Subscription Retention + Compliance
Amazon paid $2.5 billion for a cancel flow that took 6 clicks. Uber is facing 21 state attorneys general over 23 screens to cancel. The FTC is restarting negative option rulemaking. Meanwhile, your retention team is optimizing save rate without knowing which users they're pushing out the door.
We build subscription retention systems that know the difference between a Persuadable and a Sleeping Dog, route each to the right experience, and produce audit-grade compliance documentation for every jurisdiction you operate in.
$2.5B
Amazon's dark pattern settlement
FTC, September 2025
75%
Of SaaS churn is voluntary
Recurly Churn Report, 2025
21 States
Joined FTC's Uber subscription lawsuit
FTC Amended Complaint, Dec 2025
Every subscription company tracks "save rate." The percentage of users who start the cancellation flow and don't complete it. A 30% save rate sounds like a win. But save rate is a vanity metric that conflates four completely different user behaviors.
Will cancel unless they receive the right intervention. A relevant feature walkthrough or plan adjustment changes their mind. These are the only users where a save flow creates real value.
Will stay regardless. They clicked cancel to explore options or by accident. Giving them a 20% discount wastes margin on a user who was never leaving. Your save rate counts them as "saved."
Will cancel no matter what you offer. They've made the decision. A 4-page save flow just makes them angry, generates support tickets, and creates the kind of "labyrinthine" experience that drew the FTC's attention to Amazon.
Currently renewing and would continue to renew. But your save flow contacts them with a "We'd hate to see you go" email or a discount offer, and now they remember they're paying $49/month for something they haven't used in three months. Your retention system just created churn that would not have existed otherwise.
A B2B SaaS company with 200K subscribers and 3% monthly voluntary churn has roughly 6,000 cancel-intent users per month. Industry research suggests approximately 10-20% of those are Sleeping Dogs, users who would have continued paying if left alone.
If your save flow contacts all 6,000 users (which is what ProsperStack, Chargebee Retention, and every off-the-shelf tool does), you are pushing 600-1,200 users per month toward a cancellation they were not going to make. At $50 ARPU, that is $360K-$720K in annual revenue destroyed by your own retention system.
Telenor, the Norwegian telecom, discovered this the hard way. Their retention campaigns were causing 2% higher churn in the treatment group. They only found out because they ran a proper holdout test. Most SaaS companies never do.
The FTC's Click-to-Cancel rule was vacated in July 2025, but enforcement has accelerated, not slowed. ROSCA, Section 5 of the FTC Act, and state automatic renewal laws provide all the authority regulators need. The FTC restarted negative option rulemaking in January 2026 with an ANPRM (comments due April 2026). State-level enforcement is expanding through coalitions like California's Automatic Renewal Task Force (CART).
| Company | Year | Penalty | What They Did | Legal Basis |
|---|---|---|---|---|
| Amazon Prime | Sept 2025 | $2.5B | "Iliad Flow": 4-page, 6-click, 15-option cancellation process. 35M consumers enrolled without clear consent. | ROSCA + FTC Act Section 5 |
| Epic Games | Dec 2023 | $245M | One-button purchases without confirmation. Locked accounts when users filed chargebacks. | FTC Act Section 5 + ROSCA |
| Vonage | Nov 2022 | $100M | Hidden cancellation mechanism. Continued charging after users requested cancellation. | ROSCA + FTC Act |
| Uber | 2025 (ongoing) | TBD | Uber One: up to 23 screens and 32 actions to cancel. Auto-enrolled users before free trial ended. | ROSCA + FTC Act (21 states joined) |
| Chegg | Sept 2025 | $7.5M | Multi-click, non-intuitive cancellation path. Continued charging after cancellation completed. | ROSCA |
| HelloFresh | Aug 2025 | $7.5M | Failed disclosure of subscription terms. No easy cancellation mechanism for California consumers. | California ARL |
| JustAnswer | Jan 2026 | TBD | AI chatbot "Pearl" used to lock consumers into recurring charges. First major AI-agent enforcement action. | FTC Act (deceptive practices) |
ROSCA does not require proving a specific dark pattern. The FTC only needs to show that cancellation was "not simple." This is a lower legal bar than most companies realize. If your cancel flow has more steps than your signup flow, you have exposure. If your AI agent adds conversational friction before allowing cancellation, you have exposure.
