Contact centers are uniquely vulnerable to bullying and harassment, a critical set of issues which this article will explore.

The consequences are clearly seen in the rates of contact agent burnout and turnover, which increase recruitment and training costs.

• Up to 59% of contact center agents are at risk of burnout, driven by sustained workload, emotional demands, and minimal recovery time, according to Convoso’s 2023 industry analysis, sourcing work by Jeff Toister.
• Industry research from Insignia Resource indicates that contact centers consistently report some of the highest turnover rates of any industry, ranging between 30%–45%.

Unchecked bullying and harassment drive other predictable organizational expenses. These include:

• Rising absenteeism, sick leave, and disability claims.
• Increasing mental health accommodations and workers’ compensation claims.
• Declining customer experience (CX)-related scores and brand reputation damage.
• Legal liability and settlement costs.

Employees rarely leave because the work is hard. They leave because the environment feels unsafe.

This article will then look at ways to reduce or eliminate agent bullying, burnout, and interpersonal breakdowns.

Burnout, Harassment By Design

Burnout isn’t accidental; it’s the predictable outcome of work design. Contact center roles are typically characterized by:

• High emotional demands and regular exposure to customer aggression.
• Continuous surveillance through call monitoring, script adherence tracking, and metric dashboards.
• Minimal autonomy over pace, workload, or task variation.
• No recovery buffer between emotionally charged interactions.
• Cascading pressure from leadership targets.

Research, such as by Michael D. Galanakis and Elli Tsitouri and published in Frontiers in Psychology in 2022 and reviewing the job demands-resources model, states that jobs combining high demands with low employee control are among the strongest predictors of chronic stress and psychological harm.

Burnout erodes self-control, empathy, and emotional regulation, making people more reactive, impatient, and defensive.

This isn’t just uncomfortable work. It’s work that systematically depletes the psychological resources people need to regulate their behavior.

Burnout Alters Behavior And Creates Harm

The World Health Organization (WHO) defines burnout as a syndrome resulting from chronic workplace stress that has not been successfully managed. This clinical framing matters because burnout is not neutral; it fundamentally changes how people interact.

When employees are burned out, empathy narrows, patience drops, self-regulation weakens, and interpersonal reactivity spikes.

In contact centers, this manifests as:

• Supervisors using intimidation, public criticism, or sarcasm to enforce metrics.
• Peers snapping at each other during peak volumes.
• Normalization of dismissive or demeaning language.
• Reduced tolerance for mistakes, questions, or learning curves.

Burnout erodes self-control, empathy, and emotional regulation, making people more reactive, impatient, and defensive. In that depleted state, everyday stress is more likely to come out as sarcasm, intimidation, or blame, so bullying often becomes a byproduct of exhaustion, not just bad character.

Bullying Is Widespread And Often Invisible

Bullying behaviors often emerge not from malice, but from depletion. This is why individual discipline rarely solves the problem; the conditions that created the behavior remain intact.

Research from HR Acuity’s 2023 workplace harassment study shows that approximately 52% of employees have experienced or witnessed workplace harassment, with nearly half reporting exposure to bullying behaviors. In contact centers, these numbers likely underrepresent reality.

Harmful behavior goes unreported because:

• Targets fear retaliation or being labeled “too sensitive.”
• High performers and supervisors are informally protected.
• Complaints are reframed as interpersonal conflicts rather than system failures.
• Leaders are rewarded for output, not relational health.

As a result, bullying typically surfaces indirectly through accelerating turnover, rising absenteeism, disengagement, declining customer satisfaction scores, and increasing mental health claims. By the time it reaches Human Resources, the damage is often extensive.

Bullying in contact centers is not a personality problem. It is also a predictable outcome of system design, one that is under strain.

Why Policies Alone Cannot Prevent Harassment

Many organizations implement zero-tolerance policies and assume the problem is solved. Policies are necessary infrastructure, but they are insufficient when work design continues to systematically overload employees. And here’s why:

• Leaders model aggressive, dismissive, or reactive behavior.
• Performance pressure consistently outweighs relational accountability.
• Psychological safety is absent from daily operations.

Employees experience culture through daily interactions, not policy documents. When stated values conflict with lived reality, people believe what they experience.

What Actually Reduces Bullying, Burnout

Effective prevention requires system-level intervention, not just individual discipline. Organizations that successfully reduce harassment focus on five areas:

1. Psychological safety as infrastructure. Teams need credible mechanisms to raise concerns without fear of retaliation.

Psychological safety isn’t a feeling; it’s behavioral evidence that truth-telling is rewarded, not punished. When issues surface early, they can be addressed before harm escalates and becomes entrenched.

2. Leader accountability for relational impact. Supervisors must be evaluated not only on metrics, but on how their teams experience working with them.

Research on abusive supervision directly links this leadership style to turnover, disengagement, and reduced psychological wellbeing. Leaders who create fear-based environments must face consequences, regardless of their output numbers.

3. Explicit digital communication norms. Employees, particularly those working remotely (also see BOX) need clear expectations around appropriate tone in written communication, response time expectations, and boundaries.

Employees also need escalation protocols for conflict. And when conversations should move from chat to live discussion. Assumptions about digital etiquette create gaps where harm thrives.

4. Workload transparency with context. Visibility without explanation breeds mistrust. When performance dashboards show productivity disparities without context, employees fill gaps with assumptions.

In response, leaders must contextualize decisions, workload distribution, and performance expectations so clarity replaces speculation.

5. Early stress detection systems. Burnout doesn’t appear overnight; it builds through repeated exposure to unmanaged demands.

Organizations need diagnostic systems that monitor strain and capacity, not just output. Early intervention prevents the behavioral deterioration that leads to conflict and harassment.

Psychological safety is not a “nice to have.” It is an operational risk that must be monitored and managed.

A Leadership Imperative

Bullying in contact centers is rarely about individual malice. It is the predictable outcome of sustained pressure, insufficient recovery, and systems that reward performance without relational accountability.

Leaders who want to reduce harassment must ask different questions:

• Where are we generating unnecessary strain?
• What behaviors are we implicitly rewarding through promotions, bonuses, and praise?
• How safe is it for people to tell the truth here? What do we measure besides output?

When organizations redesign work systems to support resilience, provide diagnostic insight into team capacity, and build psychological safety as infrastructure, bullying doesn’t need to be managed after the fact. It becomes far less likely to occur.

Early intervention prevents the behavioral deterioration that leads to conflict and harassment.

Unchecked conflict and harassment erode culture, performance, and retention more than any single metric ever will.

The choice isn’t between productivity and safety. It’s between reactive crisis management and proactive system design.

When a customer’s dinner never arrives, most people don’t want app credits, maze-like navigation menus, or a chatbot loop; they want their money back and a human who can fix the problem.

California’s new Assembly Bill 578 makes that expectation a legal requirement for food delivery platforms: full cash refunds back to the original payment methods and access to human customer service representatives when automation can’t resolve the issues.

It’s a narrow law on paper, but it’s also one of the clearest U.S. signals yet that regulators are ready to step into automation-first customer journeys.

What AB 578 Really Does

California’s AB 578, which took effect on January 1, 2026, requires food delivery platforms that operate there to refund customers for orders that are not delivered or are delivered incorrectly. They must also return that money – including taxes, fees, and tips – to the original form of payment rather than issuing app-only credits.

Platforms can deny a refund only if they can show the customer is responsible or if fraud evidence exists. The law also protects couriers by prohibiting platforms from clawing back refunded gratuities from drivers.

For digital-first platforms, AB 578 is a warning shot against “IVR lock-in” and chatbot traps.

Contact leaders will recognize the transparency and service obligations here. Delivery apps must provide itemized breakdowns of each transaction and, crucially, must offer access to a human customer service representative when a customer’s problem cannot be resolved through automated systems.

