The HR Compliance Playbook Every Indian & Global Employer Needs in 2026
Table of Contents
Let’s Be Honest — HR Compliance in India Just Got Real.
Here’s a question for you: When was the last time you audited your HR compliance stack?
If your answer is ‘We’ll do it next quarter,’ this guide is exactly what you need.
India’s labour landscape just underwent its biggest transformation in 70 years. Twenty-nine laws collapsed into four codes, digital auditing replaced inspector raj, and gig workers are suddenly on the statutory benefits radar.
Globally, AI governance, GDPR, and pay transparency mandates are reshaping what it means to be a compliant employer.
The question is no longer ‘What is the law?’ The question is: ‘What happens when you miss a beat?’ — and in 2026, the answer is expensive.
📊 Key Numbers You Can’t Ignore in 2026
1️⃣ The Four Labour Codes — India’s Biggest Compliance Shift in a Generation
Code on Wages | Industrial Relations Code | Social Security Code | OSH&WC Code
So, what exactly changed?
On 21 November 2025, the Ministry of Labour notified all four Labour Codes for implementation from 1 April 2026. This isn’t an update — it’s a structural overhaul.
What’s actually different?
Code on Wages (2019)
Introduces the ‘50% Rule’ — your employee’s basic wage must be at least 50% of their gross CTC. This one change alone affects PF calculations, gratuity, and take-home pay across India.
Industrial Relations Code (2020)
Increases the threshold for retrenchment approvals from 100 to 300 workers. Fixed-term contracts are now recognised nationally — and get gratuity eligibility after just 1 year.
Code on Social Security (2020)
Gig workers and platform workers are formally included in the social security framework for the first time. Gratuity ceiling raised from ₹10 lakh to ₹20 lakh.
OSH&WC Code (2020)
A 48-hour weekly cap, daily maximum of 12 hours, mandatory double-rate overtime beyond limits. Extends coverage to establishments with 10+ workers.
💡 Real Talk
A manufacturing firm in Ahmedabad with 150 workers spent 40 hours weekly on payroll. They missed a PF deposit deadline and faced a ₹50,000 penalty notice. With the new codes, that kind of oversight hits faster — and harder.
Your Compliance Checklist — Labour Codes
✅ Restructure salary components: ensure basic wage ≥ 50% of gross CTC
✅ Recalculate PF, ESI, and TDS — all impact from the 50% wage rule
✅ Review all fixed-term employment contracts for gratuity eligibility after 1 year
✅ Register gig/platform workers with EPFO and ESIC as required
✅ Update standing orders and HR policies to reflect the new Industrial Relations Code
✅ Implement timekeeping systems to track 48-hour weekly caps and overtime automatically
✅ Process full-and-final settlements within 48 hours as required under new rules
2️⃣ Payroll & Wage Compliance — The Ticking Clock
PF | ESI | TDS | Professional Tax | Minimum Wage
Here’s a question: Do you know the minimum wage rate for unskilled labour in your specific city right now?
Because it’s different in Bengaluru, Mumbai, Hyderabad, and Delhi — and all of them changed in 2026.
₹3 Lakh
Maximum penalty for payroll non-compliance in India — plus back payments and potential imprisonment for serious violations.
7th & 15th
Deadline for TDS deposit on salaries | 15th for PF and ESI contributions — missing these triggers automatic penalty notices.
The Ministry of Labour’s Shram Suvidha portal now functions like a digital audit camera into every company’s payroll department. The ‘we didn’t know’ defence is gone.
Your Compliance Checklist — Payroll
✅ Verify minimum wage compliance for unskilled, semi-skilled, skilled, and highly skilled workers at state AND city level
✅ Deposit EPF (12% employer + 12% employee) by 15th of each month
✅ Deposit ESI (3.25% employer + 0.75% employee) by 15th of each month
✅ File TDS on salary and deposit by 7th of each month
✅ Pay professional tax in all applicable states (rates vary by state)
✅ Pay statutory bonus of 8.33–20% of wages to all eligible employees (companies with 20+ workers)
✅ Maintain payroll records for minimum 5 years (digital records mandated under new codes)
✅ Use HRMS or payroll software — 67% of Indian companies already do
3️⃣ Worker Classification — The Contractor Trap
Gig Workers | Fixed-Term | Contract Labour
Let’s have a real conversation about this one.
How many people in your organisation are on ‘freelance’ or ‘contractor’ contracts but effectively work 9-to-6, follow your policies, use your equipment, and attend your team meetings?
If that’s happening, you may have a misclassification problem — and in 2026, the consequences are steeper.
