EY Recruitment Written Test - Kumari Nimisha
EY Recruitment Written Test - Kumari Nimisha
EY Recruitment Written Test - Kumari Nimisha
Read the following questions and provide your answers by giving adequate reasons.
Case 1: Alpha Pvt Ltd. is an IT Company that operates in Noida, Uttar Pradesh. You have been
appointed as a member of the HR – Legal Compliance Team. Provide basic labor and
employment compliances for Alpha Ltd. in your own language without any reference to
law/regulation.
1. Employer is obligated to provide employees with different types of leave like sick leave,
maternity leave, paternity leave, annual leave etc.
2. Employer must ensure that it adopts sexual harassment policy and provide relevant
training to employees on it to prevent sexual harassment at workplace. )
Solution
1. The Employer must ensure that all employees have written contracts outlining their roles,
responsibilities, and terms of employment.
2. The Employer must pay employees at least the minimum wage set by the appropriate
authorities.
3. The Employer must monitor and ensure that employees work within the stipulated hours
to prevent any violations of labor laws.
4. The Employer must provide a safe and healthy work environment for all employees,
adhering to safety regulations.
5. The Employer must implement clear policies regarding annual leave, sick leave, and
other types of leave as required by law.
6. The Employer must uphold policies that promote a fair and non-discriminatory work
environment for all employees.
7. The Employer must safeguard employee data and ensure confidentiality in handling
sensitive information.
8. The Employer must provide necessary training to employees to ensure they are aware of
company policies and procedures.
9. The Employer must establish mechanisms for employees to raise grievances and ensure
timely resolution of complaints.
10. The Employer follow proper procedures and laws when terminating employees to avoid
any legal complications.
Case 2: Below is the extract of Schedule 1 of the Personal Information Protection and
Electronic Documents Act in Canada. Read the below section and draft 3 compliances that
companies need to follow to ensure compliance with the same.
“Schedule 1: Section 5
Principles Set Out in the National Standard of Canada Entitled Model Code for the Protection of
Personal Information, CAN/CSA-Q830-96
An organization is responsible for personal information under its control and shall designate an
individual or individuals who are accountable for the organization’s compliance with the
following principles.
4.1.1 Accountability for the organization’s compliance with the principles rests with the
designated individual(s), even though other individuals within the organization may be
responsible for the day-to-day collection and processing of personal information. In addition,
other individuals within the organization may be delegated to act on behalf of the designated
individual(s).
4.1.2 The identity of the individual(s) designated by the organization to oversee the
organization’s compliance with the principles shall be made known upon request.
4.1.4 Organizations shall implement policies and practices to give effect to the principles,
including
(a) implementing procedures to protect personal information;
(c) training staff and communicating to staff information about the organization’s policies
and practices; and
Solution:
Under Schedule 1, Section 5 of PIPEDA, all organizations in Canada must adhere to several
principles concerning personal information. Three specific and detailed compliance requirements
that companies should adhere to include:
Appoint a Privacy Officer: An organization should appoint an individual or team responsible for
seeing that an organization complies with PIPEDA. The role of this privacy officer will be to
ensure that the policies concerning data protection that the organization institutes meet legal
threshold standards. The liability of the privacy officer remains, even when employees at other
levels are delegated daily tasks.
Identity of the Privacy Officer: An organization may have an obligation to make known the
name or title of the individual or individuals responsible for ensuring compliance. This could be
to gain transparency to clients, customers, or employees upon request.
Consent: The organization should get proper consent that is informed, in writing, about the
collection, use, and disclosure of personal information. The consent must be explicit, informed,
and understandable so that the individuals know precisely how their information will be used. In
the case of sensitive information, like medical or financial, consent may be required to be even
stricter.
Provide Opt-in/Opt-out Options: An organization should always provide the facility to the user
for revoking consent at any time making the users the owner of their information. Any
organization should avoid situations where withdrawal might have adverse consequences for the
individual.
Monitoring and Updates: Safeguards are put in place, but they need constant monitoring and
updating to deal with evolving threats. This calls for periodic security testing and auditing of data
protection measures, ensuring that swift responses are issued in case any breach is considered
probable.
Breach Notification: When a breach occurs involving involving personal information in a way
that creates a real risk of significant harm, such breaches should be brought to the attention of the
affected individuals and the relevant authorities. Explicit procedures must be implemented to
identify violations, assess their impact, and take speedy action to control and limit the potential
harm.
