A working guide to Regulation F.

Reg F is the operating manual for FDCPA. It's also poorly written, internally cross-referenced, and changed twice since it took effect. This is a working summary written for the people who'll actually edit notices using the platform — not a substitute for advice from your counsel.

Last updated

April 2025

Reading time

22 minutes

Format

Plain-English overview, not legal advice

1. What Reg F actually is

Reg F (12 CFR Part 1006) is the CFPB's implementing regulation for FDCPA. It took effect November 30, 2021, and it is the rule a federal examiner reaches for first when reviewing your notices. FDCPA is the statute; Reg F is the operating manual.

If you're a third-party debt collector, Reg F binds you directly. If you're first-party, it doesn't bind you — but it shapes UDAAP examiner expectations in ways that make it functionally relevant anyway.

2. The validation notice — § 1006.34

The single most-litigated communication in your portfolio. The validation notice must contain, at minimum:

• The debt collector's name and mailing address.
• The consumer's name and mailing address.
• The name of the creditor to whom the debt is owed.
• The account number, if any, associated with the debt.
• An itemization of the current amount of the debt that reflects interest, fees, payments, and credits since the itemization date.
• The current amount of the debt.
• Information about consumer protections, including the validation period and how to dispute.
• Consumer-response information including a tear-off, web-portal disclosure, and the § 1692g(a)(3)–(5) statutory rights.

3. The validation period — § 1006.34(b)(5)

Thirty days. Not "approximately a month." Not "30 calendar days from receipt." Thirty days from the validation period start date. The math errors here are the most common reason an audit finding sticks.

4. The "limited content message" — § 1006.2(j)

Reg F's gift to anyone trying to leave a voicemail or send an SMS. A limited content message lets you make contact without triggering full FDCPA disclosure obligations, provided it contains:

• A business name (not the debt collector's name, if those differ).
• A request to reply.
• The name(s) of the natural person(s) the consumer can contact.
• A toll-free callback number.
• Optionally: a salutation, the date and time of the message, and a generic statement that the consumer can speak to anyone.

Anything beyond that and it's not a limited content message anymore.

5. The 7-in-7 rule — § 1006.14(b)

You may not call a consumer about a particular debt more than seven times within seven consecutive days, or within seven days of a previous call where you spoke. Counting matters; documentation matters more.

6. Email and SMS — § 1006.6(d)

The "reasonable procedures for sending email and text messages" framework. Bona-fide error opt-outs, prior-consent procedures, and the safe harbors that turn an email or text from a regulatory minefield into a routine channel.

7. What writecomply does about all of this

writecomply doesn't issue regulatory interpretations or ship a Reg F disclosure library. What the platform does is give your compliance team a place to put the language they've approved, with version control, dependency tracking, and a hash-chained audit log. When your counsel decides a block needs to change, every template that uses it flags for re-review automatically and the chain of who-approved-what-when is preserved for the next exam.