Guide To Identifying Your Compliance Obligations
This Guide To Identifying Your Compliance Obligations provides a methodical approach for determining the rules and regulations your business may be subject to and the related compliance obligations imposed on your organisation. There are an overwhelming number of regulations and an even more number of resources that provide information on such regulations. The intention of this Guide is not to regurgitate what is already out there but to provide you with a systemic process for identifying your compliance obligations and a central reference point for doing so.
This Guide is not intended to replace a lawyer or advisor. If you have any specific matters you may be concerned about, or if you would like to have someone review your compliance obligations, documentation and processes for you, our compliance consulting team can assist.
There are 4 stages to the process for identifying compliance obligations:
- Stage 1 – Determine business activities, products and services
- Stage 2 – Identify applicable rules and regulations
- Stage 3 – Determine compliance obligations
- Stage 4 – Create your compliance register
Business activities, products and services
The first stage of the process is to list down all the activities your organisation and each member of the organisation carry on. Such activities should cover all operational processes to external dealings with your customers or clients, third parties and vendors or suppliers.
Along with identifying all your business activities, you will also need to determine the players or actors for each business activity. For example, all sales activities involve interactions with potential customers or clients and your sales team. If you have a large organisation, sales activities may also include the involvement of your marketing department, customer service department and more.
|Example ⇒ this is an example of a Business Activities Checklist which sets out the usual activities carried out by a business, the players involved and the corresponding areas of law that may apply to such business activities.|
Applicable areas of law
Once you have identified all your business activities, the next step is to identify the relevant areas of law that apply to such activities. There are those that apply to every business in Australia and these include the following areas of law:
- Advertising and promotion
- Anti-bribery and corruption
- Business organisation and corporations
- Competition and consumer protection
- Contract (including sale of goods and supply of services)
- Intellectual property
- Privacy and data protection
- Tax and accounting
- Trade practices
- If you hire staff:
- Employment relations
- Workplace conduct
- Workplace health and safety
Other laws including building and property rules and regulations may apply depending on your business activities.
There are also many rules and regulations, both at a Federal and state level, which may apply to your business if you are in a specific industry. These include businesses in the following industries:
- Aged care
- Banking and finance
- Building and construction
- Credit providers (ACL)
- Financial service providers (AFSL, AML/CTF)
- Education centres and schools
- Food and health
- and more…
Doing a quick online search will give you an immediate indication as to whether specific laws, rules, regulations and codes apply to the industry you are in.
At the end of this stage, you would have (a) identified the general areas of law that apply, and (b) an awareness that there may be additional laws that could increase your compliance obligations if you are in a particular industry.
Determine compliance obligations
There are several options that you may take to determine the compliance obligations imposed on your business activities from the areas of law listed above:
- Go directly to the primary sources of law (legislation and regulations), or
- Read information supplied on government websites or websites of regulatory bodies, or read brochures and any other handouts that may be made available to you, or
- Visit a business service centre (although this may be a limited recourse), or
- Subscribe to a third party information service, or
- Consult a business or legal advisor.
You may decide to use all of the options or select only one. Most businesses will use at least 2 sources of information. The cost of using the options ranging from free for the first 3 options to thousands of dollars for the last option on the list. On the other hand, unless you are well-versed in reading legislation or understanding the law (in which case, you are unlikely to be reading this Guide!), the free options are the riskiest in terms of developing a compliant business.
For those on our compliance programs, we provide a Compliance Risk Assessment Report to our clients that outline their compliance obligations for their relevant industry. We also provide a central reference point for legislative and regulatory requirements to our clients that is cost-effective and that offers a solution for an easier and less risky compliance option for an organisation.
Once all your compliance obligations have been identified, the last stage of the process is to create a compliance register. A compliance register sets out a list of all compliance obligations and compliance commitments required to be followed by your organisation.
The compliance register includes compliance schedules, description of the relevant rules or regulations, tasks or actions to be taken and details of the compliance obligations.
|Example ⇒ this is an example of a Compliance Register which sets out in detail the relevant legislation, legislation sources, compliance obligations, compliance schedules, responsibilities and so on.|
Work on your business compliance now!
All your compliance resources in one central location for you and your team
If you need more in-depth advice on compliance, our Compliance Consulting Services may be able to assist. If you are new to compliance, and are looking for compliance resources, learn more about our compliance programs.