Here's the compliance trap most TelecomTech SaaS vendors don't see until an FCC inquiry arrives: you build a workflow in Zapier or Make to route customer support tickets, and that workflow processes call detail records — the number called, the time, the duration. Under FCC 47 CFR §222, that data is Customer Proprietary Network Information (CPNI). Routing CPNI through a third-party cloud automation platform creates a processor with access to §222-protected data outside your CPNI certification framework. Your annual CPNI certification to the FCC (due March 1, 47 CFR §64.2009(e)) attests that you've implemented safeguards for CPNI access. It doesn't mention the iPaaS that processed your ticket data all year.
The TCPA exposure compounds it. If your contact center SaaS vendor routes any autodialed or pre-recorded call data through a cloud workflow platform, and that platform retains logs past the FCC's 10-business-day DNC opt-out window, you now have a third-party party with evidence of when you received the opt-out request — and whether you honored it in time.
Self-hosted n8n runs inside your network perimeter. CPNI never leaves your environment. Opt-out timestamps are in your own Postgres. Your CPNI certification and CALEA assistance capability plans can accurately describe the data boundary.
Here are 5 production-ready workflows for TelecomTech SaaS vendors, with full import-ready JSON.
1. TelecomTech Customer Onboarding & Compliance Orientation Drip (7-Tier Segmentation)
Segments by customer type and compliance flags. Day 0 delivers CPNI/TCPA/CALEA guidance tailored to their tier. Day 3 sends integration setup. Day 7 or 14 offers a compliance automation review.
Customer tiers: CLOUD_COMMUNICATIONS_SAAS_VENDOR (UCaaS/CCaaS — CPNI + CALEA + STIR-SHAKEN) / SMS_MESSAGING_SAAS_VENDOR (A2P 10DLC, TCPA opt-out, STOP keyword processing) / CONTACT_CENTER_SAAS_VENDOR (TCPA call center, DNC, prior express written consent) / VOIP_INFRASTRUCTURE_SAAS (VoIP carrier, CALEA capability, E911, CPNI) / NETWORK_ANALYTICS_SAAS (CPNI CDR analytics, STIR-SHAKEN scoring) / TELECOM_BILLING_SAAS (CPNI billing records, call detail data) / TELECOMTECH_STARTUP (seed-stage, CPNI day 1 on first CDR)
Compliance flags: FCC_CPNI_COVERED / TCPA_SUBJECT / CALEA_COVERED_CARRIER / STIR_SHAKEN_REQUIRED / TCPA_DNC_SUBJECT / NG911_MLTS_SUBJECT / SOC2_REQUIRED
{
"name": "TelecomTech Onboarding Drip",
"nodes": [
{
"id": "1",
"name": "New Customer Webhook",
"type": "n8n-nodes-base.webhook",
"parameters": {
"path": "telecom-onboarding",
"method": "POST"
}
},
{
"id": "2",
"name": "Segment by Tier & Flags",
"type": "n8n-nodes-base.code",
"parameters": {
"jsCode": "const d=items[0].json;const tierMap={CLOUD_COMMUNICATIONS_SAAS_VENDOR:{slack:'#enterprise-cs',qbrDay:7,desc:'UCaaS/CCaaS vendor'},SMS_MESSAGING_SAAS_VENDOR:{slack:'#sms-cs',qbrDay:7,desc:'A2P SMS/messaging platform'},CONTACT_CENTER_SAAS_VENDOR:{slack:'#ccaas-cs',qbrDay:7,desc:'Contact center SaaS'},VOIP_INFRASTRUCTURE_SAAS:{slack:'#voip-cs',qbrDay:10,desc:'VoIP carrier/infrastructure'},NETWORK_ANALYTICS_SAAS:{slack:'#analytics-cs',qbrDay:14,desc:'Network analytics SaaS'},TELECOM_BILLING_SAAS:{slack:'#billing-cs',qbrDay:10,desc:'Telecom billing platform'},TELECOMTECH_STARTUP:{slack:'#startup-cs',qbrDay:14,desc:'TelecomTech startup'}};const tier=d.tier||'TELECOMTECH_STARTUP';const t=tierMap[tier]||tierMap.TELECOMTECH_STARTUP;const flags=d.compliance_flags||[];const cpni=flags.includes('FCC_CPNI_COVERED');const tcpa=flags.includes('TCPA_SUBJECT');const calea=flags.includes('CALEA_COVERED_CARRIER');const stirShaken=flags.includes('STIR_SHAKEN_REQUIRED');const dnc=flags.includes('TCPA_DNC_SUBJECT');const ng911=flags.includes('NG911_MLTS_SUBJECT');return [{json:{...d,tier,csmSlack:t.slack,qbrDay:t.qbrDay,tierDesc:t.desc,cpni,tcpa,calea,stirShaken,dnc,ng911}}];"
}
},
{
"id": "3",
"name": "Day 0 Welcome + Compliance Brief",
"type": "n8n-nodes-base.gmail",
"parameters": {
"operation": "send",
