Recent judicial developments, particularly the Delhi High Court’s ruling in Novex Communications Pvt. Ltd. v. Bharat Hotels Ltd. & Anr., CS (COMM) 770/2023 (Delhi HC, Aug. 28, 2024), underscore an emerging trend of courts imposing personal liability on directors for corporate compliance failures. This article examines the Novex case under the Copyright Act, 1957 and situates it within the broader framework of Indian statutes, including the Companies Act, 2013, Income Tax Act, 1961, Negotiable Instruments Act, 1881, environmental and labour laws, and the Information Technology Act, 2000. Drawing on landmark Supreme Court judgments, it highlights the judiciary’s willingness to pierce the corporate veil, issue personal summons, and demand disclosure of compliance protocols. The article concludes with compliance imperatives for boards and senior management.

Introduction

The Delhi High Court’s decision in Novex Communications Pvt. Ltd. v. Bharat Hotels Ltd. & Anr. has brought directors’ personal liability back into sharp focus. In this case, the Court summoned the CEO and directed disclosure of internal SOPs relating to copyright compliance. The ruling signals that directors cannot rely solely on the corporate veil when statutory obligations are breached. More importantly, it suggests that liability may extend even to violations committed by third parties or vendors, reinforcing the need for robust compliance frameworks and vigilant oversight.

Copyright Act, 1957

Case: Novex Communications Pvt. Ltd. v. Bharat Hotels Ltd. & Anr., CS (COMM) 770/2023 (Delhi HC, Aug. 28, 2024)

Holding: The Court enforced an injunction against unauthorized use of copyrighted music and held the hotel liable despite outsourcing event management. The CEO was personally summoned and SOPs demanded.

Principle: Directors can be held personally liable for copyright violations, particularly where injunctions are breached.

Companies Act, 2013

  • Official Liquidator v. P.A. Tendolkar, (1973) 43 Comp Cas 382 (SC): Directors personally liable for negligence and breach of fiduciary duty.
  • N. Narayanan v. Adjudicating Officer, SEBI, (2013) 12 SCC 152: Directors accountable for fraudulent misstatements in prospectuses.
  • Section 447 imposes imprisonment and fines for fraud, and makes it directly applicable to directors.

Income Tax Act, 1961

  • Madhumilan Syntex Ltd. v. Union of India, (2007) 11 SCC 297: Supreme Court upheld prosecution of directors for failure to deduct and deposit tax at source.  
  • Principle: Directors can be personally liable for wilful tax evasion and defaults in statutory obligations.

Negotiable Instruments Act, 1881

Section 138: Criminalizes cheque dishonour. Section 141: Extends liability to directors responsible for business conduct.

Key cases:

  • SMS Pharmaceuticals Ltd. v. Neeta Bhalla, (2005) 8 SCC 89: Directors in charge of day-to-day affairs can be prosecuted.
  • National Small Industries Corp. Ltd. v. Harmeet Singh Paintal, (2010) 3 SCC 330: Liability attaches only to those actively managing affairs, but presumption of responsibility is strong.

Amendments in 1988, 2002, 2015, and 2018 have progressively strengthened enforcement, making cheque dishonour one of the most significant compliance risks for directors.

Environmental Laws

  • M.C. Mehta v. Union of India (Oleum Gas Leak case), (1987) 1 SCC 395: Introduced absolute liability for hazardous industries, extending accountability to directors.
  • Environment Protection Act, 1986: Provides for prosecution of directors for pollution control norms violations.

Labour and Employment Laws

  • Factories Act, 1948: Directors and occupiers can face criminal liability for workplace safety violations.
  • Regional Provident Fund Commissioner v. Shiv Kumar Joshi, (2000) 1 SCC 98: Directors held accountable for defaults in provident fund contributions.
  • Illegal retrenchment under the newly notified labour codes prescribe imprisonment; This has potential for companies to be led into a Board level crisis.

Information Technology Act, 2000

  • Shreya Singhal v. Union of India, (2015) 5 SCC 1: While striking down Section 66A, the Court reinforced that intermediaries and directors must ensure compliance with IT Act provisions.

Trend: Directors may face liability for failure to prevent data breaches or cybercrimes committed by employees. Under the DPDP Act

Risk Potential for Directors under the DPDP Act, 2023

The Digital Personal Data Protection Act, 2023 (DPDP Act) imposes wide-ranging obligations on data fiduciaries and processors, significantly heightening compliance risks for directors. The Act requires lawful processing of personal data, stringent consent mechanisms, and the implementation of robust security measures. Non-compliance may result in penalties of up to ₹250 crore for serious violations, as outlined in Section 33. Although the Act does not expressly provide for criminal liability, directors could be held derivatively liable under the Companies Act, 2013 for negligence or breach of fiduciary duties if they neglect to ensure compliance. Regulatory authorities are likely to scrutinize governance failures, insufficient data protection protocols, and delays in breach notifications. Courts may also pierce the corporate veil in cases of gross inaction or inadequate oversight by directors. To mitigate these risks, boards should establish strong privacy governance frameworks, conduct periodic audits, and embed data protection within enterprise risk management strategies.

Emerging Judicial Trends

  • Piercing the Corporate Veil: Courts increasingly disregard the corporate shield to hold directors accountable.
  • Personal Summons: Directors compelled to appear in person, as seen in Novex v. Bharat Hotels.
  • Disclosure of Internal Policies: Courts demand SOPs, compliance manuals, and governance documents.
  • Criminal Liability: Statutes across sectors impose imprisonment and fines directly on directors.

Compliance Imperatives

Given today’s regulatory landscape, compliance cannot be treated as a box-ticking exercise any longer. It is the backbone of corporate resilience. Boards must move beyond passive oversight and embrace a culture of proactive governance. In a birds eye view we can think of a few steps to set the ball rolling:

  • Institutionalization of SOPs: Standard Operating Procedures are not mere paperwork; they are the lifeline of compliance. Well-drafted SOPs create clarity, consistency, and accountability across copyright, tax, labour, privacy, corporate governance and environmental domains. They serve as a shield against regulatory surprises and a roadmap for operational integrity.
  • Elevating Board Oversight: Delegation without diligence is a recipe for liability. Directors must actively monitor compliance metrics, review risk dashboards, and demand periodic reports. Governance today has to be hands-on.
  • Investing in Training: Knowledge is the first line of defense. Regular training for directors and senior executives ensures that statutory obligations are understood, internalized, and acted upon. A well-informed leadership team is far less likely to stumble into avoidable violations.
  • Audit and Documentation: Compliance without evidence is compliance in name only. Maintain meticulous records of licenses, filings, and actions taken. Periodic audits both internal and external are essential to validate adherence and identify gaps before regulators do.
  • Engage Early, Engage Often: Proactive dialogue with regulators, industry bodies and peer groups can prevent disputes from escalating into litigation. Transparency and preparedness signal credibility and reduce enforcement risk.

In short, SOPs and audits are not optional. They are strategic assets. They transform compliance from a reactive chore into a proactive shield, protecting directors and organizations from the rising tide of personal liability.

Conclusion

The Delhi High Court’s Novex ruling is a stark reminder that directors in India now operate under an expanded zone of personal liability across multiple statutes. From copyright law to tax, corporate governance, environmental, and labour regulations, the judiciary has sent an unequivocal message: compliance is no longer a collective corporate duty. It is a personal mandate for those at the helm. Boards must move beyond formalities and act decisively to embed robust governance frameworks, enforce accountability, and safeguard both organizational integrity and individual leadership from escalating legal and reputational risks.