An ESOP is not just a commercial arrangement between a company and its employees — in India, it is a regulated corporate action governed by the Companies Act, 2013 and the rules made under it. Setting up and running an ESOP properly means following a defined legal and procedural framework, and getting this wrong can create problems that surface later, particularly during due diligence. This guide gives an overview of ESOP compliance under the Companies Act, 2013. It is an orientation, not a substitute for the detailed legal work an ESOP requires.
ESOPs are a regulated corporate action
The starting point is that issuing employee stock options in India is governed by company law. The Companies Act, 2013, together with the relevant rules (notably the rules dealing with share capital and debentures, which contain the ESOP provisions), sets out the framework that companies must follow to grant ESOPs. This means an ESOP is not something a company can simply do informally; it requires a proper scheme, the right approvals, and adherence to procedural requirements.
The framework covers who can be granted options, how the scheme must be approved, the conditions around grant and vesting, disclosure requirements, and ongoing record-keeping and filings. The specifics are detailed and are exactly the kind of thing for which companies engage company secretaries and legal advisors. The points below are the broad contours.
The ESOP scheme and its approval
A company implementing an ESOP needs a formal ESOP scheme — a documented plan setting out the terms on which options will be granted, including the eligibility, the quantum, the vesting, the exercise mechanics, and the other terms.
This scheme must be approved through the proper corporate governance process. The framework generally requires approval by the shareholders, typically by way of a resolution, in addition to board approval. So an ESOP scheme is not adopted by management alone; it goes through the company's governance — board and shareholders — to be validly constituted. The approval process and the required resolutions are part of the compliance, and doing them correctly is essential for the scheme to be valid.
Eligibility — who can be granted options
The framework defines who is eligible to receive ESOPs, generally directed at employees and directors, with certain categories excluded or treated specially. For instance, there are typically restrictions or special treatment around promoters and those belonging to the promoter group, and around directors holding significant shareholding. The eligibility rules matter because granting options to someone outside the permitted categories, or without the special approvals that certain categories require, is a compliance failure. Companies need to confirm that their grantees fall within the eligible categories under the applicable rules.
Grant, vesting, and exercise conditions
The framework also imposes conditions around the lifecycle of options. There is generally a minimum period between grant and vesting — options cannot vest immediately on grant; a minimum gap is required. The scheme must specify the vesting and exercise terms within the bounds the rules allow. And various conditions govern how the scheme operates. These structural requirements mean the ESOP's terms have to be designed within the legal framework, not purely according to commercial preference — for example, the vesting cannot be structured in a way that violates the minimum vesting period.
Disclosure and ongoing compliance
Beyond setting up the scheme, there are ongoing compliance obligations. These include disclosure requirements — the company must disclose certain information about its ESOP scheme and the options granted, for instance in its financial statements and board reports. There are also filing requirements with the Registrar of Companies in connection with the issue of shares and the operation of the scheme (the specific forms for which are addressed in our separate guide on ESOP filings). And the company must maintain proper records of the scheme, the grants, vesting, exercises, and the resulting share issuances.
This ongoing compliance is not a one-time setup task — it continues for the life of the ESOP, as options are granted, vest, are exercised, and shares are issued, each of which carries record-keeping and, in some cases, filing implications.
Why compliance matters — due diligence
The practical reason all of this matters, beyond the legal obligation itself, is that ESOP compliance is scrutinised closely during due diligence — when the company raises funding or is acquired, investors and acquirers examine whether the ESOP was properly constituted and maintained. An ESOP with compliance gaps — improper approvals, ineligible grantees, missing filings, poor records — becomes a problem at exactly the moment the company can least afford it, potentially holding up or complicating a deal. Getting the compliance right from the start is far easier than remediating it under deal pressure.
Common compliance mistakes
The recurring errors include:
Implementing an ESOP without the proper scheme and approvals, particularly missing the required shareholder approval.
Granting options to ineligible categories, or to categories requiring special approval, without it.
Structuring vesting in a way that violates the minimum vesting period.
Missing disclosure or filing obligations connected to the scheme and share issuances.
Maintaining poor records of grants, vesting, exercises, and share issuances.
Discovering compliance gaps during due diligence, when they are costly to fix.
Why ESOP compliance is easier on a connected system
Much of ESOP compliance rests on accurate, complete records — of the scheme, the grants, the vesting, the exercises, and the resulting share issuances — and on those records being consistent with the cap table and the filings. When the ESOP is administered in a standalone spreadsheet disconnected from the cap table and company records, maintaining the complete, accurate, consistent record that compliance and due diligence demand is a manual burden that tends to develop gaps over time.
When ESOP management and the cap table sit on the same database, the record of every grant, vesting event, exercise, and share issuance is maintained systematically and stays consistent with the cap table by construction — so the documentation that compliance and due diligence require is accurate and complete rather than reconstructed after the fact. This is part of how Helion is built, with ESOP and the cap table living natively together with proper records — so that the underlying data supporting ESOP compliance is sound. This does not replace the legal work of constituting and running the scheme correctly, which requires qualified company-secretarial and legal support, but it ensures the record-keeping foundation that compliance depends on is reliable. For a company that will one day face due diligence on its ESOP, that connected, well-recorded design removes a common source of compliance gaps.
This guide gives a general overview of ESOP compliance under the Companies Act, 2013 as of 2026 and is not legal advice. The detailed requirements for constituting and running an ESOP — the scheme, approvals, eligibility, conditions, disclosures, and filings — are set by the Companies Act, 2013 and the rules made under it, and can change. ESOP compliance should be handled with qualified company-secretarial and legal professionals for a specific company.