"toEmail": "={{$json.email}}",
"subject": "Welcome to [Platform] \u2014 Your TelecomTech Compliance Automation Toolkit",
"message": "={{`Dear ${$json.contact_name},\\n\\nWelcome to [Platform]. As a ${$json.tierDesc}, your account is pre-configured for:\\n\\n${$json.cpni?'\\u2022 FCC CPNI safeguards (47 CFR \\u00a7222) \u2014 annual certification March 1 each year\\n':''}${$json.tcpa?'\\u2022 TCPA opt-out processing (10 business-day DNC clock, \\u00a7227(c)(5))\\n':''}${$json.calea?'\\u2022 CALEA assistance capability audit (47 USC \\u00a71002)\\n':''}${$json.stirShaken?'\\u2022 STIR-SHAKEN attestation monitoring (47 CFR \\u00a764.6301 Robocall Mitigation Database)\\n':''}${$json.ng911?'\\u2022 NG911 dispatchable location compliance (RAY BAUM\\u2019s Act)\\n':''}\\nYour CSM will reach out within 1 business day to schedule your compliance setup review.\\n\\n[Platform] Team`}"
}
},
{
"id": "4",
"name": "Log to Sheets",
"type": "n8n-nodes-base.googleSheets",
"parameters": {
"operation": "appendOrUpdate",
"sheetId": "YOUR_SHEET_ID",
"range": "Onboarding!A:J",
"columns": {
"mappingMode": "autoMapInputData"
}
}
},
{
"id": "5",
"name": "Slack CSM Alert",
"type": "n8n-nodes-base.slack",
"parameters": {
"channel": "={{$json.csmSlack}}",
"text": "={{`New ${$json.tier} customer: ${$json.company_name} (${$json.email}). CPNI: ${$json.cpni} | TCPA: ${$json.tcpa} | CALEA: ${$json.calea} | STIR-SHAKEN: ${$json.stirShaken} | DNC: ${$json.dnc}`}}"
}
},
{
"id": "6",
"name": "Wait 3 Days",
"type": "n8n-nodes-base.wait",
"parameters": {
"amount": 3,
"unit": "days"
}
},
{
"id": "7",
"name": "Day 3 Integration Guide",
"type": "n8n-nodes-base.gmail",
"parameters": {
"operation": "send",
"toEmail": "={{$json.email}}",
"subject": "3 integrations to configure this week (CPNI + TCPA compliance)",
"message": "={{`Hi ${$json.contact_name},\\n\\nPriority integrations for your compliance team this week:\\n\\n1. Connect your CDR logging API for CPNI audit trail (FCC \\u00a764.2009 safeguards log)\\n${$json.tcpa?'2. Set up DNC suppression webhook (10 business-day opt-out clock starts at receipt)\\n':'2. Enable your CPNI certification workflow for March 1 deadline\\n'}${$json.calea?'3. Configure CALEA assistance capability status monitor\\n':'3. Set up your annual CPNI certification reminder (March 1)\\n'}\\nSetup guide: [docs link]\\n\\n[Platform] Team`}"
}
},
{
"id": "8",
"name": "Wait to QBR",
"type": "n8n-nodes-base.wait",
"parameters": {
"amount": "={{$json.qbrDay}}",
"unit": "days"
}
},
{
"id": "9",
"name": "QBR Offer",
"type": "n8n-nodes-base.gmail",
"parameters": {
"operation": "send",
"toEmail": "={{$json.email}}",
"subject": "Book your 30-min CPNI/TCPA compliance automation review",
"message": "={{`Hi ${$json.contact_name},\\n\\nYou've been live for ${$json.qbrDay} days. Let's close any gaps in your CPNI certification workflow and TCPA opt-out pipeline before your next FCC filing window.\\n\\nBook 30 min: [calendar link]\\n\\n[Platform] Team`}"
}
}
],
"connections": {
"New Customer Webhook": {
"main": [
[
{
"node": "Segment by Tier & Flags"
}
]
]
},
"Segment by Tier & Flags": {
"main": [
[
{
"node": "Day 0 Welcome + Compliance Brief"
}
]
]
},
"Day 0 Welcome + Compliance Brief": {
"main": [
[
{
"node": "Log to Sheets"
}
]
]
},
"Log to Sheets": {
"main": [
[
{
"node": "Slack CSM Alert"
}
]
]
},
"Slack CSM Alert": {
"main": [
[
{
"node": "Wait 3 Days"
}
]
]
},
"Wait 3 Days": {
"main": [
[
{
"node": "Day 3 Integration Guide"
}
]
]
},
"Day 3 Integration Guide": {
"main": [
[
{
"node": "Wait to QBR"
}
]
]
},
"Wait to QBR": {
"main": [
[
{
"node": "QBR Offer"
}
]
]
}
}
}
Self-hosting note: CDR data (number called, call time, duration) is CPNI under 47 CFR §222 by definition. Routing it through Zapier/Make creates a cloud processor with §222-protected data outside your CPNI safeguards certification. Your annual March 1 certification attests to your safeguards program — it doesn't cover third-party processors not named in your CPNI framework.