In other words, California is not banning automation; it’s codifying that automation cannot be the only path when there is a live dispute about money, service, or responsibility.

Even if you never touch food delivery, this is a big deal. AB 578 is a concrete statutory example of a pattern we’re starting to see across channels and sectors (also see Figure 1).

Namely, automation is acceptable, even expected, but only if customers can see what’s happening, understand their rights, and can reach a human when the stakes are high.

A Broader “Automation Plus Human Fallback” Trend

California has already sent other signals in this direction. SB 243, the state’s new “companion chatbot” law, targets AI systems that provide human-like, emotionally supportive interactions. It requires:

• Clear disclosure that the user is talking to a chatbot.
• Safety protocols around self-harm and sexual content.
• Additional protections for minors.

The common thread with AB 578? Discomfort with “silent automation”: systems that look and feel human but aren’t, and which may not have obvious escape hatches when something goes wrong.

At the federal level, the proposed “Keep Call Centers in America Act of 2025” (introduced as S. 2495 in the Senate and H.R. 4954 in the House) pushes the same themes into the broader contact center and outsourcing space.

• Businesses handling customer service would have to disclose the physical locations of their agents at the start of interactions. If the agents are overseas, they must inform customers of their right to transfer to U.S.-based human agents.
• For AI or automated systems, companies would have to clearly disclose that automation is being used and offer a transfer to a human agent upon request.

Add in new and pending chatbot transparency laws in states like New York, along with AI and customer experience (CX) bills in jurisdictions such as Maine, Utah, Nevada, and Illinois, and a pattern emerges (also see Figure 2).

That is this: regulators are not trying to freeze customer service in the past, but they do want three things – disclosure, agency, and human escalation – for customers navigating automated experiences. Automation is fine as long as it is transparent and always comes with a real path back to a human.

If you run outbound programs, this feels familiar. TCPA and FCC rules already constrain automated voice and AI-assisted calling, requiring consent for many types of calls and texts and giving consumers clear opt-out rights.

The same underlying values are now showing up on the inbound and service side. That customers should know when automation is involved, should have a say in how far it goes, and should be able to reach a human when the interaction affects their money, safety, or legal position.

Implications for Digital-First, Automation-Heavy CX

For digital-first platforms, AB 578 is a warning shot against “IVR lock-in” and chatbot traps.

If your business model relies heavily on self-service flows, you now need to ask hard questions about where those flows can safely stop and where the law, or simply customer expectation, will demand a human.

Food delivery is the first category explicitly singled out in California. But it’s not hard to imagine similar rules extending to travel cancellations, subscription renewals, insurance claims, or recurring billing disputes.

From a design perspective, that means mapping your automated journeys with the same rigor you apply to compliance controls.

So, you need to ask yourself, and have answers for, “Where are my customers most likely to contest charges, allege fraud, or raise issues that could escalate to regulators or social media?”

Those points should have prominent, documented pathways to human agents, not just buried “contact us” options.

Outbound teams are affected too. When a refund or complaint triggers follow up calls or messages – think collection of negative balances, outreach about disputed transactions, or make good offers – the same customer who just battled your automated gauntlet may be less tolerant of robocall-style outreach.

The safest posture is to treat outbound and inbound as a unified CX and compliance surface. Disclosures, consent, human access, and record keeping should be harmonized rather than siloed, and handled by separate teams with different thresholds.

Why “Highest Common Denominator” Is Safer

Brands operating across multiple states and countries wrestle a messy patchwork of rules around refunds, chatbot transparency, agent location, and escalation rights.

A California-only AB 578 workflow, a different one for New York’s chatbot rules, and yet another for Canadian and also for European jurisdictions with their own consumer protections, language, and privacy laws might look efficient on paper, but it becomes fragile in practice.

Agents could get confused, including not knowing where the customer is located. There is also the risk of documentation fractures. And proving compliance in a cross border complaint or class action gets harder, not easier.

…brands that build around transparency, consent, and human fallback…will be in a far better position than those that cling to opaque, automation-only models.

An alternative play is to treat AB 578 and its peers as a preview of where the floor is headed and build a higher internal standard that can travel. That might mean:

• Adopting clear, consistent bot and AI disclosures everywhere, mandated or not.
• Making a human escalation path obvious in every high stakes flow, regardless of state (or country).
• Defaulting refunds to the original card when you’re at fault with narrow, evidence-based exceptions.
• Logging automated interactions and escalation decisions so that Governance, Risk and Compliance (GRC) and Legal can actually find what they need.

Viewed through a GRC lens, these are not just user experience (UX) preferences; they are controls. They define how the organization treats consumer harm, complaint handling, and regulatory exposure in real time.

A Practical Playbook for Contact Centers

Here’s what leaders can do right now:

1. Inventory automation. Map where bots, IVRs, and automated emails or texts are making decisions about money, access, or legal outcomes. Prioritize flows that deny refunds, close tickets, or impose fees.
2. Nail down “human required” scenarios. Use AB 578 as a template: non-delivery, botched service, fraud claims, security events, and any situation that reasonably implicates consumer harm should have guaranteed human handling.
3. Build in disclosure and easy exit. Make it explicit when a customer is interacting with AI or automation (spell out “you’re talking to AI” upfront) and make the human button impossible to miss: especially after one or two failed automated attempts.
4. Align outbound and inbound rules. Ensure the same consent, disclosure, and escalation standards apply to both inbound and outbound when you’re calling or texting customers about the outcomes of those disputes.
5. Make it GRC, not a one time UX tweak. Monitor where automation breaks, track complaints about “I can’t reach a human,” and feed that data back into both product design and compliance oversight.

Where Legislation Is Headed

AB 578 won’t be the last word on how refunds are processed or when humans must step in. It is, however, an unusually clear example of legislators codifying what many consumers already assume: automation may be the front door, but it cannot be the only door.

As more states experiment with refund and CX rules – and as federal lawmakers probe AI and offshoring in contact centers – brands that build around transparency, consent, and human fallback now will be in a far better position than those that cling to opaque, automation-only models.

For contact center leaders, that’s not just a compliance story. It’s an opportunity to get ahead: craft outreach and service that lean into automation’s speed while honoring AB 578’s core truth: when something goes sideways – especially with money – the consumer deserves a real person who can fix it.

In December 2025, the Federal Trade Commission (FTC) fined Instacart $60 million for trapping customers in automated loops with no way out. A few weeks later, California’s AB 578 went into effect, requiring food delivery platforms to provide access to a human when automation fails.

This isn’t a food delivery story. It’s a contact center story.

The complaint data that drove that legislation exists in our industry too. The regulatory attention landed on food delivery first because that’s where the consumer evidence was loudest. It’s moving.

The movement is gaining international momentum, with Spain recently passing legislation requiring large companies to answer customer service calls within three minutes and prohibiting the exclusive use of automated systems.

And the operational gaps regulators are targeting – broken escalation paths, missing context, automation that doesn’t know when it’s failing – are the same ones contact center leaders have been quietly managing around for years.

What to Fix?

So, let’s talk about what to actually fix.

1. Escalation paths

This is simpler than you think but is messier than you’d expect.

AB 578’s requirement is straightforward: when automation can’t resolve a request, a human must be available. That’s it.

The question is whether your operation actually clears that bar. Not in theory but in practice.

• How many steps does it take a customer to reach a human when the bot fails?
• Is that path visible to them or do they have to fight for it?

Run the flow yourself. If it takes more than two steps from failure to human, you have a gap. If the path isn’t clearly surfaced, surface it.

This isn’t a complex fix. It’s a design choice that was made incorrectly and hasn’t been revisited.

2. Context transfers

This is where the real damage happens.

The escalation path is table stakes. Context transfer is where most contact centers lose the most ground, and where the next wave of regulation is pointing.

