21 Regulations Every Business Should Know

You do a lot to keep your business relevant and important to your customers. And it takes a lot of effort to keep up with the times. Maybe you’re innovating your products and services, or finding the right audience to market to, or any number of other things. But one of the most important parts of keeping your business current isn’t actually about what you produce: it’s about following the business regulations that apply to you.

Of course, to have a business in the first place you need to be compliant with dozens of regulations. We aren’t telling you anything new here. But those laws change all the time and new ones are added often as well. And while you’re doing all of that innovating and growing, there’s a chance you could miss something key for your business.

That’s why we’re making it easy for you. We’ve put together a list of 15 business regulations your business needs to understand and comply with. Compliance is your responsibility, after all, so let’s get into it.

Slow down for a second. What do we mean by, “compliance is your responsibility” exactly?  It’s a bit more than the obvious. 

Of course, you know that you need to make sure your business is compliant with the laws and regulations that govern your business and state. But you should also be aware of how the companies you work with handle their compliance, too. If, for example, you work with a supplier found to use unethical business practices like forced or child labor, it could be your business that pays the price.  Making sure you truly have an end-to-end compliance approach is key.

You know the phrase “you get what you pay for”? The Securities Act is more like “you know what you pay for.” Originally introduced in 1933, the Securities Act protects investors purchasing securities (stocks, bonds, or other business interests) from purchasing from illegitimate businesses. 

What it means for your business: You need to provide information like management details, financial statements and company descriptions to anyone purchasing securities in your company. If an investor loses money because they weren’t properly informed, they have “recovery rights,” meaning you may have to pay them back.

The Securities Exchange Act protects investors looking to buy larger portions of a company. Anyone who’d like to buy more than 5% of a company’s securities needs information to make an informed choice. The securities industry is governed by the SEC, or Securities and Exchange Commission, which was also established in 1934. Overall, the SEC’s role is to protect investors and maintain a fair market. Up to 5 Commissioners are appointed by the President, monitoring more than 28,000 entities in the securities industry.

What it means for your business: Businesses with more than $10 million in assets, whose securities are held by more than 500 owners, need to file periodic reports with the SEC (Securities and Exchange Commission). That way, the information is available and up to date when and if necessary. If that doesn’t apply to your company, don’t ignore this act. Why? Let’s say someone tries to purchase more than 5% of your securities. You’ll still need to disclose company information and future plans to the SEC. 

You may believe that your business wins and loses as a team. It’s a fairly common school of thought. But how does that hold up legally? The Uniform Limited Liability Company Act protects employees when a business is in legal trouble. It states that the only thing employees owe to their companies are loyalty and hard work – meaning they shouldn’t have any financial or personal consequences to deal with.

What it means for your business: This act means that if your business runs into legal trouble, your employees aren’t responsible for it. They won’t be required to pay fines or take any personal responsibility for the actions of the business. (Of course, if they were directly responsible and committing insider fraud, for example, that would be a different story.)

The Fair Labor Standards Act (FLSA) gives employees protected rights around different elements of their jobs. It ranges from things like minimum wage and overtime pay to hours worked and employment standards for safety and child labor.

What it means for your business: To put it simply, the FLSA lays out the rules and your company must follow them. The act protects the rights, health and safety of employees: it’s nothing you should be ignoring or taking lightly. 

It’s an unfortunate reality of extending credit. Sometimes, people just don’t pay when they’re supposed to. We’ve talked a lot about a company’s DBT, or Days Beyond Terms – the number of days late a company pays its bills on average. But sometimes things go even further than that. When you need to take more extreme measures to get a business to pay you back, you may need to look into a debt collection service. The Fair Debt Collection Practices Act is a consumer protection act that governs what debt collectors can do to recoup debt. 

What it means for your business: If you’re using a debt collection service, they’ll need to abide by the Fair Debt Collection Practices Act. That means the need to follow time and place restrictions and give consumers a method for disputing and validating debt information.

Looking up a credit report is probably one of the first things you do when you’re thinking about working with a new customer, right? If that’s the case, you need to be following the Fair Credit Reporting Act. The act protects private information collected by credit bureaus and governs the ways bureaus can collect and share that information.

