AKP Corporate & Compliance Digest October 06, 2025

We are delighted to share this week's AKP Corporate & Compliance Weekly Digest. Please feel free to write to us with your feedback at info@akandpartners.in.

1.  Labour Law

1.1. ESIC issues Amnesty Scheme 2025 guidelines for court and prosecution case settlements

Employees’ State Insurance Corporation (ESIC) issued detailed guidelines for a one-time “Amnesty Scheme 2025” running from October 1, 2025 to September 30, 2026 to settle disputes under the Employees’ State Insurance (ESI) Act: closed units with long-pending coverage litigation may see withdrawal, running or recently closed units can settle by producing records and paying due contributions with interest, employers lacking records must pay at least 30 per cent (thirty per cent) of assessed contribution with interest while no damages are levied, damages disputes can close on payment of 10 per cent (ten per cent) of determined damages, select criminal and prosecution cases may be withdrawn on compliance, reliance on Employees’ Provident Fund Organisation (EPFO) or Income Tax records is permitted where needed, empowered regional officers will process cases, and all applications must be disposed within 6 (six) months.

1.2.  Uttar Pradesh revises variable dearness allowance under minimum wages

The Labour Commissioner, Uttar Pradesh, revised the Variable Dearness Allowance (“VDA”) for 74 (seventy-four) scheduled employments under the Minimum Wages Act, 1948, using Consumer Price Index (“CPI”) 414 (four hundred and fourteen); monthly figures are:

1.3. Gujarat: Special Allowance announced based on cost of living

The Office of the Labour Commissioner, Gujarat State announced special allowance under the Minimum Wages Act, 1948. The daily rates of special allowance based on the cost of living in addition to the wage rate fixed by the government for each occupation under the Minimum Wages Act, 1948, will now be as follows for the period from October 10, 2025 to March 31, 2026:

1.4. Pension Fund Regulatory and Development Authority consults on new NPS pension options; feedback by October 31, 2025

Pension Fund Regulatory and Development Authority (“PFRDA”) issued a consultation to enhance the National Pension System (NPS) with 3 (three) schemes: Scheme-1 Non-Assured Flexible Decumulation using a Step-up Systematic Withdrawal Plan (SWP) plus annuity; Scheme-2 Assured Benefit targeting an inflation-indexed pension via the Consumer Price Index for Industrial Workers (CPI-IW); and Scheme-3 Assured through Pension Credits that fixes a monthly payout through goal-based credits, with comments due by October 31, 2025 via the PFRDA website.

2. Stamp Duty

2.1. Rajasthan: Amnesty on stamp-duty interest and penalty extended to December 31, 2025

The Finance Department amended its earlier amnesty to substitute the deadline “on or before September 30, 2025” with “on or before December 31, 2025,” extending relief on interest and penalty payable on stamp duty.

2.2. Rajasthan: Market-value rules updated for stamp valuation

The Finance Department amended the Rajasthan Stamp Rules, 2004, including: parity of rates for agricultural land up to 2,000 (two thousand) square metres within the periphery belt of urban areas with residential-land rates for sale and gift instruments, revised phrasing for “instrument of sale or gift,” and a new clause prescribing rates for non-agricultural lands on urban roads wider than forty feet.

2.3. Delhi: Letter clarifies 0.1 per cent duty on share issuance; depositories told not to collect

The Revenue Department issued a letter on Article 19 of Schedule I-A of the Indian Stamp Act, 1899, stating companies with registered offices in the National Capital Territory of Delhi must pay stamp duty at 0.1 (zero point one) per cent on issuance of shares and instructing depositories accordingly.

3. Stock Exchanges

3.1. CDSL exempts AMC for ‘to be closed’ demat accounts with only illiquid/suspended/delisted holdings

Central Depository Services (India) Limited (“CDSL”) said dematerialised (demat) accounts marked “to be closed” that contain only illiquid, suspended, or delisted securities will be exempt from Annual Maintenance Charges (AMC) and from statement dispatches, with Depository Participants (“DPs”) required to verify eligibility and CDSL to share a monthly list sourced from stock exchanges; the waiver is unavailable where the account is frozen, the Beneficial Owner (BO) is debarred, the holder is a promoter or person acting in concert, securities are pledged/held/encumbered, the company is under the Insolvency and Bankruptcy Code, 2016, or dues to the DP are outstanding.