California’s AB 1018, which is currently working through the legislature, would require organizations to retain records of automated decisions for the life of the system plus five years. Fragmented handoffs stop being just a service problem under that standard. Instead, they become a record’s liability.

But forget the compliance framing for a second. When a customer moves from a bot to an agent and the conversation history doesn’t follow them, the agent starts cold. The customer has to repeat everything. That interaction – the one that was already failing before it reached a human – now has to rebuild trust from scratch.

One in three customers leaves a brand after a single bad experience. Most don’t complain first. They just leave. That’s the cost of starting over.

Getting context transfer right is good operations. It’s also increasingly the floor that regulators are moving toward. When those two things point in the same direction, it’s worth paying attention.

3. Automation failures

The harder question is this: does your automation know when it’s failing?

Most IVR and virtual agent systems are built to contain volume. That’s a legitimate goal. But containing volume and recognizing failure are different design objectives, and most systems optimize hard for the first one without building much capacity for the second.

I’ve seen this pattern a lot. A system that routes customers in circles – offering options that don’t resolve anything, re-presenting the same menu, suggesting self-service that doesn’t apply – without ever triggering an escalation.

It’s doing its job on paper. Containment rates look fine. Meanwhile, the customer has been in the IVR for nine minutes and is about to churn.

Under AB 1018’s proposed requirement for plain-language explanation of automated decision-making in real time, that design becomes a compliance exposure. But honestly, it’s a problem worth fixing before any regulator asks about it.

The test I’d use: could you explain to a customer, on that call, what just happened and why the system responded the way it did? If the answer is no – if the routing logic is opaque even internally – that’s your gap.

What This Means For Your Agents

Here’s the part that gets lost in compliance conversations: there’s an upside to this moment.

As automation absorbs more routine volume, the interactions reaching human agents are getting harder.

They are more complex, more emotionally charged, and more consequential. These are the moments that determine whether a customer stays.

Research consistently shows customers will pay more for a better experience. But what they’re really paying for in those high-stakes moments is the feeling that someone already understands their situation.

Context transfer is where most contact centers lose the most ground, and where the next wave of regulation is pointing.

That requires agents to have full context when they pick up. What the bot said. What the customer tried. Where things broke down. An agent who starts with that context can solve the problem. But an agent who starts cold has to re-litigate it first.

We in the contact center industry have a responsibility here. Not just to meet a regulatory bar, but to give agents a real shot at doing their job well when it matters most.

Three Things to Audit Now

Before the next bill lands, here’s where to start.

1. Escalation paths

Map the actual steps from automation failure to the human agents. More than two? Simplify. Not clearly surfaced to the customers? Fix that.

2. Context transfers

Confirm that the conversation histories, account context, and bot interaction data follow the customers when they escalate. If the agents are starting cold, fix the handoffs.

3. Automation failure recognition

Review whether your virtual agents or IVR has defined escalation triggers: which are the specific conditions that route interactions to humans instead of continuing to loop. If it doesn’t, build them in.

None of this requires waiting for legislation. The customer stuck in your IVR for nine minutes was always a problem worth solving. The regulatory environment is just making the cost of not solving it more explicit.

In 2026, contact centers operate at the intersection of two seismic forces reshaping customer engagement: hyper-scaled AI communications and an equally rapid rise in synthetic voice threats.

These aren’t future risks, they’re reality. Recent industry surveys point to a sharp increase in deepfake voice attacks and identity spoofing.

• 85% of surveyed organizations said they had experienced at least one deepfake-related incident within the previous 12 months (Ironscales).
• Organizations are also reporting attempts to use stolen personal information and cloned voices to bypass security checks and request sensitive account actions.

To protect customer experience (CX), improve authentication, and safeguard brand trust, forward-thinking contact centers are moving beyond traditional analytics.

They are adopting next-generation AI that can read customer behavior and emotions while spotting synthetic or cloned voices in real time. These combine conversational insights with fraud detection in a single, integrated system.

The Rise of Synthetic Audio Threats

Voice cloning and synthetic audio are no longer niche technologies. Open-source models and cloud-based tools make it possible for non-experts to generate convincing deepfake voices quickly and inexpensively.

Analysts now consider synthetic audio attacks part of a high-growth category of emerging fraud threats.

According to Gartner (“Emerging Fraud Threats in Customer Channels,” 2024), AI-driven impersonation attacks, especially deepfake audio and synthetic identity fraud, are accelerating across enterprise contact centers.

Academic research initiatives such as ASVspoof, the leading global benchmark for synthetic speech detection, highlight the rapid advancement of voice-generation systems. But also the pressing need for robust detection methods.

Contact centers, with their high-volume and high-value voice interactions, are particularly exposed. Large enterprises may process tens of thousands of calls per day, each presenting potential opportunities for impersonation or account takeovers (ATOs).

Why Contact Centers Are Especially Vulnerable

Contact centers serve as gateways to sensitive customer data and financial transactions. Agents often have the authority to reset passwords, update personal details, authorize payments, or approve refunds.

If a malicious actor successfully impersonates a customer, the consequences can include financial loss, regulatory exposure, and reputational damage.

Historically, organizations have relied on multiple layers of protection:

• Procedural controls, such as knowledge-based authentication, passwords, and security questions.
• Voice biometrics, adopted by some large enterprises to verify callers’ identities.
• Human judgment, applied when agents notice inconsistencies or unusual conversational behavior.

While these measures remain valuable, they were developed in a world where voices were assumed to be authentic.

Synthetic audio undermines that assumption. It creates scenarios where fraudsters can mimic customers’ voices convincingly enough to bypass traditional verification methods.

The Challenge of Detecting Deepfake Voices

Unlike video deepfakes, which may reveal visual artifacts, synthetic voices produce subtler cues that are difficult for humans to detect. Research shows that listeners often cannot reliably distinguish real from AI-generated speech, especially in brief or noisy interactions.

Conventional detection approaches typically focus on signal-level artifacts, which are small irregularities in the audio waveform.

These methods can work in controlled environments but often fail in the diverse conditions found in real-world contact centers: multiple languages, accents, variable audio quality, and background noise.

They can be even less reliable in remote or work-from-home (WFH) contact center environments. When agents are WFH, you get uncontrolled settings, different devices, and network issues that introduce noise and distortions.

That makes it harder for traditional, signal-based systems to pick up the right cues: which is why more robust, behavior-based approaches tend to perform better.

Synthetic audio introduces a fundamental tension: the voice on the line may no longer be a human at all.

A more resilient approach looks beyond the waveform to analyze behavioral and emotional patterns in speech.

Human speech carries layers of information beyond words. Emotional cues, conversational rhythm, vocal emphasis, and micro-variations in timing all convey intent, engagement, and behavioral patterns.

While modern voice synthesis can replicate surface-level features like pitch and timbre, it struggles to reproduce the full complexity of human behavioral signals. Inconsistent emotional expression, unnatural pacing, or subtle timing errors often reveal synthetic origin if the right analytical tools are applied.

Advanced Detection

These insights underpin a new generation of detection technologies. They combine acoustic analysis with behavioral and emotional intelligence, evaluating speech for both signal-level artifacts and human behavioral patterns.

Key differentiators from the older generation of solutions, which are primarily based on voice synthesis, include:

• Behavioral and emotional intelligence at their cores. Unlike conventional approaches, the newer systems leverage emotional and behavioral attributes of human speech to detect inconsistencies that synthetic voices struggle to replicate.
• Accuracy and robustness. Our internal benchmarks show 95% performance on challenging datasets, surpassing older methods, which are typically 85%–92% performance.
• The new models are robust across multiple languages, diverse accents, and noisy environments, making them suitable for global contact center operations.
• Ultra-fast, real-time performance. Engineered for operational environments, these systems can operate as fast at 20× real-time on standard graphics processing unit (GPU) deployments, delivering detection within 500 milliseconds for a three-second utterance.
• Streaming detection identifies deepfake presences within three seconds, and the systems can flag synthetic audio from as little as two seconds of input.
• (GPUs are widely used in AI and machine learning, such as for training neural networks: processing large datasets to teach models patterns in speech, images, or text. And for real-time inference: making fast predictions such as detecting deepfake voices during live calls).

