The Uneven Playing Field of Enforcement
Regulated markets in the UK and EU are not policed evenly. There is no magical fairness dial. Regulators are not working their way through every business in alphabetical order with a clipboard. They are under-resourced, overworked, and highly strategic about who they target.
Their goal is impact, not completeness. They hunt the biggest, loudest, most visible, and most vulnerable brands. They look for companies that tick multiple boxes for an easy enforcement win. They want cases that will generate headlines and prove that they are “doing their job” to protect consumers.
Here is the uncomfortable truth. Enforcement is not always about whether you are doing things wrong. It is about whether you are in the firing line. Visibility, plus vulnerability, plus volume, equals risk.
This is where the Enforcement Risk Radar becomes essential. It gives you the same kind of early warning system that regulators are using, but from your side of the fence.
Why You Need Your Own Radar
If enforcement bodies have a mental and digital “watch list” of high-profile targets, you need to know if you are on it. The Enforcement Risk Radar is your way of mapping that reality.
This tool is not about checking your legal compliance. It does not replace technical files, risk assessments, or internal audits. Instead, it calculates how likely you are to attract the attention of enforcement bodies across the UK and EU.
It looks at six factors that drive visibility. Every extra SKU, every extra market, every retail location, every cross-border shipment, and every past enforcement action turns up the brightness of your signal on their radar.
If the Compliance Maturity Arc tells you how strong your systems are, the Enforcement Risk Radar tells you how likely you are to be tested. These two tools together give you a complete picture. The Arc shows your defensive strength. The Radar shows how likely you are to be attacked.
The Six Risk Zones That Make or Break Your Profile
The radar scores each zone from 1 (low risk) to 5 (high risk) based on how visible you are to regulators.
1. Number of Retail Locations
Every store that stocks your product is another place a regulator can find it.
Small independent retailers carry a higher risk because regulators know they often lack dedicated compliance teams. They are quick wins for enforcement officers looking to show results.
Large chain retailers change the nature of the risk. They may perform due diligence before stocking, but you remain visible, and enforcement can shift upstream to your supply chain.
Scoring:
- 1: 1–500
- 2: 501–1,000
- 3: 1,001–5,000
- 4: 5,001–10,000
- 5: 10,000+
Sector example: In the vape sector, Trading Standards have run blitz inspections in high street independents, pulling dozens of SKUs in a single afternoon. In cosmetics, French and Italian regulators have made unannounced visits to beauty counters in major department stores, removing non-compliant products on the spot.
Bad actor reality check: Some brands boast about being in over 15,000 stores while their product labels would not pass a basic font-size regulation. That is not scale. That is an enforcement buffet.
2. Previous Enforcement Exposure
Regulators never forget. Even a so-called “friendly” guidance meeting puts you in their database. Once you are in the system, follow-up checks become faster and tolerance for errors disappears.
Scoring:
- 1: No enforcement history
- 2: Guidance meeting
- 3: Warning letter
- 4: Product seizure
- 5: RAPEX alert or enforced recall
Sector example: In the toy industry, a RAPEX alert for a single plush toy with loose eyes can lead to re-inspections of your entire range across multiple EU markets. In medical devices, a warning letter in Germany can trigger cross-border follow-up in Austria, Switzerland, and the Netherlands within weeks.
Bad actor reality check: Some brands treat an old enforcement issue like a badge of honour. In reality, it is a permanent bullseye on their back.
3. Number of Markets Sold Into
Each country adds complexity. It is another set of enforcement agencies, laws, and interpretations of risk.
Scoring:
- 1: 1–6 markets
- 2: 7–12 markets
- 3: 13–17 markets
- 4: 18–22 markets
- 5: 23–28 markets
Sector example: A cosmetic brand selling across 20 EU states without perfect translation of ingredient lists is almost guaranteed to receive a compliance notice in the Nordics, where language laws are strictly enforced.
