You are on page 1of 3

Hi

to put it in simple terms, Statutory requirements refer to those requirements which are
mandatory by Law (legally compliant) while Regulatory requirements are those which are
imposed by independent agencies or bodies. Usually, these bodies issue Regulatory
Requirements to make the Statutory requirements more explicit, manageable or flexible. As
such, I believe that Statutory requirements take precedence over Regulatory Requirements.

Regards
Ismael Essackjee

https://www.linkedin.com/pulse/statutory-regulatory-requirements-quality-management-
system-s

Not less than thirteen times the term ‘statutory and regulatory requirements’ has been stated
in the ISO/FDIS 9001:2015 QMS Standard including the Introduction and Annex A. This article
is an attempt to understand the meaning of the term, and how organization needs to comply
it.
The term ‘statutory and regulatory requirements’ can be expressed legal requirements; as
clarified in Note 2 under the clause 1.1 (General) of ISO/FDIS 9001:2015 - QMS Standard.
This term expresses two types of requirements:
(i) Statutory requirements
(ii) Regulatory requirements
Both statutory requirements and regulatory requirements are those requirements that are
required by law. These requirements are non-negotiable and must be complied with. Failure
to comply a legal requirement may result in a fine or penalty and possibly a custodial sentence
for the person or persons responsible or organization for such failure.
“Statutory refers to laws passed by a state and/or central government, while regulatory refers to
a rule issued by a regulatory body appointed by a state and/or central government.”
Statutory requirements are those requirements which are applicable by virtue of law enacted
by the government. These are enacted by passing the law in the legislative assembly or
parliament. A regulatory requirement can be termed as administrative legislation that
constitutes or constraints rights and allocates responsibilities. It is somewhat different from
the statutory legislation and there can be following types of regulations applicable on an
organization:
- Legal restrictions or responsibilities declared by a government authority
- Self regulation by an industry through trade association
A simple example for Educational Institution:

 Educational System developed and passed in parliament of India is a statutory requirement.


 Controls applied by Directorate of Controller of Examinations to institutions are regulatory
requirement.

Another example for automotive industries:


 Companies Act 2013 (amendment bill 2014) and Motor Vehicles Act 1988 (amendment bill
2015) are statutory requirement.
 ARAI (Automotive Research Association of India) is a regulatory body responsible for the car
mileage figure in India.

ISO/FDIS 9001:2015 QMS Standard requires an organization to determine and control the
statutory and regulatory requirements applicable to the organization’s products and services.
It is the responsibility of the organization to demonstrate compliance within its quality
management system. On perusal this ISO/FDIS 9001: 2015 QMS Standard, we find, in the
introduction part of the standard indicates that this standard, can be used by internal and
external parties. So it is imperative for the organization to be aware of the general and specific
statutory and regulatory requirements applicable to the product and services within the scope
of the quality management system.
The term ‘statutory and regulatory requirements’ has been used in 0.1 General of this
standard, which states, ‘The potential benefits to an organization of implementing the quality
management system based on this international standard are i) the ability to consistently
provide products and services that meet the customer and applicable statutory and regulatory
requirements.
In Clause 1 - Scope of the standard, it has been used three times to emphasize the importance
of meeting and conforming to applicable to statutory and regulatory requirements.
Clause 4.2 uses the statutory and regulatory requirements, while understanding the needs
and expectations of the interested parties.
As a demonstration method for Leadership and Commitment by Top Management, statutory
and regulatory requirements are to be determined, understood and met. In Clause 8.2.2 and
8.2.3.1, while determining and review of the requirements related to products and services.
During the determination of design and development inputs in Clause 8.3.3, statutory and
regulatory requirements are addressed.
In Clause 8.4.2, statutory and regulatory requirements need to be considered while applying
type and extent of control on externally provided processes, products and services.
Clause 8.5.5 requires statutory and regulatory requirements to be considered in determining
the extent of post-delivery activities required.
Annex A provides the clarification on statutory and regulatory requirements for
understanding the needs and expectations of interested parties.
Accordingly, the organization should have a methodology in place
1. for determining, maintaining and updating all applicable statutory and regulatory
requirements,
2. for communicating all applicable statutory and regulatory requirements within the
organization.
3. The organization should ensure that determined statutory and regulatory requirements are
utilized as ‘process inputs’.
4. The organization should monitor ‘process outputs’ for compliance with statutory and
regulatory requirements.
In this regard, it is suggested to have a task-force team in place, having legal knowledge. The
team should determine the applicable statutory and regulatory requirements related to the
product and services of the organization. The responsibility of personnel/functions in meeting
these requirements should be determined and implemented. Team members may also study
the best practices prevailing in industries to gain ideas about smooth implementation of such
requirements.
The team should ensure communication of determined statutory and regulatory requirements
to the personnel/functions concerned with a copy to the Top Management.
Top Management should demonstrate the leadership & commitment by ensuring the
compliance to the requirements.
It should be the responsibility of the personnel/functions concerned to meet these determined
requirements. The top management should also review at defined intervals meeting applicable
statutory and regulatory requirements.
The internal audit process can support the compliance and demonstration through assessment
of the ‘statutory and regulatory requirements’. It will be a good idea that the auditor during
the audit preparation phase obtains relevant information from internal as well as external
sources with respect to the applicable statutory and regulatory requirements of products and
services.
Through these methods the quality management system can demonstrate the compliance to
statutory and regulatory requirements of products and services.

You might also like