Globally, Malaysia’s Gig Workers Act took effect 31 March 2026 — giving platform workers statutory protections for the first time. South Korea’s amended ‘Yellow Envelope Act’ has expanded the definition of ’employer’ to include any entity with substantial control over working conditions. India is heading the same direction.
India-Specific Rules You Must Know
The Social Security Code 2020 formally brings gig and platform workers into the social security fold — contributions and eligibility are being defined state by state.
Principal employer liability: If your contractor fails to pay wages, YOU must pay them directly under the new Contract Labour provisions.
Fixed-term employees are now entitled to gratuity after just 1 year of continuous service — previously it was 5 years.
⚠ Compliance Risk
Misclassifying workers may result in back wages, unpaid statutory contributions, penalties, legal disputes, and employer liability claims. Regulators are increasingly focusing on worker classification practices.
Your Compliance Checklist — Classification
✅ Audit every contractor/freelancer relationship against a multi-factor test: who sets hours, provides tools, manages work?
✅ Document business justification for each contractor classification
✅ Register gig workers with the central aggregator portal (under Social Security Code)
✅ Ensure all fixed-term contracts specify clear terms and are eligible for statutory benefits
✅ Train managers: avoid treating contractors like employees (it creates statutory obligations)
✅ Track global: if you work with contractors in Malaysia, South Korea, Netherlands, EU — new local classification rules apply
4️⃣ POSH Act & Anti-Discrimination — Non-Negotiable, Not Optional
Sexual Harassment | Inclusive Hiring | LGBTQ+ Inclusion
Every company with 10 or more employees in India must comply with the Prevention, Protection and Redressal of Sexual Harassment at the Workplace Act (POSH), 2013.
Every. Single. One.
And yet — enforcement complaints have been rising year-on-year. Are you covered?
Global Parallels: Anti-Discrimination Trends Worldwide
EU Pay Transparency Act
Coming into effect in 2026 for large EU employers — requires salary range disclosure and pay gap reporting by gender.
UK Worker Rights Act 2026 Expansions
Stronger protections for flexible workers and whistleblowers.
Colombia 2026
New identity marker protections added to employment law — including non-binary recognition.
📌 Important Reminder
POSH compliance is not just a policy document. It requires ongoing training, proper reporting mechanisms, investigation procedures, and leadership accountability. Regulators and employees increasingly expect active compliance, not paperwork alone.
Your Compliance Checklist — POSH & Inclusion
✅ Constitute an Internal Complaints Committee (ICC) — minimum 50% women members, external member required
✅ Conduct mandatory annual POSH training for all employees and ICC members
✅ File Annual Report with District Officer (due by 31 January each year)
✅ Extend POSH policy to include remote workers, gig workers, and third-party vendor staff
✅ Update EEO/diversity policies to include gender identity, caregiver status, and disability accommodations
✅ If hiring from or operating in EU: prepare for EU Pay Transparency Act disclosures
5️⃣ Leave Management — More Complex Than It Looks
Maternity | Paternity | PL / SL / CL | State Variations
Quick test: Can you name the paid leave entitlements for an employee in Telangana vs Tamil Nadu?
If you hesitated, you’re not alone — and that’s the problem.
Leave compliance in India is still largely state-governed, and the variation is wide.
India Leave Framework at a Glance
Earned Leave (EL)
Minimum 1 day per 20 days worked (varies by state Shops & Establishments Act).
Maternity Leave
26 weeks paid for companies with 10+ employees (for first two children), under Maternity Benefit Act 1961 (amended 2017).
Sick Leave & Casual Leave
Vary by state — typically 7–12 days each per year.
Paternity Leave
No central law in India yet — but many MNCs and tech companies are setting the standard voluntarily.
🌍 Global Context
The US has 13 states with mandatory paid family leave. The EU mandates minimum 4 months parental leave. India has world-class maternity protection but lags on paternity — expect this to change in the next reform cycle.
Your Compliance Checklist — Leave
✅ Create a leave policy document referencing the specific Shops & Establishments Act for each state you operate in
✅ Ensure 26 weeks maternity leave for eligible employees — and crèche facilities for 50+ employee establishments
✅ Set up payroll to automatically track leave balances and statutory encashment rules
✅ Define paternity and adoption leave policies proactively — even before the law mandates it
✅ Build concurrent leave tracking: ensure maternity, FMLA (for MNCs), and state leave aren’t double-counted incorrectly
6️⃣ Data Privacy — The DPDP Act Is Here. Are You Ready?