3.2. CDSL sets deadline for July–September cyber-incident reports by DPs

CDSL mandated DPs to file a quarterly report of all cyber-attacks, threats, incidents, and breaches via its audit web portal within 15 (fifteen) days of quarter end, making the July–September 2025 filing due by October 15, 2025; non-submission will be treated as non-compliance with penalties.

3.3. CDSL sets to go-live for margin pledge/re-pledge early pay-in workflows

CDSL directed DPs to implement new operational forms for margin pledge release (unpledge) and invocation covering Early Pay-in and redemption, attachable as Annexures 8.5 (eight point five), 8.6 (eight point six) and a single consolidated option in Annexure 8.8 (eight point eight); the facility goes live on October 10, 2025, and DPs must update back-office systems, obtain requisite details from Trading Members (TMs) and Clearing Members (CMs), and disseminate the changes to clients.

3.4. NSE expands cross-exchange compliance sharing; 28 submissions from October 15, 2025, 2 more from December 15, 2025

National Stock Exchange of India Limited (“NSE”) said that, as Phase II of its technology-based sharing of common submissions with other exchanges Bombay Stock Exchange (“BSE”), Metropolitan Stock Exchange (MSE), Multi Commodity Exchange (MCX) and National Commodity & Derivatives Exchange (NCDEX),members registered with multiple exchanges will file 28 (twenty-eight) specified compliance submissions with the NSE only from October 15, 2025, with 2 (two) additional items joining from December 15, 2025; each exchange will continue to process, monitor and supervise its own compliance obligations, and the NSE also revised the formats for bank undertaking, bank authorisation and bank confirmation to be used from October 15, 2025.

3.5. NCL sets October 31 deadline for FY 2024–25 annual returns; half-yearly net worth certificates due November 30

NSE Clearing Limited (“NCL”) directed members to submit Annual Returns for the financial year ended March 31, 2025 by October 31, 2025, and to file the half-yearly net worth certificate as on September 30, 2025 by November 30, 2025; members must maintain minimum net worth at all times at the higher of base or variable net worth as stipulated by the Securities Exchange Board of India (“SEBI”) gazette notification dated February 23, 2022, with non-submission or shortfall attracting action under earlier NCL circulars, while detailed filing guidelines will be issued separately.

3.6. NSE sets October 15, 2025, deadline for quarterly cyber incident report, escalating penalties for delay

NSE directed Regulated Entities (REs) and trading members to file the Quarterly Cyber Incident Report for the quarter ended September 30, 2025 by October 15, 2025 under the SEBI Cyber Security and Cyber Resilience Framework (CSCRF); filings via the member portal may be nil or incident based, immediate incidents must follow the Standard Operating Procedure (SOP), and late or missing submissions will attract INR 2,500 (Indian Rupees Two Thousand Five Hundred only) per day for the first 1 (one) week after the due date, INR 5,000 (Indian Rupees Five Thousand only) per day from the second 1 (one) week, prohibition of new client onboarding and a 7 (seven) day notice for trading disablement after 3 (three) weeks, and full segment disablement after 4 (four) weeks, with repeat breaches facing a 50 (fifty) per cent escalation.

3.7. BSE mandates AI/ML reporting window from October 1–15, 2025

BSE directed trading members that executed at least 1 (one) algorithmic trade during April 1 - September 30, 2025 to file Artificial Intelligence (AI) and Machine Learning (ML) application reporting via the BSE Electronic Filing System (“BEFS”) between October 1 and October 15, 2025, with NIL submissions required where no AI/ML is used; under the cross-exchange sharing mechanism, members also registered with NSE must file to NSE only, while non-NSE members will continue to file to BSE, and the notice provides the BEFS module path and support contacts for compliance.

3.8. BSE sets November 30, 2025, deadline for H1 internal audit reports via BEFS

BSE directed all trading members to complete the internal audit for the half year ended September 30, 2025 and submit the report electronically via the BEFS by November 30, 2025; audits must be conducted only by independent practising Chartered Accountants, Company Secretaries or Cost and Management Accountants, with empanelment of auditors mandatory from this half year, updated sampling rules to be followed, each “Not complied” point to disclose tests done, instances of breach and amounts, Unique Document Identification Number (UDIN) to be quoted on the certificate, appointment and rotation to comply with the SEBI circular, penalties to apply for late or non-submission, and a filing to be treated as complete only after the member submits on BEFS and receives an acknowledgement.