These detailed compliance requirements assure organizations that personal information will be
protected responsibly, that relations with individuals will be transparent, and that all of those
measures will be implemented to guarantee that sensitive data is safely kept from unauthorized
access or misapplication.
Case 3 – CTS Pvt. Ltd. is an IT/ITES company having operations in Maharashtra, Tamil Nadu
and Bihar. You have been asked by the company to identify the laws that will apply to its India
operations. Specify the process you will follow in undertaking this activity and list down the
applicable laws that you identify in the process for CTS. Among other things, you need to
mention the sources you will refer, the key aspects you will check in the legislations to justify its
applicability, how you will verify that you are looking at an updated version of the law.
Hint: You can refer to Labour Department of Bihar for the labour laws of that State.
Compliances- The paramount objective is to ascertain and undertake adherence to the applicable
laws and regulations pertinent to the business of CTS Pvt. Ltd which is in the IT/ITES sector in
the states of Maharashtra, Tamil Nadu and Bihar.
● Understanding the Business Activities:Examine what the Company does in each of the
states, what are the operational geographies, what is the business model (IT/ITES), how
many employees are there, what technology or services are provided. Seek to understand
what activities are going on in the company in each state and determine if it is providing
IT Services or BPO or Data Management or Software Development or any other ITES.
● Identify Categories of Laws: Laws applicable in the country of CTS Pvt. Ltd. can be
broadly categorized into the following. Central/Union laws: These laws apply in every
part of the country. State-specific laws: As the name indicates, laws are determined by the
state where the business is taking place (Maharashtra, Tamil Nadu, Bihar).
Industry-specific laws: Legal provisions for regulating a particular sector such as the
IT/ITES specifics.
State government web portals: Legal portals relating to this cleat industry of policy from
Maharashtra, Tamil Nadu, and Bihar state government online content.
Legal consultancy publications: Research, Reports and White Paper of legal firms, Government
policy notifications, Associations of IT/ITES Industry such as NASSCOM.
Legal resources: Manupatra, SCC Online, Indian Kanoon for searching the Legislation, Case
laws and amendments etc.
Government bulletin: For valid and recent changes in laws of the land.
Paid legal notice: Recent changes notifications and newsletters from legal compliance tools like
vaciltrash, cleartax, lexusnexus to keep nos. of legal amendments.
Central/Union Laws:
Constitute a requirement with respect to filing of annual returns, financial statements and board
meetings.
Information Technology Act, 2000 (Amendments 2008):
It deals with the administration of e-contracts, e-signatures, cyber security, cyber crimes and
e-commerce.
Regulates possession and contracts, agreements, including service level agreements with clients,
vendors and employees.
Reporting of tax deduction at source (TDS) and filing of corporate return of income and payment
of required taxes in advance.
The Payment of Wages Act, 1936 and The Minimum Wages Act, 1948:
Guarantees regular wages are paid and appropriate provisions for state specific minimum wage
legislation for employees is adhered to.
CTS is bound to provide Employees Provident Fund benefits to those who are entitled.
The act provides compulsory registration and payment to health insurance for employees in
factories or establishments with more than 10 workers.
The company shall therefore be required to be registered under GST, file returns, and be
compliant with state-wise and central GST regulations with respect to all the services rendered.
State- Specific Laws
Following are the other state specific regulations, which CTS Pvt. Ltd. has to abide by in short:
a) Maharashtra:
Maharashtra Shops and Establishments Act, 2017: Employment and hours of work, holidays etc.
are dealt with.
Maharashtra Pollution Control Board: Environmental criteria for IT/ITES units if there is any
need for it.
Profession Tax Act: This is for the employees to pay professional tax.
b). Tamil Nadu: Tamil Nadu Shops and Establishments Act, 1947: this law deals with the
condition of physical space at the workplace, working hours and facilities provided to workers.
Tamil Nadu Labour Welfare Fund Act:Further emparts the requirements of employees welfare
fund contribution.
c). Bihar:
Bihar Shops and Establishments Act: Working thorough conditions of IT/ITES units.
Bihar State Employment Promotion Policy: Observance with various employment laws and local
employment laws.
Applicability: Does that law extend to IT/ITES companies and does it have clauses for operation
in the states of Maharashtra, Tamil Nadu and Bihar?
Compliance Requirements: Identify the activities that CTS Pvt. Ltd. Comply with and maintain
compliance. These may include registration or filing obligations, employee benefits, operational
and other licenses.
