Evolution of Compliance in India

Staying compliant in India is no longer a static checklist but a dynamic, evolving commitment. For fundraising startups and MSMEs, understanding this shift is critical for sustainable growth and avoiding significant penalties. India’s regulatory environment is rapidly transforming, driven by digital governance, global standards alignment, and a push for greater transparency.

The Shifting Landscape of Indian Compliance: Key Drivers

India’s compliance journey has moved from a largely manual, fragmented system to an increasingly integrated, technology-driven framework. This evolution is shaped by several key drivers:

• Digital Transformation and E-Governance: The government’s push for digital India has streamlined many compliance processes. Portals like MCA21, GSTN, Shram Suvidha, and FINNET have made filings easier but also demand timely and accurate digital submissions. This shift reduces physical paperwork but increases the need for robust internal digital record-keeping.
• Ease of Doing Business Initiatives: While aiming to simplify operations, these initiatives often introduce new, consolidated regulatory frameworks. The intent is to reduce the burden, but businesses must adapt to new rules, often with tighter timelines and increased accountability.
• Global Standards Alignment: India is increasingly aligning its regulatory practices with international norms, particularly in areas like anti-money laundering (AML), counter-terrorist financing (CTF), and product safety. This ensures Indian businesses can compete globally but requires adherence to stricter global benchmarks.
• Focus on Transparency and Accountability: Regulators are demanding greater transparency, especially from entities dealing with public funds or sensitive data. This is particularly relevant for fundraising startups, where investor trust hinges on impeccable compliance and clear disclosures.

Navigating Specific Regulatory Evolutions for MSMEs and Startups

The broad changes manifest in specific regulatory areas, each presenting unique challenges and opportunities for growing businesses.

Financial Intelligence Unit - India (FIU-IND) Reporting

The Prevention of Money Laundering Act (PMLA) and its implementing body, FIU-IND, have significantly expanded their scope, impacting a wider range of businesses.

Who Is Required to File FIU-IND Reports?

Beyond traditional financial institutions like banks and Non-Banking Financial Companies (NBFCs), the mandate for FIU-IND reporting now extends to various Designated Non-Financial Businesses and Professions (DNFBPs). This is a critical point for many startups and MSMEs, especially those involved in:

• Real estate activities.
• Dealing in precious metals, precious stones, and high-value goods.
• Practicing professionals such as Chartered Accountants (CAs), Company Secretaries (CSs), Cost & Management Accountants (CMAs), and Advocates, when they carry out specific transactions for their clients related to buying/selling property, managing client money, or forming/managing companies.

If your startup or MSME falls into any of these categories, or if you engage in transactions that could be deemed “suspicious” or “cash-intensive,” you likely have reporting obligations.

Key FIU-IND Compliance Filing Requirements

Adhering to FIU-IND norms involves a structured approach:

1. Registration on FINNET Portal: Before any reporting, entities must register on the FIU-IND’s official FINNET portal. This is your gateway for all submissions.
2. Appointment of Principal Officer: Designate a senior management employee responsible for ensuring compliance and acting as the primary point of contact with FIU-IND.
3. Customer Due Diligence (CDD) / Know Your Customer (KYC): Implement robust KYC procedures for all clients, including ongoing monitoring of transactions.
4. Record Keeping: Maintain records of all transactions, client identification data, and reports submitted to FIU-IND for a specified period (typically five years).
5. Types of Reports and Timelines:
   • Cash Transaction Reports (CTRs): For cash transactions exceeding ₹10 Lakh or a series of integrally connected transactions. Filed monthly by the 15th of the succeeding month.
   • Suspicious Transaction Reports (STRs): For transactions suspected of involving proceeds of crime, regardless of amount. Filed within seven working days of forming suspicion.
   • Counterfeit Currency Reports (CCRs): For transactions involving counterfeit currency.
   • Non-Profit Organisation Transaction Reports (NTRs): For transactions by NPOs exceeding a specified threshold.
   • Cross Border Wire Transfer Reports (CBWTRs): For cross-border wire transfers above a certain threshold.

