Administrative regulations affect nearly every type of commercial activity in the country to some degree. Businesses are responsible for knowing and complying with the regulations that affect them and their industries. Administrative agencies charged with enforcing regulations may do so by investigating complaints and bringing enforcement actions, but many agencies also require businesses to demonstrate regulatory compliance through regular or occasional filings. Failure to meet filing requirements is often a regulatory infraction itself.
People with managerial authority in a business entity, such as corporate directors and officers, are responsible for ensuring that their companies’ activities comply with all applicable local, state, and federal regulations. The field of regulatory compliance has arisen to assist managers with this responsibility.
“Regulatory compliance” generally refers to an organization’s adherence to any and all applicable regulations, guidelines, specifications, and other legal requirements. At the federal level, statutes enacted by Congress establish broad goals, rules, or guidelines. A statute may create a new agency to carry out its goals or enforce its provisions, or it may charge an existing agency with new responsibilities. The agency is then responsible for creating regulations and rules that enable it to fulfill the tasks set forth by Congress. The President may also direct executive agencies to pursue certain goals within the authority granted to them by Congress.
Large companies and organizations may have executive-level positions whose primary job is to oversee compliance with applicable regulations. This may include the creation of internal regulatory compliance monitoring and reporting systems, in addition to any reporting or filing requirements enforced by government agencies. Business consultants, attorneys, and other professionals may offer regulatory compliance consulting or monitoring services to other companies. This type of service might be particularly valuable to small- or mid-size organizations that cannot, or do not need to, commit one or more employees solely to the task of regulatory compliance.
Federal statutes that include regulatory compliance requirements for businesses, nonprofits, and other organizations include:
The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, which applies to numerous aspects of the financial industry;
The Sarbanes-Oxley Act of 2002, which deals with deceptive accounting and other fraudulent corporate practices, and sets standards for companies’ internal financial monitoring practices;
The Health Insurance Portability and Accountability Act (HIPAA) of 1996, which requires healthcare providers to maintain a high level of privacy protection for patient information;
The Securities Act of 1933, which regulates initial public offerings (IPOs) and other offers and sales of securities.
Non-Government Regulatory Compliance
Some industries have also established organizations with regulatory authority over their members. The Financial Industry Regulatory Authority (FINRA), for example, has authority to investigate and discipline members companies for violations of its own regulations and federal financial regulations. These organizations do not exempt companies or individuals from investigation or prosecution by public agencies, but they can serve as an important supplement to those agencies’ abilities.
Many statutes require businesses, other organizations, and individuals to file certain forms and produce documents as a prerequisite for certain acts. The Securities Act, for example, requires registration of many types of public offers to sell or buy securities. State laws require a series of filings in order to obtain professional licenses, such as a medical or law license, or permits for certain business activities. Local laws, at the county or municipal level, require filings by certain types of business, such as food service or retail establishments, to ensure compliance with local health codes and zoning laws.
Businesses in certain industries may also be required to file forms with one or more government agencies on an ongoing basis as a means of demonstrating compliance with applicable laws. This often occurs in situations where private businesses have demonstrated an inability or unwillingness to self-regulate, with harm to the public. Congress passed Sarbanes-Oxley, requires periodic reports from corporations regarding financial and accounting activities, in the wake of the Enron scandal. Dodd-Frank was passed after the 2008 financial crisis in an effort to provide greater transparency in the banking and securities industries. Government agencies may use regulatory filings to detect unlawful activity, and they may also enforce incomplete or missing filings as regulatory infractions.