California's "One Save" rule limits retention offers to one per cancellation. New York requires online-only cancellation for online signups. Maryland has specific disclosure timing. Connecticut requires pre-renewal notices. If you serve customers in multiple states, the strictest law in your subscriber base is your compliance floor.
Four capabilities, integrated. Each addresses a specific gap that off-the-shelf retention tools cannot fill.
We build uplift models that connect to your billing system's event stream and classify every cancel-intent user into one of four segments: Persuadable, Sure Thing, Lost Cause, or Sleeping Dog.
The technical approach: we estimate the Conditional Average Treatment Effect (CATE) for each user. The model answers "will this specific user stay because of our intervention, or regardless of it?" Standard churn prediction cannot answer this question. It predicts who will leave, not who will leave because of what you do.
Integration happens through your existing billing API. For Stripe, we listen on customer.subscription.updated and customer.subscription.deleted webhook events. For Chargebee and Recurly, equivalent event streams. No billing migration required.
Why not A/B testing alone? ProsperStack's AI Autopilot and Chargebee Retention optimize which offer works best on average. Uplift modeling tells you which offer works for which user. The difference: A/B testing cannot identify Sleeping Dogs. Only a causal model with a proper holdout can.
Different segments get different experiences. Persuadables see a personalized value reminder or plan adjustment, limited to one offer per California's "One Save" rule. Lost Causes and Sleeping Dogs get a single-click exit with no friction. Sure Things see a brief survey (no offer, no discount).
We design these flows to satisfy the strictest applicable regulation in your subscriber base. The ROSCA standard ("simple cancellation") is the federal floor. California's ARL adds the One Save limit and pre-renewal notification requirements. New York adds online-only cancellation mandates. We build one flow architecture that handles all jurisdictions through subscriber-location-based routing.
Why not a bigger firm? Accenture and Deloitte build subscription platforms. They implement Zuora or SAP Billing. They do not build causal segmentation engines or audit cancel flows for dark patterns. Their engagements run $500K-$5M and deliver a platform migration, not retention intelligence. We build the 20% of the system that drives 80% of the retention outcome.
Integrated into your CI/CD pipeline. Every change to your cancellation flow is scanned before it reaches production. DOM analysis checks structural patterns: hidden cancel buttons, pre-checked enrollment boxes, disproportionate button sizing. NLP classification checks text for confirmshaming, fake urgency, trick questions, and misleading framing.
Findings are mapped to specific regulatory requirements. "This button label uses confirmshaming language prohibited under ROSCA precedent (cf. Amazon Iliad Flow complaint, para. 47)" is an actionable finding. "This flow has potential compliance issues" is not. We produce the former.
The governance gap: Right now, your marketing team A/B tests cancel flow changes. Your legal team reviews quarterly (if at all). The gap between those two cadences is where enforcement risk lives. Amazon's Iliad Flow existed for years because no automated system flagged it as a regulatory problem. Automated auditing closes that gap.
If you deploy conversational AI in your retention flow (or plan to), we build the constraint layer that keeps it legal. The JustAnswer lawsuit (January 2026) proved that AI chatbots face the same dark pattern liability as manual UI designs.
Four hard limits: maximum interaction budget (2-3 turns before mandatory one-click cancel), prohibited language classifier that blocks confirmshaming and emotional manipulation in real time, segment-gated activation (agent only engages Persuadables), and full conversation logging with compliance tagging for legal review.
The reward hacking problem: An LLM fine-tuned for retention will learn to stall, guilt, and manipulate because those tactics maximize the short-term reward signal. Without explicit constraints, your AI agent will independently reinvent every dark pattern Amazon got sued for. We build the guardrails that prevent this.
Three phases. The first produces value independently of the others. Every phase builds on your existing billing infrastructure.
We audit your existing cancellation experience against ROSCA, California ARL, and every state ARL where you have subscribers. You get a compliance risk report with specific findings mapped to specific regulations, not vague "potential issues."
Simultaneously, we design and deploy a holdout test. 10-15% of cancel-intent users are routed to a frictionless exit with no save attempt. This creates the counterfactual data needed for Phase 2. Without it, your save rate metrics are unmeasurable. Most companies have never run this test because their retention team is incentivized on save rate, and a holdout lowers that number.
