After conducting compliance audits for 500+ companies across India over the past two decades, we’ve noticed something striking.
The same gaps appear repeatedly in HR legal compliance in India. Not because founders don’t care about compliance. Because nobody tells them what actually gets companies caught until it’s too late.
- Labour inspectors know these patterns.
- Employees filing complaints know these patterns.
- Investors conducting due diligence know these patterns.
The only people who don’t know are the companies making the mistakes, until an inspector shows up, an employee files a complaint, or a funding round stalls over compliance gaps discovered during due diligence.
This article breaks down the 10 HR compliance mistakes India companies make most frequently, why they happen, what triggers discovery, and how to fix them before problems surface.
Why do the same compliance gaps appear everywhere?
HR compliance mistakes India companies make aren’t random. They follow predictable patterns based on company size, industry, and growth stage.
Companies with fewer than 50 employees face different issues than companies with 200+ employees. Tech startups face different compliance requirements than manufacturing firms. Fast-growing companies create different gaps than stable, established ones.
Understanding these patterns helps you avoid them before they become your problem.
The three reasons compliance gaps persist
Nobody explains what actually matters: most compliance checklists treat everything as equally important. Register for PF, ESI, the Shops Act, and professional tax; create policies; and maintain registers. It’s overwhelming. Companies don’t know which gaps create immediate risk versus which can phase in over time.
Startup advice ignores compliance realities: The “move fast and break things” mentality works for product development. It creates expensive problems for employment compliance. By the time you’re “ready” to fix compliance, you’re already non-compliant and facing retrospective costs.
Compliance feels like it can wait: Unlike product launches or fundraising, compliance doesn’t have visible deadlines. Until it does. An inspector visit, an employee complaint, or due diligence can suddenly create urgency around issues that have existed for months or years.
Must read: 5 HR legal compliance policies companies delay until it’s too late
Gap 1: The POSH committee has no external member
This is the most common HR compliance mistake India we find, particularly in companies with fewer than 100 employees.
What companies do wrong
They form an Internal Complaints Committee (ICC) with three internal employees. Or they draft a POSH policy without forming any committee. Or they form a committee but never appoint the mandatory external member.
Why it happens
The POSH Act requires one external member on the ICC; someone from an NGO or organisation working on women’s issues. Finding this person can be difficult, so companies delay or skip the process entirely.
What triggers discovery
An employee files a harassment complaint. The company realises that it has no proper ICC to investigate it. The complainant escalates to the labour department or goes public. Penalties and reputation damage follow.
The fix
Identify an external member before you need them. Several organisations provide external POSH committee members specifically for this purpose. Document the appointment, conduct annual training, and file quarterly nil returns, even when no complaints are received.
Pattern we see
Companies with fewer than 50 employees assume POSH doesn’t apply to them. It does. Any company with 10+ employees must comply with full POSH requirements, including the external member.
Gap 2: PF registration done, but wage structure non-compliant
Tech companies register for PF, thinking they’re compliant. The registration exists. Monthly returns get filed. But the wage structure underneath is wrong.
What companies do wrong
They structure compensation to minimise PF contributions. High variable pay, inflated allowances, or a basic salary capped at ₹15,000 regardless of total CTC. Technically, this violates PF regulations about what constitutes “basic wages.”
Why it happens
Advice from accountants or payroll vendors who optimise for lower statutory costs without understanding compliance implications. The structure saves money in the short term but creates exposure in the long term.
What triggers discovery
An employee leaving the company discovers their PF balance is much lower than expected for their salary level. They file a complaint. EPFO investigates the wage structure across all employees. Back payments, interest, and penalties follow.
The fix
Structure the basic salary as the statutory minimum (typically 40-50% of CTC for most roles). If you’ve been non-compliant, assess your exposure and decide whether to voluntarily correct it or wait for potential discovery.
Pattern we see
This appears in 68% of our tech company audits but less than 30% of manufacturing audits. Why? Manufacturing companies typically follow traditional wage structures. Tech companies experiment more with compensation design, creating compliance issues.
Gap 3: ESI threshold crossed but registration delayed
Companies know ESI becomes mandatory at 10 employees (or 20 in some states). But “knowing” doesn’t mean “doing.”