2. Telecom API & Compliance Infrastructure Health Monitor
Polls 5 critical endpoints every 15 minutes. Each failure is annotated with the specific FCC/TCPA regulatory exposure so your on-call team immediately knows which compliance clock is at risk.
{
"name": "TelecomTech API Health Monitor",
"nodes": [
{
"id": "1",
"name": "Every 15 Minutes",
"type": "n8n-nodes-base.scheduleTrigger",
"parameters": {
"rule": {
"interval": [
{
"field": "minutes",
"minutesInterval": 15
}
]
}
}
},
{
"id": "2",
"name": "Load Endpoints",
"type": "n8n-nodes-base.googleSheets",
"parameters": {
"operation": "getAll",
"sheetId": "YOUR_SHEET_ID",
"range": "Endpoints!A:D"
}
},
{
"id": "3",
"name": "Poll Each Endpoint",
"type": "n8n-nodes-base.httpRequest",
"parameters": {
"url": "={{$json.endpoint_url}}",
"method": "GET",
"timeout": 8000,
"continueOnFail": true
}
},
{
"id": "4",
"name": "Classify with Regulatory Annotation",
"type": "n8n-nodes-base.code",
"parameters": {
"jsCode": "const results=[];for(const item of items){const ep=item.json;const ok=ep.statusCode>=200&&ep.statusCode<300;if(!ok){const regMap={cpni_audit_log_api:'FCC 47 CFR \\u00a764.2009 \u2014 CPNI access log must record every access with date/time/reason. Downtime creates an audit trail gap in your CPNI certification framework. Potential \\u00a764.2011 breach detection delay.',tcpa_dnc_registry_api:'FCC/FTC National DNC Registry \u2014 TCPA \\u00a7227(c)(5) requires scrubbing every 31 days. Downtime = missed scrub = $500/call exposure on outbound campaigns until registry access restored.',calea_intercept_api:'CALEA 47 USC \\u00a71002 \u2014 covered carrier assistance capability. Sustained downtime creates a 47 CFR \\u00a764.2103 non-compliance finding in your CALEA audit. DOJ enforcement referral risk.',stir_shaken_attestation_api:'FCC 47 CFR \\u00a764.6301 \u2014 STIR-SHAKEN attestation failure. Calls sent without valid attestation during downtime require Robocall Mitigation Database filing update. FCC enforcement for systematic attestation gaps.',ng911_routing_api:'FCC 47 CFR \\u00a79.11 + RAY BAUM\\u2019s Act \u2014 E911 automatic location routing. Downtime may require PSAPs notification and is a life-safety event. Direct FCC enforcement under \\u00a79.8.'};const reg=regMap[ep.endpoint_name]||'Unknown regulatory exposure \u2014 check your CPNI certification and TCPA compliance program.';results.push({json:{endpoint_name:ep.endpoint_name,status:ep.statusCode||'TIMEOUT',regulatory_note:reg,ts:new Date().toISOString()}});}}return results.length?results:[{json:{status:'ALL_OK',ts:new Date().toISOString()}}];"
}
},
{
"id": "5",
"name": "Any Failures?",
"type": "n8n-nodes-base.if",
"parameters": {
"conditions": {
"string": [
{
"value1": "={{$json.status}}",
"operation": "notEqual",
"value2": "ALL_OK"
}
]
}
}
},
{
"id": "6",
"name": "Slack #compliance-ops",
"type": "n8n-nodes-base.slack",
"parameters": {
"channel": "#compliance-ops",
"text": "={{`:rotating_light: ${$json.endpoint_name} DOWN (${$json.status})\\n*Regulatory risk*: ${$json.regulatory_note}\\nTime: ${$json.ts}`}}"
}
},
{
"id": "7",
"name": "Log to Sheets",
"type": "n8n-nodes-base.googleSheets",
"parameters": {
"operation": "appendOrUpdate",
"sheetId": "YOUR_SHEET_ID",
"range": "HealthLog!A:D",
"columns": {
"mappingMode": "autoMapInputData"
}
}
}
],
"connections": {
"Every 15 Minutes": {
"main": [
[
{
"node": "Load Endpoints"
}
]
]
},
"Load Endpoints": {
"main": [
[
{
"node": "Poll Each Endpoint"
}
]
]
},
"Poll Each Endpoint": {
"main": [
[
{
"node": "Classify with Regulatory Annotation"
}
]
]
},
"Classify with Regulatory Annotation": {
"main": [
[
{
"node": "Any Failures?"
}
]
]
},
"Any Failures?": {
"main": [
[
{
"node": "Slack #compliance-ops"
}
],
[]
]
},
"Slack #compliance-ops": {
"main": [
[
{
"node": "Log to Sheets"
}
]
]
}
}
}
Self-hosting note: CPNI audit logs (47 CFR §64.2009) must record every access to CPNI with the date, time, and reason. Running the access log monitor in a cloud iPaaS means the monitoring infrastructure itself is processing CPNI metadata. Under a strict §222 reading, the iPaaS is accessing CPNI every 15 minutes for every poll — an access your CPNI safeguards program may not have documented.
