regulatory-compliance

star 9

Multi-sector regulatory compliance skill for industry-specific regulations. Use when the user needs assistance with regulatory frameworks, compliance programs, regulatory investigations, or industry-specific requirements across sectors. Triggers on keywords like "regulatory", "compliance program", "regulated industry", "agency", "enforcement", "regulatory investigation", "consent decree", "compliance audit", "regulatory risk".

judicialmind By judicialmind schedule Updated 3/20/2026
play_arrow Run Skill in Manus View GitHub

name: regulatory-compliance description: Multi-sector regulatory compliance skill for industry-specific regulations. Use when the user needs assistance with regulatory frameworks, compliance programs, regulatory investigations, or industry-specific requirements across sectors. Triggers on keywords like "regulatory", "compliance program", "regulated industry", "agency", "enforcement", "regulatory investigation", "consent decree", "compliance audit", "regulatory risk".

Regulatory Compliance

This skill provides expert guidance for navigating regulatory frameworks across multiple industries and jurisdictions.

Core Capabilities

1. Compliance Programs

  • Program design
  • Policy development
  • Risk assessment
  • Monitoring and testing

2. Regulatory Strategy

  • Agency engagement
  • Comment letters
  • Rulemaking participation
  • Regulatory advocacy

3. Investigations

  • Investigation response
  • Self-disclosure
  • Settlement negotiation
  • Remediation

4. Industry-Specific

  • Financial services
  • Healthcare
  • Energy
  • Technology

Compliance Program Framework

Essential Elements (DOJ/SEC Framework)

EFFECTIVE COMPLIANCE PROGRAM ELEMENTS

1. COMMITMENT FROM SENIOR MANAGEMENT
   - Tone at the top
   - Resource allocation
   - Accountability

2. AUTONOMY AND RESOURCES
   - Chief Compliance Officer
   - Reporting structure
   - Budget and staff

3. POLICIES AND PROCEDURES
   - Clear standards
   - Tailored guidance
   - Regular updates

4. RISK ASSESSMENT
   - Enterprise risk assessment
   - Control environment review
   - Third-party risk

5. TRAINING AND COMMUNICATION
   - Role-based training
   - Annual certifications
   - Ongoing awareness

6. REPORTING MECHANISMS
   - Hotline/helpline
   - Non-retaliation
   - Investigation protocol

7. INCENTIVES AND DISCIPLINE
   - Compliance in performance
   - Consistent enforcement
   - Documented actions

8. CONTINUOUS IMPROVEMENT
   - Testing and monitoring
   - Remediation
   - Lessons learned

9. THIRD-PARTY MANAGEMENT
   - Due diligence
   - Contract requirements
   - Monitoring

10. M&A DUE DILIGENCE
    - Pre-acquisition review
    - Integration planning
    - Post-acquisition remediation

Risk Assessment Process

┌─────────────────────────────────────────────────┐
│  1. IDENTIFY RISKS                               │
│     - Regulatory requirements                    │
│     - Industry-specific risks                    │
│     - Geographic considerations                  │
│     - Business activities                        │
└─────────────────────────────────────────────────┘
                      │
                      ▼
┌─────────────────────────────────────────────────┐
│  2. ASSESS INHERENT RISK                         │
│     - Likelihood of occurrence                   │
│     - Potential impact                           │
│     - Regulatory scrutiny                        │
└─────────────────────────────────────────────────┘
                      │
                      ▼
┌─────────────────────────────────────────────────┐
│  3. EVALUATE CONTROLS                            │
│     - Preventive controls                        │
│     - Detective controls                         │
│     - Control effectiveness                      │
└─────────────────────────────────────────────────┘
                      │
                      ▼
┌─────────────────────────────────────────────────┐
│  4. DETERMINE RESIDUAL RISK                      │
│     - Risk after controls                        │
│     - Risk tolerance                             │
│     - Action required                            │
└─────────────────────────────────────────────────┘
                      │
                      ▼
┌─────────────────────────────────────────────────┐
│  5. PRIORITIZE AND REMEDIATE                     │
│     - High-risk areas first                      │
│     - Resource allocation                        │
│     - Timeline and milestones                    │
└─────────────────────────────────────────────────┘

Financial Services Regulation

US Regulatory Agencies

Agency Jurisdiction
SEC Securities, public companies
FINRA Broker-dealers, self-regulatory
CFTC Commodities, derivatives
Federal Reserve Bank holding companies
OCC National banks
FDIC Deposit insurance, state banks
CFPB Consumer financial products
FinCEN AML/BSA
OFAC Sanctions

Key Financial Regulations

Regulation Focus
Dodd-Frank Systemic risk, derivatives, consumer protection
Bank Secrecy Act AML reporting
Securities Act Securities offerings
Exchange Act Securities trading, reporting
Investment Advisers Act Investment advisor conduct
Gramm-Leach-Bliley Financial privacy
FCPA Foreign bribery

AML Compliance Program

AML PROGRAM REQUIREMENTS

1. POLICIES AND PROCEDURES
   □ Written AML program
   □ Risk assessment
   □ Customer identification (CIP)
   □ Customer due diligence (CDD)
   □ Beneficial ownership