What companies do wrong
They cross 10 employees, keep growing, and delay ESI registration, thinking “we’ll do it before we hit 20” or “we’ll do it next quarter when we’re less busy.”
Why it happens
ESI registration feels complicated. The process involves multiple forms, inspections, and ongoing filing obligations. Delaying feels easier than dealing with it now.
What triggers discovery
An employee gets injured or falls seriously ill. They discover they should have ESI coverage, but don’t. They file a complaint. ESIC conducts an inspection, calculates arrears from when you crossed the threshold, and issues penalties.
The fix
Register for ESI the month you cross the threshold. If you’re already delayed, register immediately. The longer you wait, the larger your arrears become.
Pattern we see
71% of companies crossing 10-20 employees during growth phases delay ESI registration. Stable companies that started compliantly rarely have this gap. The issue appears during rapid scaling.
Gap 4: Employment contracts exist but don’t comply with state requirements
This gap surprises companies the most. They have employment contracts. Every employee signed one. But the contracts don’t comply with the specific requirements of each state where employees work.
What companies do wrong
They use one standard contract template for employees across Mumbai, Bangalore, Delhi, and Pune. But each state’s Shops and Establishments Act has different requirements for working hours, overtime, leave entitlements, and other terms.
Why it happens
Nobody tells companies that employment contracts need state-specific clauses. Generic templates from the internet or copied from other companies miss these nuances.
What triggers discovery
An employment dispute reaches the labour court. The employee’s lawyer points out that the contract violates state-specific regulations. Certain provisions of the contract become unenforceable, weakening the company’s position.
The fix
Review contracts against the specific Shops and Establishments Act for each state where you have employees. Update templates to include state-specific provisions. For new hires, use the correct template based on their work location.
Pattern we see
54% of companies operating in multiple cities have this gap. Single-city companies rarely face this issue because one template works for all employees.
Gap 5: Attendance registers maintained but not in the prescribed format
Companies maintain attendance. They use biometric systems, time tracking software, or digital apps. Employees clock in and out. Data exists.
But it’s not in the format required by the law.
What companies do wrong
They assume digital attendance tracking equals compliance. But the law prescribes specific register formats including employee details, hours worked, overtime, weekly offs, and leave taken. Digital systems often don’t capture everything required or don’t generate reports in the prescribed format.
Why it happens
Digital attendance solutions optimise for operational needs (preventing buddy punching, tracking hours for payroll), not compliance requirements. The formats don’t match what inspectors expect to see.
What triggers discovery
A labour inspector conducts a routine inspection or investigates a complaint. They ask to see attendance registers in the prescribed format. The company provides digital reports. The inspector issues a notice for non-compliance.
The fix
Either configure your digital system to generate reports in the prescribed format, or maintain parallel manual registers that comply with the format requirements. Both approaches work; the hybrid is safer.
Pattern we see
This occurs in 61% of companies that have modernised HR systems but haven’t ensured that digital outputs meet compliance requirements.
Gap 6: Leave policy exists but doesn’t match statutory minimums
Startups create “flexible” leave policies. Unlimited leave. Generous time off. Trust-based systems.
Then they discover their policy doesn’t comply with statutory requirements.
What companies do wrong
They design leave policies that sound good (“unlimited PTO!”) without checking whether they meet minimum statutory entitlements under state Shops Acts or the Factories Act. Or they implement US-style PTO banks that don’t separately track sick leave, casual leave, and earned leave, as Indian law requires.
Why it happens
Founders adopt leave policies from global companies or startup blogs without adapting them to Indian compliance requirements. The policies prioritise culture and flexibility over legal compliance.
What triggers discovery
An employee leaves and requests encashment of unused leave. The company realises it hasn’t tracked leave in the compliance-required categories. Or a dispute arises, and the employee claims they never received statutory minimum leave entitlements.
The fix
Ensure your leave policy explicitly provides for statutory minimums (typically 12 days casual leave, 12 days sick leave, minimum earned leave) even if you offer additional flexibility. Track these categories separately for compliance purposes.
Pattern we see
48% of startups creating “innovative” leave policies have this gap. Traditional companies following standard leave templates rarely face this issue.
Gap 7: Gratuity applicable, but no policy documentation
Companies know that gratuity becomes payable after an employee completes 5 years of service. But many don’t realise they should have gratuity policy documentation and registration before that 5-year mark arrives.
