resulted in an objection, and any number belonging to someone who has withdrawn consent should be added to your own internal do-not-call list. This internal list should be checked alongside the CTPS before every campaign. As PECR cold calling guidance from Prospeo notes, the suppression list is where most compliance workflows break down: it tends to live in a spreadsheet on one person’s desk rather than being integrated into the CRM, and when that person leaves, the list goes with them.
Keep Records of Every Screen
If the ICO investigates a complaint about your calling activity, it will ask to see evidence of when your CTPS checks were carried out, which lists were screened, and how the results were acted upon. ‘We always check before calling’ is not an adequate response without documentation to support it. Keep a log of every CTPS check you run, including the date, the number of records submitted, and the number flagged for suppression. This record is your first line of defence in the event of a complaint.
Do Not Assume Third-Party Data Is Already Screened
Even where a data supplier has screened the list before providing it to you, the 28-day clock started running from the date of their screen, not the date you received the data. If there is any delay between purchase and campaign launch, or if the data has been in your system for more than four weeks, you are responsible for running a fresh CTPS check before use. This is one of the most common sources of inadvertent non-compliance in B2B outbound calling, and it is explicitly addressed in the ICO’s own guidance.
Understand the Difference Between Live and Automated Calls
PECR applies differently to live calls and to automated or recorded marketing calls. For live calls, screening against the CTPS and TPS registers, combined with respecting objections, is the primary compliance requirement. For automated calls, including pre-recorded messages and AI-generated voice calls, the law requires prior specific consent from the recipient regardless of their CTPS status. A clean CTPS screen does not make an automated marketing call compliant if consent has not been obtained. Confusing these two regimes is a serious and easily avoidable mistake.
The CTPS Register and the Data (Use and Access) Act 2025
The regulatory landscape for telemarketing compliance shifted significantly in 2025. The Data (Use and Access) Act received Royal Assent in June 2025, and among its most consequential provisions was the alignment of maximum PECR fine levels with UK GDPR penalties. Previously, the maximum ICO fine for a serious PECR breach was £500,000. Under the new regime, that ceiling rises to £17.5 million or 4% of global annual turnover, representing an increase of more than 35 times the previous limit.
Key provisions of the Act, including the new penalty ceilings, took effect from February 2026. This means that from early 2026, any business calling CTPS-registered numbers without consent is operating in an environment where the financial consequences of enforcement have risen to a potentially catastrophic level for any organisation, regardless of size. The ICO is gaining new investigative powers alongside the higher penalties, including the ability to demand documents and conduct interviews more quickly, which strengthens its capacity to act on complaints efficiently.
For businesses that have historically treated CTPS compliance as a low-priority item, or that have relied on informal checking processes, the new penalty regime provides a clear and urgent reason to revisit both the frequency and the rigour of their CTPS screening process. The cost of a reliable, regular CTPS checker service is entirely negligible set against the risk of operating without one in the current enforcement environment.
Why AccuraData for CTPS Checking?
AccuraData provides CTPS checking as part of a broader data compliance and contact data service for UK businesses. We understand that the businesses using our checker are not compliance officers spending their days immersed in PECR case law. They are sales and marketing professionals who need to run campaigns efficiently and stay on the right side of the law without it becoming a significant operational burden.
Our CTPS checker is built around three things: accuracy, speed, and competitive pricing. We screen your data against the live CTPS register, return clear results that make suppression straightforward, and do so at rates that make regular 28-day re-screening a realistic operational standard rather than an occasional expense. For businesses running high-volume outbound campaigns, we can discuss volume arrangements that bring the per-record cost down further without compromising on data quality or turnaround time.
We can also combine CTPS screening with TPS checking in a single submission, removing the need to manage two separate processes for businesses that are calling both corporate and individual subscribers. And for clients using AccuraData’s B2B contact data for their calling campaigns, incorporating a CTPS check at the point of data delivery removes one step from the compliance workflow entirely, giving you data that is clean against both the CTPS register and your own suppression requirements from the moment you receive it.
The compliance obligation sits with the business making the calls, not the data supplier. But working with a supplier that takes compliance seriously, can demonstrate how their checking process works, and provides the documentation to support your own record-keeping makes building a compliant outbound process considerably more straightforward.
CTPS Checking Is Not Optional: Make It Standard Practice
The Corporate Telephone Preference Service is a legal framework that applies to every UK business making unsolicited calls to business telephone numbers. The register contains approximately 2.3 million numbers. The penalty for calling them without consent has risen under the Data (Use and Access) Act 2025 to levels that represent a genuinely serious financial threat to any organisation. And the ICO is actively enforcing: multiple businesses have faced six-figure fines for CTPS and TPS violations in each of the past several years, with investigations frequently starting from a single complaint.
Against that background, using a fast and accurate CTPS checker before every campaign, re-screening every 28 days, and maintaining clear records of every check is the minimum standard any business should be meeting. It is not a significant operational burden. It is a straightforward, cost-effective compliance step that protects your business, your team, and your sender reputation from consequences that are entirely avoidable.
AccuraData offers CTPS checking that is quick, accurate, and competitively priced. If you want to understand exactly how our service works, what turnaround times look like for your data volumes, or how we can combine CTPS and TPS screening into a single process, speak to our team. We will give you a clear answer and a straightforward price, without unnecessary complexity.