Regulated businesses in the US aren’t getting into trouble because they don’t care to follow the rules. It’s usually a small slip or an oversight that didn’t get caught. It’s claims that are being made when there’s no legal basis to it; it’s a filing that got missed or was late, or there wasn’t a stringent enough process capable of catching a mistake or adhering completely to regulations.
This is how compliance issues tend to start: it’s not a huge failure or a complete dismissal of the legal requirements of the business; it’s the small things. Here are some tips on how to stay compliant when you operate within a highly regulated market.
Focus on What Actually Applies to You
The biggest mistake you can make is trying to follow everything. Because “everything” won’t apply to you. Only specific parts will. So take your time to match regulations and standards to exactly what you do and what covers your business or sector, as in the US, compliance is based on what you actually do, what you sell, how you market it, and where you operate, as well as where your customers are.
Let’s take product claims. The FTC requires that advertising claims be truthful and backed by evidence. There are clear lines around this and what you can and can’t say around food supplements and medical-related products. If your marketing crosses these lines, you’re not compliant, regardless of any other rules you’re abiding by.
So to strip it back, identify where you need to be compliant, which channels, which activity you need to focus on, then match them to the specific rules for your sector.
Give Compliance a Clean Owner
Compliance will fail really fast when no one is responsible for ensuring it is adhered to. If there’s no responsibility, there’s no way you can confidently say you are working with the rules.
You need one person who tracks deadlines, reviews risk areas, and makes checks that ensure things actually happen as per the letter of the law.
In a more complex space, internal oversight isn’t enough, and working with an alternative substance compliance attorney or similar specialist can give you the correct legal advice or the right interpretation where rules are unclear or are changing, so you don’t accidentally make any mistakes.
It’s not about removing responsibilities; it’s about knowing what your responsibilities are.
Build Checks into Everyday Work
If compliance is only a thing during audits, then you’re already failing here. Compliance needs to sit inside daily operations, and systems and workflows need to be constructed with your industry regulations in mind.
Marketing should never go live without a review, product updates shouldn’t move forward without someone checking labels or claims, and vendor onboarding, for example, should include basic due diligence. Simple checkpoints, but ones that can keep you out of legal hot water.
In the real world, OSHA reporting is an excellent example: a workplace fatality must be reported within 8 hours, and serious injuries within 24 hours. This can only occur if there are already rules in place, responsibility assigned so further actions after the incident are triggered as standard and defined prior to needing to be executed.