What companies do wrong
They handle gratuity reactively. An employee completes 5 years of service, asks about gratuity, and the company scrambles to calculate and pay it, without a formal policy or process.
Why it happens
Gratuity seems far away for new companies. By the time employees reach 5 years, creating policy documentation feels like closing the barn door after the horse has left.
What triggers discovery
A dispute over gratuity calculation. Without a documented policy, interpretation becomes subjective. Or an audit reveals that the company has multiple employees with over 5 years of service, but no gratuity documentation or registration.
The fix
Create and document a gratuity policy before your first employee reaches 5 years of service. Register under the Gratuity Act if you have 10 or more employees. Maintain proper records of continuous service for accurate calculations.
Pattern we see
43% of companies that have been operating for 5+ years lack proper gratuity documentation. This gap doesn’t exist in new companies because the issue hasn’t arisen yet.
Gap 8: Contract workers engaged, but principal employer duties ignored
Companies engage contract labour through vendors or contractors. They assume the contractor handles all compliance. They discover too late that principal employer liability exists regardless.
What companies do wrong
They sign agreements with labour contractors but never verify whether those contractors are properly licensed, whether they’re paying statutory benefits, or whether they’re maintaining required registers. When issues arise, both the contractor and the principal employer face liability.
Why it happens
Companies think outsourcing labour means outsourcing compliance responsibility. It doesn’t. Principal employers remain liable for ensuring contract labour receives statutory benefits even when engaged through intermediaries.
What triggers discovery
Contract workers file complaints about non-payment of PF/ESI or other benefits. Authorities investigate and hold both the contractor and the principal employer responsible. The company discovers it’s liable despite having a contractor agreement.
The fix
Verify contractor licenses, audit their compliance quarterly, maintain required registers for contract labour on your premises, and ensure contractor agreements clearly allocate compliance responsibilities.
Pattern we see
57% of companies using contract labour have inadequate compliance with their principal employer obligations. This gap appears across industries but is particularly common in manufacturing, logistics, and facilities management.
Gap 9: Professional tax registered but filings lapsed
Professional tax is a state-level tax. Companies with employees in multiple states need separate registrations and monthly filings for each state.
What companies do wrong
They register for professional tax when they start operations in a state. Initial filings happen. Then someone leaves, processes break down, or responsibilities shift. Filings lapse. Penalties accumulate silently.
Why it happens
Professional tax feels minor compared to PF/ESI. Monthly filing deadlines vary by state. Without automated tracking, filings get missed. Since it’s small amounts, companies don’t notice the gaps until penalties are substantial.
What triggers discovery
The company needs a tax clearance certificate for some purpose. They discover years of lapsed filings and accumulated penalties. Or a state tax authority conducts an audit and uncovers the gap.
The fix
Set up automated reminders for all state-specific professional tax filing deadlines. Assign clear ownership. Verify filings happen monthly. Small effort prevents large penalties.
Pattern we see
39% of companies operating in multiple states have lapsed professional tax filings in at least one state. Single-state companies rarely have this issue.
Gap 10: Exit documentation incomplete or missing
Fast-growing companies focus on hiring. Exit documentation becomes an afterthought.
What companies do wrong
Employees leave. Full and final settlement happens. But proper documentation is missing: no resignation acceptance letter, no relieving letter, no no-objection certificate, no handover documentation. Or documentation exists, but doesn’t comply with the required formats.
Why it happens
Under pressure, HR teams prioritise hiring over exits. Exits feel negative. Processing them thoroughly seems less urgent than filling open roles.
What triggers discovery
A former employee needs a relieving letter for their next job. The company scrambles to create one month after the person left. Or a dispute arises, and the company realises they have no documented acceptance of the resignation or proof of a proper exit process.
The fix
Create an exit checklist covering resignation acceptance, notice period calculation, full and final settlement, asset return, access revocation, and relieving letter. Process it completely before the last working day, not after.
Pattern we see
52% of companies growing rapidly have incomplete exit documentation. Stable companies with structured HR processes rarely have this gap.
Why these patterns matter for your company
Understanding common compliance gaps India companies face helps you avoid them proactively rather than discovering them reactively.
