CMA 26Q2 is now available, bringing a significant set of enhancements focused on integration, communication compliance, operational automation, security, and long-term platform maintainability. This quarter’s release introduces the new CMA Public API, expands communication preference and DNC management, adds inline client duplication tools, improves CallLog transcription throughput, and continues modernization across infrastructure, dependencies, AI tooling, and internal development workflows.
Together, these changes give organizations more control over integrations, client communication rules, task automation, accounting workflows, and day-to-day administrative operations.
New Integration Capabilities with the CMA Public API
One of the largest additions in 26Q2 is the new CMA Public API, available as an add-on for approved integrations.
Administrators can now manage API users and access tokens, restrict access by IP address, assign allowed capabilities, and use built-in API documentation. Initial API capabilities include sending SMS enrollment links, searching clients, and adding lead comments.
The Public API can also be enabled or disabled through a dedicated setting, allowing organizations to control both the API and its management tools from one place. This creates a more structured and secure foundation for external integrations while preserving administrative oversight.
Stronger Communication Preference and DNC Management
CMA 26Q2 introduces exception-based communication preference and Do Not Call management across CMA and the Client Portal.
This new framework supports DocumentTemplate email and SMS categories, preserves existing SMS opt-in and opt-out behavior, and adds email DNC plus normalized phone-value DNC controls within CMA. The system stores active suppression and DNC exceptions, treats missing exception rows as allowed, and applies phone DNC rules wherever the same phone number appears on a client record.
Preference enforcement now extends across CMA-controlled email and SMS policy checks, click-to-call rendering, call queues, and Dial AJAX requests. Structured preference history records source, actor, reason, timestamp, and before-and-after status, giving compliance teams stronger visibility into communication changes.
Additional support includes expanded complaint research search, Activity Timeline visibility, a phone DNC export view for reporting, and updated staff and compliance knowledgebase documentation.
More Flexible Client, Lead, and Assignment Workflows
This release adds several tools that make client and lead management more flexible for administrators and staff.
A new inline Duplicate Client workflow allows administrators to copy a client or lead with selected related records and documents. The workflow preserves duplicate safeguards, clears external IDs, and validates target selections before records are created. This is designed to reduce manual setup effort while maintaining data integrity.
Manager Report bulk assignment tools now include an Unassigned option, allowing selected clients or leads to have assignments removed in bulk. The Manage Leads Report also gained an optional client phase duplicate filter, and WMA duplicate lead handling was refined to use Spinwheel DOB and phone-number-focused matching in key workflows.
CMA also added a configurable setting that can disable client duplication when an imported client record is older than the configured month limit, giving organizations more control over import-driven duplication behavior.
Improved CallLog, PBX, and Transcription Operations
26Q2 includes major improvements to CallLog transcription and PBX-related workflows.
CallLog transcription jobs can now run concurrently, supported by per-call transcription locks, stale claim recovery, global worker throttling, and operator-visible lock diagnostics. Transcription can also be triggered immediately after successful call import cron jobs, and organizations can opt out of concurrency where needed.
Provider errors are now persisted on CallLog rows, making failures easier to diagnose. CMA also improved OpenAI transcription routing by using ffprobe duration data, updated transcript context budgets for GPT 5.5, and refreshed public GPT Knowledge Base ChatBots to default to GPT 5.5 Thinking.
PBX-related updates include live PBX user presence on the dashboard, improved dashboard layout wrapping, firewall reset cache fixes, PBX firewall failure logging, and documentation for the CMA PBX integration workflow.
Accounting, Payment, ACH, and ClientCredit Enhancements
Several changes in this release focused on accounting accuracy, payment workflows, and ClientCredit automation.
ClientCredit auto close support was added for companies that want accounts automatically closed when clients enter Incomplete or Complete phases. This includes controls for capping closed account interest balances at the close date when applicable, along with cleanup support for existing Incomplete and Complete clients.
ClientCredit proposal workflows also gained configurable default proposal status support through the CLIENTCREDIT_DEFAULT_PROPOSAL_STATUS system setting. CMA now applies the configured status when creating eligible non-contributor client-credit rows, preserves contributor legacy behavior, and aligns proposal history and documentation with the new workflow.
ACH and banking improvements include Cass 0220 ACH return and NOC import support, NSF payment-date offset handling by banking days, improved ACH import NSF fee matching and amount normalization, historic failure check-return protections, and updated RPPS return-account matching.
Additional accounting updates include split pay support in the Extranet ACH phase and PDFs, clearer LMA accounting header values, improved estimated payment-date resolution, and fixes for rounded fee-schedule convergence.