Bottom line: by integrating both emotion-aware analysis and behavioral cues, the new generation of systems identify potential deepfake interactions earlier and more reliably than traditional signal-based approaches.

Why This Approach Matters

The combination of emotion AI and behavioral deepfake detection addresses two critical challenges for contact centers:

1. Rapid, high-volume detection. Contact centers cannot rely on human judgment alone; thousands of interactions occur daily. Real-time, automated detection ensures suspicious interactions are flagged immediately.
2. Robustness across diversity. Global operations involve multiple languages, accents, and background conditions. Emotion- and behavior-based detection ensures that the system maintains high accuracy across these diverse scenarios.

The result is a practical and operationally deployable solution that protects both security and customer trust without interrupting legitimate interactions.

Preserving Trust in Voice Communication

Voice remains a vital channel for customer engagement. It allows agents to convey empathy, resolve complex issues, and create a sense of connection that digital channels often cannot replicate.

Synthetic audio introduces a fundamental tension: the voice on the line may no longer be a human at all. Maintaining trust requires new intelligence in contact center systems capable of understanding not just WHAT is said, but HOW it is said.

Emotion-aware deepfake detection represents a critical step in this evolution. By combining behavioral analysis with acoustic modeling, contact centers can distinguish authentic human speech from synthetic imitation, even as voice-cloning technologies advance.

The future of secure, trusted voice interactions will depend on the ability to verify authenticity in real time, safeguarding both customers and the organizations that serve them.

Compliance with laws, regulations, requirements, and standards to ensure cybersecurity and customer privacy has long been seen as the purview of security officers or IT directors, who usually focus on risk assessments and technology requirements.

In the modern contact center, compliance has as much to do with customer service and branding policies as with infrastructure. It determines how customer care teams:

• Manage and store data.
• Develop effective workflows.
• Craft scripts and prompts.
• Leverage performance analytics.
• Maintain their brands for both in-house and outsourced environments.

For good reason. Threat actors have long tried to exploit the vulnerabilities of the contact center:

• In 2025 alone, there were reports of high-profile companies beset by major data security violations. These include a Zscaler incident involving a third-party AI support agent that resulted in stolen customer details, emails, and case information.
• Other victims of customer data breaches included Quantas’ offshore billing organization, and Episource Healthcare Billing, plus a roster of companies from Google to Adidas, all exposed by an exhaustive Salesforce.com breach (source: FortifyData).

As the public’s awareness of personal data rights evolves, in-house contact center teams, business process outsourcing organizations (BPOs), and other providers are increasingly under a microscope. They must prove they have the means and expertise to ensure their policies are correctly managed.

…compliance has as much to do with customer service and branding policies as with infrastructure.

As a result, compliance-related issues have moved to front-of-mind for companies and their customer support teams.

Adherence has shifted from a back-office obligation to a front-line concern, with 73% of leaders convinced that the satisfaction of compliance standards improves the perception of their businesses, according to a 2023 compliance trends report by NorthRow, cited by Drata.

Regulations That Shape Centers

Here are the key laws, regulations, and standards that commonly shape contact center agent conduct (also see FIGURE 1).

1. TCPA (the Telephone Consumer Protection Act), TSR (Telemarketing Sales Rule), and Do Not Call regulations that mandate U.S. outbound contact practices.

They require marketers to protect against intrusive telemarketing calls, SMS text messages, and faxes, set calling hours, and maintain and comply with do not call lists, enforced by the Federal Trade Commission.

(Note that some states have regulations, notably on calling hour windows, that are more restrictive than the federal regulations.)

2. CCPA (California Consumer Privacy Act), which defines privacy rights for state residents. CCPA requires that companies provide amenities such as an official privacy policy, functional opt-out links, and 45-day response times for consumer requests.

3. HIPAA (Health Insurance Portability and Accountability Act), which dictates how U.S. healthcare data and electronic patient records are handled, stored, and transmitted.

These mandates extend not just to healthcare organizations, but to every business partner that works with a healthcare organization.

4. PCI DSS (Payment Card Industry Data Security Standard), enacted by the PCI Security Standards Council. It protects customer financial transactions, providing mandates on how and when credit card information can be transmitted or exposed during contact center interactions.

5. GDPR (General Data Protection Regulation), which governs data access and portability, consent, rectification, and erasure rights for European Union (EU) member state consumers.

The GDPR applies to companies transacting in countries that belong to the EU. Any business that works with customers located there must also comply with these guidelines, since they gather data relative to them.

6. Other European countries that do not belong to the EU, such as Norway, Switzerland, and the U.K. have regulations that are similar or nearly identical to GDPR.

Those include:

7. There are various regulations that are in force across the Asia-Pacific region. These include:

• 2021’s Personal Information Protection Law (PIPL) in China.
• The Act on the Protection of Personal Information (APPI) in Japan.
• The sector-specific Personal Data Protection Act (PDPA) in Singapore.
• Digital Personal Data Protection Act (DPDPA) in India.

All these set rigorous policies for data transmission, including consent-centric guidelines and significant fines for violations.

Additionally:

• Australia has several federal, state, and territorial regulations covering personal information.
• New Zealand has national rules on data protection and privacy.

8. PIPEDA (Personal Information Protection and Electronic Documents Act) applies to private organizations across Canada that collect, use, or disclose personal information during commercial activities, including interprovincial or international data transfers.

Under PIPEDA, organizations must limit data collection to what is necessary, secure it, and allow individuals to access/correct their information.

(Ed. note: The law has now been amended [see Division 23] to include personal data mobility.)

Some Canadian provinces have developed their own proprietary data privacy laws, such as Quebec’s Law 25: which has been updated to include mandatory breach reporting.

9. Across Latin America (LATAM), countries are updating and strengthening their data protection and privacy regulations.

These protections are certainly necessary, but they must be thoughtfully executed in contact center environments.

Superior customer engagement is now a primary competitive differentiator for businesses. Any compliance-related practices that create delays, repetition, or burdens for the consumer carry reputational and experiential consequences.

As a result, compliance-related issues have moved to front-of-mind for companies and their customer support teams.

Customers inherently assign loyalty to merchants based on the quality of their service interactions. Maintaining a secure but swift and friction-free journey is table-stakes for competition-conscious organizations.

Well-Executed Compliance Builds Trust

Government- and industry-based compliance regulations affect daily contact center operations, from call recording disclosures to multifactor authentication requirements and to data retention policies.

Public awareness of data privacy issues is rising. A survey of 200 senior decision-makers from U.S. and European businesses showed that 88% of organizations receive direct data privacy inquiries from customers, including requests to access, review, delete, or correct records.

That judicious view is only growing. A 2025 Thales survey shows that consumer trust in digital services continues to deteriorate “universally” across 13 market sectors.

• 82% of respondents claim they’ve stopped patronizing a company due to negative perceptions about utilization of their data.
• Nearly 20% percent of respondents claimed to have experienced exposure of their data in the past year.

The questioning of monetization policies is now standard. The way businesses respond to these inquiries can impact their brands’ reputation with its customer base.

The increase in consumer interest demonstrates a need for forthright yet expedient compliance processes. These include explanations of how customer data is used, or why certain verifications are necessary.

Customer experience (CX) must be a proactive priority in designing compliance policies while at the same time adhering to their letters and intent.

Guidelines that are intelligently implemented translate to preserving confidentiality and securing sensitive data, which enhances successful customer engagement efforts.

The Impact of Regulations

As I outlined earlier, modern contact centers operate in dense regulatory environments, which directly affect the CX.