What it means for your business: If you’re checking a consumer credit report, you need to follow the Fair Credit Reporting Act. Consumers have to consent to their credit report being pulled – you can’t look someone’s personal credit report up without a purpose. 

OFAC, or the Office of Foreign Assets Control, is in charge of enforcing economic and trade sanctions. If a country or entity is on the OFAC Sanctions List, you should steer clear –not doing so could land you with a hefty fine. An OFAC sanctioned entity could be anything from an individual person or business to an entire country. 

What it means for your business: Sanctions are decided based on foreign policy and national security, which means they can change quickly. That’s why KYC checks are so crucial for your business – understanding the vendors and suppliers your business works with will help you avoid working with sanctioned entities.

The OSH Act was introduced to protect employees from harmful working conditions. OSHA, the Occupational Safety and Health Administration, sets out the standards for safe work and it’s up to your company to apply those standards for your employees. 

What it means for your business: Depending on the type of work your employees do, you’ll have different OSHA rules to follow. Your job is to stay up to date on the relevant OSHA standards and make sure they’re being applied for all of your employees consistently. 

It might seem strange that an act from the 1800s is relevant to your modern-day business. But the Sherman Act is a massively important antitrust law that you need to know about. The Sherman Act prohibits monopolies and protects consumers and businesses from types of fraud like price fixing and bid rigging. 

What it means for your business: Violating the Sherman Act can could result in up to $100 million in criminal penalties for corporations and $1 million for individuals – plus up to 10 years in prison. It’s safe to say, staying far away from anti-competitive practices is in your company’s best interest.

While the Sherman Act prohibits specific bad practices, the Clayton Act was enacted to cover the grey areas. For example, mergers and acquisitions are obviously not against the law. But if an acquisition will limit competition too much, it can be blocked via the Clayton Act. 

A recent example of this is publishing company Penguin Random House’s proposed acquisition of Simon & Schuster, another “big five” publishing house. In 2022, the Department of Justice ruled: “The proposed merger would have reduced competition, decreased author compensation, diminished the breadth, depth and diversity of our stories and ideas and ultimately impoverished our democracy.” 

What it means for your business: If your business is growing and you’re thinking about acquiring a competitor, you’ll need to review the Clayton Act to make sure you aren’t creating a monopoly. Companies planning large mergers or acquisitions must also notify the government in advance. It’s worth noting that if a private party is harmed by conduct that violates the Sherman or Clayton Acts, the Clayton Act allows them to sue for triple damages. 

When your business succeeds, you want it to be because you’ve worked hard and offered something that competitors can’t. You don’t want it to be because you’ve bribed your way to the top. And, on the other hand, you don’t want to lose out on business because a competitor is bribing officials to win business. Thankfully, the Foreign Corrupt Practices Act prevents exactly that.

What it means for your business: This one’s pretty clear-cut: the FCPA says it’s illegal for a US person or company to “offer, pay, or promise to pay money or anything of value to any foreign official for the purpose of obtaining or retaining business.” You need to make sure your business – and the businesses you work with – aren't violating this act.

The Clean Air Act is a federal law that regulates air emissions as a way to try and prevent pollution. Regulated by the EPA (or Environmental Protection Agency), the Clean Air Act authorizes the EPA to establish National Ambient Air Quality Standards (NAAQS) to protect public health.

What it means for your business: Your business needs to comply with the standards the Clean Air Act and the EPA have set out for your state and industry. Doing so can mean doing things like acid rain inspections, asbestos removal and monitoring, following the National Emission Standards for Hazardous Air Pollutants (NESHAP) and doing environmental studies like New Source Reviews (NSRs).

Up until this point, all of the regulations we’ve been talking about were created specifically to govern US businesses. General Data Protection Regulation, or GDPR, is a European standard for consumer privacy. While it may not apply directly to all American businesses, any business who sells or markets to the European market needs to be GDPR compliant. In 2019, for example, the US clothing retailer ModCloth was forced to stop all European operations because they weren’t GDPR compliant. 

What it means for your business: If you sell to European customers, you need to be GDPR compliant, period. GDPR fines aren’t something to mess around with – severe violations can result in fines of up to 20 million Euros. 

