As GCCs scale to newer heights, the mid-market heats up, and the number of these centres in India scales past the 2000 mark, if there is one word that matters to everyone, it has to be GOVERNANCE.
The landscape in India is rapidly changing. New privacy laws have been frozen (Digital Personal Data Protection or the DPDP Act 2023), and the business rules are about to be announced. While reporting on ESG is mandatory for the top 1000 listed companies, several GCCs (Global Capability Centers) have had to report on their activities to meet the needs of their US and European parentage.
It is not the privacy and ESG regulations that are evolving. Regulators are policymakers are increasingly seeking higher standards of anti-money laundering compliance from India-based entities. India’s banking regulator, the Reserve Bank of India (RBI), and the Enforcement Directorate (ED) want companies to enhance compliance. They require businesses to enhance their due diligence processes and report suspicious transactions. Technology solutions and tools that can track and monitor compliance are becoming increasingly important.
The Evolving Landscape
The NASSCOM-Zinnov report launched recently said that over the last two years, mid-market GCCs have been pathbreakers with 45 new units setting up India operations. These mid-tier companies account for nearly 35 percent of GCCs. The mid-tier firms include 480 centres and 680 units, employing over 210,000 individuals and constituting 27 percent of the total in India. As these mid-tier companies look to rapidly expand in India, while their parent companies ensure compliance, the India entity will need to keep local regulatory compliance in check.
Says Deepak Bhawnani, Founder, Alea Consulting, India’s private global risk mitigation consulting firm., “With laws like GDPR, CCPA, PIPL, and India’s DPDP, global corporations need to comply with their home country regulations and with local laws where they operate. ISO 27701, the international standard for Privacy Information Management Systems (PIMS), is crucial for managing data and ensuring global compliance. Companies need to stay aligned with these and other such standards to avoid fines and legal challenges. Senior management must ensure relevant local checks so that they are prepared to respond quickly if embroiled in compliance failures by their vendors, suppliers, partners, or other stakeholders.”
Enhanced Reporting for Internal Checks
The regulator is looking at enhanced reporting, but the internal checks have to be enhanced too, and the Ministry of Corporate Affairs (MCA) has introduced new rules to improve transparency and accountability. Businesses are expected to have stricter internal controls, improve and enhance board oversight, and implement comprehensive risk management frameworks.
For several years now, India’s direct tax laws have been evolving and getting more reliant on technology. Called Project Insight by the Income Tax department, the department uses advanced data analytics to identify potential tax evaders whose earnings and expenses don’t match what has been declared. Companies are similarly expected to organise their data with the ‘single source of truth’ for what is reported in their tax filing. With $128 billion in export revenues, according to NASSCOM, GCCs could be on the taxman’s radar.
Some GCCs may be compliant with Europe’s AI law. With India working towards establishing a National AI Safety Institute, formal legislation around AI could add to the compliance that GCCs (and other companies) must follow.
India’s Compliance Crossroads: Global Corporations Face Growing Scrutiny
As India’s regulations seek to come into line with other international standards, global companies will have to navigate the challenges and the possible dual reporting that could be necessitated. As software tools evolve to allow companies to automate their practices, it could help in automating routine compliance tasks.
As is seen during every boom cycle, corporate India is having to go through worries around corporate governance and, some fear, issues of malfeasance. Market regulator SEBI has raised multiple issues around the conduct of the promoters of Gensol. Last year, PTC India CMD was barred from holding positions in listed companies. Manpasand Beverages had faced the heat in the past.
Several global corporations have also faced regulatory challenges in India, including charges of tax evasion and non-compliance with local regulations. Is tax enforcement becoming a tool for Indian authorities to regulate foreign investment? The jury is still out. Among companies that have faced regulatory scrutiny and some were fined include Samsung, Nestle, Foxconn, Vivo, Walmart, Nokia, Vodafone, and several more. The list is long!
As some in the industry say, compliance begins afresh every day.
The regulatory landscape in India is evolving fast — don’t let governance challenges catch you off guard.
Follow us on LinkedIn for expert insights, legal updates, and practical playbooks tailored for global corporations and their India GCCs.
