Companies Act 2013:Implementing a robustsystem of compliance management

2 | Companies Act

Gearing up for implementing Section 134 & 205

Call to action

Align the compliance program to the organization’s strategy and

business objectives

Create structures and committees for oversight and review

Assess design of the compliance program

Review how business policies and processes address compliance obligations

Identify key positions and underlying exposures

Identify and refresh your compliance universe

Monitor, measure and report Compliance audit Certificate — directors and performance of the program company secretary

Applicability

► Every company

Key compliance requirements

► Directors: Section 134 (5) The Directors’ Responsibility Statement referred to in clause (c) of sub-section (3) shall state that the directors: ► have devised proper systems to ensure compliance with the provisions of all applicable laws ► have ensured such systems were adequate and operating effectively

► Company Secretary: Section 205 (1) The functions of the company secretary shall include a report to the board about compliance with the provisions of this Act, the rules made thereunder and other laws applicable to the company

Key considerations ► Positive confirmation is required from directors and the company secretary on compliance with all laws

► Ordinarily, a company needs to comply with more than 60 central legislations and more than 20 state legislations per state in which it operates

► Companies need to assess how to:

► Embed compliance management in existing processes and management review mechanism

► Make compliance management everyone’s responsibility and reward behavior supporting compliance management

Areas of consideration for the directors and CXOs

Well Requiresprepared consideration

Strategy

► A robust compliance program exists and is documented

► Structures and committees exist for oversight and review; responsibility for compliance outcome is clearly defined

► Compliance policy is articulated and published

► Clear communication of intent by the governing body and top management

► The program addresses critical obligations that impact my business model and strategy

► A mechanism exists to measure, monitor and report on results to the top management and the board

► Appropriate resources are allocated to develop implement, maintain and improve this program

► Clear road-map for implementation and continuous improvement

Operations

► Compliance obligations have been identified for operations in

► India

► Other countries

► A robust process exists to consider and update changes to law

► Key positions and related exposures are documented for

► India

► Other countries

► Compliance obligations are addressed by policies, SOPs and IT systems

► Competence and training needs for process owners are identified and addressed

Governance

► Results of the compliance program are monitored

► Independent assurance is provided on results of the program on a periodic basis

► Formal certification is provided by the company secretary and directors on regulatory compliance

► Behaviors/actions that support compliances are rewarded and encouraged

4 | Companies Act

Notes

Clie

ntCo

ntex

t

Some of our experience

Fortune 500 company

► The company had a compliance monitoring tool. It wanted to be sure whether the compliance program was adequately addressing its obligations and key exposuresP

rogr

am s

et u

p/im

prov

emen

t

Client Context Approach Impact

► Prepared phased road map for improvement (including policy, structure)

► Identified changes to business policies, IT system and practices

► Identified key exposures across laws and tax saving opportunities

► Did a gap analysis of existing framework

► Created a comprehensive library of regulations and business controls

► Examined key positions taken by the company

► Identified gaps and benchmarked with practices of leading companies

► Created a road-map to embed compliances in business as usual – expansion, new product launches etc.

► Identified compliance obligations for multiple plants, branches and warehousing locations

► Linked compliance obligations to actions

► Provided training and orientation for personnel on compliances across all units

► Identified changes to business policies and processes

► Activated compliance alerts and monitoring through EY’s compliance management software

► Provided periodic legal updates and independent review

► Identified compliance obligations

► Trained and oriented relevant personnel on their respective compliance obligations

► Implemented EY’s compliance management tool to provide compliance alerts and dashboards

► Communicated regulatory changes online to users

Leading metal and mining company in India

► The company wanted a centralized system to monitor compliances across multiple units across different states

Impl

emen

tati

on a

nd t

rain

ing

Leading Indian company with operations in more than 50 countries

► Examine compliance practices for core business operations across 23 countries

Inde

pend

ent

revi

ew

► Identified applicable compliances across 23 countries

► Undertook in-depth analysis of the current business and compliance processes

► Identified gaps based on review of data, evidences and discussions

► Recommended solutions relevant to each market, including changes to policy, process and technology

► Implemented recommended changes through the PMO

► Access to leading subject matter experts globally

► Key potential exposures in business practice identified

► End-to-end solution from diagnosis to remediation

6 | Companies Act

6

How can EY assist you in implementing a robust compliance management program

Areas of intervention Do I need support?

Program set up/improvement ► Assess the design of compliance framework; identify areas of improvement ► Prepare a road-map for implementation and improvement considering maturity and

risk appetite of the company

Governance ► Design and document compliance framework ► Policy ► Structures ► MIS and compliance dashboards

Implementation

► Implement a compliance management tool to monitor, measure and report status on compliance obligations

► Identify compliance universe

► Provide updates on changes to law

► Identify changes/clarifications to business policies and processes

► Review and assess results of compliance management on a quarterly basis

► Document revised policies and processes that address compliance obligations

► Outsource compliance management

► Tax

► Secretarial

► HR

► Examine/support in positions/calls taken on matters considering

► Tax

► Secretarial

► EHS

► HR

Training ► Conduct training of users on compliance requirements and business practices

► One time

► Ongoing

Monitoring and independent review/compliance audit ► Focused compliance audit on specific areas ► Prepare audit plan based on risk assessment ► Review and assess how critical obligations are addressed by policies and systems ► Evaluate key positions/stands ► Test-check compliances, identify gaps and recommend corrective action

Action oriented compliance

WhyEY?