Penalties for Non-Compliance

The consequences of failing to comply with PMLA and FIU-IND directives are severe:

• Monetary Penalties: Significant fines can be imposed, ranging from ₹10,000 to ₹1 Lakh for each failure, and can be recurring.
• Reputational Damage: Non-compliance can severely damage your business’s reputation and trustworthiness, crucial for fundraising and client acquisition.
• Operational Restrictions: Regulators can impose restrictions on your operations, including freezing assets or accounts.
• Legal Action: In serious cases, non-compliance can lead to prosecution and imprisonment for individuals responsible.

For detailed guidance on navigating these complex requirements, consider exploring Verslas Guru’s FIU-IND Compliance Services.

Bureau of Indian Standards (BIS) and Product Compliance

The Bureau of Indian Standards (BIS) plays a pivotal role in ensuring product quality and safety in India. Recent notifications, particularly around electronic and IT goods, have significant implications for manufacturers and importers.

BIS Notification 2026 Explained: New Indian Standards Revisions

The BIS regularly updates its standards, and 2026 has seen crucial revisions impacting various sectors. These revisions often involve:

• New Product Categories under Mandatory Certification: More products are being brought under the compulsory registration scheme (CRS) or standard mark scheme.
• Updated Safety and Performance Benchmarks: Existing standards are revised to meet evolving technological advancements and global safety norms.
• Emphasis on Domestic Manufacturing: Promoting ‘Make in India’ often comes with stringent quality requirements for locally produced goods.

Mandatory Migration to IS IEC 62368-1:2023

A critical update for tech startups and MSMEs in the electronics sector is the mandatory migration to IS IEC 62368-1:2023 for Audio/Video, Information, and Communication Technology Equipment. This standard replaces older ones (IS 13252 (Part 1): 2010 and IS 616: 2017) and focuses on hazard-based safety engineering. This is especially relevant for:

• Extended Reality (XR) products.
• IT equipment, servers, laptops, mobile phones.
• Audio-visual equipment.

Businesses must ensure their products are tested and certified against this new standard to avoid market access issues.

Compliance Roadmap for BIS Certification

Obtaining BIS certification involves a multi-step process:

1. Identify Applicable Standard: Determine the specific Indian Standard (IS) relevant to your product.
2. Product Testing:
   • Sample Submission: Send product samples to a BIS-recognized laboratory for testing against the identified IS.
   • Test Report: Obtain a comprehensive test report outlining compliance or non-compliance.
3. Application Submission:
   • Online Portal: Apply through the BIS Manak Online portal.
   • Required Documents:
     • Company registration documents.
     • Manufacturing process details.
     • Factory layout.
     • Quality control system details.
     • Test reports from BIS-recognized labs.
     • Trademark/brand registration.
     • Undertakings and declarations.
4. Factory Inspection (for some schemes): BIS officials may conduct an inspection of your manufacturing facility to verify compliance with quality control and production processes.
5. Grant of License: Upon successful evaluation, BIS grants the license, allowing you to use the ISI mark.
6. Timeline: The entire process can take anywhere from 1 to 6 months, depending on the product complexity, testing requirements, and responsiveness in addressing queries.

Consequences of Non-Compliance

Operating without the necessary BIS certification can lead to severe repercussions:

• Product Recalls: Mandatory recall of non-compliant products from the market.
• Market Access Restrictions: Products cannot be sold or imported into India.
• Monetary Fines: Significant penalties under the BIS Act, 2016.
• Legal Action: Prosecution, including imprisonment for repeat offenses.

For assistance with product testing and certification, Verslas Guru offers specialized BIS Certification Consulting services.

New Labour Codes and Workforce Compliance

The proposed New Labour Codes (Code on Wages, Industrial Relations Code, Code on Social Security, and Occupational Safety, Health and Working Conditions Code) represent a monumental shift in India’s labour law framework. While their full implementation awaits final rules from state governments, employers, especially MSMEs and startups, must prepare for their eventual rollout.

New Labour Codes Rollout: Employers Face Compliance Challenges

The codes aim to simplify and consolidate existing laws but introduce new complexities:

• Wage Definition Changes: A broader definition of “wages” will impact calculations for provident fund (PF), gratuity, and other statutory benefits.
• Working Hours and Leave: New provisions for working hours, overtime, and annual leave, including potential changes to the four-day work week concept.
• Social Security Expansion: Wider coverage for social security benefits, potentially including gig workers and platform workers.
• Industrial Relations: Changes to rules around trade unions, strikes, and retrenchment.

