Corporate & Start Ups

– Somya Saxena, Associate Launching a Startup in India is without doubt an exciting and an exhilarating experience, it has emerged as one of the most sought-after professions. Startups play an important role in our Indian society, at large, in terms of growth of country’s economy, promoting innovation, technological growth, and employment opportunities and finding solutions to various technological and daily problems. In short, Startups are seen to have a positive impact on the overall growth of the country. Amidst, all the excitement and challenges in starting a new business, one such very crucial challenge is to comply with all the legal compliances, most importantly the criteria laid down by the Department for Promotion of Industry and Internal Trade (DPIIT), to ensure a smooth and successful working of the business with no unwanted litigation or legal problems. Hence, it is imperative for the founders to understand the complex nature of such legalities and to simplify the same a comprehensive checklist of legal compliances for startups and tech companies is provided hereunder: Incorporation and Process- Legal Requirements: The first and foremost step is to decide on its modus operandi, what would be the purpose of the business and what does it cater to in the Indian society or even outside. Accordingly, it must be decided whether the Startup would be a partnership, sole proprietorship, limited liability partnership (LLP), public limited company or a private limited company under the Companies Act, 2013, or the Partnership Act, 1932, or the Limited Liability Partnership Act, 2008 as per the business structure. Thereafter, a business must have a unique name or an identity to be distinctive from the others in the market which can be checked in the MCA (Ministry of Corporate Affairs) Website. It must acquire a Digital Signature Certificate (DSC), obtain a Director Identification Number (DIN), draft a detailed MOA and AOA inclusive of the company’s purpose, objectives, rules and regulation, acquire a Certificate of Incorporation, apply for PAN and TAN number, register for the GST, if relevant, and most importantly open a company bank account. These are the initial basic requirements a business and its founders need to keep in check before laying the groundwork in their Startup. Co-founders’ agreements: A Co-Founder Agreement is imperative to decide on the roles and responsibilities of each person for the smooth working of the Startup. Such Agreement helps in the business and relations being transparent and organized. In order to avoid unorganized nature of distribution of funds, roles, and responsibilities leading to various inter personal disputes which could hampering the overall working of the business, a Co-Founder Agreement becomes a necessity. Such Agreement mostly includes, decision making and how the disputes are to be resolved, the exit strategy, IP rights (if any), equity shares and confidentiality. Specific Registration and Licenses: This is a fundamental step when working towards starting a business and not just a mere formality. It is mandatory to procure certain licensees and to register your company with the MCA or the Registrar of Companies. This includes obtaining a certificate of enrolment and certificate of registration, a Permanent Account Number (PAN) under the Income Tax Act, 1961 and registering for Goods and Services Tax (GST) under the central and state goods and services tax statutes and TDS for payments to employees, vendors, contractors etc. Intellectual Property and Data Protection: A startup is a product of brilliant innovative ideas and even technological inventions and to attract investment and gain an edge in the market, protection of a company’s uniqueness is important. It can be a unique name, a distinctive process, a new invention of a product and to protect the same from being used by another in the market, IP registrations are imperative and the founders must be aware of the same. Depending upon the type of Intellectual Property different registrations can be done in accordance with the IP laws in India. For protection of brand names, logo, and symbols, one must register their trademark in accordance with the Trade Marks Act, 1999. To protect their innovative process or products, or an invention, one must file patent application in accordance with the Patent Act, 1970. Startups or tech companies developing a particular software, a design, etc can register for copyright of their work in accordance with the Copyright Act, 1957. New business must also protect their data and must adopt a strong data protection and privacy policy in accordance with the Information Technology Act, 2000 and the Information Technology Rules, 2011 and DPDP Act, 2023. A startup must implement a reasonable security practice in their company and must adopt strict Data breach protocols in order to avoid fraud, cheating, and to maintain trust in the market and most importantly in the consumers. Employment Laws, HR policy and other Legal compliances: In order to protect the best interest of both the Employer and the Employee and an efficient work environment, it is