Using holdout data from Phase 1, we train the uplift model. Inputs: subscription tenure, plan type, usage patterns, support history, and cancel-intent signals. Output: per-user segment classification with confidence scores.
We then build the segment-aware cancel flow. This integrates with your existing billing platform (Stripe Customer Portal API, Chargebee Retention, or Recurly events) through a middleware layer that routes users based on their segment. The flows are designed per-jurisdiction for regulatory compliance.
Automated dark pattern scanning integrated into CI/CD. Every cancel flow change is audited before production deployment. Regulatory matrix updates as state laws change (the EU Digital Fairness Act, expected 2027, will add mandatory cancellation button requirements).
The uplift model is retrained quarterly as your subscriber behavior shifts. Segment distributions change as your product evolves, pricing changes, or market conditions shift. A model trained on Q1 data may misclassify users by Q4. Ongoing monitoring catches this drift.
Honest caveat: Causal segmentation requires sufficient cancel volume to train reliable models. If your product has fewer than 500 voluntary cancellations per month, the uplift model will not converge with useful accuracy. For lower-volume products, we focus on Phase 1 (compliance audit) and Phase 3 (monitoring), and use rule-based segmentation heuristics rather than causal models. We will not sell you a statistical model that your data cannot support.
Answer seven questions about your current cancellation flow. Get a risk score, specific exposure areas, and actionable next steps you can take before calling anyone.
California's Automatic Renewal Law (Bus. & Prof. Code Section 17600-17606) and ROSCA overlap but are not identical. California requires an "immediately accessible" online cancellation mechanism, pre-renewal notifications 15-45 days before charging, and as of July 2025, a "One Save" limit on retention offers during cancellation. ROSCA requires that cancellation be "simple" and that consumers give "express informed consent" to recurring charges.
The practical design constraint: your cancel flow can surface one retention offer (satisfying the California One Save rule) but must then provide a single-action cancel completion (satisfying ROSCA's simplicity standard). We build flows where the offer screen includes a prominently placed "No thanks, cancel now" button that completes cancellation in one click. The retention offer itself must not use confirmshaming language, countdown timers, or misleading framing.
For multi-state operations, we map your subscriber base by billing address and apply the strictest applicable standard per jurisdiction. New York's GBL 527-a requires similar online-only cancellation mechanisms, while Maryland and Connecticut have their own disclosure timing requirements. We maintain a regulatory matrix that maps every element of the cancel flow to specific state and federal requirements, so your legal team has audit-grade documentation for each jurisdiction.
Uplift modeling estimates the causal effect of a retention intervention on each individual user. The gold standard is randomized control trial (RCT) data where some cancelling users see a save offer and others are allowed to cancel without intervention. If you have never run holdout tests, we start there.
Phase 1 of every engagement includes designing and deploying a proper holdout: 10-15% of cancellation-intent users are routed to a clean, frictionless exit with no save attempt. This runs for 4-8 weeks depending on your cancel volume. The holdout gives us the counterfactual we need to distinguish Persuadables from Sleeping Dogs. Without it, every save rate metric your team reports is meaningless because you cannot tell whether the user stayed because of your offer or despite it.
For companies with historical cancel data but no holdout, we can use quasi-experimental methods like propensity score matching or instrumental variables, but these produce weaker estimates. We are transparent about that limitation.
The data inputs we need from your billing system: subscription start date, plan type, billing cycle, usage events (logins, feature usage, support tickets), cancel initiation timestamp, save offer shown (if any), and final outcome. Most of this is available through Stripe's API (customer.subscription.updated webhook events) or Chargebee's event exports.
ProsperStack is a solid cancel flow tool. Its AI Autopilot optimizes which offer to show through A/B testing, and it integrates cleanly with Stripe, Chargebee, and Recurly. If your only goal is offer optimization, ProsperStack may be sufficient.
Where it falls short: ProsperStack treats every cancelling user as a candidate for retention. It cannot distinguish a Persuadable (will stay with the right offer) from a Sleeping Dog (will churn because the save flow reminded them they are paying). A/B testing tells you which offer works best on average across all cancellers. Uplift modeling tells you which offer works best for each individual user, and critically, which users should not see any offer at all.
The difference matters financially. If 15% of your cancellers are Sleeping Dogs and your save flow contacts all of them, you are generating churn that would not have happened otherwise. At 100K subscribers with 3% monthly voluntary churn, that is roughly 450 subscribers per month you are pushing out the door. At $50 ARPU, that is $270K in annual revenue lost to your own retention system.
