Compliance Management of Company Law
Compliances – Approach and Technology
Perspective
Shujath Bin Ali*, Manager (Corporate Affairs, Legal & Tax), Deloitte Consulting India Private Limited,
Hyderabad.
Compliance management is the management of all compliances required of the Company in order to reduce
the risk of non-compliance and consequent penalties, fines or other form of punishment. The main objective
of compliance management is to make sure that all compliances are made in time, reported to the
management, non-compliances escalated and ultimately to prevent unnecessary regulatory and government
attention.
INTRODUCTION
Compliance is either a state of being in accordance with established guidelines, specifications, or legislation
or the process of becoming so. Compliance is usually referred to a behavior which is in accordance with
legislations applicable to the company. The emphasis of the compliance management is on enabling
companies acquire the skill-sets and systems to ensure continued adherence of law. Therefore there has
emerged a clear need for the compliance framework to build an efficient, consistent and auditable
environment; which may lead an organization to gain competitive advantage, meet customer and regulatory
demand. An effective corporate compliance mechanism requires proper systems, processes, tools and
dynamic systems approach that takes in its stride compliance, change in leadership as well as behavioral
dimensions. With such an approach corporate compliance management becomes an integral part of risk
management and value adding exercise. Compliance management for the specific company law provisions is
the direct responsibility of Company secretary and ensuring proper process , systems and methods is of
paramount importance.
Companies will benefit if compliance management is supported by structured approach and systems proper
processes, systems and methods identifying compliance levels and monitoring compliance with legislation
that raises employee awareness of legal obligations and aims to embed a compliance culture in the
organization.
COMPLIANCE MANAGEMENT
The scope of Compliance Management encompasses (1) Compliance Identification (2) Compliance
Ownership (3) Compliance Awareness (4) Compliance Reporting and (5) Periodical Compliance MIS. Each
of these are explained in detail as below
Compliance Identification
This process involves the identification of compliances under various legislations applicable to the company.
The legal team has to identify the legislations applicable to the company and identify the compliances that
are required under each legislation or rules and regulations made there under. Even compliances under some
statutory guidelines (Like SEBI Guidelines) or some agreements could be very important and hence be
considered. The list the compliances and later confirm the list with each function in the Company to ensure
that any major compliance is not missed out.
Compliance Ownership
The next important aspect of compliance management is ownership. The ownership of the various
compliances has to be described function wise and individual wise. Clear description of primary and
secondary ownership is also very important. While the primary owner is mainly responsible for the
compliance the secondary owner (usually the supervisor of the primary owner) has to supervise the
compliance. Ex: Secretarial Officer /Asst Company Secretary may be primarily responsible and Group
Company Secretary’s responsibility is secondary.
Compliance Awareness
The next important step in establishing a legal compliance Management is creation of awareness of the
various Legal Compliances amongst those responsible. Generally compliances are handled by persons who
are not fully aware of the requirements of the legislations and hence creating appropriate awareness amongst
the owners is very important. This could be done in the form of meetings/trainings explaining the various
compliances or some manual containing the details in a simple language. Ex. Automatic email reminders of
various compliances to the responsible person.
Compliance Reporting
Compliances or non-compliances should be communicated to the Concerned. Reporting of non-compliances
ensures that appropriate corrective action is taken by the responsible person, Ex. Automated escalation
emails in case of non compliance
Periodical Compliance MIS
Along with the MIS on sales, production, Expenses and other MIS the management should also review
periodically an MIS on Compliances. This will help the management in understanding the status of various
compliances in the Company. This has to be form part of Agenda of Board meeting and presented to the
Board.
Role of Information Technology in Compliance Management
IT helps collaborate in a controlled environment : IT provides a role-based control environment that
encourages collaboration while maintaining discipline and structure. Users can effectively publish, store,
share and find all information relating to corporate governance in this environment, including minutes of the
Board meeting, corporate policies, risk data, corporate control, filings and other managed documents.
IT promotes standard operating procedures : This provides a robust content repository for storing and
controlling the documents that describe organisational charts, policies and standard operating procedures.
