Compliance and safety have always been tremendously important for cannabis companies, and the disruption that COVID-19 has brought to the industry has just increased this importance. We have assembled 10 key compliance and safety questions that every cannabis company should be asking themselves.
You need to understand which state and local agencies you must work with to be compliant. Listed below, for example, are the ones for California. Each state will have its own agencies with specific regulations.
In addition to state agencies, you will also need to understand your local agencies' requirements and gain their approval.
The general framework for the regulation of commercial medicinal and adult-use cannabis in California was put in place under the Medicinal and Adult-Use Cannabis Regulation and Safety Act (MAUCRSA), which was mandated upon the passage of Prop. 64 by voters in 2016 .
These vary by state and by other factors such as customer base (adult-use recreation vs. medicinal) and size/type of operations (cultivator, manufacturer, distributor, retailer ). For proper compliance and safety of your cannabis business, ensure you understand the required licenses.
In California, for example, all state-issued annual and provisional licensees are required to use the CCTT–METRC system to record, track and maintain information about their cannabis and cannabis-product inventories and activities, according to the regulations of their respective licensing authority (the Bureau of Cannabis Control, the California Department of Food and Agriculture, or the California Department of Public Health).
Standard operating procedures (SOPs), operational flowcharts and formalized company policies should be drafted and periodically reviewed for necessary updates. These documents:
In California, even if you do not make taxable sales of cannabis, you are still required to file a return indicating your total sales with your claimed non-taxable or exempt sales during that particular reporting period. Check with your state tax authority to find the specific rules you need to follow.
Know what the rules are in your state. For example, California requires licensees to keep and maintain records for at least seven years from the date the document was created. Records should be kept in a manner that allows you to provide them at the licensed premises or deliver them to the state department(s), upon request.
The cannabis industry is notoriously dependent on cash. Banking services are often unavailable or overly burdensome, which means a robust cash management plan is a must. Such a plan needs to include policies and internal controls surrounding physical security (during storage and transport), accurate accounting and reporting and liquidity management.
Employers should ensure their onboarding process and safety standards meet any mandatory federal, state or local guidelines. This includes collecting mandatory new hire information such as I-9 Authorization to Work forms and tax withholding information. Additional guidelines may require a process for LiveScan (fingerprinting), background checks, etc. As requirements in the industry may vary by state, you should research each work location to ensure you identify all compliance mandates.
Insurance requirements for cannabis-related businesses will vary from state to state. It is important to thoroughly review the regulations in each area in which you do business to ensure that you've obtained all required insurance. As an example, California requires cannabis businesses to have a minimum commercial general liability insurance policy of $2 million, with insurance of up to $1 million for each loss, when submitting a cannabis license application. The state also requires a $5,000 surety bond that should be addressed to the state of California.
Armanino's services are tailored to the needs of growers, manufacturers, distributors, dispensaries and other cannabis and hemp-related businesses. Contact us to learn more about how we can provide core accounting services and help your cannabis organization maximize operational efficiencies, automate key systems and maintain regulatory compliance.
