Regulatory Risk: Definition, vs. Compliance Risk, and Examples

By
Adam Hayes
Full Bio

Adam Hayes, Ph.D., CFA, is a financial writer with 15+ years Wall Street experience as a derivatives trader. Besides his extensive derivative trading expertise, Adam is an expert in economics and behavioral finance. Adam received his master's in economics from The New School for Social Research and his Ph.D. from the University of Wisconsin-Madison in sociology. He is a CFA charterholder as well as holding FINRA Series 7, 55 & 63 licenses. He currently researches and teaches economic sociology and the social studies of finance at the Hebrew University in Jerusalem.

Learn about our editorial policies
Updated September 23, 2024
Reviewed by Eric Estevez
Fact checked by
Vikki Velasquez
Vikkie Velasquez Vikkie Velasquez
Fact checked by Vikki Velasquez
Full Bio
Vikki Velasquez is a researcher and writer who has managed, coordinated, and directed various community and nonprofit organizations. She has conducted in-depth research on social and economic issues and has also revised and edited educational materials for the Greater Richmond area.
Learn about our editorial policies
Two stock traders sit in a darken office analyzing price charts displayed on monitors to decide on pricing for future contracts. Two stock traders sit in a darken office analyzing price charts displayed on monitors to decide on pricing for future contracts.

Mongkolchon Akesin / Getty Images

What Is Regulatory Risk?

Regulatory risk is the risk that a change in laws and regulations will materially impact a security, business, sector, or market. A change in laws or regulations made by the government or a regulatory body can increase the costs of operating a business, reduce the attractiveness of an investment, or change the competitive landscape in a given business sector. In extreme cases, such changes can destroy a company's business model.

Key Takeaways

  • Regulatory risk refers to the risk that a change to the laws or regulations will hurt a business or investment by affecting that business, sector, or market.
  • While often necessary for the public good, government regulations can increase the cost of doing business or limit prospects for further growth, cutting into profits and hurting the return on investments.
  • Compliance risk differs from regulatory risk in that compliance risk is the risk that a business violates already established laws or regulations.

Understanding Regulatory Risk

Virtually any business can face significant regulatory risk, given any government's power to compel businesses operating within its borders to follow its laws. Regulatory risks often materialize as a result of anger over public harm caused by a business or business sector.

But even if new laws are never passed, business leaders are obligated to assess and monitor regulatory risks and be prepared to react if they do materialize. This can be time-consuming and expensive because regulatory risk stemming from even one issue can drag on for years.

Examples of Regulatory Risk

One sector facing significant regulatory risk in the area of antitrust enforcement is Big Tech, including Meta (formerly Facebook), Amazon, Google, and Apple. This is largely the result of a growing public backlash over their enormous and still-growing market power and social influence.

Past examples of regulatory risk that materialized include the introduction of the 2002 Sarbanes-Oxley Act, which established more stringent accounting requirements and more severe criminal penalties for violating securities laws. It was passed following public outrage over multiple accounting scandals in the early 2000s, including those of Enron Corporation and WorldCom.

Another type of regulatory risk would be more stringent pollution standards for manufacturers or mileage requirements for automobile makers as a result of public concerns over climate change. In this case, the risk may not derive from wrongdoing by any business, but merely from broader concern over the public good—in this case, the impact of climate change.

Regulatory Risk vs. Compliance Risk

Compliance risk is the risk that a company will have been determined to violate already established laws or regulations. This can have many causes, including inadequate controls, negligence, and human error. Ensuring that a business is capable of maintaining compliance and doing so can be a source of significant expense. As with regulatory risk, managing compliance risk is an essential part of a business's overall risk management.

Managing regulatory risk involves forward-looking strategic thinking, as well as careful monitoring of public opinion and the regulatory process in a business's given sector. Compliance risk, on the other hand, involves knowledge of existing laws and regulations and a more systematic approach to verifying that the company is compliant with all of them.

Is Regulatory Risk Systematic Risk?

Regulatory risk is an unsystematic risk, which is a risk that is company- or industry-specific. As regulations don't necessarily impact the broader market but do impact specific companies, regulatory risk is classified as unsystematic risk.

What Is an Example of Regulatory Risk?

An example of regulatory risk would be the government enacting new environmental laws that impose stricter emissions standards on automobile companies. The change can increase production costs, require investments in research and design and new technology, or limit the sale of current vehicles, which could reduce profits and market competitiveness.

How Do You Reduce Regulatory Risk?

Some ways to reduce regulatory risk include completing a risk evaluation, establishing compliance frameworks and corporate governance, training staff in regulations, monitoring regulatory breaches, being vigilant and up-to-date on regulatory news and changes, implementing continuous regulatory management strategies, using regulatory software, and remaining adaptable to regulatory changes.

The Bottom Line

Regulatory risk is the potential negative impact of changes in laws on businesses or investments, which can increase costs, limit growth, or disrupt business models. Companies need to stay up-to-date and adaptable, anticipating changes that could adversely impact their operations.

Article Sources
Investopedia requires writers to use primary sources to support their work. These include white papers, government data, original reporting, and interviews with industry experts. We also reference original research from other reputable publishers where appropriate. You can learn more about the standards we follow in producing accurate, unbiased content in our editorial policy.

  1. Katila, Riitta and Sruthi Thatchenkery. "The Surprising Consequences of Antitrust Actions Against Big Tech." Harvard Business Review, February 2023.

  2. Crisanto, Juan Carlos and et al. "Big Tech Regulation: What is Going On?" Bank of International Settlements, FSI Insights, no. 36, September 2021, pp. 1-21.

  3. U.S. Congress. "H.R.3763 - Sarbanes-Oxley Act of 2002: Summary."

  4. U.S. Securities and Exchange Commission. "Report of Investigation: Special Investigative Commission of the Board of Directors of WorldCom, Inc."

  5. Texas State Historical Association. "Enron Corporation."