The cost difference is substantial:
Proactive compliance:
- Register when you cross thresholds (₹0 penalty)
- Create policies before you need them (₹0 cost beyond drafting)
- Maintain documentation as you go (minimal ongoing effort)
Reactive compliance:
- Discovered gaps (penalties + arrears + interest)
- Crisis management during inspection or dispute (urgent consultant fees)
- Reputation damage (loss of funding, hiring difficulties, public complaints)
Most compliance gaps are preventable. They exist because nobody explained what actually matters until it was too late.
Common questions answered: Top 10 HR Legal Services FAQs Businesses Need Answered
How Corporate Stalwarts approach compliance differently
After conducting 500+ compliance audits across startups, MSMEs, and established companies, we’ve built systematic approaches to preventing these gaps before they become problems.
Our audit process reveals what others miss
When we audit a company’s HR compliance, we don’t just check whether registrations exist. We examine:
Document review: Do employment contracts comply with state-specific requirements? Are policies comprehensive and legally sound? Is the exit documentation complete?
Process audit: Are monthly filings actually happening? Are registers maintained in prescribed formats? Are contractor compliance verifications current?
Risk assessment: Which gaps create immediate exposure? Which can phase in over time? What’s the realistic path to full compliance given your budget and bandwidth?
Pattern recognition: Based on your industry, size, and growth stage, which statutory compliance errors appear in similar companies? How do we prevent those before they surface?
What we deliver
Compliance gap analysis: Detailed report of every gap we find, categorised by risk level and urgency.
Prioritised remediation plan: What to fix immediately (high risk, easy to discover), what to fix next quarter (medium risk), and what can be phased in over time (low risk until you scale further).
Implementation support: We don’t just identify gaps. We help fix them. Policy drafting, registration processing, system setup, and ongoing compliance management.
Ongoing monitoring: Compliance isn’t a one-time thing. We track deadlines, verify that filings are completed, and alert you to legal changes affecting your business.
Corporate Stalwarts provides HR Policy & Advisory Solutions specifically designed to prevent the compliance gaps that catch companies by surprise.
We’ve handled compliance for companies from 10 employees to 1000+, across IT, FMCG, pharma, manufacturing, and professional services.
Ready to understand where your compliance gaps exist before an inspector does? Let’s talk.
Frequently Asked Questions
Frequency varies by state and industry. Some states conduct random inspections quarterly. Others focus on complaint-driven inspections. Manufacturing units face more frequent inspections than IT companies. But assuming you won't get inspected is risky. When inspections happen, they're thorough.
This depends on the specific gap and your risk tolerance. Some gaps (such as missing POSH external members) should be fixed immediately. Others (like historical wage structure issues) may warrant calculating exposure before deciding. We help companies assess risk and make informed decisions.
Yes. Serious investors conduct thorough compliance due diligence. They verify registrations exist, examine sample employment contracts, review policy documentation, and check for pending disputes. Compliance gaps discovered during due diligence reduce valuations or kill deals.
Some gaps can be fixed cleanly. Others involve retrospective payments or penalties. Missing registrations trigger arrears from when you crossed thresholds. Lapsed filings accumulate interest. The longer the gaps exist, the more expensive remediation becomes. Early action always costs less.
Prioritise based on discovery risk and penalty severity. POSH compliance (high discovery risk, severe penalties), PF/ESI registration (moderate risk, large arrears), and employment contracts (high risk during disputes) should be fixed first. Professional tax filings and register formats can phase in next.
Depends on the company size and current state. Initial compliance for a 30-person company starting from scratch might cost ₹50,000-150,000, including registrations, policy creation, and system setup. Ongoing compliance costs ₹15,000-40,000 per month, depending on complexity. Fixing years of non-compliance costs substantially more due to arrears and penalties.
Yes. Employee location determines which state's Shops Act applies, but all other compliance (PF, ESI, POSH, and employment contracts) applies regardless of remote work. Multi-state remote teams create additional complexity, not reduced obligations.
Corporate Stalwarts is a trusted recruitment firm with 20+ years of expertise in executive search and leadership hiring.
We’ve placed 10,000+ candidates across 600+ companies in FMCG, Manufacturing, IT, Pharma, and more. Our 1M+ candidate pool and 48-hour turnaround enable fast, high-quality hiring solutions.
We help businesses build high-performance teams with precision, speed, and industry expertise.