IT facilitates effective risk management : Risk management provides knowledge gathering and notification
capabilities that would ensure that internal and external risks to achievement of corporate objectives, such as
changing economic, regulatory and operating conditions, are quickly discovered and assessed, and well-
informed decisions are made to mitigate risk.
IT gathers and disseminates relevant information : This activity provides numerous ways to identify, capture
and communicate relevant information in a form and timeframe that enables people to work within their
responsibilities.
IT effectively monitors performance : IT enables one to effectively monitor the quality and performance of its
control systems through ongoing monitoring or single evaluations.
INFORMATION TECHNOLOGY TOOLS AIDING
COMPLIANCE
Document Management Softwares like Documentum’s eRoom
Consolidation: NAS, SAN and storage management software
Risk management: Business Intelligence, Business Analytics, and Risk Management applications
Business Continuity: Software and hardware for backup, archival, and retrieval. The use of storage
practices such as Information Lifecycle Management (ILM), Hierarchical Storage Management
(HSM)
 Information security: Firewalls, anti-viruses, Intrusion Prevention Systems (IPSs), Digital Signatures,
and encryption.
 Search facilities: Databases, reporting tools, and analytics
 Workflow management: Workflow management tools




Compliance Management – Company Law Compliances
Compliances under various applicable laws will be definitely more, Nonetheless compliances under company
law are significant as well
For example : Mr CS is Group Company secretary for a large conglomerate having diversified business
across various locations and having 50 subsidiaries in India and 20 across the world and 15 Joint ventures in
India and investments in 20 other companies and most of companies in the group are listed. Corporate
compliances in the areas of Board Meetings, Shareholder Meetings, Statutory Records & Registers, Directors
Remuneration, Office of place of Profit by Directors, Annual Filings, Director Identification Nos, Digital
Signature Certificates, Remuneration of Directors, Conflict of Interest Disclosures, Accounts & Audit etc and
a plethora of other compliances under Company Law based upon various events like Capital Restructuring,
Mergers & Acquisitions, Intercorporate loans & Investments have to be complied with. Automated
compliance management system covering the compliances under company law will be an efficient way to
manage the compliances.
AWARENESS AND INFORMATION SUPPORT TO DIRECTORS
– A KEY
Awareness and education to the directors containing, Roles, responsibilities, liabilities, actions which can be
undertaken by Boards, actions which requires shareholders and government approval to be mentioned. This
is important because Board needs to be aware of their powers. This is important because in this ever
changing dynamic corporate world directors have to take spontaneous decisions for making an important
deal, and this will help the directors. The Directors most likely are from diverse backgrounds and all the
guidance notes should be in simple and easy to understand language with pictorial and graphical
representations.
Information Gateway for Directors through Intranet or any web based technology which Directors can access
online should consist of :
















Agenda and Notes to Agenda of all Board Meetings & Shareholder Meetings
Minutes of all Board Meetings & Shareholder Meetings
Form24 AA, Disclosures of Interest, Related Parties
Directors Identification No Guidance Note
Digital Signature Certificate useage Guidance Note
Compliance Quick updates and presentation in Board Meetings
Exact corporate hierarchy & structure, Investment tree
Compliance & Legislatory updates and presentation in Board Meetings
Important emails- Archive
Financials (Quarterly , Half yearly, Annual)
MIS-Dashboards
Accounting Standards simplified
Charges on Assets-Detailed Chart
Litigation or Pending cases relating to Corporate Laws- Detailed MIS
Key compliances under Company Law of overseas subsidiary companies
Details about meetings organized by professional bodies like ICSI, NFCG etc on Directors etc
The JJ Irani Committee was of the view that law should facilitate use of technology to carry out statutory
processes efficiently. Meetings of the Board of Directors by electronic means (Teleconferencing and video
conferencing included) to be allowed and directors who participate through electronic means should be
counted for attendance and form part of Quorum. Minutes should be approved/ accepted by such directors
who attended by way of teleconferencing/ videoconferencing Signature may be accepted by use of digital
signature certification.
If any director has some reservation about the contents of the Minutes, he may raise the issue in succeeding
meeting and the dissent, if any, may be recorded in the minutes of that meeting. The information gateway
through web based technology will be of great help for online Board Meetings.
