Author: Samir Paranjpe
Success stories of home grown unicorns have found a sweet spot in management lessons and entrepreneurial aspirations alike. A 2017 CB Insights report suggests that outside the U.S, India has the second highest number of unicorn start-ups in the world.
Over the past few years, India has witnessed an unparalleled rise in the growth of start-ups only to become one of the most coveted destinations for start-ups in the world. Efforts of the government to nurture innovation and encourage entrepreneurship have provided an impetus to the ecosystem. The launch of Startup India Action Plan in January 2016 and more recently, the proposed move to set up regulatory regime for VC funds in the Union Budget 2018 have been well-received by the industry. Other announcements pertaining to focus on technology (like Artificial Intelligence), strengthening of digital infrastructure in rural areas are likely to provide further stimulus to the ecosystem.
While support by way of providing a robust infrastructure, favourable regulatory regime, or other benefits are much needed, the onus to keep “compliance” right on track is a priority that start-ups need to set high in their agenda. Generally, a “startup” psyche is inclined heavily towards fundraising, break-even, and over a period of time creating a business that can manage cash flows and is ultimately scalable, to go beyond a start up. Little knowledge is a dangerous thing and compliance, more often than not, is wrongly perceived to be restricted to documentation or procedures to make inroads into registering a company, filing returns and other aspects of legal or statutory compliance. Other components of driving compliance, which have a far reaching impact on the survival of any firm is unfortunately, an oversight.
Pitfalls of being non-compliant
This attitude is increasingly being (at least) acknowledged as incongruous to the long-run health of a startup. There have been instances of global startups being slapped with fines by regulators for being non-compliant. In addition to regulatory repercussions, investor confidence gets shaken and as the business grows, it becomes difficult to instil a culture of compliance which was missing from the very beginning. Compliance is a “must-have” to mitigate the risks and complexities of doing business, given the diverse industry and regulatory requirements in India. Needless to say, it is way beyond a “check box” of meeting the requirements of doing business only.
Typical Compliance requirements for Startups
Lack of adequate knowledge around what constitutes compliance and governance is one of the biggest roadblocks faced by startups. The ambit of compliance surpasses legal or statutory compliance or requirements pertaining to set up and operate business only. Compliance must be at the heart of any business, to stay, for as long as the business exists. Practices relating to internal controls and processes, risk management, ethics etc. are some of crucial aspects in this regard.
Compliance goals in a start up’s prospective journey can be chartered as below. Depending on the industry of operation itself, the transition may be different.
Phase 1, Developing Minimum Viable Product
Often, with investments from friends and family, a team of 3-4 members including the founders, work towards building the Minimum Viable Product(MVP) and strategize subsequent phases of developing the final product. Once MVP is ready, only then startups consider hiring a professional (CA/CS/Lawyer) to legalize the entity and protect the intellectual property (if any). Considerable investment in terms of time and money has been put at this stage, and this time calls for establishing a robust compliance foundation as the ethical tone set by the core members is a benchmark for future incumbents and employees.
Compliance Goals: Typically, this phase involves determining the form of business entity like Partnership/Limited Liability Partnership, Corporation or Limited Liability Company etc. This follows compliance with the Companies Act or LLP Act to file financial statements and returns, audit compliance, carrying out general meetings, board organization etc. Further, as applicable procedures to register trademarks, patents, copyrights and other measures to protect intellectual property(IP) are taken.
Phase 2, Seek Investment & formalize operations: Post legal entity is formulated, a due diligence report is presented to investors in a quest of investment. This report focuses on the business model, financial modelling and anticipated growth over time, feasibility tests of the product and echoes market research to assess demand. Businesses which receive requisite funding go on to expand operations and achieve economies of scale over time.
Compliance Goals: Maintaining clear and up to date financial records, Compliance of Reserve Bank of India (RBI) and Foreign Exchange Management Act (FEMA) regulations, Compliance of Income Tax, Goods & Service Tax (GST), Employee State Insurance, Provident Fund, Gratuity, and other applicable corporate and labour laws.