3. FCC CPNI / TCPA / CALEA / STIR-SHAKEN Compliance Deadline Tracker
Runs every weekday at 8 AM. Reads your compliance deadline sheet, routes each item by urgency tier, and sends the appropriate action email with the specific regulatory citation.
12 deadline types: CPNI_ANNUAL_CERTIFICATION_MARCH1 (FCC 47 CFR §64.2009(e)) / TCPA_DNC_SUPPRESSION_SCRUB_31DAY (FCC 47 CFR §64.1200(c)(2)) / TCPA_OPT_OUT_PROCESSING_10BIZDAY / CPNI_BREACH_NOTIFICATION_FBI_USSS_7BIZDAY (47 CFR §64.2011(a)) / CPNI_CUSTOMER_NOTIFICATION_30DAY (after law enforcement hold) / CALEA_ANNUAL_COMPLIANCE_AUDIT / STIR_SHAKEN_ROBOCALL_MITIGATION_ANNUAL (FCC 47 CFR §64.6305) / NG911_DISPATCHABLE_LOCATION_AUDIT (RAY BAUM's Act) / TCPA_ATDS_CONSENT_AUDIT_ANNUAL / CPNI_SAFEGUARDS_ANNUAL_REVIEW / SOC2_TYPE2_ANNUAL / ANNUAL_PENTEST
{
"name": "TelecomTech Compliance Deadline Tracker",
"nodes": [
{
"id": "1",
"name": "Every Weekday 8AM",
"type": "n8n-nodes-base.scheduleTrigger",
"parameters": {
"rule": {
"interval": [
{
"field": "cronExpression",
"expression": "0 8 * * 1-5"
}
]
}
}
},
{
"id": "2",
"name": "Load Deadlines from Sheets",
"type": "n8n-nodes-base.googleSheets",
"parameters": {
"operation": "getAll",
"sheetId": "YOUR_SHEET_ID",
"range": "Deadlines!A:G"
}
},
{
"id": "3",
"name": "Calculate Urgency",
"type": "n8n-nodes-base.code",
"parameters": {
"jsCode": "const results=[];for(const item of items){const d=item.json;const due=new Date(d.due_date);const now=new Date();const daysLeft=Math.ceil((due-now)/(1000*60*60*24));const citations={CPNI_ANNUAL_CERTIFICATION_MARCH1:'FCC 47 CFR \\u00a764.2009(e) \u2014 annual CPNI certification due March 1. Late filing = potential \\u00a7503 forfeiture.',TCPA_DNC_SUPPRESSION_SCRUB_31DAY:'FCC 47 CFR \\u00a764.1200(c)(2) \u2014 DNC list scrub required every 31 days. Missed scrub = $500/call TCPA exposure on outbound campaigns.',TCPA_OPT_OUT_PROCESSING_10BIZDAY:'FCC rules \u2014 TCPA opt-out requests must be honored within 10 business days. Non-compliance = $1,500/call willful.',CPNI_BREACH_NOTIFICATION_FBI_USSS_7BIZDAY:'FCC 47 CFR \\u00a764.2011(a) \u2014 CPNI breach notification to FBI and Secret Service within 7 business days of carrier determining breach occurred. $1M/day maximum forfeiture.',CPNI_CUSTOMER_NOTIFICATION_30DAY:'FCC 47 CFR \\u00a764.2011(b) \u2014 customer notification no sooner than FBI/USSS confirmation, typically 30 days after law enforcement hold period expires.',CALEA_ANNUAL_COMPLIANCE_AUDIT:'CALEA 47 USC \\u00a71002 \u2014 covered carrier annual review of assistance capability. Non-compliance = DOJ/FBI enforcement referral.',STIR_SHAKEN_ROBOCALL_MITIGATION_ANNUAL:'FCC 47 CFR \\u00a764.6305 \u2014 Robocall Mitigation Database annual update required. Failure = call blocking by downstream carriers.',NG911_DISPATCHABLE_LOCATION_AUDIT:'RAY BAUM\\u2019s Act + FCC 47 CFR \\u00a79.10 \u2014 dispatchable location annual review. Non-compliance = potential \\u00a7503 forfeiture.',TCPA_ATDS_CONSENT_AUDIT_ANNUAL:'TCPA \\u00a7227(b)(1)(A) \u2014 prior express written consent records for ATDS campaigns. Annual audit ensures consent records intact.',CPNI_SAFEGUARDS_ANNUAL_REVIEW:'FCC 47 CFR \\u00a764.2009 \u2014 CPNI safeguards program annual review. Documents your \\u00a7222 compliance posture for annual certification.',SOC2_TYPE2_ANNUAL:'SOC 2 Type II \u2014 annual recertification. Telecom customers increasingly require SOC 2 in vendor agreements.',ANNUAL_PENTEST:'Annual penetration test \u2014 documents security controls for CPNI safeguards and SOC 2 CC4.2.'};const citation=citations[d.deadline_type]||'Review your CPNI certification and TCPA compliance program for this deadline.';let urgency='INFO';if(daysLeft<=2)urgency='CRITICAL';else if(daysLeft<=7)urgency='HIGH';else if(daysLeft<=30)urgency='MEDIUM';results.push({json:{...d,daysLeft,urgency,citation}});}return results;"
}
},
{
"id": "4",
"name": "Route by Urgency",
"type": "n8n-nodes-base.switch",
"parameters": {
"dataType": "string",
"value1": "={{$json.urgency}}",
"rules": {
"rules": [
{
"value2": "CRITICAL",
"output": 0
},
{
"value2": "HIGH",
"output": 1
},
{