Identified compliance universe

Link process to

compliances

Technology options

Compliance audits/ reviews*

Legal updates

Integrated skills

Compliance outsourcing

content created by practitioner

Combined legal expertise (HR, EHS, Tax, secretarial) with process knowledge

Capability to deploy SAP GRC/RSA Archer/EY’s in-house compliance management tool

Go beyond listing of legal requirements; help you link

existing policies and processes to compliance obligations

Support you in tax, HR and

Update changes to law

In depth review of program, compliances and positions

secretarial compliances

*Compliance audit involves conducting a risk assessment of applicable compliance obligations and performing test checks to determine whether these compliances haven been met for the audit period

8 | Companies Act

EY officesAhmedabad 2nd floor, Shivalik Ishaan Near C.N. Vidhyalaya Ambawadi Ahmedabad - 380 015 Tel: + 91 79 6608 3800 Fax: + 91 79 6608 3900

Bengaluru 12th & 13th floor “UB City”, Canberra Block No.24 Vittal Mallya Road Bengaluru - 560 001 Tel: + 91 80 4027 5000

+ 91 80 6727 5000 Fax: + 91 80 2210 6000 (12th floor) Fax: + 91 80 2224 0695 (13th floor)

1st Floor, Prestige Emerald No. 4, Madras Bank Road Lavelle Road Junction Bengaluru - 560 001 Tel: + 91 80 6727 5000 Fax: + 91 80 2222 4112

Chandigarh 1st Floor, SCO: 166-167 Sector 9-C, Madhya Marg Chandigarh - 160 009 Tel: + 91 172 671 7800 Fax: + 91 172 671 7888

Chennai Tidel Park, 6th & 7th Floor A Block (Module 601,701-702) No.4, Rajiv Gandhi Salai, Taramani Chennai - 600113 Tel: + 91 44 6654 8100 Fax: + 91 44 2254 0120

Hyderabad Oval Office, 18, iLabs Centre Hitech City, Madhapur Hyderabad - 500081 Tel: + 91 40 6736 2000 Fax: + 91 40 6736 2200

Kochi 9th Floor, ABAD Nucleus NH-49, Maradu PO Kochi - 682304 Tel: + 91 484 304 4000 Fax: + 91 484 270 5393

Kolkata 22 Camac Street 3rd floor, Block ‘C’ Kolkata - 700 016 Tel: + 91 33 6615 3400 Fax: + 91 33 2281 7750

Mumbai 14th Floor, The Ruby 29 Senapati Bapat Marg Dadar (W), Mumbai - 400028 Tel: + 91 022 6192 0000 Fax: + 91 022 6192 1000

5th Floor, Block B-2 Nirlon Knowledge Park Off. Western Express Highway Goregaon (E) Mumbai - 400 063 Tel: + 91 22 6192 0000 Fax: + 91 22 6192 3000

NCR Golf View Corporate Tower B Near DLF Golf Course Sector 42 Gurgaon - 122002 Tel: + 91 124 464 4000 Fax: + 91 124 464 4050

6th floor, HT House 18-20 Kasturba Gandhi Marg New Delhi - 110 001 Tel: + 91 11 4363 3000 Fax: + 91 11 4363 3200

4th & 5th Floor, Plot No 2B, Tower 2, Sector 126, NOIDA 201 304 Gautam Budh Nagar, U.P. India Tel: + 91 120 671 7000 Fax: + 91 120 671 7171

Pune C-401, 4th floor Panchshil Tech Park Yerwada (Near Don Bosco School) Pune - 411 006 Tel: + 91 20 6603 6000 Fax: + 91 20 6601 5900

Ernst & Young LLP EY | Assurance | Tax | Transactions | Advisory About EY EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization and may refer to one or more of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.

Ernst & Young LLP is one of the Indian client serving member firms of EYGM Limited. For more information about our organization, please visit www.ey.com/in.

Ernst & Young LLP is a Limited Liability Partnership, registered under the Limited Liability Partnership Act, 2008 in India, having its registered office at 22 Camac Street, 3rd Floor, Block C, Kolkata - 700016

© 2014 Ernst & Young LLP. Published in India. All Rights Reserved.

EYIN1401-005 ED None

This publication contains information in summary form and is therefore intended for general guidance only. It is not intended to be a substitute for detailed research or the exercise of professional judgment. Neither Ernst & Young LLP nor any other member of the global Ernst & Young organization can accept any responsibility for loss occasioned to any person acting or refraining from action as a result of any material in this publication. On any specific matter, reference should be made to the appropriate advisor.

a

For any queries on how EYcan assist you:

Please contact,

rahul.lovell@in.ey.com

ravi.mahajan@in.ey.com