Getting and maintaining compliance in your small business

During the month of April 2021, we tackled the (boring) topic of compliance. But even thought it may seem boring, it is so critical for the success of your business.

Follow along with the videos we released on our #FinanceFriday to learn more about what we had to say.

PLUS there are 2 promos available in line with this theme!

Week 1: What is Compliance?


Last month we talked about compliance. But hey, compliance-shmiance. Yuk. Comply before you’re shmied!

Compliance is such an important topic for us as small business owners. Setting up non-compliance might feel non-productive but compliance actually increases productivity. 

Follow April 2021’s #FinanceFriday videos for your GPS to navigate your business (and car!) through small business compliance in South Africa. 

What is compliance?

Compliance Acts include:

  • POPI Act
  • Companies Act
  • Business rescue
  • BCEA
  • UIF
  • PAYE
  • Labour relations
  • Skills development

…and there’s a whole lot more.

You may have heard about these acts, but what do they mean for you and your small business? And why does it matter? Sometimes we’re unfamiliar with these acts because we’re unaware of how they impact our businesses. Though we won’t have time to go through all of these this month, we’ll be getting to grips with a few.

Compliance refers to the process of ensuring that businesses operates in accordance with the state laws regulations and legislations of the country that they are operating in, to ensure the legality of business operations. And by operating in accordance with these laws, you are ensuring that you as a business owner are committed to conducting business in a legal manner.

Compliance guarantees the legality of your business which in turn enhances its credibility! Which is particularly important for your stakeholders, such as potential investors, funders and customers. Compliance also highlights the quality of your business. That you’re trustworthy and committed to doing business in the right way.

Non-compliant is often overlooked because we don’t understand the severe financial implications of not being compliant. Affecting your shareholder investors and funders. Compliance really is a non-negotiable business requirement. It can also cause missing out on opportunities for funding or investment or even tendering. Also, alarmingly, a loss of revenue.

We saw the impact within COVID-19 where the Government weren’t willing to pay out funding to businesses that were non-compliant. To be able to capitalize on opportunities that are available to us, we need to make sure that we are fully compliant.

Non-compliant businesses may be responsible for payment of fines, interest and penalties as a result there of. Considering where we are in terms of technology – ignorance is simply not an excuse!

Three main compliance bodies

There are three main bodies that we need to comply with as small businesses.

Companies and Intellectual Properties Commission (CIPS)

You are able to register your business as a company. In exchange for your registration number, you’ll need to submit things like, annual returns, documentation e.g. ID for your directors and any changes to your official information.

Department of Labor (DOL)

As soon as you have employed your first person make sure that you consider the impact of UIF, occupational health and safety and registering with the workman’s compensation fund. Even as you are growing, looking at things like STL becomes really important which is the skills development levy.

South African Revenue Service (SARS)

This is the way that government collects tax from us. As small business owners we must ensure that we’re registered for SARS and that we’re paying the applicable taxes. There are a lot of complications that come with tax so it’s vital to consult with a tax practitioner or a professional accountant to ensure you receive your tax clearance certificate.

Key Takeaways

So, you don’t wait for your car to run out of fuel or for something to break before you do a check-up, right? Your business needs constant compliance care just like you care for your car. We all know how costly vehicle repairs can be, never mind the cost of towing if you were stranded without fuel! So if you won’t do it to your car then why do you do it your business?

  • When was the last time you checked the compliancy of your business?
  • Prevention is better than cure so get systems in place earlier rather than later.
  • Adjust your business to ensure improved ethical and legal compliance.
  • Avoid unexpected audits by regularly assessing your processes and practices internally.
  • Don’t ignore simple steps of compliance because it really can come back and bite you in the bum!
  • Your small business comes with enough risk without having to worry about extra compliance issues.
  • Compliance matures your business for the long-term.

Week 2: Becoming Compliant


Last week we looked at why you need to make sure you’re compliant. And hopefully the message came across loud and clear. Failure to comply with the different acts can severely impact on your profitability (as a result of all the penalties!) and productivity.

Today, we explore some of the main acts that small businesses need to adhere to.

Companies Act

Access the Companies Act here.

As soon as you register as a company on the CIPC, you trigger the need for compliance with the Companies Act. This includes the following, amongst others:

Annual Returns

You need to submit your return annually on the CIPC. There is a fee involved in this.

Formal annual financial statements

Prepare formal annual financial statements which also has a cost associated with it. This helps to ensure support is available at any given time for the CIPC to check.

Maintaining company records

This includes updating information such as your official company address and your shareholders’ and directors’ details. And this must be on a regular basis. Your accounting records must also be maintained in order to provide your annual financial statements.

Solvency requirements

As small business owners, we must ensure we are not trading recklessly, and are operating as a solvent business. This means your assets need to be bigger than your liabilities. So, our assets are everything we own and control including your cash, your buildings, your equipment etc.

There are certain activities in your business that may trigger the need to do both a solvency and liquidity test. The solvency test looks at your total assets being bigger than your total liabilities. Whereas the liquidity looks at cashflow so looking ahead to the next six or twelve months, will you be able to meet your current obligations. 

This includes providing loans to directors. So if you’re lending money from the business, you may find yourself in a situation where you need to give careful consideration to the solvency and liquidity of your business. This is often where businesses go wrong.

Business rescue

The purpose of business rescue is to provide an alternative to liquidation in the event that the business is struggling to meet their financial obligations. It is normally coupled with some sort of restructuring. Whether that’s from a workforce perspective or overhaul on processes to understand how you reached the point of business rescue and exactly what requires changing.

