Compliance Checker

---
name: Compliance Checker
slug: compliance-checker
description: Check regulatory compliance across finance, tax, employment, data privacy, and industry-specific requirements
category: finance
complexity: complex
version: "1.0.0"
author: "ID8Labs"
triggers:
  - "compliance check"
  - "regulatory compliance"
  - "audit preparation"
  - "compliance requirements"
  - "risk assessment"
  - "policy compliance"
tags:
  - compliance
  - regulatory
  - audit
  - risk-management
  - governance
---

# Compliance Checker

Expert compliance assessment agent that evaluates regulatory compliance across business operations, identifies gaps, and provides remediation guidance. Specializes in financial regulations, tax compliance, employment law, data privacy, and industry-specific requirements.

This skill applies comprehensive compliance frameworks to help organizations identify risks, meet regulatory requirements, and prepare for audits. Perfect for startups scaling up, compliance reviews, and risk assessments.

**Disclaimer:** This skill provides general compliance guidance. Always consult qualified legal and compliance professionals for specific regulatory advice.

## Core Workflows

### Workflow 1: Business Compliance Assessment

**Objective:** Comprehensive compliance review for business operations

**Steps:**
1. **Business Profile Analysis**
   - Entity type (LLC, Corp, etc.)
   - Industry and sector
   - Geographic presence (states, countries)
   - Revenue and employee count
   - Business model (B2B, B2C)
   - Customer base characteristics

2. **Corporate Compliance Checklist**
   - **Entity Formation:**
     - [ ] Articles of incorporation/organization filed
     - [ ] Operating agreement or bylaws in place
     - [ ] EIN obtained from IRS
     - [ ] State registrations current

   - **Corporate Governance:**
     - [ ] Board meetings conducted (if applicable)
     - [ ] Meeting minutes maintained
     - [ ] Annual reports filed
     - [ ] Franchise tax paid
     - [ ] Registered agent current

   - **Foreign Qualification:**
     - [ ] Registered in states where "doing business"
     - [ ] Annual filings current in each state
     - [ ] State tax obligations met

3. **Financial Compliance Checklist**
   - **Tax Compliance:**
     - [ ] Federal income tax returns filed
     - [ ] State income tax returns filed
     - [ ] Sales tax collection and remittance
     - [ ] Payroll tax deposits and filings
     - [ ] 1099s and W-2s issued

   - **Accounting Standards:**
     - [ ] Appropriate accounting method (cash/accrual)
     - [ ] Revenue recognition compliant
     - [ ] Financial statements prepared
     - [ ] Audit requirements met (if applicable)

4. **Employment Compliance Checklist**
   - **Hiring:**
     - [ ] I-9 verification completed
     - [ ] E-Verify (if required)
     - [ ] Background check compliance
     - [ ] Employment agreements in place

   - **Compensation:**
     - [ ] Minimum wage compliance
     - [ ] Overtime pay compliance
     - [ ] Equal pay compliance
     - [ ] Worker classification correct

   - **Workplace:**
     - [ ] Anti-harassment policy
     - [ ] EEO compliance
     - [ ] OSHA requirements (if applicable)
     - [ ] Workers' compensation insurance
     - [ ] State-specific requirements

5. **Data and Privacy Compliance**
   - **Data Protection:**
     - [ ] Privacy policy published
     - [ ] Data collection disclosed
     - [ ] Cookie consent (if applicable)
     - [ ] CCPA compliance (CA)
     - [ ] GDPR compliance (EU)

   - **Data Security:**
     - [ ] Security measures documented
     - [ ] Breach notification procedures
     - [ ] Data retention policies
     - [ ] Vendor due diligence

6. **Compliance Gap Analysis**
   - Identify missing requirements
   - Prioritize by risk level
   - Create remediation timeline
   - Assign ownership

**Deliverable:** Comprehensive compliance assessment with gap analysis

### Workflow 2: Financial Regulations Compliance

**Objective:** Ensure compliance with financial regulatory requirements

**Steps:**
1. **Anti-Money Laundering (AML)**
   - **Bank Secrecy Act Requirements:**
     - [ ] Know Your Customer (KYC) procedures
     - [ ] Customer due diligence (CDD)
     - [ ] Enhanced due diligence (high-risk)
     - [ ] Suspicious Activity Reports (SARs)
     - [ ] Currency Transaction Reports (CTRs)

   - **OFAC Compliance:**
     - [ ] Sanctions screening
     - [ ] Blocked persons list checks
     - [ ] Country restrictions

2. **Payment Processing Compliance**
   - **PCI-DSS (Credit Cards):**
     - [ ] SAQ completed
     - [ ] Security requirements met
     - [ ] Quarterly vulnerability scans
     - [ ] Annual compliance validation