These regulations invariably dictate how customer care managers script calls, handle outbound campaigns, report activities, and design customer authentication flows.

For instance, many data protection laws require agents to verify recipients’ identities before discussing account details, while consent regulations govern when and how customers may be contacted.

Although these safeguards provide protection, they introduce complexities into interactions and can prolong engagements that customers expect to be fast, personalized, and low-effort.

But the financial stakes are high for businesses that fail to comply with key regulations:

• TCPA penalties range from a standard $500 up to $1,500 for willful violations per unauthorized call, text, or fax. The FCC can impose $16,000 to $26,000 in fines per violation.
• The state of California can impose fines on for-profit businesses from $2,500 to $7,500 for a single incident.
• Maximum HIPAA penalties reached more than $73,000 per violation in 2026, with a cap of $2.19 million.
• GDPR infractions can cost companies up to €20 million or 4% of the accused’s global annual revenue.
• Organizations can be penalized as much as $100,000 CAD per knowingly failed violation of PIPEDA mandates.

Compliance-Related Quality Breakdowns

Despite heightened awareness, like of CX impacts and the risk of being hit with tough penalties, many organizations struggle to consistently enforce compliance.

For instance, contact center managers often have a limited capacity to provide comprehensive visibility into day-to-day agent interactions. This is due to the tremendous increase in data capture and the lack of tools to effectively manage this information.

Some contact center experts claim, from what I have read, that the typical QA team can manually review only about 2% of total calls.

Adherence to policies and procedures is a must for live agents if compliance efforts are to succeed. Live-agent assessments…can provide ongoing safeguards…

Companies become more vulnerable to violations when a vast body of interactions are not evaluated for potential compliance issues.

This increases the likelihood of missed disclosures, subpar data handling, or improper consent language going unaddressed. Such untended errors can escalate into customer complaints, winnowing brand allegiance, regulatory intervention, and yes, fines.

Compliance must be operationalized while remaining cognizant of quality customer interactions. When these values are not upheld, customers often experience the consequences long before regulators become involved (also see FIGURE 2).

• Inconsistent or siloed authentication processes often force customers to repeat information across different departments and channels, generating frustration.
• Poorly designed consent scripts can feel robotic and superfluous.
• Delayed access to data or ignored requests for corrected information can chip away at consumer confidence in an organization’s capabilities.

These issues can compound over time, undermining brand reputation and deterring repeat business: a fate nearly as devastating as formal penalties.

Automation, Assessment, and the Future of Compliant CX

To address these challenges, customer care executives and BPOs are increasingly turning to automation, applied analytics, assessments, and AI-driven technology to embed compliance as an organic part of customer interactions.

Elements like voice analytics, real-time skilled agent guidance, and automated redaction tools are being deployed to reduce human error and maintain adherence. Yet they still preserve a personalized and conversational quality for contact center interactions: including appropriate human participation.

Tactics for contact centers can include the establishment of a business contract for partners that outlines compliance requirements, plus enforced, role-based permissions to access data.

Compliance and CX are now interdependent disciplines, and that’s not necessarily a bad thing…adherence sets the baseline for trust…

Adherence to policies and procedures is a must for live agents if compliance efforts are to succeed. Live-agent assessments conducted by skilled experts can provide ongoing safeguards against staff complacency or inconsistent adoption of procedural policies.

Activities like real-time coaching and the development of well-defined scripts help agents deliver mandatory disclosures more naturally and resolve issues with less strife.

Compliance assessments can also encompass technical evaluations of CRM integrations and firewall deployment to ensure all infrastructure is updated and appropriate.

The Balance of AI and Humans

A large majority of contact centers are investing in advanced compliance monitoring technologies to improve consistency and reduce risk exposure.

PwC’s 2025 Global Compliance Survey revealed that 75% of businesses are leveraging technology for compliance and transaction monitoring; 72% have implemented solutions for regulatory disclosure and reporting purposes.

Should companies, in-house and BPOs alike, choose to incorporate AI-based agents into their contact center environments these solutions must have a broad list of compliance features.

• Viable agentic AI platforms should automate consent capture, enforce redaction, produce tamper-resistant audit trails, and enact script controls that obscure sensitive data from call recordings, transcripts, or screen captures to maintain compliance.
• Advanced systems that keep the consumer’s personal and financial information out of the transaction workflow so it can’t be intercepted, using methods like encryption and tokenization to replace and securely store personal identifiable information (PII).
• Storage of encrypted data can also be purged at set intervals to meet compliance regulations.

Although AI-based capabilities continue to grow, human agents are still the favored customer option when it comes to escalations. Human-assisted AI, or “human-in-the-loop” contact centers, provide a balance at “the Intersection of People and Technology,” (Execs In The Know) delivering a competitive edge.

CX: Standing the Test of Compliance

All these actions can serve as enablers for excellent customer engagement, rather than impediments. As solutions and tactics evolve, organizations will succeed if they treat compliance as an opportunity to enhance the customer journey.

Well-executed, strategic, and seamless compliance practices build consumer confidence and reduce friction. They signal respect for both the customer’s time and their valuable credentials.

Compliance and CX are now interdependent disciplines, and that’s not necessarily a bad thing. Regulatory adherence sets the baseline for trust, and CX determines whether that trust translates into ongoing patronage.

As public expectations of data safety and cybersecurity continue to magnify, compliance will be judged not just by regulators or even IT managers. The ultimate verdict of effective compliance will come from the customers themselves.

A contact center never needs a sudden surge in calls from frustrated or irate customers. And yet that’s precisely what happens when a company’s digital platform has its integrity broken.

Many discussions about platform integrity—keeping everything on a digital platform real, safe, honest, and functional—focus on brand health or maintaining customer loyalty and quality of experience.

Those are critical reasons to rigorously maintain platform integrity. But it means as much (maybe more) to the agents on the frontlines of customer interaction who handle millions of critical conversations, questions, and issues every day.

When things go wrong on a platform, the impact is immediate and greatly magnified for everyone in a contact center. Platform integrity builds and maintains trust for customers and the people charged with helping them.

Platform Integrity in Contact Centers

For a contact center, platform integrity requires three things:

1. Safe, secure places for customers and agents to interact. That means phone lines, chat windows, social media, and emails are free from scams or abusive messages.
2. Real and reliable information. When agents look up an answer or send a guide, customers get the facts: not misleading or outdated content.
3. Protected personal data. Every detail a customer shares is handled with care, privacy, and respect.

When these basics are kept in check, customers feel confident, agents do their best work, and the company keeps its reputation untarnished.

When Things Go Wrong

It doesn’t take much. One bad experience can obliterate trust. And lost trust spreads through online reviews and social media (pick your metaphor: wildfire, virus, flood, none of them good).

When that happens, complaint volumes shoot up, making life harder for agents. More customers may decide to abandon the company, share their stories publicly, and pass along their disenfranchisement to others.

When things go wrong on a platform, the impact is immediate and greatly magnified for everyone…

Invariably this affects agents. They can feel overwhelmed or demoralized as they handle a slew of angry, confused, or even abusive customers. And they may be tempted to leave and not recommend working for the contact center, resulting in staffing challenges and higher costs.

The contact center itself can become clogged with handling the issue. This increases the likelihood that other customers who are not directly involved with the integrity breakdown also feel its ill effects.

Ultimately, a company’s brand can suffer real damage when it loses the trust of its customers. Consider the following:

• Nearly 70% of people say trust matters more than price when dealing with a company (Edelman DXI).
• Two-thirds of businesses will pay more for honest service (Forrester).
• But less than one-third actually trust companies against scams and provide true information in their social media content (Forrester via Marketing Dive).

This might imply that the deck is already stacked against companies before a problem arises. But that’s all the more reason to remain vigilant.

So why do problems still tend to erupt?

