By Mena Paek
When Australia’s largest betting operator, Tabcorp Holdings Limited, misfires on compliance, it’s a big story. The Australian Communications and Media Authority (ACMA) recently slapped Tabcorp with a $4,003,270 fine. Why? The company sent more than 5,700 marketing messages to VIP customers without checking the basic boxes required under the Spam Act 2003.
What went wrong?
Between February 1 and May 1, 2024, Tabcorp delivered:
- 2,598 SMS and WhatsApp messages without an unsubscribe option,
- 3,148 messages lacking clear sender identification,
- 11 SMS messages were sent without any consent from the recipients.
These are serious violations. The Spam Act demands that businesses get explicit consent before sending marketing messages, that those messages clearly identify the sender, and that they include a functioning unsubscribe option. Tabcorp missed the mark on all three – hurting both consumer rights and the trust that underpins responsible marketing. While this involved a large corporation, the legal principles apply to every business using electronic marketing, including small businesses, franchisors, and franchisees.
Why SMBs and Franchisors should take note
It’s easy to assume that spam compliance is a “big business” problem, but that couldn’t be further from the truth. In fact, many spam law breaches occur at the local level, especially where marketing is decentralised or outsourced, such as:
- Franchise networks with multiple operators handling customer communications
- Small businesses using SMS platforms, email newsletters, or messaging apps
- Teams relying on templates or third-party services without legal oversight
The rules are clear under the Spam Act 2003:
- You must have consent – express or inferred – before sending marketing messages
- Your message must include accurate sender information
- You must provide a working and easy-to-use unsubscribe option
Penalties are growing
Over the last 18 months, ACMA has issued more than $16.9 million in fines for spam breaches. And they’re not just targeting major corporations. The ACMA has also started enforcing court-enforceable undertakings – binding legal agreements that require businesses to fix their compliance systems, audit their marketing practices, and report regularly to the regulator.
Always collect and document consent before sending marketing messages; don’t assume it, and ensure it’s clear, traceable, and properly recorded. Every message must include accurate sender identification so recipients know who’s contacting them and how to respond. Include a simple, functional unsubscribe option, and act on unsubscribe requests promptly. If you’re sending personalised or targeted offers, particularly to VIPs or loyalty program members, exercise extra caution to ensure valid consent was obtained. Regularly audit your marketing systems, whether you’re using Mailchimp, SMS platforms, or tools at the franchisee level, to confirm they meet legal standards. Finally, train your staff and franchisees on their obligations under the Spam Act 2003, so your compliance efforts are consistent across the board.