   - **Money Transmitter Licensing:**
     - [ ] State licensing (if applicable)
     - [ ] Federal registration (FinCEN)
     - [ ] Surety bond requirements

3. **Investment Regulations**
   - **Securities Compliance:**
     - [ ] Registration requirements
     - [ ] Exemptions utilized properly
     - [ ] Accredited investor verification
     - [ ] Blue sky compliance (state)

   - **Investment Advisor:**
     - [ ] SEC or state registration
     - [ ] Form ADV requirements
     - [ ] Fiduciary duty compliance

4. **Industry-Specific Financial Regulations**
   - Banking: Federal Reserve, FDIC, OCC
   - Insurance: State insurance commissions
   - Real Estate: RESPA, Fair Housing
   - Mortgage: TILA, RESPA, HMDA

**Deliverable:** Financial regulation compliance checklist

### Workflow 3: Employment Law Compliance

**Objective:** Ensure compliance with employment laws and regulations

**Steps:**
1. **Federal Employment Laws**
   - **Fair Labor Standards Act (FLSA):**
     - [ ] Minimum wage ($7.25 federal)
     - [ ] Overtime (1.5x after 40 hours)
     - [ ] Exempt vs non-exempt classification
     - [ ] Child labor restrictions
     - [ ] Record-keeping requirements

   - **Equal Employment Opportunity:**
     - [ ] Non-discrimination policies
     - [ ] Reasonable accommodations (ADA)
     - [ ] Religious accommodations
     - [ ] Age discrimination (40+)

   - **Family and Medical Leave (FMLA):**
     - [ ] 12 weeks unpaid leave
     - [ ] Eligibility criteria (50+ employees)
     - [ ] Job protection provisions

2. **State Employment Laws**
   - Higher minimum wages
   - Paid sick leave requirements
   - Paid family leave
   - At-will employment modifications
   - Non-compete restrictions
   - Ban-the-box laws
   - Salary history bans

3. **Worker Classification**
   - **Employee vs Contractor Tests:**
     - IRS 20-factor test
     - ABC test (California AB5)
     - Economic reality test

   - **Misclassification Risks:**
     - Back taxes and penalties
     - Benefits claims
     - Workers' comp liability
     - Unemployment insurance

4. **Payroll Compliance**
   - [ ] W-4 forms collected
   - [ ] Federal withholding correct
   - [ ] State withholding correct
   - [ ] FICA taxes withheld
   - [ ] Payroll tax deposits timely
   - [ ] Quarterly 941 filings
   - [ ] Year-end W-2s and W-3s

5. **Workplace Safety**
   - OSHA requirements
   - Safety training
   - Injury reporting
   - Hazard communication

**Deliverable:** Employment compliance audit with remediation plan

### Workflow 4: Data Privacy Compliance

**Objective:** Ensure compliance with data privacy regulations

**Steps:**
1. **Data Inventory**
   - What personal data is collected
   - How data is collected
   - Where data is stored
   - Who has access
   - How long data is retained
   - How data is shared/sold

2. **CCPA/CPRA Compliance (California)**
   - **Applicability Thresholds:**
     - $25M+ annual revenue, OR
     - 100K+ consumers/households, OR
     - 50%+ revenue from selling data

   - **Requirements:**
     - [ ] Privacy policy with required disclosures
     - [ ] "Do Not Sell My Info" link (if selling)
     - [ ] Consumer rights mechanisms
     - [ ] Service provider agreements
     - [ ] Training and record-keeping

3. **GDPR Compliance (EU)**
   - **Applicability:**
     - Processing EU resident data
     - Offering goods/services to EU
     - Monitoring EU individuals

   - **Requirements:**
     - [ ] Lawful basis for processing
     - [ ] Privacy notice requirements
     - [ ] Data subject rights mechanisms
     - [ ] Data Protection Officer (if required)
     - [ ] Data Processing Agreements
     - [ ] Cross-border transfer mechanisms
     - [ ] Breach notification (72 hours)

4. **Industry-Specific Privacy**
   - **HIPAA (Healthcare):**
     - [ ] Privacy Rule compliance
     - [ ] Security Rule compliance
     - [ ] Business Associate Agreements

   - **FERPA (Education):**
     - [ ] Student records protection
     - [ ] Parent/student consent

   - **GLBA (Financial):**
     - [ ] Privacy notice requirements
     - [ ] Safeguards Rule
     - [ ] Pretexting protections

5. **Privacy Program Development**
   - Privacy policy drafting
   - Cookie consent implementation
   - Data subject request handling
   - Vendor assessment process
   - Incident response plan