Why Contact Centers Play a Key Role

Platform integrity sounds straightforward. But the advantages of digital platforms also create opportunities for trouble.

1. Growing volume and complexity. Multichannel systems (voice, chat, social, email) mean more ways for things to go wrong.
2. Speed versus accuracy. Fast responses might fix problems quickly. But they may miss big risks that slower, more thoughtful reviews would spot.
3. Legal and cultural differences. International contact centers need to respect local laws, customs, and expectations: hard to do without expertise.
4. Cost. Real protection costs money, but the cost of failing is much higher.

Technology can help. Automated filters and AI can scan messages and flag problems. But even AI can’t catch everything. For example, sarcasm, subtle threats, or nuanced harm are easier for people to spot than AI.

Use AI to scan for threats: fake messages, spam, toxic content. But keep skilled people in the loop.

And if you adjust your automated filters to super-strict? Important and appropriate messages may get caught and blocked. Too loose? Dangerous or dishonest content can sneak through.

The answer: team skilled people in the contact center with smart tech.

How To Build Platform Integrity

Here’s how contact centers can stay one step ahead of integrity issues:

1. Audit Channels and Content Regularly

Never assume anything is working perfectly. Check phone systems, chat platforms, and digital tools for security gaps or outdated information. Review common answers, help guides, and digital content often. Look for risks and update your systems as problems appear.

2. Train Agents to Spot and Report Issues

To customers, agents are the company. Make sure they are well trained.

• Teach them how to recognize scams, offensive messages, or suspicious activity.
• Make it easy for agents to flag problems, then treat their alerts seriously.
• Define clear routes for reporting, solving, and following up.
• Make support easy to reach and fast to respond to agents and customers alike. When they uncover issues share lessons learned with everyone. And give those who found them pats on the back.

3. Mix Smart Technology with Human Oversight

Use AI to scan for threats: fake messages, spam, toxic content. But keep skilled people in the loop. Some risks require human judgment.

Also, combine regular automated filtering with manual reviews for complicated cases. And make sure anyone assisting with this filtering has full support to maintain their mental and emotional wellbeing.

4. Protect Personal Data and Privacy

Treat customer information as something precious. Limit what is stored and who has access. Be transparent: tell customers how data is used and why. Regularly review privacy safeguards for gaps.

5. Keep Communication Honest and Quick

If something goes wrong, don’t hide it. Communicate clearly with agents and customers. Apologize, explain what’s being done, and share updates. Fast, honest answers build trust: even after mistakes.

6. Learn from Mistakes and Successes

Treat every complaint, breach, or glitch as an opportunity. Track what happens, look for patterns, and fix problems at the source. Celebrate wins when agents catch and resolve risks early.

When Outside Help Makes Sense

Sometimes, holding the line isn’t possible alone. High volume, complex rules, or a crisis may overwhelm even well-trained teams. Expert partners that specialize in keeping digital channels safe and trustworthy can provide:

1. Around-the-clock monitoring. No downtime; no gaps in protection.
2. Advanced tools and up-to-date techniques. Scanning, vetting, and managing threats.
3. Fresh perspective and specialized skills. Advice for handling new risks in real time.

Contact centers should choose experts who understand customer experience (CX), not just technology. The best partners listen, adapt, and protect the company’s reputation as carefully as the contact center itself does.

Before bringing in help, set clear goals. What needs protecting most? Where are the biggest risks? Choose partners with transparent practices that fit your company’s values and standards.

Platform integrity in contact centers is not just a technical issue. Every customer interaction is another step in a relationship.

Keeping those interactions honest, secure, and safe avoids them becoming missteps. Then each call, each question answered, each issue resolved, can keep building a lasting customer relationship.

With new technology comes new possibilities and new risks.

As Next Generation 9-1-1 (NG9-1-1) access expands, it is increasingly important to consider the threats that emerge when new tools designed for public good fall into the hands of amorally-inclined individuals.

Nowhere is that responsibility more critical than within the public safety ecosystem, where trust, speed, and accuracy directly impact public safety outcomes.

Criminal abuses such as call spoofing, coordinated swatting attacks, and denial-of-service cyberattacks are becoming more prevalent and more sophisticated.

On legacy wire telephone networks, abusers could only make one call at a time, limited to voice communication. But with IP-based multichannel NG9-1-1 networks, which, while enabling more effective first response, the bad actors now have more vectors to commit crimes.

For emergency communication centers (ECCs), these threats are operational realities that require new approaches to detection, response, and prevention.

As NG9-1-1 adoption and AI technology continue to advance, emergency communications must evolve alongside, not only to benefit from their capabilities, but to defend against misuse.

Understanding the Threat Landscape

9-1-1 systems process hundreds of millions of emergency calls in the U.S. each year, serving as the connection between people in crisis and first responders.

Historically, nuisance calls and hoaxes were viewed as isolated disruptions. Today, those disruptions have evolved into coordinated, technology-enabled attacks that pose serious safety risks.

As NG9-1-1 systems become more interconnected, three primary categories of abuse have emerged: call spoofing and swatting, cyberattacks on emergency communications infrastructure, and AI-generated deception.

1. Call Spoofing and Swatting

Call spoofing – or submitting a false request for emergency assistance – is a prime example of how these threats can escalate quickly, resulting in unnecessary emergency responses, misallocation of resources, and, in extreme cases, injury or loss of life.

Swatting incidents deliberately generate unnecessary and dangerous emergency responses by falsely reporting an emergency with the intention of generating a SWAT-style response from law enforcement, often to disrupt an organization or cause harm to a specific individual.

Like many criminal threats, spoofing, swatting, and related abuses may not occur daily or even weekly, but that does not diminish their impact. Telecommunicators and first responders must remain prepared at all times because the cost of a single incident can be severe.

These events also tend to occur in waves. After a high-profile incident, copycat attacks often follow across jurisdictions, underscoring the need for coordinated awareness and consistent preparedness across ECCs nationwide.

2. Cyberattacks on Emergency Communications Systems (ECSs)

As NG9-1-1 systems shift from legacy wireline infrastructure to IP-based networks, they inherit the cybersecurity risks faced by other critical infrastructure sectors.

Ransomware, malware, phishing campaigns, and denial-of-service attacks increasingly target ECSs, seeking to disrupt operations or compromise sensitive data.

Unlike traditional nuisance calls, cyberattacks can impact multiple systems simultaneously, degrading call handling, delaying response times, or temporarily disabling emergency services altogether.

For ECCs, cybersecurity is no longer an IT-only concern. It is a frontline public safety issue.

3. AI-Generated Deception

The rise of generative AI introduces a new category of threat: highly realistic, AI-generated deception.

Synthetic voices, manipulated incident-related imagery (IRI) e.g., still images, pre-recorded video and streaming video, and deepfake content have the potential to make fraudulent emergency calls more convincing and more difficult to detect.

As these tools become more accessible, the risk of AI-assisted abuse within emergency communications is expected to grow.

Frontline Detection and Response Protocols

Behind every call is a human working under intense pressure.

ECC professionals strive for accuracy on every call. They know that even small mistakes can have significant consequences. Leaving out a detail or misinterpreting a caller’s information can put lives at risk.

The introduction of new threats such as spoofing, cyberattacks, and AI-generated deception adds another layer of cognitive and emotional stress.

As NG9-1-1 adoption and AI technology continue to advance, emergency communications must evolve alongside…

For today’s 9-1-1 telecommunicators, the challenge is no longer limited to identifying obvious prank calls.

They must navigate increasingly complex forms of deception while still adhering to their core mission.

The long-standing principle of “when in doubt, send them out” (i.e., if it could be a legitimate emergency, send first responders) remains valid.

But it now must be supported by enhanced training to identify abuses, stronger verification tools, clearer protocols, and organizational support.