3.9. Margin Trading Compliance Certificate due October 31, 2025, via BEFS

BSE directed trading members with approval for Margin Trading Facility (MTF) to file the half-year compliance certificate for the period ended September 30, 2025 by October 31, 2025 through the BEFS, with the BEFS link active from October 1, 2025; per SEBI circular dated December 30, 2024, books relating to the facility must be audited and the certificate in Annexure 1 (one) signed by a Chartered Accountant, while members approved for MTF but not yet commenced must file a self-certified Annexure 2 (two) signed by the Compliance Officer or Designated Director; submissions are complete only on BEFS upload and receipt of the acknowledgement email, and physical or email filings will not be accepted.

3.10. NSDL extends Youth Plan demat no settlement fee window

National Securities Depository Limited (NSDL) extended by 1 (one) year the period during which new dematerialised (demat) accounts opened under the Youth Plan will pay no settlement fees, covering accounts opened from October 1, 2025 to September 30, 2026; the scheme, effective October 1, 2024, grants 3 (three) years of zero settlement fees from the account-opening date for accounts opened within 1 (one) year of launch, and participants are directed to note the extension and ensure compliance.

4. Information Technology

4.1. CERT-In: Apple FontParser DoS; patches for iOS/iPadOS, macOS, visionOS

Indian Computer Emergency Response Team (“CERT-In”) warned that an out-of-bounds write in Apple’s FontParser can cause denial of service (DoS) or memory corruption via a malicious font, rated Medium, affecting iOS/iPadOS before 18.7.1 (eighteen point seven point one) and 26.0.1 (twenty-six point zero point one), macOS Tahoe before 26.0.1 (twenty-six point zero point one), macOS Sequoia before 15.7.1 (fifteen point seven point one), macOS Sonoma before 14.8.1 (fourteen point eight point one), and visionOS before 26.0.1 (twenty-six point zero point one); users and administrators should apply Apple’s security updates. 

4.2. CERT-In: update Google Chrome for Desktop

CERT-In warned that multiple flaws in Google Chrome for Desktop enable remote code execution (RCE), denial-of-service (DoS), security bypass, and information disclosure; affected builds are Windows and macOS before 141.0.7390.54/55 and Linux before 141.0.7390.54, driven by issues such as heap buffer overflows in WebGPU and Video, side-channel leaks in Storage and Tab, inappropriate implementations in Media, Omnibox and Storage, out-of-bounds reads, and V8 off-by-one and use-after-free bugs; exploitation typically requires a visit to a crafted web page, so users and administrators should update immediately.

4.3. CERT-In: Firefox desktop and iOS high-severity flaws enable RCE

CERT-In warned that multiple vulnerabilities in Mozilla Firefox for desktop before 143.0.3 (one hundred and forty-three point zero point three) and Firefox for iOS before 143.1 (one hundred and forty-three point one) allow Remote Code Execution (RCE) or sensitive information disclosure; issues include improper isolation of cookie storage, an integer overflow in Graphics Canvas2D, and Just-In-Time (JIT) miscompilation in the JavaScript engine, typically exploitable by persuading a user to open a crafted web page, so users and administrators should update to the latest versions. 

4.4. CERT-In: Chrome desktop flaws enable RCE

CERT-In warned that multiple vulnerabilities in Google Chrome for Desktop (Chrome) allow remote code execution (RCE), denial of service (DoS) and information disclosure, stemming from side-channel information leakage and an integer overflow in the V8 engine; severity is High and affected builds include Windows and macOS before 140.0.7339.207/208 and Linux before 140.0.7339.207, with users advised to patch to the latest stable versions.

Disclaimer

The note is prepared for knowledge dissemination and does not constitute legal, financial or commercial advice. AK & Partners or its associates are not responsible for any action taken based on its contents.

For further queries or details, you may contact:

Mr Anuroop Omkar

Founding Partner, AK & Partners

info@akandpartners.in