This article has been written by Harsh Vardhan Singh, a student of New Law College, Bharati Vidyapeeth, Pune and Ashutosh Tiwari, a student of K.R. Mangalam University, Gurgaon. 

Introduction to Regulatory Compliance 

Regulatory compliance is a set of rules, such as a specification, policies or law which ensures an organization is following the standards set for the industry or institution by the respective authority. The rules which govern the organizations are usually set by government or parliamentary legislation or via government regulatory authorities for organizational, social, environmental and economic betterment. The norms and rules are related to various issues such as economic, public interest, and environmental.

Due to the increasing number of regulations and need for operational transparency, organizations are desirous to achieve in their effort to ensure that they are aware of and are taking measures to comply with relevant policies, laws and regulations. Since laws have been evolving, regulations have always been a political debater’s hot topic. Some say that regulations are downgrading the work of organizations and there should be a free and liberalized economy where as some economists and political thinkers say that regulatory compliance plays a vital role in promoting assessment of risk. However, since governments have formulated regulatory compliances, the organizations must cohere to the regulatory compliances and toe the line or else will have to face the consequences. 

Importance and Scope of Regulatory Compliance 

1. Risk Management has become a major issue for the private and public organizations for which the organizations are assessed for compliance with economic, social and environmental norms and measures. Often, the organizations deal with various aspects such as health, security, finance, safety and environmental. Moreover, it offers a plethora of complex new products and services to the customers which are a result of technology revolution and various neo-economic policies. In order to identify and assess factors of risk, the government needs to formulate regulatory compliance for all the sectors of organizations.
2. Most of the governments at various levels have enacted manifest plans in order to ensure appropriate response policy to prevent the risks and to alleviate their effects whenever they occur in the due process of organization’s work. As the organizations grow, complexity and independence of the organizations also grows, thus, it is the government’s duty to apprise the organizations about the policies. In order to achieve the goal, the governments have enacted risk regulation measures to intensify compliance.
3. In order to gain the trust of stakeholders, which includes investors as well as customers, regulatory compliance ensures efficiency and accountability of the product.
4. Regulatory compliance also improves the credibility of the organizations and raises them as a socially and environmentally responsible entity in the market. It also provides benefits to some sections of the society including the labors, employees as well as protects the indemnities of the employer. 
5. Regulatory Compliance ensures that whether an industry is following proper technologies for the environment or not. The Industries must toe the line with the Regulatory Compliance or else they may have to face necessary interdictions by the appropriate authorities. 

What is the Regulatory Compliance Management System? 

The Regulatory Compliance Management System is generally a department in an organization or sometimes an outsourcing company which helps the organizations to formulate and manage compliances. It also ensures that the organization adheres to all the necessary regulations which are implemented by the government. It also provides an approach of common framework to meet cross industry regulations and guidelines for the assessment of risk management.

Apart from risk management and assessment, the work of Regulatory Compliance Management System also includes a sustainable method of work in order to ensure preservation of the environment as well as aid to the society. 

Challenges faced by the Regulatory Compliance Management System and ways to overcome them

There are few challenges which are faced by the Regulatory Compliance Management System and they are as follows:

i. The ever evolving nature of Regulatory Compliance

Achieving Regulatory Compliance is one of top priorities of all the organizations. Though the task is not easy for the companies, there is no escape from that. One of the major problems faced by the Regulatory Compliance Management System is the ever evolving nature of Regulatory Compliance and relevant laws of the World. 

The problem is relentless and regulatory changes are meant to happen. The solution for this problem is financial institutions especially like Regtech, which can ease the flow of information analysis within the companies to the regulators. Moreover, Artificial Intelligence can ease the work of monitoring on the Regulatory Changes in the relevant territory of jurisdiction. 

ii. Drawbacks of Artificial Intelligence

With the continuous changes happening in the world related to Regulatory Compliance, firms need to acquire the AI in their Regulatory Compliance Management Systems. But with the ongoing changes, firms need to know what is best for them and the problem with AI is that at the time of failure of technology, it can cost a huge amount of loss.

To overcome this challenge, the organization has to maintain a balance between the AI and the professionals in the Management and technological field. The match should be such that all of them share a symbiotic relation, which may minimize the AI problem.

iii. Data Privacy

This is one of the major challenges of the Regulatory Compliance Management System. It is so huge that it attracts the Fundamental Rights of citizens in India. This is because Regulatory compliance tends to push organizations to share data of their customers, which may be personal and hence part of their privacy. 

The only way to overcome this challenge is by finding a common path to it. Sharing of data is also important to maintain transparency and on the other hand privacy is also vital. So the government has to decide the degree of data that has to be shared, so that it does not actually violate privacy completely (only important/required information to be shared).

iv. Money Laundering

Money Laundering is an act of the concealment of origin of illegally obtained money which is done by a complex series of banking transfers. It is an act which can be done by any member of a company and hence, can be hidden from other members. This act may cause trouble in the future, at the time of submission of accounts and data to the Government (as a Regulatory Compliance). There have been cases of concealment of money by the employees as well as the owners of an organization. It is another challenge which is faced by the Regulatory Compliance Management Systems across the globe. 

There should be an Anti-Money Laundering (AML) Regulatory Compliance Program or Management Body to check upon any act of money laundering. There should be an Anti-Money Laundering (AML) Compliance Officer to oversee whether all the necessary steps are being followed or not in order to prevent Money Laundering and whether the organization is following all the regulatory compliance by the government and respected authority (for eg. Policies lay down by Reserve Bank of India) or not. 