9-1-1 telecommunicators today have access to far more resources than in the past. Web-based applications and call management tools can help verify caller location and corroborate details, offering additional context to more easily identify spoofed or manipulated calls.

While these tools do not replace human judgment, they enhance call-takers’ ability to respond efficiently and effectively to legitimate emergencies.

At the same time, decision-making cannot stall [in these situations]. If a call raises concerns, the safest course of action is often to dispatch first responders while clearly communicating any uncertainties or risks. Providing response teams with context about suspicious calls allows them to approach situations with greater situational awareness.

Equally important is escalation. 9-1-1 telecommunicators are trained to alert supervisors or managers when something feels off. As the first line of defense, their instincts and experience matter.

For today’s 9-1-1 telecommunicators…They must navigate increasingly complex forms of deception while still adhering to their core mission.

When a telecommunicator flags a potential spoofing or deepfake scenario, it is critical that leadership responds quickly, ensuring that all relevant personnel are aware and engaged.

Technology Solutions and AI Integration

Across the public safety ecosystem, new tools are being introduced to help detect and deter spoofing, swatting, and other criminal abuses. AI is already delivering meaningful benefits within ECCs, but it is not a standalone solution for every situation.

Used correctly, AI acts as a force multiplier. During high-stress calls, AI-enabled applications can surface relevant information, identify anomalies, and suggest follow-up questions or observations.

For example, sentiment analysis and gesture recognition can help identify signs of distress, while IRI analysis can draw attention to background details that a telecommunicator might miss while focusing on the caller.

These insights are valuable, but they are not definitive. Public safety leaders are not advocating for AI to determine whether a call is legitimate on its own. A 9-1-1 telecommunicator’s experience, intuition, and the situational awareness gained from handling thousands of calls, remain irreplaceable.

Call handling software also provides practical defenses against spoofing, such as location verification tools that help confirm whether a caller’s reported location aligns with available data.

…AI-enabled applications can surface relevant information, identify anomalies, and suggest follow-up questions or observations.

Over time, these capabilities will continue to mature, but human oversight remains central to ensuring accuracy and accountability.

Building Organizational Resilience

If there is one consistent lesson across industries adopting disruptive technology, it is that training matters. Training early, often, and inclusively makes the greatest difference between successfully identifying falsified emergencies and accidentally neglecting a real crisis.

That said, technology and training alone are not enough.

Policy coordination plays a critical role in addressing AI-driven threats to 9-1-1 systems. But in many states, 9-1-1 governance is highly decentralized. Home rule structures allow counties or municipalities to make independent decisions, which can complicate efforts to implement consistent safeguards.

While national standards bodies such as the National Emergency Number Association (NENA) and the Association of Public-Safety Communications Officials (APCO) provide baseline guidance, how closely that guidance is followed varies.

Funding models further complicate the picture. When ECCs rely primarily on local funding rather than state-level support, implementing advanced defenses against false reports and spoofing becomes more challenging at scale.

One effective approach is the creation of state-level repositories for incident reporting. Encouraging ECCs to document and share spoofing events builds a collective knowledge base that benefits all jurisdictions. These repositories can inform best practices and highlight emerging patterns.

Peer coordination groups, such as statewide 9-1-1 professional associations, also play an important role. By bringing leaders together regularly, these groups enable shared learning and collective problem-solving.

At the federal level, resources from organizations such as SAFECOM and the Cybersecurity and Infrastructure Security Agency (CISA) (whose aegis SAFECOM is under), provide guidance on cybersecurity practices and data hygiene.

White papers, webinars, and conferences remain valuable channels for distributing this information and helping ECCs stay informed.

Preparing for What Comes Next

Threats to 9-1-1 systems are evolving, and defenses must evolve with them. While technology continues to advance, effective response is still grounded in human expertise, organizational trust, and continuous learning.

For ECC managers, the path forward is clear: involve people early; train consistently; use technology thoughtfully; maintain human oversight; and foster collaboration across agencies and jurisdictions.

AI is no longer experimental in customer support centers. Many teams already rely on it inside their CRM applications for tasks like case summaries, prioritizing SLA-critical issues, sentiment analysis (detecting frustration or churn risk), and auto-scoring chats for compliance.

These AI-based tools save time and reduce friction for both care teams and customers. But as they become more embedded in daily operations, so does a new and largely unseen risk. The same features designed to help support center agents work faster can be manipulated by criminals and used against you.

For customer support centers, where customer data is their most valuable asset, this creates serious exposure to risk.

A single compromised AI agent can:

• Enable large-scale customer data theft.
• Create fake administrative accounts.
• Launch follow-on attacks across the business.

Just as damaging, it can quickly erode customer trust.

How CRM AI Agents Can Be Criminalized

One of the most serious risks comes from how CRM AI systems identify who they’re interacting with. I uncovered how attackers can impersonate powerful administrative users in less than a minute without having a valid username or password. In some cases, all that’s required is an employee’s email address.

This represents one of the most severe AI-driven security vulnerabilities found to date, highlighting just how quickly internal systems can be weaponized.

This weakness appears in the systems that connect external collaboration tools like Slack or Microsoft Teams to CRM platforms. These connections allow AI agents to move information between systems and assist agents in real time.

The same features designed to help support center agents work faster can be manipulated by criminals…

Problems arise when these connections rely on a shared root key (e.g., admin API keys or OAuth client secrets) instead of short-lived, unique credentials.

With that root key and an administrator email address, an attacker sitting on the other side of the world can pose as a legitimate user. This bypasses protections many organizations rely on, such as multifactor authentication (MFA) and single sign-on (SSO).

The impact is immediate. An attacker can create new fake accounts, reset passwords, or steal sensitive customer data such as Social Security numbers, security Q&As, and biometric identifiers, while appearing to be a trusted supervisor.

Just like that, the AI agent becomes a launchpad for criminal activity.

Weaponizing AI Collaboration

Another emerging risk involves how AI agents work together. Many CRM platforms use agent discovery features, which allow one AI agent to ask another for help if it lacks the tools to complete a task.

This tool speeds up service, but it can also be exploited. Attackers can hide malicious instructions inside normal-looking text, such as a support ticket description or customer message.

When a basic AI agent reads that text to summarize it, the hidden instructions can override its intended behavior. That agent may then call in a more powerful AI agent that has access to records or system controls.

Even when basic AI safeguards are in place, this risk can persist. If all AI agents are grouped together and allowed to freely interact, a simple helper bot can be weaponized. It is then able to steal sensitive customer data, modify records, and let attackers make system changes that should only be done by supervisors or admins.

Why This Matters to Customers

The weaponization of CRM AI can create a snowball effect that ultimately impacts customers. When criminals gain access to internal CRM AI systems and extract confidential information, they can use that data to launch highly convincing scams targeting your customers.

At the same time, we’re seeing organized criminal groups increasingly target CRM platforms as part of broader attacks on other software-as-a-service (SaaS) applications.

They take advantage of how flexible these systems are and historically have relied heavily on social engineering. Employees may be tricked into using apps that appear legitimate but then quietly grant criminals access to sensitive data.

This risk has become exacerbated by the introduction of AI agents as they, similar to humans, can be prone to being tricked and manipulated for a malicious goal.

CRM AI should be viewed as both a user and as a system that requires constant oversight.

Attackers focus on high-privilege users and forgotten admin accounts, knowing that manual oversight is difficult in complex CRM environments. Once access is gained, data can be copied or exported without triggering alarms.

Regulations Are Catching Up

As these risks grow, regulators are paying closer attention. In the U.S., Canada, and globally, there is increasing focus on how non-human identities like AI agents interact with consumer data.

New and proposed rules are pushing organizations to be more transparent and accountable for AI behavior. While the language varies by region, the direction is clear: AI systems are expected to follow many of the same data protection and accountability standards as human users.