Task Management, Reporting, and Workflow Visibility
CMA 26Q2 adds new tools for task management, reporting clarity, and workflow analysis.
The Task Management Job SQL analyzer was added for count-only schedule and performance review, helping administrators evaluate task-job behavior more safely before execution. Generated task jobs can now use per-task concurrency, and diagnostic context was added for task default note render failures.
Task Management also gained a compact display mode, better invalid Task Rule reference detection, and improvements to the Workflow Explorer. Large task graphs are now easier to read through clearer parent-child relationships, communication-channel summaries, side-effect badges, focused view modes, filters, a legend, selected-task navigation, grouped details, and wider graph spacing.
Reporting improvements include permission-gated bulk held Disbursement status updates with optional Payment creation, Log Viewer date filtering for log files and entries, HUD 9902 preview and housing/outcomes ordering refinements, and Manager Report column reordering without jQuery.
AI, Template, and Developer Tooling Modernization
This quarter continued CMA’s AI and developer tooling modernization.
CMA’s standard OpenAI Responses model was updated to GPT 5.5, with GPT 5.4-mini retained for mini and web-search flows. Model-specific transcript context budgets were also added, supporting up to 1 million tokens for GPT 5.5.
The CMA Template Explorer extension now includes Smarty variable autocomplete, nested variable suggestions, value previews, and a command to view Smarty variables for a selected client. Document template validation was expanded with both CLI and GUI validators, and strict-types compliance checks were added in report-only mode for tracked PHP files.
Development tooling also advanced with PHPStan 2.2, bleeding-edge checks, PHPStan type-analysis fixes, PHPUnit 13 for GitHub CI tests, reduced Deptrac baselines, and continued refactoring of inline JavaScript and style sheets across the system.
Security, Reliability, and Platform Updates
As with recent releases, 26Q2 includes substantial work to keep CMA secure, reliable, and current.
Platform updates include FreeBSD 15.1-RELEASE, Apache 2.4.68, MySQL 8.4.9, PHP 8.5.7, Smarty 5.8.4, PHPStan 2.2, Composer updates, npm updates, and ZIP-code data updates from SimpleMaps version 1.94.
Security and hardening work included CMA sign-on return target normalization, passkey authentication failure handling improvements, Extranet MFA missing-record handling, document template API content-type parsing fixes, controller security improvements, and a CI check to ensure all controllers implement access checks.
Reliability improvements include Gmail Email Activity retries for rate limits and transient backend failures, concurrent Gmail mailbox retrieval, EFax and SecureDocEx retry handling, retry guards for DMA statement PDF filing, cron and per-job log retention adjustments, and a new job to delete expired CMA user sessions.
Retired Legacy Functionality
CMA 26Q2 removes the legacy LMA Membership feature, including member phases, plan management, membership payroll, reports, payment batches, schema/configuration, and related documentation.
Credit Card Generation remains available for CMA Accounting users using active ClientCC records. The release also removes retired WMA Spanish and LeadDNS style paths, unused dragtable JavaScript and stylesheets, and the legacy “Open Payment Batch Queue” button from the Daily Accounting Checklist.
These removals reduce legacy surface area and simplify long-term maintenance.
Additional Highlights
CMA 26Q2 also includes many smaller but meaningful improvements across the platform, including:
- Keyboard shortcuts for Client and Client Credit inline notes
- USPS lookup support on the creditor address form
- Client message attachment links with access-checked streaming
- Live PBX user presence on the dashboard
- Compact Manage Users display updates and bad-login attempt counts
- Improved Twilio SMS status handling
- Better Gmail mailbox retry and rate-limit handling
- Audit-log reference descriptions for Client and ClientCredit fields
- Improved Spinwheel account import handling
- Smarter WMA self-enrollment assignment preservation
- Passkey login and setup fixes
- Client Portal message escaping and session-log improvements
- Public GPT Knowledge Base updates
- Ongoing Composer and npm dependency maintenance
Closing
CMA 26Q2 is a broad operational release centered on integrations, compliance, automation, reliability, and maintainability. The new CMA Public API creates a secure foundation for approved external integrations, while communication preference and DNC management give organizations stronger control over client contact rules.
Inline client duplication, CallLog transcription concurrency, ClientCredit auto close, Task Management analysis tools, and expanded accounting and ACH support improve daily operations across multiple departments. Behind the scenes, platform upgrades, security hardening, AI model updates, dependency maintenance, and continued code modernization help keep CMA stable, secure, and ready for future development.