Companies must understand their applicable regulatory requirements and obligations to do their business activities within the parameters defined by the regulators. The regulatory obligations must be understood as the non-identification or non-compliance with the regulations that may lead to potential financial, operational, and reputational losses. The obligations may be relevant to different business units and departments, such as sales, marketing, finance, human resource, operations, etc.. Therefore, the obligation must be tagged to the relevant department and employees.
To tag the regulatory requirement to the relevant department or function, the organization needs to establish the process of identifying and disseminating obligatory requirements to relevant stakeholders within the organization. Without such a process, the obligatory requirements may not be understood or complied with by the company, especially in today’s time when there are a lot of regulations issued by the authorities for local and international compliances.
Regulatory requirements are designed and announced for different organizations, considering their sector, business, and operational activities as the Securities and Exchange Commission or SEC issues regulatory requirements for companies governed or supervised by the SEC. Similarly, for the banks or financial institutions, the regulatory body is the country’s central bank in which the bank or financial institution operates.
The obligatory requirements may relate to taxation, prevention of money laundering and terrorist financing, data security and confidentiality, risk management, outsourcing arrangements, money exchange, health and insurance, labor, customer complaints, managing operations, etc.
Compliance is not only about preventing the issues and problems and ensuring that everyone abides by applicable laws, rules, and regulations. It is also about the positive impact of a robust and ethical compliance program on the organization. Compliance is important because businesses are run in highly regulated industries. To avoid fines and penalties due to the breach of regulatory obligations, the companies must implement an effective and strong compliance culture, processes, and controls that govern the compliance domain.
Numerous obligations apply to organizations, and these numerous requirements relate to various organizational aspects such as customer identification, screening, onboarding, product development, delivery channels, information security, data confidentiality, health and safety, customer dealing, investments, etc.
Examples of Regulatory Obligations
First, an example of regulatory obligation is regulations that govern the securities, including the Market Abuse Regulation or MAR, which aims to ensure the integrity of financial markets and maximize investor protection across Europe through a combination of new requirements and enhancements to the existing regime. It requires all the Member States to provide for harmonized criminal market abuse offenses, such as insider trading, market manipulation, and the manipulation of benchmarks. It provides for maximum prison terms of not less than four years for insider dealing and market manipulation and not less than two years for unlawful disclosure of inside information.
The requirements of these regulations are pervasive, and if the requirements are not complied with, the organization may be imposed penalties prescribed in the regulations.
Another example of a regulatory requirement that is an obligation for the securities market or brokers includes the restriction placed by the Markets in Financial Instruments Regulations or MiFID II on the inducements paid to investment firms by any third party about services provided to potential investors. The brokerage houses cannot charge a single bundle for the research and transactions. Brokers have to provide more detailed reporting on their trade data, including the price and volume of the information.
Brokers or investment advisors must appropriately store all communications, including phone conversations. Electronic trading is encouraged since it is easier to record and track the conversations and transactions executed on behalf of the investors or clients.
The regulations are pervasive, and non-compliance with the regulatory requirements may lead to significant financial penalties and the possibility of license cancellation. The organizations are required to understand the regulatory requirements and the effect of non-compliance in terms of penalties. The regulatory requirements vary according to the purpose and the domain for which these are issued by the regulatory. Compliance obligations can arise from mandatory requirements, such as applicable laws and regulations, or voluntary commitments, such as organizational and industry standards, contractual relationships, codes of practice, and agreements with community groups.