Shareholders Information : The intranet portal can be given access to the shareholders with information to
the extent shared. This would be good practice and classic example of good corporate governance.
CEO /CFO CERTIFICATION & COMPLIANCE CERTIFICATEGREAT AID FOR COMPLIANCE MANAGEMENT
Various certifications play a dominant role in overall process of compliance management covers the audit of
the compliances and the reports give a confidence to the stakeholders. Presence of automated compliance
management systems gives confidence to Directors when they can see the documented proof of all
compliances in an automated system in detail and when they can access the whole documents and the
transaction trail. Certification by independent company secretary irrespective of whether mandatory or not is
a good practice and companies should start taking certificates from company secretary in practice.
Automated compliance management and certifications help Corporate Restructing, Mergers, Takeovers,
Acquisitions, Buyback, Re-organizations in the process of Due diligence.
MCA 21-WAY AHEAD
Keeping in tune with the eGovernance initiatives the world over, Ministry of Corporate Affairs (MCA),
Government of India, has initiated the MCA21 project, to enable an easy and secure access to MCA services
in a manner that best suits the corporate entities and professionals besides the public. MCA21 is intended to
achieve the objectives of a versatile eGovernance project.
The MCA21 project is designed to fully automate all processes related to the proactive enforcement and
compliance of the legal requirements under the Companies Act, 1956. This will help the business community
to meet their statutory obligations. From the customer perspective, the Front Office operations assume
significance, which would be administered through the Front Office portal. The entire Back Office operations
of the MCA would be automated so as to achieve the objective of a user friendly computerized
environment. MCA portal is the single point of contact for all MCA related services, which can be easily
accessed over the Internet by all users.
The Ministry is all set to exploit the benefits of its ambitious e-Governance programme - MCA21, which is
considered to have been successfully implemented by the Government of India as one of the Mission Mode
Projects under the NeGP. Compliance management is under serious review. The Ministry has decided its
priorities clearly and is keen to take up the issue of non-compliance of filing of statutory returns by the
defaulting listed companies, public limited companies, Government companies and those with an authorized
capital exceeding Rs. 1.00 crore in the first phase. “About 75% of the companies in this group are already
compliant in filing the Annual Returns and the Balance Sheets. The target of Ministry is to take this to at
least 90% compliance level in this group before the year end”.
The Ministry is clearly demonstrating that level of compliance management and efficiency through use of
Technology.
May be in future if the intranet portals maintained by company with all information is given access to the
Department when need for inspections the complete governance will be online and automated, their will not
be a need of physical inspections and department can act through email notices and responses from company
thus making a 100% online compliance management by Department
ROLE OF COMPANY SECRETARY
With the advent of MCA 21 and emerging technology and dynamic business and compliance era as
Company Secretary and compliance officers we should start adopting the new technology and methods
towards compliance management.
Some of the requirements are as under :










Online Libraries of Bare Acts, Rules, Regulations, Circulars, Notifications
Repository Important Judgments of Company Law, SEBI guidelines
Annual Reports of Top companies across various industry domains
Memorandum and Articles of Association of Top companies across various industry domains
Shareholders and Joint venture agreements Drafts
Listing of Websites (Department and Legal information) providing complete information
Active part in online groups, discussions forums, blogs and networking with professionals
Having subscriptions with magazines like Chartered Secretary & other subscriptions
Understanding of Business domain
Use of Microsoft Office tools like Power point, Access, Project, Outlook
 Special presentation tools like Adobe, Flash Player etc.
Conclusion
The emphasis of the Compliance management is on enabling companies to acquire the skill-sets and systems
to ensure continued adherence of law Compliance is one of the steps in corporate governance initiatives since
governance is a strategy while legal compliance is an operational plan of action. Core to good corporate
governance is compliance with the laws of the land. This assists companies in their endeavor towards being a
good corporate citizen Today compliance is not an option; it has become cost of doing business and the best
possible way of managing risks. Compliance management solution addresses this with the help of integrated
framework supported by an automated IT solution and strong management commitment. Compliance
management when automated provides sustainable framework and a predictable and proactive way of
managing compliances.
FOOTNOTES
*Disclaimer : The views expressed by the author are his personal and not that of his employer.