Penalties for Non- Compliance: What are the fining systems, penalties or legal risks for not
adhering to the law?
Data Security and Confidentiality: Try to determine whether or not the law imposes any
restrictions regarding data control issues which are so much relevant to IT/ITES companies.
Employment Terms: Investigate any potential statutes related to employee welfare, employee
salary and compensation and working conditions.
Tax Compliance: Tax obligation, assesable income tax, GST tax and such other taxes such as
Local Professional Business Tax, are to be computed as required for the company.
Pollution Control: For IT companies with offices, check any law for environmental audits for
pollutions and gases released.
To ensure that you are working on a rule or other legal provision in its latest version, take the
actions described in the following steps.
Government and Ministry Websites: The Government is the primary source for information on
the law in the form of new laws and amendments. Such relevant sites include the following:
Legal Databases: The sites and places are called databases where legal researchers can also look
up up-to-date case laws, revisions of general laws and amendments on a subscription basis
(Manupatra, SCC Online, LexisNexis, Indian Kanoon and others.)
Official Gazette Notifications: Laws, rules, and amendments, etc. are published in the Official
Gazette. If any notification of the relevant type has come on a new one owing to a fresh
notification, then by sight one is looking at the most current ones.
Legal Advisories and Newsletters: They consider laws on respective subjects and/or business
activities and/or industries and/or politics, and may subscribe for compliance/yellow/legal
making firm advices, such as EY-PwC, etc, possessing alerts regarding changes of relevant laws.
Compliance overview for XYZ Ltd., under the Work Health and Safety Act, 2011
Introduction
The Work Health and Safety Act, 2011 ("WHS Act") of New South Wales establishes a legal
framework to protect the health, safety, and welfare of all workers and other individuals who
stand to be affected by the activities in the employment space. The primary aim of this Act is to
foster a consistent and cooperative approach to risk management to eliminate or minimise harm
arising from workplace operations.
XYZ Ltd., as a company operating in New South Wales, is legally obligated to comply with the
provisions set out in the WHS Act to ensure the protection of its workforce and others who may
be affected by its operations as a way of avoiding risks that are inherent to its operations and as a
way of creating a legally compliant work environment.
Objective of Compliance
The key objective of compliance with the Work Health and Safety Act of 2011 is to promote
workers' welfare, health, and safety by minimizing or eradicating hazards in the workplace by
implementing principles and procedures of effective operations, standards on work methods, and
installing precautionary measures concerning plants, substances, and structures. Find processes
that can assign legal responsibility and obligations to all the duty holders, including company
directors, employees, and contractors, to promote workplace compliance, safety, and
cooperation.
Reduce legal risks that threaten the company's operations by ensuring compliance with statutory
requirements, and thus avoid huge penalties, court cases and loss of reputation if the company
fails to meet the legal requirements as mandated by the law. Ongoing work health and safety
policy review, evaluation and improvement to help the company update its safety programs as
frequently as possible over the legal minimal standards and instructions.
Ensure timely and efficient reporting and investigation of incidents and notification
responsibilities in compliance with the law, as well as documentation and regulatory reporting to
SafeWork NSW to reduce any legal exposure and avoid any compromises in the occurrence of
any workplace mishap.
Compliance overview for XYZ Ltd., under the Work Health and Safety Act, 2011
1. Section 19 - Principal Duty of Care
XZY Ltd. owes the duty under Section 19 of the Work Health and Safety Act of 2011 as a Person
Conducting a Business or Undertaking to ensure that there is provision for the health and safety
of workers, with protection, so far as is reasonably practicable to attain it, against any potential
hazard in the workplace. Protection shall include:
· Workplace Safety:XYZ Ltd. will ensure a safe workplace is provided and maintained,
including secure systems of work, equipment, substances, and structures.
· Welfare Amenities: Enough welfare amenities in the form of availability of sanitary
latrines, drinking water, and rest sheds are to be provided.
· Information and Training: Suitable information, instruction, training, and supervision are
to be provided to all workers necessary for safeguarding them while carrying out their work.
· Health and safety conditions: Monitoring to avoid injury or illness is necessary for both
work premises and workers.
· Accommodation: Where XYZ Ltd. provides accommodation for employees, it will be
responsible for ensuring such accommodation is not provided in a way that puts workers at risk
of health and safety hazards.
By adhering to the obligations under the Work Health and Safety Act, 2011, XYZ Ltd. can ensure
a safe, compliant, and risk-managed workplace while avoiding the legal and financial
consequences of non-compliance.