DPDP Act 2023 | GDPR | Biometric Data | AI in HR
This is the section most HR teams in India are under-prepared for.
Let’s fix that.
India’s Digital Personal Data Protection (DPDP) Act 2023 is in phased enforcement. It covers every company that processes personal data of Indian citizens — including your employees’ Aadhaar, PAN, biometrics, and performance data.
Global Data Privacy: What MNCs Must Layer On Top
GDPR (EU)
Fines of up to €20 million or 4% of global annual turnover — applies if you process data of EU residents or hire remotely in Europe.
GDPR + Remote Hiring
If your company has even one remote employee based in Europe, you’re processing personal data subject to GDPR — period.
China Cybersecurity Law 2026 Amendments
Updated rules on cross-border data transfers — relevant for India-China-operating enterprises.
AI in HR — India’s Fastest Growing Compliance Blind Spot
Using AI tools for resume screening? Conducting video interviews with automated scoring? Using productivity monitoring software? Every one of these activities now has compliance implications.
The EU AI Act is coming — high-risk AI systems in employment decisions will require conformity assessments.
New York City’s Local Law 144 is already live: annual bias audits of AI hiring tools and candidate notification required.
India’s DPDP Act will require explicit consent before processing personal data through automated systems.
Your Compliance Checklist — Data Privacy & AI
✅ Map all employee personal data: what you collect, store, share, and for how long
✅ Draft and publish a Privacy Notice for employees (mandatory under DPDP Act)
✅ Appoint a Data Protection Officer or Consent Manager if your data processing is significant
✅ Get written consent before collecting biometric data (fingerprints for attendance, facial recognition)
✅ Establish a 72-hour data breach reporting protocol internally
✅ If operating in EU: implement GDPR Standard Contractual Clauses for cross-border data transfers
✅ If using AI hiring tools: audit for bias, get candidate disclosures in place, prepare for EU AI Act
✅ Disclose all electronic monitoring to employees upfront
7️⃣ Workplace Safety — OSH&WC Code & Beyond
Factories Act | Remote Work Safety | OSHA Global Parallels
Here’s a reality check: Workplace safety compliance in India has historically been strong on paper and inconsistent in practice. The OSH&WC Code changes that dynamic.
What the OSH&WC Code 2020 Introduces
Applies to all establishments with 10+ workers (previously, many provisions kicked in only at 500+).
Mandatory health check-ups for workers in hazardous industries.
Digital maintenance of workplace safety registers and records.
Inspections are now web-based, randomised, and algorithm-driven — not based on inspector discretion.
🌍 Global Benchmark
The US OSHA fined employers $16,550 per serious violation in 2025, with willful/repeat violations exceeding $165,000. India’s OSH Code is modelled on similar principles — inspectors will now help employers comply, but serious violations still attract heavy penalties.
Remote Work: The Compliance Frontier Nobody’s Talking About
With 35% of India’s tech workforce working in hybrid or fully remote models, workplace safety compliance has a new frontier: the home office.
🪑 Do your remote employees have ergonomic setups? Document it.
🧠 Is your mental health and employee assistance policy updated for remote workers?
🏠 Your duty of care extends to the home office — it always has.
Your Compliance Checklist — Safety
✅ Post all required safety notices digitally and physically at all establishments
✅ Register all establishments under the OSH&WC portal
✅ Maintain digital injury/illness logs as required under the Code
✅ Conduct annual safety training for all employees — including remote workers
✅ Prepare a safety inspection response protocol (who accompanies the inspector, who handles documents)
✅ Add remote worker ergonomics and mental health policies to your employee handbook
8️⃣ Hiring Compliance — From Job Post to Day One
Contract Labour | Background Checks | Inclusive JDs
Your compliance clock starts the moment you post a job. Let’s walk through what that looks like in 2026.
What Most Indian Employers Still Get Wrong in Hiring
Job descriptions that exclude candidates based on implied characteristics (gender, caste, religion) — a violation of the Equal Remuneration Act and the new Wage Code’s non-discrimination provisions.
No written offer letters or employment contracts — leaving both sides unprotected.
Contract labour engaged without proper principal employer registration under the CLRA.
Background checks conducted without employee consent — a DPDP Act violation.
🌍 Global Hiring Compliance Flags for MNCs and Remote-First Companies
Hiring in EU? GDPR applies to candidate data from the first resume received.
Hiring in the UK? The Worker Protection Act 2024 creates enhanced employer duties around third-party harassment.
Hiring in the US? Salary history bans now cover 22+ states — do not ask about previous compensation.