For customer support centers, this means AI activity must align with privacy and compliance obligations. Organizations need clear approval processes for AI agents and accurate records of what those agents do. As regulators expand their scrutiny, unsecured AI agents could lead to legal and financial consequences.

Safer AI Practices

Protecting the customer support center requires treating AI agents as part of the workforce, not just software features.

1. Strengthen authentication between collaboration tools and your CRM.

Matching an email address or using a shared key is not enough. Connections established between users and AI agents should require MFA and these connections should be tested to ensure they cannot be bypassed.

2. Apply human oversight to high-impact actions.

AI agents should not be allowed to create system users, change permissions, or delete customer data without review. These impactful changes should only take place after a human explicitly confirms that an action makes sense before it happens.

3. Approve individual AI agents.

Every new AI agent should go through a formal approval process before it’s used in live operations and production environments. Someone must verify that it follows company policies by ensuring it has only the access it needs and the minimum tools required to complete its intended tasks, nothing more.

4. Keep AI agents separated.

Not every bot should be able to talk to every other bot. By isolating them into specific roles, you reduce the risk that a simple agent can trigger potentially dangerous administrative actions.

5. Detect unusual AI agent activity.

Detection is the final safety net. Just as conversations between humans are contextual and can differ from person to person, so will user conversations with AI agents. No two conversations may be the same.

Therefore, manually attempting to unpack all of the context between AI interactions and make a determination on whether they are dangerous or not can be a herculean task.

Organizations should instead focus on extending the scope of their existing automated detection capabilities to tackle this.

Data points such as the role of the AI agent, the user’s “job” within the organization, and a conversation’s history in totality should be seen as essential during an automated investigative process.

Securing CRM AI’s Future

AI accelerates the pace of customer support operations, but it also increases risk. The challenge is not whether to use AI, but how to use it safely.

CRM AI should be viewed as both a user and as a system that requires constant oversight. Each agent should have narrowly defined access and clear boundaries.

When AI is kept within those guardrails, it can deliver real value without putting customers or the business at risk. The goal is not to slow innovation, but to ensure that as AI runs faster, it runs safely.

Large language models (LLMs) and agentic AI are changing the way people shop, interact, and even complain, often without leaving a traditional interface.

For contact centers, this evolution brings a mix of opportunities and urgent challenges. These are faster, more seamless experiences for consumers. But they also pose new risks that can drive sudden spikes in inbound contacts, disputes, and customer frustration.

The rise of AI-powered shopping agents, from chatbots that complete purchases to LLMs connected to merchant catalogs, is accelerating what the industry calls “agentic commerce.”

But without careful planning, the technology can amplify the negative impacts of fraud and policy abuse…

These systems can browse, compare, and buy on behalf of users. But in doing so, they often compress or eliminate the digital breadcrumbs that fraud and risk teams have relied on for years.

This leaves contact centers open to fraud and can lead to costly customer service and operations stress and disruption.

The Hidden Tech Challenge

From both product and risk perspectives, AI-enabled purchases are fundamentally different.

Traditional fraud detection relies on patterns like browsing time, hesitation between clicks, device switching, or even straightforward data points such as IP addresses or email addresses.

But agentic AI purchases can compress or omit many of these signals entirely, creating blind spots. A single AI transaction may look almost instantaneous, leaving no record of hesitation, no pattern of repeat visits, and often limited or anonymized user data.

For fraud teams, this is more than a theoretical problem. The missing data can lead to increased chargebacks, higher dispute rates, and more work for contact center staff.

Without these signals, distinguishing legitimate customers from attackers becomes more difficult, forcing teams to balance approving transactions to avoid friction while mitigating potential losses.

The Human Impact

Contact centers are often the first to notice the ripple effects of agentic AI.

When a consumer notices a transaction they don’t recognize or when a reseller exploits AI to generate multiple orders, the contact center absorbs the fallout. Calls and chats increase, agents must troubleshoot with limited data, and the pressure on customer satisfaction grows.

This surge can be especially disruptive because agentic AI accelerates the pace at which these issues appear.

With AI-assisted transactions, thousands of purchases could occur almost simultaneously, potentially resulting in sudden spikes in purchase issues (e.g., wrong items delivered or duplicate orders) and customer inquiries.

But without new tools and protocols, contact centers can be overwhelmed, and customers may experience delayed or inconsistent responses.

Fraud and risk teams will struggle even harder to catch up; traditional eCommerce fraud patterns tended to evolve more gradually than the rapid bursts that may occur with AI-powered shopping agents.

AI-Driven Risk Detection, Prevention, Mitigation

Despite these challenges, organizations can take proactive steps to adapt.

1. Understand data shifts. Fraud and risk teams must recognize that agentic AI changes the basic signals available for detecting suspicious activity. Traditional heuristics — hesitation, page dwell time, switching devices — may be compressed or missing.

Contact center teams should be trained to recognize scenarios where AI-assisted transactions are more likely and where standard troubleshooting and verification workflows may need adjustment.

2. Implement smarter intelligence platforms. To compensate for missing signals, businesses can deploy AI-driven fraud intelligence platforms that aggregate data across merchants and transactions.

These platforms can identify patterns across multiple AI-assisted transactions, helping restore the visibility that individual merchants lose. For contact centers, this means clearer guidance on which disputes are likely genuine and which are part of coordinated abuse.

3. Share responsibility across teams. Risk mitigation cannot fall solely on fraud teams. Cross-functional coordination between product, risk, and customer support is essential.

Contact center staff need clear protocols for escalating suspicious cases, while fraud teams refine approval rules and thresholds to minimize both chargebacks and customer friction.

4. Prepare the organization for AI-driven spikes. AI doesn’t just change transactions; it changes volumes.

Contact centers should anticipate periods of high demand, potentially driven by automated purchasing flows, and plan staffing, technology tools such as AI-assisted agents, escalation procedures, and customer messaging accordingly.

Educating executives and operational leaders about these new patterns is critical to ensure timely support and realistic expectations.

Balancing Risk and Opportunity

The potential upside of agentic AI is enormous: faster discovery, simplified purchases, and more personalized experiences. But without careful planning, the technology can amplify the negative impacts of fraud and policy abuse, leaving contact centers and customers to bear the brunt.

For example, resellers exploiting AI to purchase large quantities of limited inventory may not technically commit fraud. But the effects are similar: customer frustration, inventory strain, and an influx of service tickets.

Ultimately, the organizations that succeed in this new era will be those that anticipate the technology’s disruptive effects…

Similarly, a compromised AI account could generate dozens of orders in minutes, creating a sudden wave of inbound disputes and refunds. In both cases, contact center teams are on the front lines, often lacking sufficient context to resolve the issues efficiently.

Integrating agentic AI considerations into contact center workflows, risk strategies, and product design is no longer optional.

Organizations that can detect unusual AI-driven patterns, automate parts of dispute resolution, and provide agents with actionable insights will not just mitigate risk. They will also maintain customer trust and satisfaction.

Looking Ahead

The evolution of eCommerce agentic AI is still in its early stages. Vendors and researchers continue to explore frameworks like OpenAI’s Agentic Commerce Protocol, which promises to connect AI assistants to merchant catalogs and checkout flows.

While these systems may streamline shopping, they also reduce the visibility of underlying transactions, requiring merchants and contact centers to rethink their approach to risk and customer support.

Ultimately, the organizations that succeed in this new era will be those that anticipate the technology’s disruptive effects, equip their teams with transaction and risk data along with AI-driven tools and insights, and adapt workflows to both mitigate risk and preserve customer experience (CX).

For contact centers, this means balancing speed and security, leveraging AI to support staff rather than overwhelm them, and treating AI-driven transactions not as anomalies but as the new normal.

Agentic AI is changing the rules. By understanding the technical shifts, anticipating spikes in consumer inquiries, and integrating fraud and contact center strategies, businesses can navigate this transition with confidence: keeping both risk and customer satisfaction under control.