What Is Regulatory Compliance

GRC

What Is Regulatory Compliance

To understand Regulatory Compliance, we need to know about Compliance first. 

What is Regulatory Compliance


What is Compliance?

In general terms, Compliance means the act of identifying and practicing the particular information, received from some reliable source.

Now, if we think about Compliance by a business, entity, or organization, then Compliance will be defined as follows:

Compliance means the identification, understanding, and practicing of the provisions of applicable laws, regulations, standards, policies, circulars, etc. that are issued by the State or the Regulatory authorities.

Now, Regulatory Compliance means, compliance with the provisions of applicable regulations issued by the regulator.

Who is a Regulator? 

Regulator

The Regulator is the supervising body or institution, which issues a license, provides directions, issues frameworks and regulations, and provides oversight to the entities or organizations, which are registered with it. 

For example, The Securities and Exchange Commission (SEC) is the Regulator, Central Bank is the regulator, Federal Reserve Board (FRB) is a regulator, Financial Conduct Authority (FCA) is a regulator, Food and Drug Administration (FDA), etc. 

Every Regulator has its own specific regulatory domain, and the organizations, which are registered in that domain are supervised by the particular Regulator. Not all Regulators regulate all companies or organizations, however, it depends on the jurisdiction/country/state in which the company is registered, the sector in which it is doing business activities, and the products and services it offers. 

There are various other considerations also, regarding the applicability of the regulations, but in order to keep the article simpler to understand, we are not going into those details for now. 

Laws and Regulations

There are various regulations that are issued by the Regulators, to ensure that entities and organizations run their businesses with good governance practices, and in a transparent manner. Regulators aim to ensure that organizations are provided with such frameworks and regulations, which enhance the trust of customers in them and the purpose of running the organization is achieved in a regulated and secured manner.  



Some Famous Laws, Regulations, and Standards

Some of the important Laws, Regulations, and Frameworks which are issued by different Regulators are as follows:

  • Companies Act and Code of Corporate Governance 
  • General Data Protection Regulation (GDPR)
  • Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT)
  • California Privacy Protection Act (CPPA) 
  • Health Insurance Portability and Accountability Act (HIPA)
  • Cyber Security Laws and Regulations, 
  • Risk Management Frameworks 
  • PCI DSS Standards 
  • Taxation Laws 
  • Financial Reporting Standards 
  • Occupational Health and Safety Standards etc.

Purpose of Regulations

The purpose of issuing the regulations is to provide a roadmap, instructions, and guidance about the specific domain of the business activity. For example, the General Data Protection Regulation (GDPR) broadly aims to ensure that companies protect the data of their customers, which they get from them for business purposes.

Similarly, the purpose of Cyber Security related laws and regulations is to ensure that companies and businesses, adopt and implement appropriate security measures, to protect their systems and the confidential information of the customers, from hackers or cyber attackers. 

In such regulations, the regulatory provide knowledge and a set of requirements, which organizations have to comply with.   

  

Conclusion

At the time of formation and registration of the organizations and businesses, the management or the Board of Directors or principles are required to identify relevant applicable laws and regulations, considering the purpose, business activities, jurisdiction, and sector. Therefore, when a company or business is formed, one of the important steps is the identification of applicable laws and regulations, to ensure compliance with the applicable provisions of such laws and regulations. 

Non-compliance with the applicable laws and regulations results in the imposition of penalties or other punishment due to which reputational, operational, and financial losses are faced.

The above article is for a general understanding of Regulatory Compliance only. It is not specific to any country or jurisdiction. 

Usman is an experienced GRC Trainer, and Consultant. He can be reached at: liboctober@gmail.com

Newsletters and eBook

Name

Email *

Message *

Popular GRC Posts

Introduction to Compliance Risk Assessment

GRC
Image
Introduction to Compliance Risk Assessment Before starting the Compliance Risk Assessment (CRA), it is important to know about some important factors that increase the importance of performing CRA. High competition, changes in business practices, complex products and operations, adoption of technology and digital payment mechanisms, increase in expectations of customers, and increase in numbers of financial crimes, including but not limited to money laundering, frauds, insider trading, human trafficking, market abuse, etc. have led to the emergence of new risks, including compliance risks. This is because, in order to control the above-mentioned broader risk factors, the organizations or institutions are required to take appropriate and robust measures, to ensure that these risks are managed to avoid losses, including financial and reputational losses. Regulators are also working to further, strengthen the regulatory frameworks, which are required to be complied with by the organizatio
Read Article

Performing KYC/CDD at Different Stages of Customer Lifecycle

GRC
Image
KYC/CDD at Different Stages of Customer Lifecycle   Customers need solutions to their needs and wants and explore different financial options, to choose suitable institutions for collaboration and services. They need quick responses and easy solutions to their account opening and financing needs.  The financial objectives of the customers might include obtaining finance or funds, to utilize or invest in some profitable business or company or they may require other services that these financial institutions provide, such as credit card, payment gateway, digital payment solution, etc. When we talk about the financial service industry, such as banks, money exchange businesses, money service businesses (MSBs), remittance companies, insurance houses, payment gateways, etc. the needs of most of the consumers are linked with their financial objectives. 
Read Article

Who Is Your Customer? Know Your Customer (KYC)

GRC
Image
Who Is Your Customer?  A customer is a person, including the individual, business, corporate, organization, etc. to whom the products and services are provided, as part of the business relationship. Customers are the source of business and profits for the organizations.  Customers are required to be treated with care and in an ethical manner, and regulatory authorities require companies and organizations to ensure that fair dealing policies and practices are adopted and implemented. Types of Customers? Customers may be real person or individuals or legal businesses or entities. Customers usually include  salaried individuals,  business start-ups, sole proprietors, traders, housewives, small and medium enterprises, corporate entities, not-for-profit organizations, charitable organizations, welfare trusts, governmental organizations, etc. Nature and types of customers vary from organization to organization.  Customers may belong to different jurisdictions or countries therefore; they pos
Read Article