We are delighted to share this week's AKP Corporate & Compliance Weekly Digest.
1. Labour Law
1.1. ESIC launches SPREE-2025 and Amnesty Scheme to expand social security coverage
Employees' State Insurance Corporation (ESIC) announced SPREE-2025 (Scheme for Promoting Registration of Employers and Employees) and the Amnesty Scheme-2025 to widen coverage and simplify compliance. SPREE-2025 runs until December 31, 2025, allowing unregistered employers and employees to register on the ESI Portal, Shram Suvidha Portal and Company Affairs Portal without demand of old dues; employers are covered from the declared registration date and workers receive benefits from registration. The Amnesty Scheme-2025 operates from October 1, 2025, to September 30, 2026, as a one-time dispute resolution window for issues relating to damages, interest and coverage under the Employees' State Insurance Act, 1948, aiming to reduce litigation and promote voluntary compliance.
1.2. Karnataka issues draft amendment to Shops and Commercial Establishments Rules
The Government of Karnataka notified draft Karnataka Shops and Commercial Establishments (Amendment) Rules, 2025 under the Karnataka Shops and Commercial Establishment Act, 1961, proposing to insert a proviso after rule 24 that exempts compliance under rule 24 where an establishment employs fewer than ten employees; objections and suggestions may be filed within 30 (thirty) days from Gazette publication with the Secretary to Government, Labour Department, and the amendment will come into force upon notification in the Official Gazette.
2. Stamp Duty
2.1. Mizoram prescribes stamp duty and registration fees for Village Council Pass and related land passes
Land Revenue and Settlement Department notified that mutual agreements tied to applications for Land Lease or Periodic Patta on relinquished land, Land Passes on relinquished land, Land Passes where a Village Council (VC) Pass exists, and Land Passes where no pass exists but someone claims an interest are compulsorily registrable under Section 17(1)(b) of the Registration Act, 1908, and are to be treated as "conveyance" under Section 2(10) of the Indian Stamp Act, 1899; accordingly, stamp duty under Article 5 and duty and registration fee under Article 23 are payable on the market value or the agreed consideration, whichever is higher, with model agreements annexed to standardise compliance.
2.2. Madhya Pradesh issues updated "Stamp Duty and Registration Fee Chart"
On September 9, 2025, the Inspector General of Registration published an updated consolidated chart of stamp duty and registration fees for common instruments to guide sub-registrar offices and filers.
3. Stock Exchanges
3.1. BSE discontinues Remisier registration; migration to Authorised Person mandated by December 31, 2025.
BSE (Bombay Stock Exchange) ended Remisier registration citing overlap with Authorised Person ("AP") under SEBI's 2009 framework; existing Remisiers must obtain segment-wise AP registration and surrender Remisier status by December 31, 2025, failing which registrations will be deemed surrendered from January 1, 2026.
3.2. NSDL revises download file formats for margin obligations via pledge/re-pledge. The National Securities Depository Limited ("NSDL") issued a circular updating download file formats tied to the margin-obligations framework delivered through pledge/re-pledge in the depository system; participants are instructed to align their internal processes and references to prior NSDL circulars implementing the SEBI framework.
3.3. NSDL issues Common SOP for operating accounts of physically incapacitated investors
NSDL adopted a uniform Standard Operating Procedure that lets an investor pre-empower one registered nominee to operate the demat or mutual fund folio during periods of physical incapacitation, within investor-set percentage or value limits; requires medical certification plus in-person verification by the Depository Participants/Asset Management Company/Registrar and Transfer Agent; imposes a 48-hour cooling-off before execution; mandates KYC (Know Your Customer) of the empowered nominee; blocks service-request changes and fresh pledge creation; credits all encashments only to the investor's linked bank; permits limited settlement tolerance and capped mutual fund redemptions; and provides for specialised doorstep support for senior citizens, investors with special needs, and sick investors.
4. Information Technology
4.1. CERT-In issues advisory on Critical SAP vulnerabilities requiring immediate patching
Computer Emergency Response Team-India ("CERT-In") issued a critical advisory on September 9, 2025 covering multiple SAP products, warning of risks including remote code execution, privilege escalation, security bypass, cross-site scripting, cross-site request forgery, unauthorised file access, session manipulation, information disclosure, and denial of service; affected suites include Systems, Applications & Products ("SAP") NetWeaver, SAP S/4HANA (Private Cloud and On-Premise), SAP Commerce Cloud, SAP BusinessObjects Business Intelligence Platform, SAP Business One, SAP HCM (Human Capital Management) Fiori apps, and others, and administrators are directed to apply the vendor's September 2025 security notes without delay and validate remediation across internet-facing and business-critical systems, with follow-up monitoring by "CERT-In" recommended.
4.2. CERT-In issues advisory on High-severity Microsoft fixes for September 2025 address remote code execution, privilege escalation and more
Computer Emergency Response Team-India (CERT-In) on September 10, 2025 reported multiple vulnerabilities across Microsoft Windows, Microsoft Office (including Office LTSC for Mac 2021 and 2024), Microsoft SQL Server, Azure services (Networking, Bot Services and Connected Machine Agent), Microsoft 365 Apps, Dynamics 365 Fast Track Implementation, Office Online Server, Microsoft Edge, Microsoft Entra ID, Xbox Gaming Services and Microsoft Auto Update for Mac, enabling security bypass, elevation of privileges, information disclosure, remote code execution, spoofing and Denial of Service (DoS); administrators should apply the September 2025 Microsoft Security Updates and validate remediation on internet-facing and business-critical systems.
4.3. CERT-In issues advisory on multiple vulnerabilities in Adobe products
CERT-In warned of multiple high-risk flaws across Adobe products that could enable remote code execution, privilege escalation, information disclosure and denial of service; administrators should urgently apply Adobe's September 9, 2025 security bulletins for Adobe Experience Manager, Adobe Dreamweaver, Adobe ColdFusion and Adobe Substance 3D components, and verify remediation on internet-facing assets, per the "CERT-In" listing.
4.4. CERT-In issues advisory on multiple Ivanti flaws enable security bypass, privilege escalation and denial of service
CERT-In flagged high-severity vulnerabilities in Ivanti Connect Secure prior to 22.7R2.8, Ivanti Policy Secure prior to 22.7R1.5, Ivanti ZTA Gateways prior to 22.8R2.2, and Ivanti Neurons for Secure Access prior to 22.8R1.3, which could allow remote attackers to bypass security controls, gain elevated privileges, trigger denial of service, and perform server-side and cross-site request forgery; administrators should apply Ivanti's September updates immediately and validate remediation on internet-facing and business-critical systems.
4.5. CERT-In issues advisory on high-severity flaws in Google Chrome for Desktop allowing arbitrary code execution
CERT-In warned that multiple vulnerabilities in Google Chrome for Desktop on Windows, macOS and Linux could let a remote attacker execute arbitrary code on a targeted system after luring a user to a specially crafted web page; issues include a use-after-free in Service worker and an inappropriate implementation in Mojo, with high risk of system compromise and service disruption, and administrators are advised to apply the vendor's September Stable Channel updates without delay and verify remediation across internet-facing assets.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
