Regulators can take a wide range of approaches to regulation, but broadly speaking, three common approaches prevail – rules-based (prescriptive), goals-based, and management-based regulation. While rules-based regulation is generally considered the traditional approach, as governments have sought ways to craft better and smarter regulations in recent decades, alternative approaches have become more widely used.

In this article, we’ll break down these three common approaches and take a look at their benefits and challenges.

Rules-based regulation: an inflexible approach that creates certainty and predictability

A rules-based regulatory approach sets out specific standards, requirements, actions, or processes that regulated parties must follow. Few (if any) exceptions to these rules are given, and regulated parties know exactly what they need to do (or not do) to achieve compliance, leaving little room for interpretation.

A classic example of rules-based regulation is speed limits for roads and highways. In order to achieve the objective of safer roads, drivers are told that they can’t drive faster than the prescribed limit; the rule applies to everyone and is meant to be enforced without exceptions. Another example is a Canadian Food Inspection Agency regulatory requirement that states: “Where a low temperature is required for the preservation of a meat product, the temperature in a room or area in which that meat product is processed, packaged, labelled or handled must not exceed 10 degrees Celsius.”

The primary advantage of rules-based regulation is that it sets clear expectations, which creates a sense of certainty for stakeholders and makes compliance (and enforcement) more straightforward. However, its inflexibility can also stifle innovation, as regulated entities are prevented from pursuing better or cheaper ways to achieve the same outcomes. It can also lead to a ‘box-ticking’ mentality among regulated entities, who can be incentivized to seek out loopholes whereby they are technically complying with the requirements but are acting in ways that undermine the spirit of the regulatory objective. This, in turn, can spur more and more regulations that create an increasingly complicated regulatory environment.

Goals-based regulation: a flexible approach that encourages innovation

In contrast to rules-based regulation, a goals-based regulatory approach sets high-level desired goals for the desired outcome(s) without specifying the means of achieving compliance. We’re using “goals-based” as a catch-all term encompassing a group of approaches that are similar alternatives to rules-based regulation, namely principles-based regulation, standards-based regulation, outcomes-based regulation, and performance-based regulation.

Sticking with the example of driving, while we tend to think of speed limits as ubiquitous (in North America, at least), there is precedence in the U.S. for taking a goals-based approach to driving regulations limiting speed. In 1995, Montana replaced its daytime speed limit with a law that limited speed to whatever is “reasonable and proper” – leaving it up to police officers enforcing the law to judge what speed constituted a violation. The law was later struck down as too vague by the Montana Supreme Court and the state reimposed numerical speed limits in 1999.

In the food safety sector, another example of goals-based regulation is a Canadian Food Inspection Agency regulatory requirement that states: “The temperature and humidity in a facility where a food is manufactured, prepared, stored, packaged, and labelled must be maintained at levels that are appropriate for the food and the activity being conducted.” In this example, regulated entities are supposed to use their judgment on what is appropriate.

The main benefit of the goals-based regulatory approach is its flexibility, which allows regulated entities to experiment and develop innovative technologies and processes. Because it’s highly adaptive, taking a goals-based approach can be advantageous in sectors that change rapidly, such as financial services. It can also discourage checklist-style compliance as it requires regulated entities to act in accordance with the spirit of the regulatory objectives. However, the vagueness of goals-based regulatory requirements can create uncertainty for regulated entities, and the costs of compliance and enforcement can potentially be higher. Also, in practice, it can be difficult to identify and accurately measure the achievement of some regulatory outcomes, which in turn makes determining if regulated parties are complying with them challenging.

Management-based regulation: using planning and analysis to address root problems

Unlike a rules-based approach, which centers on the means of achieving outcomes, and a goals-based approach, which concentrates on the end goals, management-based regulation focuses on the process. Management-based regulation requires regulated entities to engage in a planning and analysis process to develop their own set of internal rules and initiatives that address the underlying problem motivating the regulation. Following the ‘Plan-Do-Check-Act’ cycle, regulated entities continuously review, measure, and improve their processes to ensure they are in compliance.

One example of management-based regulation, again in the food safety sector, is the Hazard Analysis and Critical Control Point (HACCP) system, which has been implemented in the U.S. and elsewhere to control pathogen contamination in the food supply. HACCP requires food processors to use a flow chart to evaluate their production process, identify possible sources of contamination, and evaluate and implement alternatives for reducing contamination risk.

Other examples of a management-based approach can be found in the regulation of toxic chemicals. Massachusetts implemented the Toxics Use Reduction Act (TURA) Program, which requires facilities that use large amounts of toxic chemicals to report on their chemical use, and conduct toxics use reduction planning every two years. Thirteen other states adopted similar pollution prevention programs.

A key strength of the management-based approach to regulation is that it addresses problems that directly stem from poor management and lack of planning, which can reduce the risk of low probability but high consequence events occurring. However, it can be difficult to enforce compared to rules-based and goals-based approaches, which may lead to lower levels of compliance. If enforcement is weak, regulated entities can be incentivized to engage with the process on a surface level and only address the “low-hanging fruit” instead of rooting out hidden hazards. Researchers have also noted that management-based regulation can be overly burdensome on small businesses.

In practice, regulators use a hybrid approach depending on context

Although it’s useful to understand these common approaches to regulation in theory, researchers emphasize that they are rarely applied purely in practice. Instead, governments and regulators usually adopt a hybrid approach that combines elements of rules-based, goals-based and/or management-based regulation. When deciding on an approach, regulators consider a range of contextual factors, including: the costs involved, the resources available, the simplicity/complexity of the environment, the nature of the risks and potential for harm, and the characteristics and attitudes of the regulated community.