The Eight Types of Compliance Risk

What is Compliance Risk?

A business is considered a compliance risk when it fails to meet regulatory compliance regulations. Failure to comply with the standards can have a detrimental impact on a business such as fines or other loss. When it comes to compliance risk, knowing how to avoid it is optimum.

How to manage compliance risk
It's important for any business to have a thorough assessment of their risk exposure. This means adhering to the federal, state, and international regulations and laws that are applicable. It also means having an internal standard of conduct that is followed.

Managing risk can start with referencing relevant guidelines from federal or state laws. From them determine the applicability of each unit and begin a process to analyze risk in these areas.

Categorizing Compliance Risks
To gather a better understanding of risk exposure, a risk assessment is established for most organizations. Some parts of the process include-

• Legal Impact- Any regulations or laws which could result in penalties, fines, product seizure or even imprisonment when companies don't comply.
• Financial Impact- When an outcome negatively impacts the profits and future earning potential of a business.
• Reputational Impact- When a brand image is damaged in the eye of the consumer. This decreased confidence in the company or product can result in loss of sales revenue.
• Business Impact- Factors that can upend a business and cause operations to stall such as an employee strike or a shutdown.

Eight Restaurant Compliance Risks

Most restaurants should be aware of compliance risks and how to lessen failure to comply. Each year, rules and regulations change so it's important to keep abreast of all guidelines or risk future penalties.

1. Corruption
Corruption is a major compliance risk and one that should be looked out for. Enacted by The Foreign Corrupt Practices Act (FCPA) this set of regulations prohibits any United States citizen or company to bribe a foreign official or political agent. Third-party corruption activities will also directly affect a company regardless of the level of involvement.

2. Employee Behavior
Workplace harassment and discrimination guidelines are essential to every business, including restaurants. Even with standards in place, sometimes problems can arise. If an employee's behavior is unsavory it should be handled actionably.

In 2015 alone, the United States Equal Employment Opportunity Commission (EEOC) had over $525 million collected specifically for victims of workplace discrimination. An estimated $125.5 million of settlement cases were for harassment alone.

3. Workplace Health and Safety
The health and safety of employees in the workplace are taken very seriously, as is evident by the Occupational Safety and Health Administration (OSHA).

Each worker in the United States is covered by OSHA which enforces the safety compliance standards consistently. There were over 65,000 health and safety violations in 2015 alone. If a company fails to be compliant with these guidelines, it can cost millions in fines.

4. Environmental Impact
Legal rules and regulations obtaining to a restaurant's environmental impact are set forth by the Environmental Protection Agency. This federal office oversees categories like human health and ecological impact.

5. Data Management
The way data is stored can be an extreme compliance risk. Depending on the type of information being kept within a restaurant database, different regulations need to be followed. This includes how it is transmitted and who has access to it. An example would be obtaining a customer's personal email address or phone number for sending special offers.

Other common records associated with data management include-
Financial documents
Medical information
Credit card data
Student records

6. Quality
If a product or service doesn't meet industry standards from a legal standpoint, penalties are involved. For a restaurant, this can include the quality of the food. Any recalls within the supply chain need to be addressed immediately for safety concerns.

7. Process
Process risks are similar to quality risks, in that they relate to the business processes and how they can fall short. Accounting errors, contract breakdowns, and other issues that aren't handled responsibly can damage relationships with vendors or investors.

8. Social Responsibility
Consumers of today are expectant of more socially responsible companies. While not a legal requirement, a certain majority of consumers can start a firestorm of speculation over the smallest faux pas.


It's important then, to stay non-partisan in the current political climate or risk alienating some customers. Protests and boycotts can cause a surprisingly high financial impact.

Summing Up Managing Compliance Risk

• Changing a company's view on compliance risk will take time.
• Compliance risk programs don't just identify the areas of risk exposure, but also actively monitor and review risk.