Now that companies worldwide are attempting to revive their business operations, hoping to bring them back to full capacity, most businesses are also clamoring to deal with the constantly changing compliance laws and regulations.
Maintaining compliance is challenging enough, even more so now that the post-pandemic work environment is added to the mix. So, how can you navigate through these newest requirements and regulations, especially with these most recent changes? To help you get started, here is a list of the most common compliance violations and regulatory fines you must avoid this 2022.
Work Arrangement-Related Regulations
Regardless of your company’s preferred work arrangement, you’ll have to face the fact that hybrid work is now here to stay. On top of dealing with extreme changes in your operating models, you also need to consider the compliance functions that go along with it. Remote oversight will become a significant component of risk management this 2022. So, you’ll need to be aware of all the specific workplace standards you must comply with.
Remember, a hybrid work setup or flexible work arrangement could impact several things. This includes tax compliance, reimbursement for work-related expenses, and even prohibitions against discrimination.
Employers could be fined as much as $35 million to $96 million. This is similar to when an employee sued Wells Fargo over alleged unreimbursed business expenses and unpaid overtime during the pandemic.
To avoid facing fines and penalties, verify all local employment state laws where your employees are located. Take note of this even if your company does not operate in those specific locations. State laws vary, particularly in which their employees could reimburse specific expenses, including remote working expenses. In California, you must reimburse “all necessary expenditures or losses incurred by your employee as long as these are directly related to their duties.” This includes anything related to their work, such as mobile and internet services. Due to this, you may need to reimburse expenses previously not included in your company’s expenditures.
With more than 60 percent of the world’s total population online today, people now have access to unlimited resources and risks. And because of the increase in cybercrime activities in 2021, companies are even warier about being a target of cybercriminals in 2022. On top of that, cyberattacks are becoming more sophisticated and innovative, and small businesses also need to start working on protecting themselves from these attacks.
It’s not easy to ensure that your business’ cybersecurity measure is full-proof from various forms of cyberattack, such as phishing, ransomware, malware, and even data breaches. If you’re not careful, you could even end up with a violation for AML and compliance if one of your employees becomes a victim of identity theft or their credentials were stolen.
According to IBM, there has been a two percent increase in phishing attacks between 2019-2020. And based on Cisco’s 2021 Cybersecurity threat trends report, at least one employee became a victim of a phishing attack in approximately 86 percent of the surveyed organizations.
Even though a federal cybersecurity law is not yet set, federal agencies may still propose specific directives. According to the National Conference on State Legislatures, more than 250 bills and resolutions have been proposed to address cybersecurity in 2021.
To avoid the risks of a cyberattack, you should implement an adequate cybersecurity program for your employees and provide cybersecurity training to ensure that you are shrinking your potential cyberattack surface. Developing a cybersecurity policy is vital to safeguard your company’s data, especially your clients’ data. You may also set up cyber liability insurance to limit the financial damage and impact on your business’ reputation.
In addition to potential cybersecurity laws, you must also ensure that your business is PCI compliant, especially if your business is accepting, processing, storing, or transmitting credit card data. Depending on various factors and the severity of your PCI DSS violation, you could receive a fine of a few thousand dollars to hundreds of thousands and even millions.
Due to the pandemic, various legislation and workplace policies related to paid leave were developed. Specifically, COVID-19-related paid leave legislation already began at the federal level and was passed in various forms across many states and local jurisdictions. Although these legislations have expired, there is now an interest in creating more permanent family leave. With the Build Back Better Act, U.S. workers are guaranteed four weeks of paid leave for the following reasons:
- If you and your partner are new parents
- If you are experiencing a serious medical condition
- If you need to care for a loved one who has a serious medical condition
Although, of course, before this provision could take effect, the bill needs to be signed by the U.S. Senate and approved by the president, so you’ll need to watch out for any updates about this legislation. There is also a growing trend, in several states and at the local level, mandating a “paid leave” for any reason.
As an employer, you must also fully implement the stipulations under the Family and Medical Leave Act (FMLA), which requires you to allow eligible employees to take an extended leave of absence from work. This means you must provide your employees with up to 12 weeks of annual unpaid leave of absence. If you do not implement this policy, you may receive fines of up to $100 per day for each violation, on top of the civil liability for lost wages, benefits, and liquidated damages.
Keeping track of all possible requirements according to various laws and regulations could be taxing and complex. However, you should still develop and implement your workplace paid time off policies to ensure compliance with the applicable leave laws in your state while ensuring these policies fit your company’s needs.