"value2": "MEDIUM",
"output": 2
}
]
}
}
},
{
"id": "5",
"name": "CRITICAL Alert",
"type": "n8n-nodes-base.slack",
"parameters": {
"channel": "#compliance-critical",
"text": "={{`:rotating_light: CRITICAL \u2014 ${$json.deadline_type} due in ${$json.daysLeft} days\\nCitation: ${$json.citation}\\nOwner: ${$json.owner}`}}"
}
},
{
"id": "6",
"name": "HIGH Alert Email",
"type": "n8n-nodes-base.gmail",
"parameters": {
"operation": "send",
"toEmail": "={{$json.owner_email}}",
"subject": "={{`[HIGH] ${$json.deadline_type} due in ${$json.daysLeft} days`}}",
"message": "={{`${$json.deadline_type} is due in ${$json.daysLeft} days.\\n\\nRegulatory citation: ${$json.citation}\\n\\nAction required: ${$json.action_required}`}}"
}
},
{
"id": "7",
"name": "Log All to Sheets",
"type": "n8n-nodes-base.googleSheets",
"parameters": {
"operation": "appendOrUpdate",
"sheetId": "YOUR_SHEET_ID",
"range": "DeadlineLog!A:F",
"columns": {
"mappingMode": "autoMapInputData"
}
}
}
],
"connections": {
"Every Weekday 8AM": {
"main": [
[
{
"node": "Load Deadlines from Sheets"
}
]
]
},
"Load Deadlines from Sheets": {
"main": [
[
{
"node": "Calculate Urgency"
}
]
]
},
"Calculate Urgency": {
"main": [
[
{
"node": "Route by Urgency"
}
]
]
},
"Route by Urgency": {
"main": [
[
{
"node": "CRITICAL Alert"
}
],
[
{
"node": "HIGH Alert Email"
}
],
[
{
"node": "Log All to Sheets"
}
]
]
},
"CRITICAL Alert": {
"main": [
[
{
"node": "Log All to Sheets"
}
]
]
},
"HIGH Alert Email": {
"main": [
[
{
"node": "Log All to Sheets"
}
]
]
}
}
}
Self-hosting note: CPNI breach notification timestamps (FCC §64.2011) are legal evidence. The 7-business-day clock starts when your carrier "reasonably determines" a breach occurred — which includes the moment a workflow receives a breach signal. If that workflow runs in Zapier and Zapier has a processing queue delay, the FCC clock may have started before your compliance team was notified. With self-hosted n8n, execution timestamps are under your control and auditable.
4. CPNI Breach & TCPA Violation Incident Pipeline
Triggered by webhook from your monitoring systems. Classifies each incident, starts the FCC/TCPA clock, routes for immediate action, and logs with deduplication.
8 incident types: CPNI_BREACH_DETECTED (FCC §64.2011 — 7 biz-day to FBI/USSS, $1M/day max) / TCPA_CALL_TO_DNC_NUMBER ($500-$1,500/call, class action) / TCPA_OPT_OUT_NOT_HONORED (10 biz-day FCC rule) / CALEA_INTERCEPT_CAPABILITY_FAILURE (DOJ enforcement referral risk) / STIR_SHAKEN_ATTESTATION_FAILURE (Robocall Mitigation Database update required) / NG911_ROUTING_FAILURE (PSAPs notification, life-safety) / TCPA_PRIOR_CONSENT_MISSING ($500-$1,500/call) / DATA_BREACH_CDR_RECORDS (CPNI + CPRA §1798.100 + NY SHIELD + GDPR 72h)
{
"name": "CPNI Breach & TCPA Incident Pipeline",
"nodes": [
{
"id": "1",
"name": "Incident Webhook",
"type": "n8n-nodes-base.webhook",
"parameters": {
"path": "telecom-incident",
"method": "POST",
"responseMode": "onReceived",
"responseData": "={{JSON.stringify({received:true,ts:new Date().toISOString()})}}"
}
},
{
"id": "2",
"name": "Classify Incident",
"type": "n8n-nodes-base.code",
"parameters": {
"jsCode": "const d=items[0].json;const now=new Date().toISOString();const classMap={CPNI_BREACH_DETECTED:{severity:'CRITICAL',clock:'7 business days to FBI/Secret Service (FCC 47 CFR \\u00a764.2011(a)). 30 days to notify customers after law enforcement hold. Maximum forfeiture: $1M/day.',action:'Immediately notify Legal and CCO. Prepare FCC EB-FCC Form 2000D filing. Do NOT notify customers until FBI/USSS confirm no active law enforcement hold.',escalate:['cco@company.com','legal@company.com']},TCPA_CALL_TO_DNC_NUMBER:{severity:'HIGH',clock:'Preserve all records immediately. TCPA \\u00a7227(c)(5) \u2014 $500/call, $1,500 if willful. Class action exposure within 4 years.',action:'Identify campaign source, suppress number immediately, preserve call logs and consent records.',escalate:['legal@company.com','compliance@company.com']},TCPA_OPT_OUT_NOT_HONORED:{severity:'HIGH',clock:'FCC rules \u2014 opt-out must be honored within 10 business days. Day counter