Wading Through the Bowls of the Regulatory Alphabet Soup Certifications

By Mark Weintraub

Recycling Industry Regulations

In every business there are a multitude of regulations and regulatory bodies governing many facets of business operations and conduct.  Yet in Electronics Recycling three distinct levels or categories of regulations and regulatory bodies impact us: the regulations governing our business and operations; the regulations governing our supplier’s businesses; and the regulations governing our customer’s businesses.  We can call all of the regulations and regulatory bodies the Alphabet Soup.  Typically we are working with a wide variety of products each requiring unique decision making as it moves through our processes mostly driven by this Alphabet Soup.  Although we process physical objects, which must be handled safely and in an environmentally responsible manner, that only represents one aspect of our work. Data security and the safe handling of electronics is at the foundation of everything we do. Because of this, it is imperative that we adhere to the variety of regulations and regulatory bodies. The rules governing the processes can change significantly depending on the specific industry from which the equipment is received. It is the essence of our job to ensure that we are aware of and following the variety of regulations that comprise the Alphabet Soup in order to remain compliant, mitigate risk, and safeguard client data.

Regulations for Electronics Recyclers

Among many regulations, Electronics Recyclers have to adhere to environmental regulations such as:  CERCLA, RCRA, SREA, EPA[i], along with employment related regulations like: EEOC, ADA, NLRA, FLSA[ii]. These are in addition to all the other regulations both federal and state. At the outset, the Alphabet Soup is thick and difficult to wade through. Every process we develop throughout the chain of custody is governed by our intrinsic demand to uphold our clients’ and suppliers’ data security.

Regulations for Suppliers (Clients)

The Alphabet Soup varies depending on our client’s industry. A great example involves any client associated with Healthcare.  These industry suppliers bring more letters to the Alphabet Soup such as HIPAA; PHI and if medicines or vitamins are concerned FDA Regulations.[iii] Another example involves School Districts and higher education institutions which then adds FERPA.[iv] Likewise, Governments such as Municipalities and States, add additional privacy shield regulations governing how information is handled.  Working with the Federal Government and Federal contractors adds the layer of FAR, and Defense Contractors add the DFAR.[v] Imagine the Alphabet Soup involved with a supplier that is a Public University’s Medical School that does research for the Federal Government on new medical treatments and/or medicines.  Not so far-fetched given the work done researching COVID and developing the COVID vaccines. Banks and Financial institutions including investment firms add a significant number of “letters” to the regulatory Alphabet Soup because of the strict oversight within which they must operate.  Consider the FDIC, FRB, OCC, CFTC, CFPB, TILA, FINRA, SEC, FTC, GLB, Dodd-Frank, Sarbanes-Oxley, among many others and state regulators such as TDSML.[vi] Keep in mind that those are merely a handful of industries. 

In additional to client industry regulations, there are strict state and foreign regulations  governing how to handle data and privacy.  For example, the CCPA, California Consumer Privacy Act of 2018 governs the personal information of any Californian, among other things. Or the new Virginia data privacy and cybersecurity law. Likewise, the European Union requires strict adherence to REACH, the Registration, Evaluation, Authorization and Restriction of Chemicals and the GDPR or General Data Protection Regulation involving, among other things, the personal information of any person from a member country of the EU.

In additional to client industry regulations, there are strict state and foreign regulations  governing how to handle data and privacy. 

Regulations for Customers

In addition to all the electronics recycling industry regulations and the regulations specific toour clients, there is yet a third bowl of Alphabet Soup. Part of the recycling process is resale of usable electronics, components and commodities to customers. Regulation compliance also governs these sales, especially to overseas customers, and must be followed on behalf of suppliers. Several regulations include:  DTSA, FCPA, FACTA, ITAR, ECCN, and CTPAT.[vii]  Most people have never heard of these acronyms, but that does not diminish their critical importance in ensuring environmental health and safety.

Three heaping bowls of thick Alphabet Soup is a lot to digest, but that is our job.  We not only have to protect the information security of our suppliers, we also have to ensure that we are compliant with all of these regulations and regulatory bodies.  That is the essence of our service to clients and customers as we move products through our processes.  We have a full team of legal, compliance and environmental employees to navigate the Alphabet Soup, digest it, and more importantly know what impacts our clients and customers.  We must provide a high level of assurance that once we take possession of a product and move it through our processes, we consider the applicable factors of the Alphabet Soup.  

Mark Weintraub is General Counsel for Reserve Management Group, parent company of Regency Technologies. Mark began his legal career at Thomson Hine before moving into the scrap/recycling industries. He is a business attorney experienced in restructuring, bankruptcy law, creditors’ rights, and commercial litigation. He has written numerous published articles and is a frequent speaker for industry associations and conferences.

[i] CERCLA – Comprehensive Environmental Response, Compensation, and Liability Act of 1980; RCRA – Resource Conservation and Recovery Act; SREA – Superfund Recycling Equity Act; and EPA –Environmental Protection Agency.

[ii] EEOC – Equal Employment Opportunity Act; ADA – Americans with Disabilities Act; NLRA – National Labor Relations Act; and FLSA – Fair Labor Standards Act.

[iii] HIPAA – Health Insurance Portability and Accountability Act; PHI – Protected Health Information; FDA – Food and Drug Administration.

[iv] FERPA – Family Educational Rights and Privacy Act of 1974.

[v] FAR – Federal Acquisition Regulations; DFAR – Defense Federal Acquisition Regulations.

[vi] FDIC- Federal Deposit Insurance Corporation; FRB – Federal Reserve Board; OCC – Office of the Comptroller of the Currency; CFTC – Commodity Futures Trading Commission; CFPB – Consumer Financial Protection Bureau; TILA – The Truth in Lending Act; FINRA – Financial Industry Regulatory Authority; SEC – Securities and Exchange Commission; FTC – Federal Trade Commission; GLB – Graham-Leach Bliley Act of 1999; Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010; Sarbanes-Oxley Act of 2002; and TDSML – Texas Department of Savings and Mortgage Lending.

[vii] DTSA – Defend Trade Secrets Act; FCPA – Foreign Corrupt Practices Act; FACTA – Foreign Account Tax Compliance Act; ITAR – International Traffic in Arms Regulations; ECCN – Export control Classification Number; and CTPAT – Customs Trade Partnership Against Terrorism.