
Fine Print, Real Cost: The Compliance Gaps Hiding in Plain Sight
India's labour and employment compliance landscape doesn't function as a single national code that a global HR or legal team can read once and apply everywhere. It's layered: central legislation sets the baseline, and state-specific rules sit on top of it, frequently differing in meaningful ways between Karnataka, Telangana, and Maharashtra, the very states hosting the bulk of the country's 2,100-plus GCCs.
Most compliance problems we encounter weren't caused by negligence. They were caused by frameworks that were technically built and never quite finished, or built correctly for the centre's size at the time and never revisited as it grew.

Where the gaps usually hide
A POSH framework that exists on paper, not in practice Plenty of organisations have a POSH policy document. Fewer have a functioning Internal Complaints Committee that's actually been trained, communicated, and tested. The difference between the two only becomes visible the first time it's needed, which is precisely the worst time to discover it.
A contractor classification that quietly stopped being defensible A classification that made sense when a function had forty people on contract can become legally exposed once that number crosses several hundred, particularly if the nature of the work has shifted from genuinely independent to functionally embedded. Nobody updates this proactively. It surfaces during an audit.
Statutory processes built for the wrong jurisdiction PF, ESI, gratuity, and other statutory obligations are frequently bolted onto a filing process designed around the parent company's home country requirements. It works, mostly, until a regulatory reporting cycle exposes the parts that don't.
Documentation that hasn't kept pace with the org chart Employment contracts, HR policy manuals, and standing orders written for a 50-person centre rarely scale cleanly to a 500-person one. The legal language might still be technically accurate. It's rarely still sufficient.
These gaps surface at the worst possible moment
None of the issues above trigger an alarm on day one. They accumulate quietly, and they tend to surface during an audit, a regulatory notice, or, most expensively, during transaction due diligence, when a buyer's legal team finds exactly what day-to-day operations never flagged.
The organisations that avoid this aren't the ones with zero risk. They're the ones who treat compliance as a continuous design discipline rather than a one-time setup task, revisiting frameworks as the centre scales rather than waiting for an external party to find the gap first.