crucial to comply with the labour laws in our country by incorporating various legal essentials. This includes conditions of employment, employment agreement, code of conduct, Data protection, Non Disclosure Agreement, reimbursement of expenses, working hours, leave structure and termination clauses. Certain mandatory policies would be Employment Contracts, Provident Funds, Employee State Insurance, Prohibition of Sexual Harassment at Workplace, Maternity Benefits etc. Lastly, Regulatory Compliance: Depending on the nature and scope of the business, one may have to comply with the regulations imposed by regulatory authorities’ such as Securities and Exchange Board of India (SEBI), Reserve Bank of India (RBI), or Insurance Regulatory and Development Authority of India (IRBAI). Additionally, environmental regulations must be complied with by a startup and must procure necessary permits and clearances if the nature of the business may have the potential to have an impact on the environment. Thus, in order to avoid pitfalls and serious legal consequences in a Startup or a tech company, it best to ensure that the you tick all the heads in the litigation checklist. The common problems faced by the Startups are

ESSENTIAL BUSINESS REGISTRATIONS Company may be incorporated as a legal entity under the Companies Act, Indian Partnership Act or a LLP, which requires registration with the MCA by filing SPICe+ form, which combines multiple registrations including PAN/TAN. The process typically takes 5-7 working days and requires at least two directors and one registered office address. GST registration becomes mandatory when your turnover exceeds ₹40 lakhs (₹20 lakhs for some states). Registration can be done online through the GST portal with necessary business documents. LABOUR LAW COMPLIANCES Provident Fund (PF) registration is mandatory once you have 20+ employees. You’ll need to contribute 12% of basic salary for each employee, with a matching contribution from the employee’s side. Monthly returns must be filed through the EPFO portal. Companies with 10+ employees must register for Employee State Insurance (ESI), providing medical benefits to employees. The current contribution rate is 3.25% from employer and 0.75% from employee. TAX COMPLIANCE FRAMEWORK GST returns must be filed regularly based on your turnover. GSTR-1 (monthly/quarterly) for outward supplies, GSTR-3B for summary returns, and annual returns. Late filing results in penalties of ₹50-100 per day of delay. Income Tax compliance includes quarterly advance tax payments if liability exceeds ₹10,000, and annual returns filing by September 30th. Maintain proper books of accounts and financial statements. INTELLECTUAL PROPERTY PROTECTION Trademark registration protects your brand identity for 10 years (renewable). The application process involves trademark search, filing, examination, and publication. Early registration prevents brand disputes and unauthorized use. Copyright registration automatically exists from creation but formal registration provides stronger legal standing. Essential for protecting software code, content, and creative works. DIGITAL COMPLIANCE ESSENTIALS Privacy policy and terms of service must clearly state data collection practices, usage policies, and user rights. Regular updates needed to align with changing regulations and business practices. Implement reasonable security practices including encryption, access controls, and regular security audits. Maintain documentation of security procedures and incident response plans. EMPLOYMENT DOCUMENTATION Formal employment agreements must specify roles, compensation, working hours, leave policy, and termination terms. Include clear non-compete and confidentiality clauses to protect business interests. HR policies should cover workplace conduct, antiharassment measures, grievance procedures, and performance evaluation systems. Regular updates and communication are essential. GST registration becomes mandatory when your turnover exceeds ₹40 lakhs (₹20 lakhs for some states). Registration can be done online through the GST portal with necessary business documents. INDUSTRY SPECIFIC REGULATIONS FSSAI license is mandatory for food businesses, with different categories based on turnover. Annual renewal required with regular food safety audits and maintenance of hygiene standards. Fintech startups need RBI registration/approval based on service type. Additional compliances include KYC norms, transaction monitoring, and periodic reporting to regulatory authorities. ANNUAL COMPLIANCE CALENDAR Hold board meetings quarterly (gap not exceeding 120 days), with proper documentation of minutes. Annual General Meeting must be conducted within 6 months of financial year end. File annual returns including MGT-7, financial statements, and other statutory forms with ROC. Directors must update KYC annually through DIR-3 KYC form. Appoint first statutoru auditor within 30 days of the company’s incorporation in the firest board meeting and then conduct periodic internal audits to assess compliance with legal requirements and identify any areas of non-compliance. Stay tuned for more legal insights.