Wage Changes and Higher Costs Amid Pending Rules

The revised definition of wages is particularly impactful. By including a larger component of allowances (like HRA, conveyance allowance) within the “wage” for statutory purposes, the employer’s contribution to PF and gratuity will likely increase. This translates to higher compliance costs for MSMEs and startups, requiring careful financial planning and payroll adjustments.

Compliance Checklist for Startups

To prepare for the new codes:

• Review Employment Contracts: Update existing and draft new employment agreements to align with the new wage definitions, working hours, and leave policies.
• Update HR Policies: Revise internal HR policies, employee handbooks, and codes of conduct.
• Payroll System Adjustments: Work with your payroll provider to ensure systems can accurately calculate statutory contributions based on the new wage definition.
• Social Security Registration: Ensure all eligible employees are registered under EPF and ESIC, and understand any expanded coverage under the new Social Security Code.
• Grievance Redressal: Establish clear internal grievance redressal mechanisms as per the new codes.

Documents, Timelines, and Official Portals

• Official Portal: The Shram Suvidha portal remains the primary platform for unified electronic compliance under various labour laws.
• Key Documents:
  • Updated employment contracts.
  • Revised HR policy documents.
  • Registers of employees, wages, attendance.
• Periodic Filings:
  • Monthly EPF and ESI returns (by the 15th of the succeeding month).
  • Annual returns under various labour laws.

Penalties for Violations

Non-compliance with labour laws can result in:

• Fines: Monetary penalties for various offenses, ranging from minor procedural lapses to serious violations.
• Imprisonment: For grave offenses, particularly those related to safety or non-payment of dues.
• Back Wages and Damages: Orders to pay unpaid wages, gratuity, or other benefits, often with interest.

Navigating these changes requires expert advice. Verslas Guru offers comprehensive Labour Law Compliance for Startups to help you stay ahead.

SEBI Regulations and Fundraising Compliance

For fundraising startups, compliance with SEBI (Securities and Exchange Board of India) regulations is paramount. The regulator is increasingly vigilant about unregistered entities operating in the financial markets.

Operating Without a PA License in India? Legal & Regulatory Risks

One of the most significant risks for startups seeking investment or financial advice is engaging with entities or individuals who are not properly licensed by SEBI. Specifically, operating or advising on portfolio management services (PMS) without a valid Portfolio Manager (PA) license is a serious offense.

The case of 3m Team Research Private Limited (and individuals like Rakesh Sethi, Pramod Jain) serves as a stark reminder. SEBI took stringent action, including issuing recovery certificates, against entities found to be offering unregistered portfolio management services. Such actions underscore SEBI’s commitment to protecting investors and maintaining market integrity.

If you are a startup receiving advice or services related to investment, ensure your advisors are SEBI-registered Investment Advisers or Portfolio Managers. Dealing with unregistered entities exposes your startup and its investors to:

• Lack of Investor Protection: No recourse under SEBI’s investor protection mechanisms.
• Legal Liability: Potential for your startup to be implicated if it knowingly facilitates or benefits from unregistered services.
• Reputational Damage: Significant harm to your startup’s credibility, making future fundraising difficult.

SEBI Order for Compliance Completion

SEBI regularly issues orders for compliance completion, not just against unregistered entities but also against registered ones that fail to meet ongoing regulatory requirements. For startups, this means:

• Due Diligence: Thoroughly vet any financial intermediary or advisor you engage.
• Disclosure Requirements: Ensure all disclosures related to fundraising (e.g., through private placement, rights issue, or other instruments) are accurate and timely as per SEBI guidelines.
• Investor Relations: Maintain transparent communication and promptly address investor queries and grievances.

