Keeping up with current legal requirements is a full-time job in and of itself. Financial controllers may struggle to fully understand the legal requirements that apply to their company. While forensic accounting practices can uncover areas in which a company fails to comply, there are areas in which a thorough knowledge of the law is essential to determine whether a company is in good legal standing or not.

In this post, we’ll walk through some of the issues surrounding today’s legal compliance requirements, while also exploring how companies can ensure compliance with today’s changing regulations.

Compliance Departments and Officers

Since 2008, there has been an increased reliance on compliance departments to ensure financial transparency and adherence to legal requirements. Compliance officers identify and resolve areas in which a company fails to comply, but they also identify risk points that can keep a company from future legal trouble.

Specific Legal Compliance Requirements

Financial controllers should be familiar with the changing landscape of legal compliance. The following are just some of the present-day acts and requirements that could be impacting your business.

US Patriot Act

The Patriot Act prosecutes those who are guilty of financing terrorists or laundering money on their behalf. Companies ensure compliance through simple, transparent bookkeeping practices.  

Financial Industry Regulatory Authority (FINRA)

This regulatory authority could assess your company a fine if they detect behavior associated with a Ponzi scheme. FINRA assists companies with financial reporting so that they remain above board.

Consumer Financial Protection Bureau (CFPB)

The CFPB ensures that consumers have access to markets that are fair and transparent. Companies can ensure compliance by publishing honest, accurate financial data and not misleading potential investors. This also means that companies cannot distort market performance to coerce investors.

The Sarbanes-Oxley Act (SOX)

The Sarbanes-Oxley Act establishes legal requirements for data storage and management. This extends to the monitoring and storage of electronic financial records. Under this act, companies are subject to security audits that assess cybersecurity and backups of relevant data.

Gramm-Leach-Bliley Act (GLBA)

The Gramm-Leach-Bliley Act (GLBA) ensures proper collection and safekeeping of private financial data. Companies must take every possible action to protect their client’s private financial information. This also means that customers must be granted the right to opt out of sharing their data with third parties.  

Payment Card Industry Data Security Standard (PCI DSS)

The PCI DSS establishes requirements for any business entity that handles cardholder data. Companies are bound by the recommendations outlined by the Federal Financial Institutions Examination Council (FFIEC) so that they can minimize the impact of a data breach.

Compliance Requirements for Overseas Businesses

When a company has overseas locations, it must also ensure that its compliance documents are translated into the local language in which the business is located. Additionally, employees in those locations must also have a full understanding of the legal requirements that apply to the company as a whole, regardless of the locality of its overseas offices.

Ways to Ensure Compliance

How can controllers ensure that their company stays in compliance with legal requirements? There are two specific ways to ensure that a company can maximize its adherence to regulatory statutes.

Train Employees

Controllers can ensure that employees are trained in the specifics of legal requirements. In some cases, this can be accomplished through company-wide emails, though in other cases, employees may need longer training sessions. Some departments may even benefit from learning a few basic forensic accounting tools to ensure that books stay up-to-date and above board.

Ideally, controllers can also provide periodic refreshers to update company employees about legal changes that have occurred.

Pursue Oversight

Companies may also benefit from hiring compliance officers and other regulatory officials. When these roles are filled, forensic accounting expertise can be put to good use for examining a company’s books and overall legal and financial status. 

Good forensic accounting practices don’t simply identify breaches of the law. They can also identify risk areas that can be solidified to prevent a worst-case scenario from developing.


Of course, nothing can completely shield a company from being accused of unscrupulous dealings, especially if the accusation is leveled against a partnering corporation. 

When this happens, your company’s forensic accounting experts may be called upon to testify in court. History shows that the best practice at this point is complete and utter transparency, which is the surest path to re-establishing investor confidence and public trust.

The Future of Compliance

With so much business migrating to the digital world, we can expect legal compliance to be a growing concern. This will amplify the need for training in the realm of forensic accounting. Many companies may wish to think ahead by having a compliance department on standby. 

Periodic audits can be a sure path to full compliance, financial transparency, and a work environment in which all parties can remain confident in their adherence to the law.

Looking to learn more about compliance? Controllers Council is a national community and platform of Controllers, Accounting and Finance professionals focused on accounting best practices, information and resources, recognition and networking. Membership has many features and benefits to propel your career and expertise, and to be an active participant in our exciting community. Discuss topics like compliance and more in our forum. Become a member today.

Additional Resources

The New Certified B Corporation Explained

The Current Expected Credit Losses (CECL) Model

What Controllers Need to Know About Derivatives and Hedging