– Mandeep Singh, Associate The Digital Competition Bill, 2024 [‘DCB’], proposed by the Indian government, aims to establish a comprehensive regulatory framework for digital markets and prevent anti-competitive practices by giants in the industry. This legislation seeks to address the unique challenges posed by the rapidly evolving digital economy, focusing on issues such as market dominance, data monopolies, and anti-competitive practices in the digital sphere. The DCB is a depiction of a significant shift in India’s approach to regulating technology companies, aligning with global trends towards increased scrutiny of tech giants. The DCB draws inspiration from the European Union’s Digital Market Act [‘DMA’] passed in the year 2022. The DCB proposes ex-ante forms of regulation i.e., predictive regulation that can foresee and possibly prevent issues that can arise in the Indian markets. Another salient feature of the DCB is that the DCB defines Systemically Significant Digital Enterprise [‘SSDE’] and prohibits SSDE’s from engaging in anti-competitive practices, such as anti-steering, self-preferencing etc. The Competition Commission of India [‘CCI’] is entrusted with the responsibility for identification of SSDE’s and regulating their practices. Legislative Context & Objectives The DCB puts in place obligations for large digital enterprises intending to create a level playing field and promote fair competition within the digital space, it is rooted in the recommendations of the Parliamentary Standing Committee on Finance and the Competition Law Review Committee. Its primary objective is to amend the Competition Act, 2002, to incorporate provisions specifically tailored to digital markets. DCB aims to foster innovation, protect consumer welfare, and ensure a level playing field for all market participants, including startups and smaller enterprises. By introducing ex-ante regulations, the legislation seeks to prevent anti-competitive conduct before it occurs, rather than relying solely on ex-post enforcement. Furthermore, the DCB aims to prevent large digital companies from exploiting non-public users data and favoring their services over competitors, promote fair practices in the digital ecosystem and prevent self-preferencing by companies only promoting their products on top of search results and excluding similar products etc. Systematically Important Digital Intermediaries (SIDIs) SIDIs are defined as entities with substantial control over gateway services in the digital ecosystem, SIDIs have a significant impact on the digital ecosystem and have a high market share in their respective digital markets. DCB empowers the CCI to designate SIDIs based on quantitative thresholds and qualitative parameters. SIDIs will be subject to enhanced obligations, including mandatory interoperability requirements and restrictions on certain data usage practices. DCB also introduces the concept of ‘digital gatekeepers,’ entities with significant impact on the digital ecosystem and market share which can control access to digital markets, they exhibit strong network effects and vast amount of data. Key Provisions: The legislation prohibits specific anti-competitive practices in digital markets, including self-preferencing, search bias, and bundling of services. It proposes a preventive (ex-ante) approach rather than post-incident (ex-post) approach in order to foresee and prevent potential anti-competitive practices and prevent potential anti-competitive practices before their occurrence. It mandates algorithmic transparency for SIDIs and introduces data portability requirements to reduce switching costs for consumers amongst other obligations on SIDIs. Moreover, the DCB envisages ‘core digital services’ like search engines/social media sites to be designated as SSDE automatically. It has also introduced Associate Digital Enterprises **[‘ADE’], ADE are entities benefiting from data shared by a major Tech company or group of companies, ADEs shall have similar obligations as SSDEs. DCB also addresses the issue of killer acquisitions by lowering the thresholds for mandatory merge notifications in the digital sector. Furthermore, it grants the CCI powers to conduct market inquiries into the digital economy and issue binding directions to ensure fair competition. Enforcement Mechanism & Penalties To ensure compliance, the DCB established a robust enforcement mechanism. It grants the CCI enhanced investigative powers, including the ability to conduct dawn raids on digital entities. DCB introduces significant financial penalties for non-compliance, with fines up to 10% of global turnover of SIDIs for non-compliance with the provisions of DCB with an additional 5% of the global turnover of the SIDI for each day of continued non-compliance. CCI also has the power to suspend or revoke the licenses of SIDI that fail to comply with the provisions of DCB along with this, the CCI can also issue directions to SIDI’s to cease and desist from anti-competitive practices. CCI may in its discretion appoint a monitor to oversee the compliances done by SIDI’s. further, CCI may also order SIDI’s to compensate affected parties for losses suffered due to anti-competitive practices. DCB also provides for personal liability of key managerial personnel in cases of willful non-compliance. The legislation established a specialized digital markets unit within the CCI to oversee enforcement and conduct market studies. NM LAW OPINION: The Digital Competition Bill aims to promote fair competition and innovation in the digital marketplace and targets monopolistic practices, such as self-preferencing, that stifle competition and innovation by promoting a level playing field, the DCB fosters an environment where new entrants and smaller competitions can thrive. Although some argue that the DCB’s provisions may lead to excessive regulation, hindering the ability of companies to innovate and adapt. Moreover, requirements and enforcement mechanisms under DCB may create uncertainty, making it challenging for businesses to comply. Overall, the Digital Competition Bill aims to strike a balance between promoting competition and innovation while protecting consumers. Its success will depend on effective implementation, clear guidance, and ongoing evaluation to address any unintended consequences.