Maintaining business compliance: what SMEs need to know

Published on August 26, 2020 by Jon Curtis
    Employment law · SME
Business compliance what SMEs need to know

What is business compliance and what do SMEs need to know to maintain it? Read on for an overview from myhrtoolkit founder Jon Curtis of what business compliance means and how you can use compliance to protect your business and boost your reputation.

What is business compliance?

Put simply, ‘compliance’ means conforming to a set of internal or external rules or obligations. In business terms, this means complying to those rules, regulations, and obligations as set out in law. It also means ensuring that your workforce is adhering to compliance laws and regulations.

For SMEs, the external rules and regulations that must be adhered to are less extensive than those of larger businesses such as multinational corporations, but this does not make them any less important to follow. The purpose of this blog post is to inform owners and managers of SMEs about what it means for your business to be compliant, why it is important, and some key ways you can make sure that your business is – and remains – compliant. We cannot cover all aspects of business compliance in one article, but will highlight some key areas of compliance and, in a follow up article, three strategies for maintaining compliance.

Why is compliance important for SMEs?


Failure to comply with business regulations can result in your business being charged with hefty fines that damage your bottom line (for example through data protection breaches). Compliance problems can also be damaging for a company’s reputation amongst consumers and employees. Some compliance issues are criminal (such as corporate manslaughter) and some are quasi-criminal (for example, a breach of director’s duties such as wrongful trading while insolvent).

GDPR compliance

As a relatively new and important area of compliance, the GDPR was introduced in 2018. Businesses that fail to comply with the data protection regulations set out in GDPR can be fined a maximum of £18 million or 4% of the company’s annual global turnover, making compliance with GDPR essential if SMEs want to avoid hefty fines. GDPR compliance has become an expected baseline for businesses and detailing how your business is compliant can also help you reassure your customers that you are taking their data security seriously.

Read more: GDPR and HR systems: how to choose GDPR compliant HR software


Health and safety compliance

SMEs can also fail in compliance if they lack a visible and robust health and safety policies and practices. If an employee becomes hurt or injured due to oversight or negligence on behalf of the employer, your business could face criminal charges and be made to pay out significant sums of cash in compensation. In the worst cases of all, directors can face prison for egregious faults. Having the right health & safety measures in place are important for running a business that wants to maintain its reputation and look after its employees.

Properly drafted risk assessments go a long way to helping a business manage its various risks well. Free online resources (such as the HSE’s risk assessment template and examples) give great advice. However, for a business without internal risk management expertise, it may be advisable to contract with external advisors.

In the wake of coronavirus, health and safety compliance measures have never been more important. From increased handwashing to PPE, there are many ways workplaces are stepping up their health and safety measures. Remote working has also brought its own unique health & safety and employment law issues, as explored in a recent webinar with guest speaker, solicitor Toby Pochron.

Human resources and business compliance


There are close links between business compliance and the HR activities the business undertakes regarding staff. Here are some of the key areas of HR that, when done correctly, will help your business maintain compliance:

Contracts of employment

Contracts of employment do not have to be written to exist – as Citizens Advice states, “your agreement to work for your employer and your employer’s agreement to pay you for your work forms a contract”. However, UK law requires a written contract signed by the employer and employee so that there is clear evidence as to what has been agreed.

All employers need to give a new employee/worker at the minimum a “written statement of particulars” (a document listing the main conditions of employment) when they start work and the wider statement within 2 months of their starting the role. In practice, most employers will provide a full written contract at the start of, or prior to, the employment relationship.

In addition to written terms, all good employers will have a properly drafted, modern, company handbook setting out key work policies such as the disciplinary and grievance, equal opportunities, sickness absence rules, and so on.

Working Time Regulations

The Working Time Regulations (1998) dictate a worker’s maximum weekly working hours, holiday entitlement, and other aspects of both a person’s working time and time off. You can find out more about WTR 1998 on the HSE website. It is very important for all employers that they have a decent understanding of the rules on working time as it affects them and their employees.

Pay and payslips

By law, an employer must provide workers with payslips before or on the day they are paid. Payslip law changed in April 2019 to ensure that workers with a variety of working patterns (not just fixed days or hours) receive payslips before or when paid.

Equality laws

The Equality Act (2010) sets out a number of protected characteristics against which it is illegal to discriminate within workplaces and organisations. You can find out more about equality and discrimination in the workplace on the Acas website.

Sickness absence

A fair and consistent approach to recording sickness absences and conducting disciplinary procedures are key to maintaining compliance and protecting your business. You also need to be both consistent and careful in how you apply sickness absence measures for staff. For instance, the Bradford Factor is a useful measurement for sickness absence frequency, but needs to be applied sensitively, especially when it comes to disability-related absences (see our article on the Bradford Factor and disability for more on this).

Family friendly rights

Workers have a number of parental rights (including maternity leave, paternity leave, and shared parental leave; adoption leave; parental bereavement leave) that employers must be aware of and adhere to in order to maintain employment law compliance.

Just as there are many areas of business compliance to consider, there are also many strategies businesses can use to achieve and maintain a high level of compliance across the board. Read our follow up post on 4 essential strategies for business compliance.

Picture of Jon Curtis

Written by Jon Curtis

Jon Curtis is Managing Director at myhrtoolkit and previously an employment solicitor. He co-founded myhrtoolkit in 2005 and become full-time MD in 2018.

Free Data Migration
free data migration
Unlimited Free Support
unlimited free support
3 month MOT
3 month MOT