Risk Assessment
Risk assessment has many meanings. As used here, risk assessment means evaluating, preventing and managing potential legal challenges from various government entities or private actors.
Importance of Regulatory Compliance
Regulatory compliance necessitates adherence to laws, regulations and guidelines established by the government. Violations of regulatory requirements often result in legal punishment for individuals and organizations, including fines and debarment from future government programs and contracts. Therefore, it can be helpful for businesses to have regulatory attorneys who are able to handle various types of legal issues, including:
- Providing legal advice concerning how to get and keep your organization in compliance with various city, state and federal laws, rules and regulations.
- Conducting detailed internal investigations to help organizations determine whether they are following all relevant city, state and federal rules and regulations.
- Creating risk management plans to ensure that organizations get into and remain in compliance with all relevant city, state and federal rules and regulations.
Compliance Risk
Compliance risk refers to the potential damage a business or nonprofit faces when they fail to comply with industry standards, laws, and regulations. There are 5 Common Types of Compliance Risk that companies need to be aware of and manage.
These are:
- Privacy and Data Security Breaches
- One of the greatest challenges that business and nonprofits face is protecting both their employees’ and customers’ private information.
- There are several laws in place that regulate the way in which such information must be handled, including, for example, The Health Insurance Portability and Accountability Act (HIPPA).
- It is critical to have policies and procedures in place to fight against malware, fishing, and hacking and to train on those procedures.
- Corrupt and Illegal Activity
- Another area of compliance risk is Corrupt and illegal activity. This includes fraud, theft, bribery, money laundering, sexual assault and sexual harassment.
- Under certain situations, businesses can be held liable for the conduct of their employees, for example, sexual harassment in the workplace is a form of employment discrimination that violates federal, State and local law in New York. Employers are required to take steps to prevent sexual harassment and, if sexual harassment is reported, to take immediate action to address the situation.
- New York City’s laws provide even greater protection than federal law.
Both New York State and New York City Human Rights Laws explicitly prohibit sexual harassment based on, among other things, an individual’s sex, sexual orientation, and gender identity or expression. Moreover, while federal laws require that harassment be “severe or pervasive,” Both New York State and New York City have eliminated that requirement from their Human Rights Laws.
- Workplace Health and Safety
- All employers have a basic obligation to protect the health and safety of employees in the workplace.
- The rules on workplace safety are enforced by multiple agencies including the Occupational Safety and Health Administration (OSHA).
- In addition to taking steps to ensure worker safety, in some instances there are also reporting requirements when an accident does occur.
- Environmental Impact
- Environmental issues that businesses and nonprofits must contend with include preventing/protecting from mold and asbestos and managing for poor air quality/lack of ventilation.
- Environmental Compliance requires meeting multiple different legal requirements including regulations of the Environmental Protection Agency as well as various laws including the Clean Air Act, the Clean Water Act, the Resource Conservation and Recovery Act among others.
- Failure to abide by these rules can lead to fines of as much $2,500 per violation per day as well as, in extreme cases, potential prison time.
- Process Risks
- Process risk refers to the day-to-day work of your business or nonprofit, that may violate the rules and regulations of your industry. Examples of process risk include, reporting failures, accounting errors and inadequate quality assurance.
What Is Risk Assessment
Risk assessment is the process of identifying issues that could expose a company or nonprofit to legal and or reputational jeopardy and negatively affect an organization’s ability to conduct business. To conduct a proper risk assessment, one must identify, analyze, and control hazards and risks present in a situation or a place. Once a risk assessment is complete, appropriate remedial steps can be taken to mitigate any regulatory risk that is found to exist.
Importance of Using Risk Assessment
Risk assessment is vital to the health of any company or nonprofit. Risk assessment allows an entity to identify legal pitfalls before they occur and at a time when they can still be managed effectively and with a minimum of backlash and penalty.
Conducting Risk Assessment & Management
There are a number of important steps every company and non-profit should take in assessing and managing compliance risk. These include:
- The first step is to identify the various laws, regulations and other rules that govern your company or non-profit.
- The next step is to conduct an internal review to determine if your company or nonprofit is in compliance with these various requirements. Where there are compliance weaknesses (or where your company or nonprofit is out of compliance) immediate steps should be taken to get into compliance and to address the weaknesses.
- Next, your company or nonprofit must create a robust compliance program that puts in place controls to make sure that the board members, employees and other staff are following the various regulatory requirements. This includes not only written guidance to all involved, but regular board member and employee training on the rules they need to follow.
- Finally, there should be regularly scheduled checkups in which you determine if the various laws, regulations and rules have changed and test your own compliance with the controls that have been put in place.
Why Compliance Risk Is a Real Threat
Compliance Failures can lead to serious problems for businesses, including legal, financial, and reputational harm. These can include legal fees & penalties, loss of investors & revenue, and a poor brand reputation. Once this damage sets in, it can be extremely difficult for businesses to recover. Therefore, it is essential to do everything possible to remain in compliance with industry laws, rules, and regulations.
Contact Peters Brovner Today
The attorneys at the law offices of Peters Brovner LLP have many years’ experience working with clients who are the subject of regulatory and compliance enforcement actions. We will evaluate the legal risk, advise on the level of risk and provide a risk management plan to address them. Additionally, we help organizations with compliance management by crafting compliance policies and programs to help ensure that business get and remain in compliance with various City, State and Federal rules and regulations. If you or someone you know needs representation before a regulatory agency or would like help creating a compliance program to help with risk management, please reach out to the lawyers at Peters Brovner LLP for a free consultation and case evaluation.