Regulatory Compliance 101: The Basics

Rules, Regulations and Requirements, Oh My!!

Regulatory compliance can be defined as the adherence to laws, regulations, and guidelines created by the US government and regulatory bodies applicable to an organization based on the industry and jurisdiction in which it operates.  Thank you Merriam Webster.  🙂

As a business grows and expands, the regulations it is subjected to also increase in scale and volume, often becoming complex due to overlapping jurisdictions of multiple authorities.  This requires an organization to implement the right measures, policies, and processes to ensure compliance but first, the business needs to know what all of these rules are and in some cases, even where to find them.  If you think about it, many cities have their own laws, then the counties have laws on top of that, then the States and then the US.   The benefits space is no different, you often have local regulations, then State Dept of Insurance, then a myriad of Federal bodies such as the Dept of Labor, the IRS, Health and Human Services, etc.  All of these unfortunately have their hands in the benefits space.  That’s a lot of layers AND a lot of rules.  

Let’s go over some of the most common compliance requirements we see here in the benefits space and the issues we run into most often.

Regulatory Compliances in the US

In the US, countless laws and regulations are in place to protect just about every area of business  imaginable.  Most of these rules and regulations were put into place with good intention, but in many cases can cause confusion and sometimes added costs for a company when being forced to maintain the government standards.  

Compliance laws in regulated industries are intended to help protect consumers from any harmful consequences of bad actors in a particular business or industry and most often come about from a situation where someone was harmed or taken advantage of with the result being a new rule stating that people can’t do that to other people any longer.  

Major regulatory agencies in the US include:

    • The Federal Trade Commission (FTC): An independent agency that enforces antitrust laws which are non-criminal for establishing a competitive market and protecting consumers from deceitful business practices.  
    • The Occupational Health & Safety Administration (OSHA): This body regulates working conditions by preparing and enforcing standards to provide a safe and healthy workplace.  
    • The Food and Drug Administration (FDA): The FDA regulates companies that are involved in manufacturing food products, cosmetic products, and drugs. Its regulatory powers also extend to the manufacturers of medical devices.  
    • National Institute of Standards and Technology (NIST): It is a non-regulatory agency that develops standards and guidelines to help meet specific regulatory compliance requirements such as IT and data security.
  • Internal Revenue Service (IRS):  The IRS mission is to provide America’s taxpayers top quality service by helping them understand and meet their tax responsibilities and to enforce the law with integrity and fairness to all.
  • Department of Labor (DOL)The DOL’s mission is to foster, promote, and develop the welfare of the wage earners, job seekers, and retirees of the United States; improve working conditions; advance opportunities for profitable employment; and assure work-related benefits and rights.

Regulatory Compliance in the Employee Benefits Space

Creating, following and ensuring regulatory compliance is essential for protecting customers, employees, and assets by ensuring adherence to applicable laws, regulations, and industry standards. Furthermore, it helps organizations avoid the costly penalties, fines, back taxes and reputational damage that can occur when an organization fails to comply with the law.

The most common mis-steps we see regularly in this space are as follows:

Lack of ERISA Plan Documents – Many businesses start benefit programs by purchasing insurance programs and going down that both, but never actually create their ERISA Plan Documents.  Think of these as your benefits formation documents.  Just like you had to create your business by establishing it as an entity on paper, your benefits program needs the same.  ERISA sometimes referred to as Wrap Docs, do this for your benefits package.

COBRA Rules / Regulations being ignored – COBRA (The Consolidated Omnibous Budget Reconciliation Act) (now you know why they call it COBRA) requires companies who have 20 or more employees to provide notice and make available for up to 18 months once someone leaves the company health, dental, vision and FSA / HRA programs.  There are very specific timeframes and requirements, such as proof of mailing, that are required in this space and then if someone does elect to continue COBRA coverage, there’s a monthly billing aspect to the administration for COBRA as well.  Many companies either don’t understand the rules or just ignore them all together.

Outdated or No Section 125 Documents Established – One of the biggest reasons employee benefits became so popular back in the mid-1900’s and never looked back was because of the preferred tax treatment of benefit costs.  Not only do company’s get to treat benefit costs as expenses, but several types of premiums that can be deducted through payroll for employees (think health, dental, vision, HSA, FSA, etc.) can be deducted on a pre-tax basis.  But guess what, the ability to do this, the government considers a benefit, and I get it, because it is, that’s a huge benefit for all involved.  What most don’t realize is that this is an official type of benefits program established but you guessed it, Section 125 of the IRS Code SO you have to also create this benefits program in writing.  Nothing too fancy and there’s tons of resources to be able to help out with this type of thing, we have our preferred options of course, but the failure to set up and maintain this type of benefit can be bad news.  If you’re audited and found to be non-compliant, that could mean back taxes, adjusting employees taxes and tax returns from prior years and even penalties if the auditor found that the company was willingly and knowingly negligent.  Best prevention here, do the documents.

And last but not least, distributing required notices.  It seems like the list of required notices in this space gets longer and longer all the time and for good reason, it does.  Be sure you are checking to see what required notices your benefits providers are helping with and which ones you need to take ownership of.  Normally the health insurance providers will include most of the mandated notices in their materials, but as an employer you still have to make sure they are getting shared with the staff.  You also want to be sure you are sharing things like Summaries of Benefits and Coverages (SBC’s), Initial Rights Notices, FullTime Exchange Notices, etc. that the health insurance provider may not be sending.   This is normally a quick, once a year look under the hood, but this is something you want to stay on top of.

A good HR Consultant, HR Library or even CPA or payroll company can often be a great resource in these areas, of course, in addition to your broker partner that you are working with.  

In summary, regulatory compliance boosts both employees and customers’ confidence by creating a healthy atmosphere and ensuring that everything is following the letter of the law.  This ultimately is another layer of due diligence and risk mitigation for your company and helps protect the business owner, the executive team and the business’ assets.   It’s also just good business.  

In addition to our personal services, we also pay for an HR platform complete with HR Consultants for all of our business partners at no cost to our partners.  We eat the cost on that.

The best way of ensuring compliance in your business is by working with a dedicated employee benefits consulting partner such as Holloway Benefit Concepts that understands you, your business and the unique challenges you face in your industry.  We strive in delivering the best services, being a true, human point of contact for you and your staff, providing due diligence on your programs year after year and simply being there for you and your employees when you need it, regardless of the reason, even when it comes to compliance.  

At HBC, we work with businesses of all sizes and customize, tailored, right-fit programs for each and every business we partner with.  No two programs are alike.  Contact us today to learn how we can help you.

Contact Us.Request A Quote


4325 Elm St Suite 200 Dallas TX 75226