2. COMPLIANCE OFFICER
   □ Designated BSA/AML officer
   □ Authority and independence
   □ Board reporting

3. TRAINING
   □ Initial and ongoing training
   □ Role-specific content
   □ Documentation

4. INDEPENDENT TESTING
   □ Annual audit
   □ Scope and coverage
   □ Remediation tracking

5. MONITORING AND REPORTING
   □ Transaction monitoring
   □ SAR filing
   □ CTR filing
   □ Regulatory reporting

Healthcare Regulation

Key Agencies and Laws

Regulation Agency Focus
HIPAA HHS/OCR Privacy and security
Stark Law CMS Physician self-referral
Anti-Kickback OIG Fraud and abuse
False Claims Act DOJ Government fraud
EMTALA CMS Emergency treatment
FDA Regulations FDA Drugs, devices, food

Healthcare Compliance Program (OIG Guidance)

  1. Written policies and procedures
  2. Compliance officer and committee
  3. Effective training and education
  4. Effective lines of communication
  5. Internal monitoring and auditing
  6. Enforcement and discipline
  7. Prompt response and corrective action

Technology Regulation

Data Privacy Regulations

Regulation Jurisdiction Key Requirements
GDPR EU Consent, rights, breach notification
CCPA/CPRA California Consumer rights, opt-out
VCDPA Virginia Consumer rights, assessments
CPA Colorado Universal opt-out
CTDPA Connecticut Privacy rights

Cybersecurity Requirements

Framework Applicability
NIST Cybersecurity Framework Voluntary, widely adopted
SOC 2 Service organizations
ISO 27001 International standard
PCI DSS Payment card industry
CMMC Defense contractors
NY DFS Cybersecurity Financial services (NY)

AI Regulation (Emerging)

  • EU AI Act
  • FTC unfairness authority
  • Algorithmic accountability
  • Bias and fairness requirements
  • Transparency obligations

Energy Regulation

Key Agencies

Agency Jurisdiction
FERC Interstate energy, wholesale markets
DOE Energy policy, nuclear
NRC Nuclear safety
EPA Environmental (energy-related)
State PUCs Retail energy, local distribution

Energy Compliance Areas

  • Market manipulation (FERC)
  • Environmental permits
  • Safety regulations
  • Transmission access
  • Rate compliance
  • Renewable portfolio standards

Regulatory Investigations

Investigation Response Protocol

1. INITIAL RESPONSE
   □ Preserve documents
   □ Issue litigation hold
   □ Identify key custodians
   □ Engage outside counsel
   □ Assess privilege issues

2. ASSESSMENT
   □ Understand scope
   □ Identify relevant conduct
   □ Assess exposure
   □ Develop strategy

3. DOCUMENT PRODUCTION
   □ Collect and process
   □ Review for privilege
   □ Produce responsively
   □ Track requests

4. WITNESS PREPARATION
   □ Identify witnesses
   □ Prepare for interviews
   □ Coordinate testimony
   □ Protect rights

5. ENGAGEMENT WITH REGULATORS
   □ Establish communication protocol
   □ Cooperate appropriately
   □ Advocate for client
   □ Negotiate resolution

6. REMEDIATION
   □ Address root causes
   □ Implement improvements
   □ Document changes
   □ Monitor effectiveness

Self-Disclosure Considerations

Factor Consideration
Legal requirement Mandatory vs. voluntary
Cooperation credit Agency incentives
Timing Promptness valued
Thoroughness Complete investigation
Remediation Corrective actions
Reputational Public disclosure implications

Settlement Options

Resolution Features
No action Matter closed
Warning letter No formal action
Consent order Agreed resolution
Civil penalty Monetary sanction
Disgorgement Return of profits
Injunction Conduct restrictions
Corporate integrity agreement Healthcare oversight
Deferred prosecution agreement Criminal resolution
Non-prosecution agreement No charges filed

Regulatory Engagement

Comment Letter Best Practices

EFFECTIVE COMMENT LETTERS

1. INTRODUCTION
   - Identify commenter
   - State position clearly
   - Summarize key points

2. LEGAL ANALYSIS
   - Statutory authority
   - Administrative law issues
   - Constitutional concerns

3. PRACTICAL IMPACT
   - Cost-benefit analysis
   - Industry impact
   - Unintended consequences

4. ALTERNATIVE APPROACHES
   - Propose modifications
   - Suggest alternatives
   - Offer to collaborate

5. DATA AND EVIDENCE
   - Support with data
   - Industry examples
   - Academic research

6. COALITION BUILDING
   - Coordinate with others
   - Consistent messaging
   - Demonstrate broad support

Agency Relationships

  • Regular communication channels
  • Trade association engagement
  • Industry working groups
  • Pre-filing consultations
  • Formal guidance requests

Cross-Border Compliance

Multi-Jurisdictional Considerations

Issue Approach
Conflicting requirements Risk-based prioritization
Data localization Infrastructure planning
Extraterritorial reach Comprehensive compliance
Regulatory coordination Harmonized programs

Global Compliance Program

  • Headquarters oversight
  • Local adaptation
  • Consistent standards
  • Cultural sensitivity
  • Language considerations

Integration with Other Skills

  • compliance-tracking: Regulatory monitoring
  • healthcare-law: Healthcare-specific compliance
  • environmental-law: Environmental regulations
  • banking-finance: Financial services compliance
  • tax-law: Tax regulatory compliance

Reference Files

For detailed guidance:

  • references/program-design.md - Compliance program framework
  • references/investigation-playbook.md - Investigation response
  • references/agency-guide.md - Regulatory agency reference
Install via CLI
npx skills add https://github.com/judicialmind/legal-skills --skill regulatory-compliance
Repository Details
star Stars 9
call_split Forks 1
navigation Branch main
article Path SKILL.md
Occupations
Administrative Law Judges Adjudicators And Hearing Officers
More from Creator
judicialmind
judicialmind Explore all skills →