Last editedMar 20222 min read
If you run a small business, you have to deal with a range of national and international laws that govern the way businesses have to operate. Business compliance, in simple terms, means making sure your business is on the right side of these laws. In the UK, the legislation that covers most aspects of business compliance is the Companies Act 2006.
Why business compliance matters
Business compliance may seem like a burdensome collection of red tape, but the truth is that it offers a framework for ensuring your business is able to act quickly if any criminal behaviour is spotted. For anyone starting a small business, the issue of business compliance can seem daunting, but the fact is that the rules are in place to protect you as a business owner, your business as a whole and the people you employ.
The main areas of business compliance
The issues of business compliance which have to be considered when setting up a company include:
Industry regulations – there may be matters of business compliance around industry specific regulations, such as those set out by the Office of Rail and Road, the Environment Agency or the Financial Conduct Authority.
Finance regulations – this aspect of business compliance covers the rules and regulations set out around issues such as tax, payroll, record-keeping, accounting and dealing with agencies such as Companies House and HMRC.
Workers’ rights and employment law
Health and safety regulations covering employees/visitors to your business
The General Data Protection Regulation (GDPR)
Any licences or permits required to operate within a specific sector
GDPR is an issue of business compliance that has only recently emerged. The regulation was put in place by the EU in 2018 to govern how businesses collect, store and use customers’ personal data. Post-Brexit, the EU GDPR became part of UK law in the form of UK GDPR. Failure to comply with GDPR can lead to a fine of as much as €20 million (£18 million) or 4% of annual global turnover – whichever is greater.
If your business handles personal data compliance with GDPR, you should do the following:
Demonstrate how the data is being used
Show how you are protecting the data
Enable individuals who can access the data to examine and if need be challenge the data processing in place in your business
Legal documentation for business compliance
The legal documentation your business holds should be reviewed and updated regularly in order to ensure business compliance. This includes any contracts, policies, procedures, agreements, forms and letters. In simple terms, your business needs the following documentation:
Employment contracts for all employees
Written procedures for HR, grievance and disciplinary issues
Companies House information
Documents setting out your data protection policies
Tenancy agreements relating to business premises
The details of financial agreements entered into
The contracts which cover goods or services purchased or provided
Record of any business expenses accrued
Tax returns from previous years
Health and safety business compliance
In order to comply with health and safety regulations, your business will need to do the following:
Display posters setting out health and safety regulations
Keep a record of any accidents or similar incidents
Carry out a risk assessment of activities, which will have to be set out in writing if you employ more than five people
Create your own health and safety policy which must be in writing if you employ more than five people