started at timestamp of opt-out request receipt.',action:'Honor opt-out immediately. Audit whether other opt-outs in same campaign queue are also overdue.',escalate:['compliance@company.com','ops@company.com']},CALEA_INTERCEPT_CAPABILITY_FAILURE:{severity:'CRITICAL',clock:'CALEA 47 USC \\u00a71002 \u2014 covered carrier capability obligation is continuous. Document capability gap and remediation timeline for CALEA audit.',action:'Notify engineering leadership. Document failure window. Escalate to Legal for CALEA compliance assessment.',escalate:['cto@company.com','legal@company.com']},STIR_SHAKEN_ATTESTATION_FAILURE:{severity:'HIGH',clock:'FCC 47 CFR \\u00a764.6301 \u2014 systematic attestation failure requires Robocall Mitigation Database update. Affected calls may be blocked by downstream carriers.',action:'Identify scope of attestation failure. Update Robocall Mitigation Database if systematic. Notify affected customers if call blocking occurred.',escalate:['engineering@company.com','compliance@company.com']},NG911_ROUTING_FAILURE:{severity:'CRITICAL',clock:'FCC 47 CFR \\u00a79.11 \u2014 E911 routing failure is a life-safety event and direct FCC enforcement trigger. PSAPs may need notification.',action:'IMMEDIATE escalation to engineering. Notify PSAPs if any affected calls were placed during outage window.',escalate:['cto@company.com','legal@company.com','cco@company.com']},TCPA_PRIOR_CONSENT_MISSING:{severity:'HIGH',clock:'TCPA \\u00a7227(b)(1)(A) \u2014 prior express written consent required for ATDS. $500-$1,500/call. Identify and suppress all contacts missing documented consent.',action:'Stop campaign immediately. Preserve consent records (or document absence). Audit consent collection workflow.',escalate:['legal@company.com','marketing@company.com']},DATA_BREACH_CDR_RECORDS:{severity:'CRITICAL',clock:'CPNI breach: FCC 7 biz-day clock. CPRA \\u00a71798.100: 45-72h regulatory notification. GDPR Art.33: 72h supervisory authority. NY SHIELD Act: expedient notification.',action:'Activate breach response plan. CPNI clock starts NOW. Notify Legal immediately for multi-jurisdiction assessment.',escalate:['cco@company.com','legal@company.com','dpo@company.com']}};const cls=classMap[d.incident_type]||{severity:'MEDIUM',clock:'Unknown clock \u2014 review CPNI/TCPA compliance program.',action:'Escalate to compliance team for assessment.',escalate:['compliance@company.com']};return [{json:{...d,...cls,incident_id:`TELECOM-${Date.now()}`,detected_at:now}}];"
}
},
{
"id": "3",
"name": "Dedup Check",
"type": "n8n-nodes-base.postgres",
"parameters": {
"operation": "executeQuery",
"query": "INSERT INTO telecom_incidents (incident_id, incident_type, severity, detected_at, clock_note, action_note) VALUES ('{{$json.incident_id}}', '{{$json.incident_type}}', '{{$json.severity}}', '{{$json.detected_at}}', '{{$json.clock}}', '{{$json.action}}') ON CONFLICT (incident_id) DO NOTHING RETURNING *"
}
},
{
"id": "4",
"name": "Is New?",
"type": "n8n-nodes-base.if",
"parameters": {
"conditions": {
"number": [
{
"value1": "={{$json.rowCount}}",
"operation": "equal",
"value2": 1
}
]
}
}
},
{
"id": "5",
"name": "Escalation Emails",
"type": "n8n-nodes-base.gmail",
"parameters": {
"operation": "send",
"toEmail": "={{$json.escalate.join(',')}}",
"subject": "={{`[${$json.severity}] Telecom Compliance Incident: ${$json.incident_type} \u2014 ${$json.incident_id}`}}",
"message": "={{`Incident: ${$json.incident_type}\\nSeverity: ${$json.severity}\\nDetected: ${$json.detected_at}\\n\\nRegulatory clock: ${$json.clock}\\n\\nRequired action: ${$json.action}`}}"
}
},
{
"id": "6",
"name": "Slack #compliance-incidents",
"type": "n8n-nodes-base.slack",
"parameters": {
"channel": "#compliance-incidents",
"text": "={{`:rotating_light: ${$json.severity} \u2014 ${$json.incident_type} (${$json.incident_id})\\nClock: ${$json.clock}\\nAction: ${$json.action}`}}"
}
}
],
"connections": {
"Incident Webhook": {
"main": [
[
{
"node": "Classify Incident"
}
]
]
},
"Classify Incident": {
"main": [
[
{
"node": "Dedup Check"
}
]
]
},
"Dedup Check": {
"main": [
[
{
"node": "Is New?"