📌 Compliance Insight
A compliant hiring process doesn’t start on an employee’s first day. It begins with the job advertisement, continues through candidate screening, interviews, background verification, offer issuance, and onboarding documentation.
Your Compliance Checklist — Hiring
✅ Ensure all job descriptions are gender-neutral and skills-focused
✅ Issue signed offer letters and employment contracts to every hire before Day 1
✅ Register as principal employer under Contract Labour (Regulation & Abolition) Act for all contract staff
✅ Conduct background verification only with written consent (PAN, Aadhaar checks under DPDP Act require consent)
✅ Do not ask for caste, religion, family planning, or medical history in interviews
✅ If hiring globally: research and apply local salary transparency, salary history, and notice laws
9️⃣ Documentation — Your First (and Last) Line of Defence
Policies | Records | Consistency
Let’s be straight with each other: documentation is boring.
But here’s what’s also boring — paying fines, losing labour court cases, and watching your compliance gaps become headlines.
When a labour department inspector walks in, or an employee files a complaint, documentation is literally your defence. Without it, agencies default to the employee’s version of events. Every time.
📊 Compliance Reality Check
A 2024 survey found that only 47% of small and midsize organisations have established formal HR compliance checklists. That means more than half are operating on assumption — which in 2026 is a liability, not a strategy.
📁 Why Documentation Matters
Strong documentation creates consistency, demonstrates compliance efforts, protects employers during audits, investigations, and legal disputes, and provides a clear record of decisions made throughout the employee lifecycle.
Your Compliance Checklist — Documentation
✅ Maintain an up-to-date, legally reviewed Employee Handbook — redistribute and get signed acknowledgements annually
✅ Keep personnel files, medical files, and I-9 equivalents (Form 16, Aadhaar records) separately and securely
✅ Document all performance discussions, disciplinary actions, and accommodation requests in writing
✅ Maintain digital payroll and statutory contribution records for minimum 5 years
✅ Apply documentation practices consistently across all offices and employee categories — inconsistency is itself evidence of discrimination
✅ Have a record retention and secure disposal schedule for all HR documents
🔟 Build a Proactive Compliance Programme — Not a Reactive Fire Drill
Calendar | Monitoring | Culture
Here’s the real conversation: reactive compliance is expensive.
Proactive compliance is an investment.
The organisations that treat compliance as an ongoing discipline — not a once-a-year activity — are the ones that spend less time in labour courts, less money on fines, and more time growing their business.
What Proactive Compliance Looks Like in India in 2026
📍 You know your geographic footprint: which states you operate in, which laws apply in each.
📅 You have a compliance calendar that covers PF/ESI deadlines (15th), TDS deadlines (7th), annual returns, POSH reports (31 Jan), and labour code filings.
⚙️ Your HRMS flags changes automatically — when minimum wages update, when leave balances hit thresholds, when deadlines approach.
🛡️ You have a whistleblower / speak-up channel and investigate every complaint promptly.
💡 Compliance Insight
The most successful organisations don’t wait for audits, complaints, or notices to discover compliance gaps. They build systems that identify risks early, automate routine tasks, and make compliance part of everyday business operations.
Your Compliance Checklist — Programme Building
✅ Build a monthly compliance calendar: PF/ESI by 15th, TDS by 7th, Professional Tax by state deadline, annual returns
✅ Subscribe to MoLE / state labour department notifications and Shram Suvidha portal updates
✅ Conduct quarterly self-audits of payroll, contract labour, leave, and documentation
✅ Invest in HRMS with compliance automation — it pays for itself in the first penalty avoided
✅ Create a clear escalation path: who owns compliance, who signs off, who reports to the board
✅ Set up anonymous employee grievance channels and respond to every one
Bonus: Global Compliance Snapshot for Indian MNCs & Remote-First Teams
The Bottom Line
Compliance in 2026 is not a one-time project. It’s a discipline.
Whether you’re a 20-person startup in Hyderabad, a 5,000-person enterprise across India, or an MNC with remote teams spanning three continents — the rules are tighter, the penalties are steeper, and the scrutiny is digital.
The employers who invest on the front end spend dramatically less on the back end. And the ones who treat compliance as part of their culture — not just their legal obligation — build the kind of employer brand that attracts and retains great people.
Start with one section from this guide this week. Pick the area where you know your biggest gap is. Build from there. Compliance is a journey, not a destination — and the best time to start is now.
Mintopps Helps Indian and Global Employers Build Smarter HR Systems
From payroll automation to compliance audits, we’re built for the complexity you face every day.
Visit mintopps.com to learn more.