Phase 3, Period of growth: Successful execution of operations sets the business on an ascending growth path. Investors keep a close watch on bottom line numbers to assess break-even and return on investment and advance strategies for a future exit or continued investment.
Compliance Goals: Set up internal control framework and draft policies that resonate with principles of a sound ethical culture including industrial certification of the product for quality assurance, if applicable. At the same time, as the business grows, challenges to be tackled with the increased size and complexities, whistle-blower complaints, vendor/customer disputes, improve financial performance etc.
Phase 4, Sustained Growth: During this period, the business is no longer a startup and has a strong foothold with sizeable revenues and employee strength which make it a strong market player and susceptible to challenges faced by the large corporations.
Compliance Goals: Continue to monitor internal controls, code of conduct, risks in view of the dynamic environment, local training programs for employees as well as third parties etc.
In a nutshell, any startup would require to address concerns relating to establish business and legal, tax, statutory compliance, third party risks, cultural issues, policies and procedures etc. However, a one-size fit all approach isn’t recommended as compliance needs vary depending on the business model, industry etc. For instance, for tech startups, educating end users about third party applications may be an integral part of its compliance programme. Therefore, the compliance programme must be designed keeping in mind the unique requirements of the business.
Recommendations for startups to address common challenges in this space include:
- Set the compliance framework
Establish an all-inclusive policy framework that includes an anti-bribery and anti-fraud policy, code of conduct, third party risks and lastly, the cultural issues, especially given the dominance of cultural norms in a developing country like ours.
Another critical aspect where founders play a critical role is setting the tone at the top. Leading by example makes others follow suit. A founder willing to initiate production at a manufacturing unit prior to receiving requisite permits from regulatory authorities indicates “acceptability” to corrupt practices or a “chalta hai” attitude.
- An “active” training program
Developing training programmes while staying conscious of compliance challenges faced at the ground level is important. A training program must facilitate making employees conscious of appropriate code of conduct, set the right expectation, and guidance to make the right choice when in a tough spot. Continuous evaluation and feedback on the training needs is imperative.
Secondly, issues faced by leadership vis-à-vis a blue collared employee or a factory worker may be contrasting, therefore, customizing training needs keeping in mind the target audience must not be ignored as well.
Lastly, this audience must extend to all levels across the organization and externally, as applicable.
- Remember your accountability to stakeholders
An investor, if provided with erroneous financial reports, can pull the plug on funds owing to mistrust and false representation leaving the startup in a lurch. Similarly, the Companies Act provides protection to shareholders from being defrauded. Strong financial reporting is therefore critical and stems from sound internal controls and effective risk framework
Treat all employees in a fair and equitable manner to ensure they contribute positively to the growth of the firm. HR and payroll policies go a long way to take care of this aspect
Well documented contracts with vendors and customers safeguard the business and provide these individual entities the ease of doing business. It accelerates the process of building a long term relationship with the company as well.
- Meet Legal and Statutory Compliance requirements
Being mindful of any changes in the existing regulatory policies and procedures is a must. Given the dynamic business environment we operate in; it is wise for startups to seek expert advice with respect to applicable statutes to ensure the requirements are in line with what is required by law.
- Establish Risk Management
A formalized risk management process safeguards against the potential vulnerabilities and risks which threaten business continuity. However, it is important that this framework in addition to strategies and practices to monitor and measure risk, provides actionable insights to strengthen the company’s approach towards mitigating them. It must be able to stand the tests of time and facilitate timely identification of potential red flags.
Large enterprises incur considerable expenditure to implement their risk management programmes. However, early on, any business must implement a basic framework that facilitates identification of risks and its impact and adequate controls.
The startup ecosystem is infused with innovation, technology and capability. It thrives on disruptive ideas which hope to shape a better tomorrow. However, non-compliance can, like any other business cost any aspiring firm dearly. The entrepreneurial DNA must not set compliance aside as a “checkbox” for future, but integrate into its day-to-day operations, a definite sign of any forward looking enterprise.
With contributions from Geetanjali Singh
The blog appeared in CFOIndia.