}
]
]
},
"Is New?": {
"main": [
[
{
"node": "Escalation Emails"
}
],
[]
]
},
"Escalation Emails": {
"main": [
[
{
"node": "Slack #compliance-incidents"
}
]
]
}
}
}
Self-hosting note: CPNI breach records (FCC §64.2011) must be preserved for FCC examination — including the exact timestamp when your carrier "reasonably determined" a breach occurred. If your breach detection runs in a cloud iPaaS, the execution timestamp is in the vendor's logs, not yours. With self-hosted n8n, the detected_at timestamp in your Postgres is under your direct custody for FCC production requests.
5. Weekly TelecomTech Compliance KPI Dashboard
Runs every Monday at 8 AM. Pulls metrics from Postgres across all customer tiers, builds an HTML summary, and delivers it to the CEO with BCC to CCO and a Slack post to #exec-telecom-kpis.
{
"name": "Weekly TelecomTech KPI Dashboard",
"nodes": [
{
"id": "1",
"name": "Monday 8AM",
"type": "n8n-nodes-base.scheduleTrigger",
"parameters": {
"rule": {
"interval": [
{
"field": "cronExpression",
"expression": "0 8 * * 1"
}
]
}
}
},
{
"id": "2",
"name": "Platform Metrics",
"type": "n8n-nodes-base.postgres",
"parameters": {
"operation": "executeQuery",
"query": "SELECT COUNT(*) FILTER (WHERE tier='CLOUD_COMMUNICATIONS_SAAS_VENDOR') AS cloud_comms_accounts, COUNT(*) FILTER (WHERE tier='SMS_MESSAGING_SAAS_VENDOR') AS sms_accounts, COUNT(*) FILTER (WHERE tier='CONTACT_CENTER_SAAS_VENDOR') AS ccaas_accounts, COUNT(*) FILTER (WHERE tier='VOIP_INFRASTRUCTURE_SAAS') AS voip_accounts, COUNT(*) FILTER (WHERE tier='TELECOM_BILLING_SAAS') AS billing_accounts, COUNT(*) FILTER (WHERE tier='TELECOMTECH_STARTUP') AS startup_accounts, SUM(mrr_usd) AS total_mrr, SUM(CASE WHEN created_at >= NOW() - INTERVAL '7 days' THEN mrr_usd ELSE 0 END) AS new_mrr_7d, COUNT(*) FILTER (WHERE cpni_covered=true) AS cpni_covered_accounts, COUNT(*) FILTER (WHERE tcpa_subject=true) AS tcpa_subject_accounts, COUNT(*) FILTER (WHERE calea_covered=true) AS calea_accounts, COUNT(*) FILTER (WHERE stir_shaken_required=true) AS stir_shaken_accounts FROM customers"
}
},
{
"id": "3",
"name": "Open Incidents",
"type": "n8n-nodes-base.postgres",
"parameters": {
"operation": "executeQuery",
"query": "SELECT COUNT(*) FILTER (WHERE severity='CRITICAL' AND status='OPEN') AS critical_open, COUNT(*) FILTER (WHERE severity='HIGH' AND status='OPEN') AS high_open, COUNT(*) FILTER (WHERE incident_type='CPNI_BREACH_DETECTED') AS cpni_breaches_7d, COUNT(*) FILTER (WHERE incident_type LIKE 'TCPA%') AS tcpa_incidents_7d, COUNT(*) FILTER (WHERE incident_type='STIR_SHAKEN_ATTESTATION_FAILURE') AS stir_failures_7d FROM telecom_incidents WHERE detected_at >= NOW() - INTERVAL '7 days'"
}
},
{
"id": "4",
"name": "Build HTML Report",
"type": "n8n-nodes-base.code",
"parameters": {
"jsCode": "const m=$('Platform Metrics').first().json;const i=$('Open Incidents').first().json;const prev=$getWorkflowStaticData('global');const mrrPrev=prev.mrr_usd||m.total_mrr;const mrrWow=mrrPrev>0?((m.total_mrr-mrrPrev)/mrrPrev*100).toFixed(1):0;prev.mrr_usd=m.total_mrr;$setWorkflowStaticData('global',prev);const color=i.critical_open>0?'#dc3545':i.high_open>0?'