Why is Legal Compliance so important? Well, lets first consider what legal compliance means.

Definition Of Compliance

Compliance means acting in accordance with a request or a command, rule or instruction.

Definition Of Legal Compliance

Compliance can be narrowly defined to mean the process by which an organisation ensures that it observes and complies with the external statutory laws and regulations.

There are institutions that advocate a much broader definition of compliance, such as the Australasian Compliance Institute, who defines compliance as “the process by which organisations identify and meet their strategic obligations whether arising in law, standards, and codes or from stakeholder expectations.”

Therefore it will include:

Compliance with internal policies, procedures, and codes of conduct. In addition to this it can be expanded to include compliance with contractual obligations, permit conditions and trading conditions. The definition of legal compliance, especially in the context of corporate legal departments, has recently been expanded to include understanding and adhering to ethical codes within entire professions, as well.

Regulatory Compliance

Regulatory Compliance describes the goal that corporations or public agencies aspire to in their efforts to ensure that personnel are aware of and take steps to comply with relevant laws and regulations. Legal compliance is therefore the process or procedure to ensure that an organization follows relevant laws, regulations and business rules.

The How Of Legal Compliance

There are a number of requirements for an enterprise to be compliant with the law:

Firstly, it needs to know what external laws apply to it.
Secondly, it needs to know what business rules, codes, policies and non-binding requirements apply to it.
Thirdly, it needs to know how to comply (and to what extent) with these external binding laws, internal binding codes or practices and with the non-binding laws and requirements.
Fourthly, it needs to ensure that its internal procedures and policies are consistent with the law and that its procedures and policies are complete with respect to the law.
Fifthly, it needs to assess its risks in relation to these laws and requirements.
Sixthly, it needs to ensure that adequate controls are in place to minimise or eliminate these risks.

This is done through self-assessments and audits or other measurements.

And lastly it needs to address areas where non-compliance has been identified – which is done through or by the implementation of corrective actions.

Role Players

Now that we understand what legal compliance is, the next question is quite obvious-who is responsible for ensuring that the organization complies with all applicable legal duties and obligations. Said differently, who are the role-players which laws and policies impact on or affect and who is responsible for compliance with these laws?

The King III Approach

In terms of Principle 6 found under the King Code of Corporate Governance (King III) titled, Compliance with laws, regulations, rules and standards, all entities, organisations, and companies alike, must comply with the law and regulations (Acts promulgated by Parliament, subordinate legislation and applicable binding industry requirements such as JSE listings requirements.

Exceptions permitted in law and shortcomings in the law should be handled in a responsible manner. Companies should consider if adherence to applicable non-binding rules and standards achieves good governance, and should adhere to them if that would result in best practice. Companies should disclose the applicable non-binding rules and standards to which they adhere on a voluntary basis. Furthermore, the board and each individual director should be aware of the laws, regulations, rules, and standards applicable to the company

In terms of principle 6, the board has a duty to identify the laws, regulations and non-binding rules and standards applicable to the company. Once this has been done, the board should make sure that processes are in place to ensure that it is timeously informed of relevant laws, rules and standards, including changes, which must form part of all director’s induction, and risk management processes. To this end, the board is responsible for the company’s compliance with laws and regulations and should ensure that the company implements an effective compliance framework and related processes.

This process involves both knowledge and application and to this end Directors should sufficiently familiarise themselves with the content of applicable laws and regulations, as well as those non-binding rules and standards which the company has voluntarily elected to abide by, to ensure that they have a sufficient understanding of the applicable content and effect of such laws, regulations, rules and standards on the company and its business. One of the important responsibilities of the board therefore is to assess the company’s compliance with all laws and regulations, and applicable non-binding rules and standards which the company has decided to abide by.

King III recommends that “compliance with laws and regulations” should be proactively managed and that compliance should be a standing item on the agenda of the board. King III however, does recognize that compliance with all laws is not the sole responsibility of the Board and its directors. The task due to its enormity, may in consequence be delegated to a separate committee or function within the organisational structure, who in turn must delegate the duty to comply downwards to all employees. Within the organisation or operation, no matter how big or small.


Compliance can no longer be viewed in isolation of the rest of the organization as some function off to the side to keep an organization out of jail. Compliance must become part of the overall business strategy of any operations or organization, no matter how big or small. Compliance and related practices should be a non-negotiable and pervasive practice implemented throughout the entire organization AND PERFORMED BY ALL. Ultimately, taking this integrated approach will lead to better overall performance and compliance will become less of a burden on the business.