Josh Young

compliance risks“Nothing ventured, nothing gained” is an adage entrepreneurs and companies the world over readily embrace, because they know risk is a key element for any business operation. However, keeping those risks to a minimum is critical to your organization’s survival.

A common area of concern for most modern businesses is compliance risk, or the potential financial losses and legal penalties that can arise by failing to comply with governmental and industry guidelines. And each year, the number of rules and regulations only increase.

Some common compliance risks include:


The Foreign Corrupt Practices Act (FCPA) prohibits the bribing of foreign officials or political agents by U.S. citizens, companies, and the foreign subsidiaries of American-based businesses. Your organization can even be held liable for the actions of third parties outside of your direct control, as long as you are aware of a high probability that these companies will engage in corruption.

One example would be Zimmer Biomet, which was recently forced to pay out more than $30 million in penalties for the actions of its foreign subsidiaries and a third-party distributor.

Concerned that your employees are ignoring company policy and placing your business at risk? Read: Practical Steps for Effective Compliance Programs

Employee Behavior

Discrimination and harassment have no place in your business. And despite any guidelines your company may have outlining appropriate employee behavior, a rogue staff member can cause all manner of problems — particularly if their actions aren’t dealt with swiftly and decisively.

Over the course of fiscal year 2015, the U.S. Equal Employment Opportunity Commission (EEOC) collected more than $525 million for victims of workplace discrimination, with roughly $125.5 million of those settlements relating specifically to harassment cases.

Workplace Health and Safety

For any business, workers are the heart of the organization, and keeping employees safe and healthy is a given, hence the number of federal regulations overseen by the Occupational Safety and Health Administration (OSHA). These rules cover nearly every worker in the United States, and you probably have one of their posters in your break room.

The organization actively enforces safety compliance, identifying over 65,000 violations in FY 2015. And not meeting these guidelines can be pricey , as one manufacturer learned when they were fined more than $3.42 million for safety violations.

Environmental Impact

The Environmental Protection Agency, the federal office that oversees the host of legal rules and regulations relating to your organization’s environmental impact, categorizes these types of risks into two key focuses: human health and ecological impact.

Data Management

Depending on the types of information your business works with, your organization may need to comply with several regulations related to how this data is stored and transmitted as well as who is allowed to access it. The most common records associated with government oversight include:


A product or service that fails to meet set industry or legal quality standards — such as those managed by the Consumer Product Safety Commission — can face significant financial penalties or a complete recall of their offering. Just this past month, Britax Child Safety Inc. was forced to recall over 700,000 baby strollers for safety concerns.


Similar to quality risks, process risks relate to a failure of existing operations, leading your business to fall short of its responsibilities to customers, partners, vendors, or investors. These issues might take the form of an accounting error that violates existing service contracts or a break-down in accounts payable operations.

Social Responsibility

While not typically connected to a particular legal requirement, the impact that your business has on its employees and surrounding communities can definitely bear financial risk. Today’s consumers are holding businesses to a higher moral standard, and in the current political climate, boycotts are becoming a common tool for protesters.

Despite your company’s best efforts to stay apolitical — assuming that’s your intention — you still run the risk of establishing a corporate policy that is frowned upon by some and that ends up a story on the nightly news.

How Can You Mitigate These Risks?

More than likely your business already has a compliance program in place, but if it doesn’t, start one. Clearly outline what is appropriate behavior in established guidelines and manuals, and communicate this information to your workforce.

Establish routine, mandatory training programs that can keep your employees abreast of current rules as well as updates to federal and local regulations.