**Deliverable:** Data privacy compliance assessment with remediation roadmap

### Workflow 5: Audit Preparation

**Objective:** Prepare for external compliance audit

**Steps:**
1. **Audit Scope Definition**
   - Type of audit (financial, compliance, operational)
   - Regulatory basis
   - Time period covered
   - Specific requirements

2. **Documentation Gathering**
   - **Corporate Documents:**
     - Formation documents
     - Governance documents
     - Meeting minutes
     - Ownership records

   - **Financial Documents:**
     - Financial statements
     - Bank statements
     - Tax returns
     - Payroll records

   - **Operational Documents:**
     - Policies and procedures
     - Contracts and agreements
     - Licenses and permits
     - Insurance certificates

3. **Internal Assessment**
   - Self-audit checklist
   - Gap identification
   - Pre-audit remediation
   - Document organization

4. **Control Testing**
   - Review internal controls
   - Test control effectiveness
   - Document control weaknesses
   - Implement improvements

5. **Audit Readiness Checklist**
   - [ ] All documents organized
   - [ ] Key personnel briefed
   - [ ] Questions anticipated
   - [ ] Response team identified
   - [ ] Timeline understood
   - [ ] Workspace prepared

**Deliverable:** Audit preparation package with documentation checklist

## Quick Reference

| Action | Command/Trigger |
|--------|-----------------|
| Business compliance | "Check business compliance" |
| Financial regulations | "Review financial compliance" |
| Employment law | "Check employment compliance" |
| Data privacy | "Assess privacy compliance" |
| Audit prep | "Prepare for compliance audit" |
| Gap analysis | "Identify compliance gaps" |

## Compliance Thresholds

### By Employee Count

| Threshold | Requirements Triggered |
|-----------|------------------------|
| 1+ | I-9, W-2, basic employment law |
| 4+ | EEO-1 reporting (with federal contracts) |
| 11+ | OSHA 300 logs |
| 15+ | Title VII, ADA, GINA |
| 20+ | ADEA, COBRA (state varies) |
| 50+ | FMLA, ACA employer mandate |
| 100+ | EEO-1 reporting, WARN Act |

### By Revenue/Data

| Threshold | Requirements |
|-----------|--------------|
| $25M+ (CA) | CCPA compliance |
| 50K+ contacts | Potential GDPR DPO |
| PII collection | Privacy policy required |
| Payment processing | PCI-DSS |

## Compliance Calendar Template

```markdown
# Annual Compliance Calendar

## Monthly
- Payroll tax deposits
- Sales tax remittance
- Recurring filings

## Quarterly
- [ ] Q1: Quarterly payroll returns (941)
- [ ] Q2: Quarterly payroll returns (941)
- [ ] Q3: Quarterly payroll returns (941)
- [ ] Q4: Quarterly payroll returns (941)
- [ ] Estimated tax payments (if applicable)

## Annual
- [ ] Jan 31: W-2s and 1099s due
- [ ] Mar 15: S-Corp/Partnership returns due
- [ ] Apr 15: C-Corp returns due (calendar year)
- [ ] Annual report filings (varies by state)
- [ ] Franchise tax payments
- [ ] Insurance renewals
- [ ] Contract renewals
- [ ] Policy reviews

## State-Specific
[Add state-specific deadlines]
```

## Best Practices

### Compliance Program
- Designate compliance officer
- Document policies and procedures
- Train employees regularly
- Monitor regulatory changes
- Conduct periodic assessments

### Record Keeping
- Maintain organized files
- Follow retention schedules
- Implement backup systems
- Control access appropriately

### Risk Management
- Identify compliance risks
- Prioritize by impact
- Implement controls
- Monitor effectiveness
- Report to leadership

## Integration with Other Skills

- **Use with `tax-strategist`:** Tax compliance alignment
- **Use with `contract-analyzer`:** Contract compliance review
- **Use with `financial-reporter`:** Regulatory reporting
- **Use with `accounts-reconciler`:** Financial audit support
- **Use with `billing-manager`:** Billing compliance

## Common Pitfalls to Avoid

- **Assuming one-size-fits-all:** State laws vary significantly
- **Ignoring threshold triggers:** Requirements change with growth
- **Delayed compliance:** Proactive is cheaper than reactive
- **Poor documentation:** If it's not documented, it didn't happen
- **Overlooking updates:** Regulations change frequently
- **DIY complex matters:** Know when to get professional help
- **Compliance theater:** Policies must be implemented, not just written
- **Siloed compliance:** Integrate across departments

## Disclaimer

This skill provides general compliance information only. Regulations vary by jurisdiction and change frequently. Always:
- Consult qualified legal counsel for specific situations
- Verify current requirements with regulatory authorities
- Consider your complete business context
- Implement appropriate professional oversight