#fd7e14':'#198754';const html=`<h2 style='color:${color}'>TelecomTech Weekly KPI</h2><table border='1' cellpadding='6'><tr><td><b>Cloud Comms accounts</b></td><td>${m.cloud_comms_accounts}</td></tr><tr><td><b>SMS/Messaging accounts</b></td><td>${m.sms_accounts}</td></tr><tr><td><b>Contact Center accounts</b></td><td>${m.ccaas_accounts}</td></tr><tr><td><b>VoIP Infrastructure</b></td><td>${m.voip_accounts}</td></tr><tr><td><b>Telecom Billing</b></td><td>${m.billing_accounts}</td></tr><tr><td><b>Startups</b></td><td>${m.startup_accounts}</td></tr><tr><td><b>Total MRR</b></td><td>$${Number(m.total_mrr||0).toLocaleString()} (${mrrWow}% WoW)</td></tr><tr><td><b>New MRR 7d</b></td><td>$${Number(m.new_mrr_7d||0).toLocaleString()}</td></tr><tr><td><b>CPNI-covered accounts</b></td><td>${m.cpni_covered_accounts}</td></tr><tr><td><b>TCPA-subject accounts</b></td><td>${m.tcpa_subject_accounts}</td></tr><tr><td><b>CALEA-covered accounts</b></td><td>${m.calea_accounts}</td></tr><tr><td><b>STIR-SHAKEN required</b></td><td>${m.stir_shaken_accounts}</td></tr><tr><td><b>Open CRITICAL incidents</b></td><td style='color:${i.critical_open>0?'#dc3545':'inherit'}'>${i.critical_open}</td></tr><tr><td><b>Open HIGH incidents</b></td><td>${i.high_open}</td></tr><tr><td><b>CPNI breach incidents (7d)</b></td><td>${i.cpni_breaches_7d}</td></tr><tr><td><b>TCPA incidents (7d)</b></td><td>${i.tcpa_incidents_7d}</td></tr><tr><td><b>STIR-SHAKEN failures (7d)</b></td><td>${i.stir_failures_7d}</td></tr></table>`;return [{json:{html,subject:`TelecomTech Weekly KPI \u2014 MRR $${Number(m.total_mrr||0).toLocaleString()} (${mrrWow}% WoW) \u2014 ${i.critical_open} CRITICAL open`}}];"
}
},
{
"id": "5",
"name": "Email CEO + BCC CCO",
"type": "n8n-nodes-base.gmail",
"parameters": {
"operation": "send",
"toEmail": "ceo@company.com",
"bccEmail": "cco@company.com",
"subject": "={{$json.subject}}",
"message": "={{$json.html}}",
"options": {
"bodyType": "html"
}
}
},
{
"id": "6",
"name": "Slack #exec-telecom-kpis",
"type": "n8n-nodes-base.slack",
"parameters": {
"channel": "#exec-telecom-kpis",
"text": "={{$json.subject + ' \u2014 full report in email'}"
}
}
],
"connections": {
"Monday 8AM": {
"main": [
[
{
"node": "Platform Metrics"
}
]
]
},
"Platform Metrics": {
"main": [
[
{
"node": "Open Incidents"
}
]
]
},
"Open Incidents": {
"main": [
[
{
"node": "Build HTML Report"
}
]
]
},
"Build HTML Report": {
"main": [
[
{
"node": "Email CEO + BCC CCO"
}
]
]
},
"Email CEO + BCC CCO": {
"main": [
[
{
"node": "Slack #exec-telecom-kpis"
}
]
]
}
}
}
Self-hosting note: TCPA compliance evidence (opt-out timestamps, consent records, call logs) is exactly what class action plaintiffs and the FCC request first. Running your compliance KPI pipeline through a cloud iPaaS creates a third-party processor with access to this evidence — and a third-party record that plaintiffs or regulators can subpoena independently of your own legal holds.
Why TelecomTech SaaS Vendors Choose Self-Hosted n8n
| Compliance driver | Cloud iPaaS exposure | Self-hosted n8n advantage |
|---|---|---|
| FCC CPNI §222 annual certification | CDR data flows through uncertified third-party processor | CPNI stays inside your certified safeguards perimeter |
| TCPA opt-out 10-day clock | Opt-out receipt timestamp in vendor logs, not yours | Postgres timestamp is under your legal hold |
| CPNI breach 7-biz-day FBI/USSS clock | Clock may start when vendor's workflow receives breach signal |
detected_at in your Postgres = your evidence |
| CALEA assistance capability | Cloud vendor may be in your CALEA assistance architecture without documentation | Assistance capability boundary is fully documented |
| STIR-SHAKEN attestation | Attestation pipeline in cloud = chain-of-custody gap | Attestation logs in git — auditable by FCC |
Get all 15 workflows
The full FlowKit n8n template library includes 15 production-ready workflows across automation categories — plus the TelecomTech compliance pack above.
Browse FlowKit on Gumroad — individual templates from $12, full bundle $97.
All workflow JSON is import-ready. Works with self-hosted n8n (recommended for CPNI/CALEA compliance) and n8n Cloud.
Top comments (0)