Areas of regulatory compliances for an organization in India

Regulatory compliance essentially helps the Government to keep a check on organizations and their functions, but an organization has diverse functions which attract different areas and aspects. Therefore, all the regulations requiring compliance cannot be consolidated into a single legislature. These regulations are hence placed in the areas they govern and regulations will help maintain transparency of organizations. Similarly, there are multiple areas in which the Government demands compliance. 

i. Transparency of Organizations

Accounts, records and data of a company represent its working and involvement as a corporate personality. In India, the Companies Act, 2013 regulates all these for the companies that are incorporated. The Government, hence, expects an organization registered as a company to adhere to the regulation in the Companies Act, 2013. Whether it is the provision related to Formation of the Company (Section 3), Necessary details for Execution of Bills of Exchange, Promissory Notes (S.22), Ensuring proper details for public offerings (S.23), Maintaining Books of Accounts (S.128), Appointment of Auditor (S.139) or Corporate Social Responsibility (S.135), the Companies Act covers it all. 

This further helps the Government to keep a track on the actions of an organization and in case there is an issue, it ensures that it does not lose track. Upon breach of any of the regulations, the organization has to face consequences which are in the form of sanctions. Although for some regulations specific sanctions are mentioned in the designated statute itself, for others sanction might depend upon the seriousness of the matter. While executing these sanctions, a particular pattern is followed so that in future there is no scope of any excuses on behalf of the organizations.

The pyramid represents the sequences of action from bottom to top. Warning Letter is the first step, although not in all the cases. Only the cases with misdemeanours get Warning Letter, else the organizations are sanctioned right away with a Civil Penalty followed by a criminal penalty. For example in the Companies Act, 2013 punishment for non-compliance to CSR is imprisonment up to 3 years and fine – a minimum of र50,000 and a maximum of र25,00,000. Sanctions are not limited to criminal penalty but in extreme cases License suspension and Revocation is also offered.

As discussed before some of the regulatory compliances may not require following the above pattern, they already have sanctions attached to it. As, again, for the Companies Act, 2013, it has separate provisions for most of the compliances. For example, if the company fraudulently induces any person to invest money then it shall be liable for action under S.447 of the Companies Act. If a company contravenes the provisions/regulations regarding the auditor and CSR then it will face action under S.147 and S.135(7) respectively.

ii. Environment Protection Compliance

Organizations are in some way or the other one of the major contributors in degrading the environment, and, environment being one of the major concerns currently requires attention through control and adopting preventive measures.

In India, certain environmental laws are enacted to govern the same. These laws not only imply duties on the people but corporate personalities. 

Air (Prevention and Control of Pollution) Act, 1981 is a legislation that works towards the controlling of air pollution by preventive measures and sanction (in case of breach). Organizations also need to comply with these directions and if they don’t follow the directions then action is taken against them under S.40 of the Act. Similar is Water (Prevention and Control of Pollution) Act, 1974 which is tilted at controlling and preventing water pollution. S.47 of the Act makes polluting of water by companies an offence.

There are several other legislations that the companies have to comply to, they are the Indian Forest Act, 1927; the Forest (Conservation) Act, 1980; Environment Protection Act, 1986; Storage and Import of hazardous Chemical Rules, 1989; the National Environment Tribunal Act, 1995; the Public Liability Insurance Act, 1991, Hazardous Wastes Rules, 2008 etc.

iii. Welfare of Workmen and Labour

An organization without a workforce is unimaginable. Workmen and employees are one of the pillars of an organization. So, it is imperative that the organization keeps their workmen rights protected and keeping all this is not just a part of their strategic growth but a regulatory compliance. When an organization takes out a huge amount of business from these people it becomes their duty to ensure that they are fairly treated and regularly paid. To ensure the same, the Government has laid down certain regulations that businesses/ employers have to carry out. These regulations, too, are not consolidated into a single legislation. Some legislation that governs organization-workman relation are- The Workmen’s Compensation Act, 1923; the Trade Union Act, 1926; The Industrial Disputes Act, 1947; the Maternity Benefits Act, 1961; The Contract Labour (Regulation and Abolition) Act, 1970; the Payment of Gratuity Act, 1972; the Equal Remuneration Act, 1976, etc.

Work Committee (S.3) and Grievance Redressal Machinery (S.9 (C)) are two such mandatory committees that the organizations have to form under the Industrial Dispute Act, 1947. These committees ensure amity and good relations between the employer and the employees. There are some special regulations that the organizations have to comply with, which is, in the case of Women. The Maternity Benefits Act, 1961 was enacted to protect the rights of pregnant women. The employer has to provide assistance to such women by way of leaves and payment during the time of their leave.

Conclusion 

Regulatory compliance is recognized as a compulsion that organizations have to adhere to, strictly, which is formed by the highest authority i.e. Government. Although, it can be observed that the concept of Regulatory Compliance in itself is very meaningful and well organized. Whilst it forms a structure of working between the government and the organization, at the same time it is maintaining a balance in the society by representing that organizations have the same duties to fulfil as citizens and towards citizens and their well-being. It controls the exploitation of resources (whether human or substantive) by the organization. One other feature, that can be observed, is that they are evergreen, which is obvious as regulations are set of rules, law and it is known that law has static nature. It will change according to the requirement. So it can be concluded that the structure of Regulatory compliance has a flexible shape and it will fit whatever the requirement will be. Only the part that tangles the process of Regulatory Compliance is the Data Privacy. This is a debatable topic as Privacy is a fundamental right and it has recently attained a position in our country that makes the conflict even huge.

---

LawSikho has created a telegram group for exchanging legal knowledge, referrals and various opportunities. You can click on this link and join: