There are some general guidelines and regulations we need to be aware of while starting and running an eCommerce Website. For example In the United States, the Federal Trade Commission (FTC: http://www.ftc.gov/) is the primary agency that regulates eCommerce activities. One can find some important guidelines in the link here. Most imp of the regulatory compliance for eCommerce portals is PCI compliance and secure information transfer between browsers and web network i.e. SSL certification.
For Secure information transfer: You would need to buy a SSL certification from VeriSign (Now part of Symantec) to enable HTTPS transfer of data and info from the browser. Please check out these two links http://www.symantec.com/page.jsp?id=seal-transition AND https://www.symantec.com/ssl-certificates.
For PCI compliance: If you do not store any customer Credit card information on your eCommerce website/servers and have SSL certification, by default your portal becomes PCI compliant. PCI though does mandate regular scans (please check this link http://usa.visa.com/merchants/risk_management/cisp_merchants.html#anchor_2)
(The above is posted by Connecting Dots (http://www.cdotsys.com/), an eCommerce Website development Expert and a Magento Implementation Partner based out of Bangalore, India. We take up Offshore Magento Development Services and deliver the best and most cost effective solutions for Magento eCommerce Websites).