POSH Compliance for Startups: Why It’s Non-Negotiable Even for Small Teams

/ Startup Law / By

Many founders treat POSH compliance as something to think about “once we hit 50 people.” That is a mistake — both legally and culturally. The Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act, 2013 — popularly called the POSH Act — kicks in much earlier than most founders realise, and the consequences of getting it wrong include penalties, business-licence trouble, and serious reputational damage.

This article explains why POSH compliance is non-negotiable, even for a 12-person startup, and what founders must do to get it right.

What Is the POSH Act and Why Was It Enacted?

The POSH Act gave statutory force to the Supreme Court’s Vishaka Guidelines (1997) and provides a comprehensive framework for the prevention, prohibition, and redressal of sexual harassment of women at the workplace. It applies to “workplaces” broadly — offices, factories, hospitals, transport for work-related purposes, and even dwelling places used for work. With remote and hybrid work now common, “workplace” today often extends to virtual interactions and offsite events.

Who Does the Act Apply To?

A common myth is that POSH applies only to workplaces with 10 or more employees. The truth is more nuanced:

  • All employers with 10 or more workers: must constitute an Internal Complaints Committee (ICC, also called the Internal Committee or IC).
  • Employers with fewer than 10 workers: do not need an Internal Committee, but the Act still applies — complaints can be filed before the Local Committee constituted at the district level.
  • Definition of “employee” is broad: it covers regular employees, ad-hoc, daily wage, contractor and contract personnel, probationers, trainees, apprentices, and “any person called by any name.” Interns and consultants are usually covered.

For a startup, the practical takeaway is simple: as soon as you cross 10 people in any combination of full-time, contract, or intern roles, you need an Internal Committee.

What Is an Internal Committee (IC) and How Should It Be Constituted?

Section 4 of the Act sets out the IC composition. For a startup, the requirements are specific and worth following to the letter:

  • A Presiding Officer who is a woman employed at a senior level. If no senior woman is available, she may be nominated from another office or unit.
  • At least two members from amongst employees, preferably committed to the cause of women or with experience in social work or legal knowledge.
  • One External Member from an NGO or association committed to the cause of women, or a person familiar with issues relating to sexual harassment. The External Member must not be from within the organisation.
  • At least half of the IC members must be women.
  • Members hold office for not more than three years.

The External Member is non-negotiable and one of the most commonly missed requirements in startups. Skipping it makes your IC invalid and your inquiries challengeable.

Mandatory POSH Policy and Awareness

Every covered employer must adopt and publish a written POSH policy and ensure awareness across the organisation. Practical obligations:

  • Display the POSH policy and the names and contact details of the IC at conspicuous places (digital noticeboard counts).
  • Conduct regular workshops and awareness programmes for employees.
  • Conduct orientation programmes for IC members.
  • Cover the POSH policy in onboarding for new joiners.

Inquiry Procedure and Confidentiality

When a complaint is filed, the IC follows a quasi-judicial inquiry process:

  • Inquiry to be completed within 90 days.
  • Report to be submitted to the employer within 10 days of completion of inquiry.
  • Employer must act on the recommendations within 60 days.
  • Strict confidentiality: identity of the complainant, respondent, witnesses, and contents of the complaint cannot be made public.

Breach of confidentiality is itself a punishable offence under Section 17 of the Act, attracting penalties on the person responsible.

Annual Report and Filings

Section 21 obliges every employer to submit an annual report to the District Officer, capturing:

  • Number of complaints received.
  • Number of complaints disposed of.
  • Number of cases pending for more than 90 days.
  • Number of awareness workshops conducted.
  • Nature of action taken by the employer.

This filing is often missed by startups. The District Officer can take cognisance of repeated non-filing, and it is a red flag during due diligence by acquirers and investors.

Consequences of Non-Compliance

Section 26 imposes monetary penalties up to ₹50,000 for failure to constitute an IC, file the annual report, or otherwise comply. More importantly:

  • Repeat violations can lead to penalty doubling and cancellation or non-renewal of business licence or registration.
  • A non-compliant employer is exposed to civil claims by aggrieved employees and tortious liability for failure to provide a safe workplace.
  • Investors and acquirers routinely ask for POSH compliance evidence in diligence; gaps reduce valuation or kill deals.
  • Brand damage, especially in a social-media age, can be severe and long-lasting.

POSH for Remote and Hybrid Startups

Modern startups operate across home offices, co-working spaces, and Slack channels. The Act’s broad definition of “workplace” extends to:

  • Video conferences and chat platforms used for work.
  • Offsite events, retreats, and team dinners.
  • Travel undertaken for work.

Update your POSH policy to expressly cover virtual interactions, offsite events, and conduct on official chat tools, and make sure complaints can be filed digitally.

Practical Steps for Founders

  • Adopt a POSH policy aligned with the 2013 Act and circulate it to every employee.
  • Constitute an Internal Committee with the right composition, including a qualified External Member.
  • Conduct annual employee training and a separate IC member training.
  • Build a confidential intake channel — a dedicated email and a designated point of contact.
  • Document every step of any inquiry, with strict confidentiality controls.
  • File the annual report with the District Officer.
  • Include POSH compliance in your investor diligence pack.

Conclusion: Compliance Is Culture

Strong POSH compliance is not just a legal box-tick. It signals to your team — especially to women employees — that the company takes their safety seriously. That, in turn, helps you hire better, retain longer, and build the kind of culture that customers and investors want to back. For a startup, that is a quiet but real competitive advantage.

Need help drafting a POSH policy, constituting your Internal Committee, or running employee and IC training? Reach out for an end-to-end POSH compliance package designed for startups.