Documents, Timelines, and Official Portals

• Official Portal: The SEBI Intermediaries portal is used for registration and compliance filings by various market intermediaries.
• Key Documents for Fundraising:
  • Private Placement Offer Letters (PPOLs).
  • Shareholders’ Agreements (SHAs).
  • Valuation reports.
  • Due diligence reports.
• Timelines: Strict timelines apply for various filings, such as intimation of board meetings, filing of resolutions, and disclosures related to capital raising.

Consequences of Non-Compliance

Violations of SEBI regulations can lead to:

• Heavy Penalties: Substantial monetary fines.
• Disgorgement: Order to return illegally gained profits.
• Bans: Prohibition from accessing capital markets or holding directorial positions.
• Reputational Damage: Irreparable harm to your startup’s image and ability to attract investors.

Tax Regime and MSME Push

India’s tax regime is also undergoing significant reforms, with a stated focus on a “trust-based” approach and strong support for MSMEs.

India Riding The Reform Express: Trust-Based Tax Regime

Finance Minister Nirmala Sitharaman has consistently pitched a trust-based tax regime, aiming to simplify processes and reduce litigation. This vision translates into:

• Faceless Assessments: Reducing direct human interface to minimize discretion and corruption.
• Pre-filled ITRs: Simplifying tax filing for individuals and small businesses.
• Data Analytics: Increased reliance on data analytics and AI to identify non-compliance, rather than broad-based scrutiny.

While fostering trust, this regime simultaneously demands greater accuracy and transparency in your financial reporting, as data discrepancies can trigger automated flags.

MSME Push in Finance Bill 2026

The Finance Bill 2026 continues to emphasize support for MSMEs through various incentives, which often come with specific compliance requirements:

• udyam registration: Mandatory for availing MSME benefits, requiring accurate classification of your business.
• Timely Payments: Strict provisions for timely payments to MSMEs, with penalties for delays.
• Credit Guarantees and Schemes: Access to various government schemes often depends on maintaining specific compliance statuses.

Building Risk Resilience: An Update For India Inc

For both startups and MSMEs, building strong risk resilience is crucial. This extends beyond financial risks to encompass regulatory and compliance risks. A robust internal control framework, regular tax audits, and proactive tax planning are essential to navigate the evolving tax landscape. This includes:

• Maintaining Accurate Books of Accounts: The foundation of all tax compliance.
• Timely Filing of Returns: GST, Income Tax, TDS/TCS returns.
• Reconciliation: Regularly reconciling financial data with filed returns to avoid discrepancies.

Building a Proactive Compliance Culture for Startups and MSMEs

In a rapidly changing regulatory environment, a reactive approach to compliance is a recipe for disaster. Startups and MSMEs must cultivate a proactive compliance culture.

• Risk Management Frameworks: Implement clear internal policies and procedures that identify, assess, and mitigate compliance risks. This includes defining roles, responsibilities, and internal controls.
• Technology Adoption: Leverage RegTech (Regulatory Technology) solutions for automated compliance monitoring, reporting, and record-keeping. This can significantly reduce manual errors and improve efficiency.
• Regular Audits and Reviews: Conduct periodic internal and external audits of your compliance processes to identify gaps and ensure adherence to the latest regulations.
• Training and Awareness: Educate your employees, especially those in finance, HR, and operations, about relevant compliance requirements and the importance of ethical conduct.
• Seeking Expert Guidance: The complexity of Indian compliance often necessitates expert advice. Engaging compliance consultants can help you stay updated, interpret complex regulations, and implement robust compliance frameworks.

The Road Ahead: Staying Agile in a Dynamic Regulatory Environment

The evolution of compliance in India presents both challenges and opportunities. The initial reaction to new regulations can often be one of overwhelm or frustration, given the constant updates and the need for immediate adaptation. However, viewing these changes as an opportunity to strengthen internal processes, build trust, and gain a competitive edge is crucial.

Businesses that embrace continuous monitoring of regulatory updates, invest in robust compliance systems, and foster a culture of integrity will be better positioned for long-term success. Proactive compliance not only mitigates risks but also enhances your startup’s credibility, which is invaluable when seeking investment or expanding into new markets.

At Verslas Guru, we understand the intricacies of India’s evolving compliance landscape. We partner with startups and MSMEs to provide tailored solutions, ensuring you not only meet your obligations but also thrive in this dynamic environment.