MANAGING LEGAL COMPLIANCES….

INITIATIVE TO BE ON RIGHT SIDE OF THE LAW

Enabling compliance reporting

E-enablement of compliance reporting

Corporate Compliance Quotient

Need for legal compliance

Agenda

Need for legal compliance

4

IFC

Clause 49

IFRS

IS Governance

Sarbanes-Oxley

Directors’ responsibilities

Fraud risk

Environmental risk

OH&S

Basel II

The changing regulatory landscape

J-SOX

Tax risk

Ind AS

Contract Risk

India..…. Era of Corporate Governance

5

1998 1999 2002 200420032000 2001

MA

TU

RIT

Y/

SU

ST

AIN

AB

ILIT

Y

INITIATIVES

CII

Kumar Mangalam Birla Committee

Clause 49

DCA - Task Force On Corporate

Excellence

DCA Report

Narayan Murthy Committee

Naresh Chandra Committee

2013

Amended clause 49

IFC

2015

Listing

Agreement

2015

What the world has faced

6

► Ensure that business and operations is conducted within the precincts of

rules and regulations:

► Keep the company out of trouble

► Avoid prosecutions, penalties and fines

► Foster the image of the company as a responsible corporate citizen

Regulatory

Need

Business

Need

Need for legal compliance

► Clause 49 reporting on legal compliance

► The Audit Committee shall mandatorily review reports relating to

compliance with laws

► The Independent Director shall periodically review legal compliance

reports prepared by the company as well as steps taken to rectify

instances of non-compliance

7

Companies Act 2013 requirements

8

Section 134(5)(e) - The directors, in the case of a listed company, had laid

down internal financial controls to be followed by the company and that

such internal financial controls are adequate and were operating effectively

Section 134(5)(f) - The directors had devised proper systems to ensure

compliance with the provisions of all applicable laws and that such

systems were adequate and operating effectivelyDirectors

responsibility

statementSection 134(3)(q), sub-rule 8(5) - “In addition to the information and details

specified in sub-rule (4), the report of the Board shall also contain: …“the

details in respect of adequacy of internal financial controls with reference to

the financial statements.”

Explanation - For the purpose of this clause “Internal Financial Controls” means the policies and

procedures adopted by the company for ensuring the orderly and efficient conduct of its business,

including adherence to company’s policies, the safeguarding of its assets, the prevention and

detection of frauds and errors, the accuracy and completeness of the accounting records, and the

timely preparation of reliable financial information.

Section 134(8) – contravention punishable with fine which shall not be less

than Rs. 50,000 but which may extend to Rs. 2,500,000 and every officer of

the company who is in default shall be punishable with imprisonment for a

term which may extend to 3 years or with fine which shall not be less than Rs.

50,000 but which may extend to Rs. 500,000 or with both.

Entity Level Controls (ELC)

9

Business Risk

Management

Whether risk management policy and procedures are in place? Whether formal risk

assessment has been carried out or not?

Business Ethics

FrameworkWhether whistle-blower policy and Code of conduct exists and implemented ?

Internal Audit and

Financial Integrity

Whether internal audit function is independently reporting to Audit Committee?

Whether roles and responsibilities of senior management is defined and

documented? And Whether adequate segregation of duties exists?

Legal Compliance

Framework

Whether legal compliance framework is documented and compliance health to

checked on periodic basis?

Fraud Risk

Management

Whether Fraud Risk Management policy exists, detailing structure of fraud

deterrence, prevention and investigation, fraud incidence response guidelines.

Whether Key controls to mitigate fraud risks are identified and monitored for

compliance on regular basis.

Business

ContinuityWhether Disaster Recovery Plan, Business continuity plan and crisis management

policy defined and implemented?

Succession

PlanningWhether formal process of succession planning defined and implemented?

Management

Operational Review

Whether formal process management oversight and review mechanism exist and

followed?

ELC Component Requirement

Corporate Compliance

Quotient

Are you aware of all

important laws applicable

to your organization ?

Are you confident while

signing the legal

compliance declaration ?

Does your organization

have a compliance officer ?

How do you prevent/

track legal non

compliances?

Who tracks legal cases in

your organization?

Have you answered all the questions in affirmative ?