The TAA regulates the types of products or services your business can trade internationally. It also regulates where those products can come from or go to. Importing items from a non-compliant country comes with regulations to protect the US market. The TAA is wide-reaching, so it’s important that your business understands the rules as they apply to you.

What it means for your business: If you use overseas suppliers, you need to understand where those products have come from and the country’s TAA approval status. At the time of writing, China, India, Indonesia, Iran, Iraq, Malaysia, Pakistan and Russia are all not TAA approved. That means that, if you source materials from any of those countries, you must “substantially transform” them for sale in the US and state the country of origin. 

Otherwise known as the Currency and Foreign Transactions Reporting Act, the Bank Secrecy Act of 1970 built the foundation of anti-money laundering regulations in the US. This act allows the Department of the Treasury to create requirements for financial institutions to help them find and stop money laundering.  

What it means for your business: under the BSA, the Department of the Treasury can impose reporting requirements onto your business. This is especially common if your business is commonly tied to money laundering, like banking and finance.  

This act, which followed on from the BSA, made money laundering a federal crime. That means that law enforcement can seize or freeze money that may be connected to money laundering during investigations. It also makes the penalties for money laundering much stronger: as a felony, people found guilty of money laundering face prison time.

What it means for your business: Besides the fact that you probably don’t want to go to prison, so you probably won’t be directly involved in money laundering, this act still impacts your business. This act imposed new compliance monitoring requirements on financial institutions, which means your business needs a clear audit trail that shows where your cash flow comes from.

You might be wondering why we're talking about drug abuse, but stick with me. When the Anti-Drug Abuse Act of 1988 passed, it introduced new regulations for businesses to try and stop the black-market drug trade. For example, this act expanded the definition of a “financial institution” to mean more than just a bank. Now, it includes things like auto dealers and certain real estate professionals. The goal of this part of the act was to pinpoint drug dealers who launder money through luxury vehicles and real estate.  

What it means for your business: The act requires certain businesses to verify identities when entities make large purchases. The purchases need to be “money instruments,” like loans, money orders and securities. If someone buys a money instrument over $3,000, it’s your business’ responsibility to verify their identity.

This act, which added on to the Bank Secrecy Act of 1970, allowed the Treasury to create minimum AML standards. In an effort to tighten the country’s anti-money laundering protocols, this act added verification and recordkeeping requirements for wire transfers. It also created the Bank Secrecy Act Advisory Group, or BSAAG. Their role is to advise the Treasury on the reporting requirements they should set, helping those requirements stay up to date.

What it means for your business: This act requires financial institutions to report suspicious activities. If your business is considered a financial institution, you’ll need to keep an extra close eye on your customers – and avoid working with shady customers at all costs.

Another addition to the BSA, the Money Laundering Suppression Act of 1994 introduced requirements for MSBs, or Money Services Businesses. These types of businesses include any person or business who does one of the following:

• Currency dealing and exchanging

• Cashing checks

• Issuing traveler’s checks, money orders or stored value

• Selling or redeeming traveler’s checks, money orders or stored value

• Transmitting money

• Doing business in the capacity of the U.S. Postal Service

What it means for your business: if your business is an MSB, this act requires you to register with FinCEN: the Federal Crimes Enforcement Network. You’ll need to maintain a list of businesses that you work with so that, in the event money laundering is discovered, FinCEN will have an easier time pinpointing it.

After the events of 9/11, the USA PATRIOT (or Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism) Act was introduced to add a new focus to anti-money laundering. In the past, anti-money laundering focused mostly on organized crime and drugs – this act added terrorist financing to the list.

What it means for your business: the USA PATRIOT Act strengthened anti-money laundering and due diligence requirements for foreign accounts and new financial institution accounts. AML screening and KYC checks are even more important as a result of this act, so make sure your business always does its due diligence.

This is the most recent AML law, which was introduced to modernize AML laws. As a result, it’s now a federal requirement to identify the beneficial owner of some businesses and legal entities. It also added new laws relating to the cryptocurrency and antiquities industries.  

What it means for your business: with every new addition to AML laws, stronger requirements are introduced. This most recent addition means your business may be required to identify its beneficial owner, for example. The Anti-Money Laundering Act of 2020 also expanded the penalties for BSA violations, which means your business could potentially be in even more trouble if you’re found in violation.