It is important to note that your creditors or other affected parties may apply to court to put your company into business rescue. So, the trigger could come externally as well as internally. During the time that you are under business rescue, management powers are relinquished to the business rescue practitioner. There are a lot of legalities that go along with this process, but the most important part is that there needs to be an actionable plan to turn the business around.

There’s more information about business rescue available here.

Business growth

So, let’s look at the other extreme to business rescue…

Your business is growing. You employ some workers. What happens next? As soon as you are classified as an “employer”, it triggers the following:

  • Register with the Department of Labour. Which means you also need to register for the Workmans Compensation Fund. This is to cover your employees in the event of injury in the workplace. To pay this insurance, you need to submit an annual return based on the employees and their salaries. This has to happen regularly in order to receive your letter of good standing.
  • Pay the UIF (1% your contribution and another 1% by the employee).
  • You may need to Pay as You Earn (PAYE) if your employees are earning more than R7,200 (based on 2022 Tax Year).

Simply complying with the basic conditions of employment act becomes really crucial. To avoid cases with the CCMA, you need to make sure you treat your employees correctly. From leave days, to dealing with poor performance and disciplinary processes, the act is there to protect employees more than employers. This cannot be overlooked!

Watch this space for our upcoming special guest on #FinanceFriday – a professional Labour Consultant who will talk to us about some of these issues.


These are just some of the most crucial acts you need to adhere to. It becomes overwhelming to say the least. Never mind digging into the POPI Act which is what we’ll do next week.

And you can’t say you didn’t know, right? There are so many resources available.

You might even find that you need to keep track of all of these compliance issues. So whether that’s putting together an Excel spreadsheet or building up a PowerBI dashboard, they can all be helpful in moving you forward and keeping track with where you are – and the deadlines coming up! If Excel or PowerBI are your jam, remember we have training opportunities available that will help you build up these and other models in no time.

But, if you’re like me, you’re constantly in a tug of war between time and money: save money by using time to do things yourself. Or make money by investing time in income generation and outsourcing tasks. So hard, right? Well, I’d like to introduce you to some local colleagues who would do a great job at helping you set up your legal compliance. Keep an eye out for our promotion with Chaya Legal for the month of April, as well as the interview we’ll be having with the Founder coming up soon.

Week 3: The POPI Act


Let’s be honest, the last two weeks have been pretty heavy drudgery working through compliance. But today I want to encourage you! In many ways you might find that you are already compliant. So let me know how you fare in today’s checklist where we will be focusing specifically on POPI Act.

The eight principles of POPI

POPI protects personal information by restricting how it can be collected and used by a company, organisation or person, and sets out eight key principles:

1. Accountability

The responsible party (those who process the personal information) must ensure compliancy to all of the Act’s principles and measures.

2. Processing limitation

The processing of information must be lawful which doesn’t invade the privacy of the individual. Personal information can only be processed if the processing is adequate, relevant (and not excessive) and used solely for the original purpose that was communicated.  

3. Purpose specification

Personal information must only be collected for a specific purpose and the individuals must be aware of this. Records mustn’t be kept for longer than necessary to achieve the purpose for which it was collected.

4. Further processing limitation

Any further processing of the information must be compatible with the purpose of collection.              

5. Information quality

The holder of the data must take reasonable steps to ensure that personal information is complete, accurate, not misleading and updated when necessary. Enquire if any information has changed. All the while, taking into account the purpose for which the information was initially collected.

6. Openness

Steps are required to ensure that the data subject is aware of the personal information being collected and the purpose of collection.

7. Security safeguards

The responsible party must secure the personal information under their possessive control. Policies and procedures must be in place to ensure a successful safeguard of the information. Should a security breach occur, the responsible party must notify the subject whose information is compromised.

8. Data subject participation

The data subject can request whether an organisation holds their private information, and what information is held. They may also request the correction or deletion of their information if they find it to be:

  • inaccurate
  • irrelevant
  • excessive
  • out of date
  • incomplete
  • misleading
  • or obtained unlawfully.

Personal information

So, that’s what the POPI Act requests us to comply with, but what counts as personal information?

A definition of personal information is any information relating to an identifiable, living and natural person or juristic person (companies, CC’s etc.).

Personal information includes the following. But be aware, it’s not limited to this only.

  • Contact details: Email, telephone, address etc.
  • Demographic information: Age, gender, race, birth date, ethnicity etc.
  • History: Employment, financial, educational, criminal, medical history
  • Biometric information: Blood type etc.
  • Opinions
  • Private correspondence

Getting your business compliant with the POPI Act

We prepared a compliance checklist specifically for you to unpack the requirements around the POPI Act.

Check out the link to our quiz to access it FOR FREE!


Start building compliance into your products, your services and your processes. As you adopt “privacy by design” everything you do is centred around “how can I protect this information?” and ensure you collect the least amount of information as possible to ensure we are able to make the right decisions.

We want to make compliance easy to achieve. So, it doesn’t have to be a drudgery!

Week 4: Interview with Founder of Chaya Legal


To close out this month’s Compliance focus, we have an interview with Varonique Philander, Founder of Chaya Legal where we explore the practicalities of implementing some of these principles within our small businesses.

Tune in to learn more about the following things we discussed:

  1. What is the purpose of the POPI Act?
  2. Who does the POPI aim to protect?
  3. Who is responsible to comply with POPI / is it only for big organisations?

Plus, to top it off, we used UPvisor as a case study so you’ll glean some really practical examples.


That was a whole lot of information! So to make sure you actually absorbed all this knowledge, complete the Compliance Quiz to get your FREE! compliance checklist!

But that’s not all! We partnered with Chaya Legal to bring you an EPIC DIY Freelance Starter Kit which contains:

  • A freelance service agreement
  • A pricing template
  • PLUS tutorials that tell you how to use them!

Buy your Starter Kit here.