What is Compliance Clause?

A compliance clause is broader than an anti-corruption clause. Where the anti-corruption clause targets bribery and kickbacks, the compliance clause covers the full spectrum of legal obligations. That includes employment law (minimum wage, working conditions, illegal employment), environmental law (waste disposal, emission standards, REACH regulation), privacy law (GDPR, data breach notification), sanctions law (EU sanctions lists, export controls), and tax obligations (correct payment of VAT and payroll tax).

The reason for such a broad clause is supply chain liability. If your supplier uses illegal workers on a construction project worth EUR 350,000, you as the client can be held jointly liable. If your IT supplier leaks your customers' personal data through negligence, you as the data controller are liable under the GDPR. The compliance clause shifts responsibility back to the party that committed the violation.

In practice, a well-drafted compliance clause contains the following elements. A general obligation to comply with all applicable laws and regulations. A specific listing of the key regulations relevant to the contract (GDPR, health and safety law, immigration law, environmental law). An obligation to comply with the client's own compliance policy and to flow down that policy to subcontractors. A duty to report (suspected) violations. An audit right allowing the client to verify compliance. The right to terminate immediately upon breach, without compensation to the supplier. And an indemnity for all damages, fines, and claims arising from the supplier's violations.

In healthcare, compliance is particularly complex due to the intersection of privacy law (GDPR), sector-specific legislation (healthcare quality law), and standards (NEN 7510 for information security in healthcare, ISO 27001). A supplier delivering medical software for EUR 90,000 must comply not only with the GDPR but also meet NEN 7510 requirements and quality standards set by health inspectorates.

In the construction sector, compliance often focuses on immigration law, workplace safety (VCA certification), and environmental regulations. A main contractor engaging a subcontractor for a EUR 200,000 project is jointly responsible if that subcontractor violates employment law.

Compliance violations in your supply chain directly affect your own organisation. Fines, reputational damage, and exclusion from tenders are real risks. Loio (2026) reports that 71 percent of contracts are never monitored for compliance after signing. That means compliance obligations exist in contracts but are rarely monitored in practice.

For SMBs working with subcontractors or suppliers in heavily regulated sectors, a compliance clause is not a legal formality but an operational necessity. It is the contractual foundation for taking action when a supplier violates the rules.