Bad actor reality check: Expanding into as many EU countries as possible without localisation of packaging is like painting a target on your forehead in twelve different languages.
4. Cross-Border or Distance Sales
This is one of the fastest ways to be noticed. Regulators perform online test purchases to see if restricted products can be shipped illegally into their market.
Scoring:
- 1: No cross-border sales with contracts in place
- 2: No sales allowed but no contracts in place
- 3: Cross-border allowed with robust contracts
- 4: Cross-border allowed with verbal agreements only
- 5: Cross-border allowed freely
Sector example: In novel nicotine, OPSS and multiple EU enforcement bodies have conducted coordinated cross-border stings, ordering online and seizing products at customs. In adult products, certain designs banned in conservative EU states have been purchased online and confiscated before delivery.
Bad actor reality check: Some companies brag about shipping worldwide, including to countries where their product is banned. That is like sending an engraved invitation to enforcement.
5. Appointment of Responsible Person (RP) or Authorised Representative (AR)
This is one of the easiest checks regulators can run. No RP or AR means you are instantly non-compliant in that market.
Scoring:
- 1: Formal RP or AR with contracts in place
- 2: RP or AR is the distributor without full documentation
- 3: Informal RP or AR arrangement
- 4: Self-appointed via shell or virtual company
- 5: None appointed
Sector example: In cosmetics, authorities regularly fine brands without an EU-based RP. In PPE, failure to appoint an AR has resulted in rapid product withdrawals across multiple markets.
Bad actor reality check: Some brands think naming their cousin’s company as their RP will tick the box. It will not. It will tick the seize-your-stock box instead.
6. Number of Product SKUs in Market
Every SKU multiplies complexity. It is another technical file, another label, another set of tests. The more you have, the more chance there is for a slip.
Scoring:
- 1: 1–10 SKUs
- 2: 11–25 SKUs
- 3: 26–50 SKUs
- 4: 51–100 SKUs
- 5: 100+ SKUs
Sector example: In the toy sector, a range with 80+ SKUs led to a recall in Spain when one batch had sharp edges. The entire line was suddenly under suspicion.
Bad actor reality check: Some brands launch fifty flavours or variants at once then act shocked when they get pulled because one batch missed a lab test. That is not innovation. That is reckless.
How the Compliance Maturity Arc Fits In
The Compliance Maturity Arc measures how strong your internal systems are. It tracks your progress from reactive firefighting through to proactive compliance leadership.
Here is the connection.
- Low Radar score, high Maturity Arc score: You are in a strong position. Regulators are less likely to notice you, and if they do, you are ready.
- High Radar score, high Maturity Arc score: You are visible, but your systems can handle the scrutiny.
- Low Radar score, low Maturity Arc score: You are under the radar, but vulnerable if noticed.
- High Radar score, low Maturity Arc score: This is the danger zone. You are both highly visible and poorly defended.
By combining these two tools, you can decide whether to reduce your visibility or harden your systems.
Why This Matters More Than Ever
- UK and EU enforcement agencies are sharing more data than ever before. If you are on one list, you are on many.
- Media coverage of product seizures is increasing, especially in sectors like vapes, cosmetics, and toys where public safety is a political issue.
- Investors are paying attention. A high enforcement risk score can wipe millions off your valuation in days.
Using the Radar in Your Business
- Score yourself honestly across all six zones.
- Identify hot zones where you are closest to a score of 5.
- Prioritise fixes in areas that give the greatest drop in your total score.
- Update your score regularly as you launch new products, expand into new markets, or change sales channels.
If your score is in the 18–25 range, you are almost certainly on the radar. At that point you must either lower your profile or upgrade your compliance systems.
The Brutal Truth
Regulators do not have to catch you. They only have to notice you.
The bad actors will keep running blind until they are headline news.
The smart founders will know their radar score, link it to their Compliance Maturity Arc, and take action before the knock on the door.
In regulated markets, what you cannot see will hurt you, and it will hurt you fast.