ProsperStack also has no compliance auditing layer. It does not check whether your cancel flow language constitutes confirmshaming under ROSCA, whether your offer timing satisfies California's One Save rule, or whether your AI-generated copy crosses FTC lines. We build the causal intelligence and compliance layers that sit underneath tools like ProsperStack, or we replace the flow entirely when the existing tool cannot support segment-aware routing.
The FTC's January 2026 lawsuit against JustAnswer established that AI chatbots used to lock consumers into subscriptions face the same scrutiny as manipulative UI design. The risk is real: an LLM-based save agent optimized for retention will naturally gravitate toward confirmshaming, fake urgency, and emotional manipulation because those tactics work in the short term.
We build constraint layers for AI retention agents with four hard limits. First, a maximum interaction budget: the agent gets N turns (typically 2-3) to present value-based retention options. After N, it must surface a one-click cancel button with no additional friction. Second, a prohibited language classifier trained on FTC enforcement language and ROSCA case law that blocks confirmshaming phrases, artificial scarcity claims, and guilt-based framing in real time. Third, segment-gated activation: the agent only engages Persuadables. Lost Causes get immediate frictionless exit. Sleeping Dogs are never contacted. Fourth, full conversation logging with compliance tagging. Every agent interaction is stored, classified by compliance risk level, and available for legal review.
This is not optional. The Amazon settlement includes a 10-year independent monitor requirement. Uber's amended complaint specifically cites the number of screens and actions required to cancel. Regulators are counting clicks. If your AI agent adds steps, it adds liability.
A typical engagement runs in three phases over 14-20 weeks. Phase 1 (Cancel Flow Audit and Holdout Design, 3-4 weeks, $25K-$40K): We audit your existing cancellation experience against ROSCA, California ARL, and applicable state requirements. We design and deploy a holdout test. Deliverables include a compliance risk report with specific remediation steps and a holdout test running in production.
Phase 2 (Causal Segmentation and Flow Build, 8-12 weeks, $75K-$150K): We build the uplift model using holdout data, integrate with your billing system via API, and design segment-aware cancellation flows. For Stripe, integration happens through webhook handlers on customer.subscription.updated and customer.subscription.deleted events. For Chargebee or Recurly, equivalent event streams. Deliverables include a deployed segmentation engine and redesigned cancel flow.
Phase 3 (Compliance Monitoring, ongoing, $8K-$15K per month): Automated dark pattern scanning integrated into your CI/CD pipeline. Regulatory matrix updates. Quarterly compliance reports.
Total first-year investment for a mid-market SaaS company (100K-500K subscribers): $150K-$250K. For context, Chegg paid $7.5M plus 10 years of compliance monitoring for getting this wrong. HelloFresh paid $7.5M. The cost of compliance is a fraction of the cost of enforcement.
You keep your existing platform. We build on top of it, not beside it. For Stripe Billing, integration happens through the Customer Portal API and webhook event streams. Stripe's portal already supports cancellation flows with optional retention coupons, but it routes every canceller through the same experience. We add a middleware layer between the cancel initiation event and the portal flow that checks the user's uplift segment and routes accordingly.
For Chargebee, integration uses their Retention API (the former Brightback infrastructure) plus custom event webhooks. Chargebee Retention handles the cancel flow UI natively, so we configure segment-based offer routing within their system where possible and extend with custom logic where needed.
For Recurly, the integration is similar: webhook-driven segmentation with custom cancel flow routing. Recurly's strength is involuntary churn (dunning and payment retries), so the voluntary retention layer we build complements their existing dunning. In all cases, your billing, payment processing, and subscription management stay where they are. We add the intelligence layer that decides what each cancelling user should see and the compliance layer that ensures what they see is legal.
The technical foundation behind this solution page, available as an interactive whitepaper.
Causal AI for subscription retention, RLHF alignment for retention agents, dark pattern detection pipelines, and regulatory analysis of the FTC Click-to-Cancel vacatur.
Compliance audits start at $25K. Enforcement actions start at $7.5M.
Every month your cancel flow runs without a holdout test and without compliance auditing, you are both destroying revenue (Sleeping Dogs) and accumulating regulatory exposure (ROSCA, state ARLs). The math on fixing this is straightforward.