What’s your corporate compliance quotient

11

Challenges in legal compliances

Compliances are required to be made against law on an

ongoing basis

Non compliance may lead to imposition of penalties and

fines on the company and/or its officers

Public knowledge of non compliance with statutes

adversely impacts the company’s brand image

Certain non compliances may lead to

- Revocation of operating license

- Sealing of premises

- Imprisonment of key officers

- Freezing of bank accounts

12

Enabling Compliance

Reporting

Identify

applicable

laws

► Identify applicable laws, statutes, etc. at a pilot location

► Extend the project in a phased manner across principal locations of

the company

Assign

ownerships

for

compliance

► Identify personnel responsible for complying with applicable laws

► Identify reporting and reviewing mechanism of compliances

Launch and

deploy an IT

workflow

solution

► Deploy an online workflow solution to :

► Alert & guide users on the requirements & seriousness of

compliances

► Provide on demand holistic view of organisation-wide

compliance via dashboards, trends and MIS reports

► Automate workflow minimizing manual interface through online

alerts, surveys and reporting

Steps for enabling compliance reporting

14

An Integrated legal compliance framework

• Formal compliance organisation structure

• Listing of all applicable laws and statutes

• Clearly defined roles, responsibilities & accountability

• Compliance monitoring and reporting mechanism

• Structured approach towards ensuring 100% legal

compliance

A legal compliance framework is a comprehensive solution to ensure compliances

15

Benefits of an integrated legal compliance framework

• Determination of applicability of statutes, laws

and enactments in terms of:

- Specific requirements

- Periodicity of compliance

- Implications of non-compliance

• Standardized compliance procedures across

the organization

• Defined escalation procedures

• Formal guidance to individuals entrusted with

the responsibility of execution

• Periodic review through reports and MIS

16

Key Elements of Legal Compliance Framework

Repository of applicable laws and statutes1

Policy and strategy for legal and

regulatory compliance2

Legal compliance organization structure3

Clearly defined roles, responsibilities &

accountability5

Procedures for ensuring complete legal

compliance4

Non compliance severity categorization6

The Legal Compliance Framework can also be e-enabled

17

Components of Legal Compliance Framework

Legal Compliance Framework

Compliance Manual Compliance StructureCalendar of Key

Activities

Compliance Reports

Legal Compliance Database & Reports

Compliance Database

(Regular & Significant)

18

Compliance manual

• The Legal compliance framework manual contains the following

information:

– Need for an integrated legal compliance framework

– Purpose of the framework

– Reporting structure for legal compliance

– Overall Process flow of activities

– Roles and Responsibilities of individual users

• The Manual will have separate sections on regular and event driven

legal compliances each of the section contains the following:

– Structure of master database;

– Data entry templates;

– Data validation templates;

– Alert templates; and

– Compliance report templates

19

Compliance structure

Board or Directors / Audit Committee

Chief Compliance Officer

(The Company Secretary)

Compliance officers from each department

Projects Commercial Technical Finance Personnel

Compliance Owners

Monthly Updates

Monthly Updates

Quarterly Updates

Legal Compliance

Structure

•The Legal

compliance

structure will be

supported by a

legal compliance

database

maintained by a

database

administrator.

•The database will

provide periodic

alerts and will be

used to input

compliance

information.

Regional offices Corporate Office Project Sites

20

Calendar of Key Activities

21

Compliance database

Compliance

Database

•The Compliance

Database will be

co-developed with

appointed /

designated legal

experts.

22

Compliance reports

Statute groups Projects Finance Commercial Personnel Technical Compliance

Requirement

(having severe

implications)

Implication Business

Head

Action

Plan

Action Plan

Status

Labour Laws Executed

Industrial Laws N.A N.A

Direct Taxation Executed

Indirect Taxation Executed

Corporate Laws Executed

Environmental Laws Executed

IPR Laws N.A N.A N.A N.A N.A

Employee related Laws Executed

Other Laws Executed

Compliance Summary

The Chief compliance officer prepares a summary of Non-compliances and delayed

compliances having severe implications for review by the Board/Audit Committee

23

E-enablement

of compliance reporting

Online legal

compliance

dashboard

Surveys inputs

Compliance

Questionnaires

Compliance owners

Compliance

Questionnaires

Legal Checklists Legal Checklists Legal ChecklistsKey Steps

Process for reporting

Identify

Compliances

Circulate

online

compliance

feedback

Seek and

report inputs

from

compliance

owners

Online tool for

compliance management

Online compliance reporting – the framework

25

Thank You

Sidheshwar Bhalla

Director

Deloitte Haskins & Sells LLP

Email ID: sibhalla@deloitte.com

Contact No.: +91 989978 7786