CHAPTER 11
Mohit Yadav and Gaurav Pathak
“Without big data, you are blind and deaf and in the middle of a freeway.”
◆ In 2006, the Government of India introduced a system of digital record- keeping of documents of companies and named it MCA21;
◆ The repository of data available on the MCA21 portal finds tremendous usage across various sectors;
◆ The use of the data is not limited to government and large financial institutions. Journalists have used MCA data to investigate companies;
◆ The next step after the digitisation of paper records is their sharing and optimum utilisation;
◆ The data industry is also seeking separate access to the MCA21 database.
The advent of an entity called ‘company’ and its separate legal personality 1 can be said to be one of the hallmarks of modern legal systems. The earliest com- panies were established using the Royal Charter and were mainly merchant guilds. 2 It was only in 1844 that the Joint Stock Company Act was enacted in Britain, 3 and the era of modern-day companies started. This law allowed for the registration of companies and mandated several compliances by them. Similarly, under the British Raj, the Joint Stock Companies Act was passed in India in 1857. Thereafter, the Companies Act of 1866 came into being, which was replaced by the Companies Act of 1913. 4 Independent India has had two statutes: the Companies Act of 1956 and the existing Companies Act of 2013. Across these legislations spanning three centuries and continents, the aspect of record-keeping is uniform.
It was in 2006 that the Government of India (GoI) introduced a system of digital recordkeeping of documents of companies and named it MCA21. In the age of information technology, this digital record can be harnessed for various benefits. In Section I of this chapter, we look at the background of MCA21 and explore its initial work. Over a period of time, the GoI learnt a few lessons and the philosophy of open data also came into the picture. The same resulted in the Data Policy of the Government of India, which is discussed in Section II. Section III of this chapter explores the existing use of data being made available by MCA21 and how beneficial it is to several industries. Section IV highlights problems with the MCA21 interface as well as underlying problems of design. Section V will cover the range of possibilities that can be realised using MCA21 data. Section VI points out the requirement of having a legal framework for current data-based operations, and Section VII highlights the need for changes in the law to use MCA21 to its full extent. The overall summary of the chapter is presented in Section VIII.
The GoI came up with the National e-Governance Plan in 2006 with 27 Mission Mode Projects. 5 The purpose of this plan was to implement the ‘Simple, Moral, Accountable, Responsive and Transparent’ (SMART) framework recommended in the 10 th Five-Year Plan 6 and bring government services to the doorstep of every citizen through the electronic medium. 7 MCA21 was one of the 27 flagship mis- sions under the e-Governance Plan 8 and even the name MCA21 was chosen to reflect the Ministry of Corporate Affairs’s objective to provide “quality services to its stakeholders in the 21 st century”.
The project commenced with the remarkable ambition of digitising millions of existing records stored physically with various Company Registrars, followed by the automation of entire back-office operations. 9 Another objective of the programme was to make MCA interoperable with the National e-Governance Services Delivery Gateway thereby granting business access to various govern- ment services through one unified platform. 10
On 16 September 2006, the Union government, under Section 610 of the then Companies Act 1956, notified Rules which made electronic filing of various forms under the Companies Act mandatory. 11 The work on this Mission started in 2005 and within 50 weeks of commencement of work, the first company was incorporated using the online portal in 2006. It took another 28 weeks for the
Table 1: Comparison of timelines before and after the MCA21 portal launch
|
Type of Service |
Before MCA21 (days) |
After MCA21 (days) |
|
Name Approval |
7 |
1-2 |
|
Company Incorporation |
15 |
1-3 |
|
Change of Name |
15 |
3 |
|
Charge Creation/Modification |
10-15 |
Instantaneous |
|
Certified Copy |
10 |
2 |
|
Annual Return |
60 |
Instantaneous |
|
Balance Sheet |
60 |
Instantaneous |
|
Change in Director |
60 |
Instantaneous |
|
Change in Registered Office |
60 |
1-3 |
|
Increase in Authorised Capital |
60 |
1-3 |
|
Inspection of Public Documents |
Physical Inspection at the regional RoC branch |
Online |
service to be rolled out with full functionalities and the digitisation of more than 45 million pages. 12
In fact, the mere digitisation of forms substantially reduced the time involved in carrying out various compliances under the Companies Act. Table 1 below is a comparison of the timeline involved in various tasks before and after the launching of the MCA21 portal. 13
Getting access to authenticated government data in India was a herculean task. Sources were rarely available. The often-used and most reliable method was answers to questions by ministers in Parliament. However, on many occasions, ministers chose to say that data collection was underway and would be furnished in the form of a paper before the House. Unfortunately, there was no mechanism to track if the paper was tabled. In 2005, the enactment of the revolutionary Right to Information (RTI) Act 14 allowed citizens access to information and govern- mental records as a matter of right. 15 However, not all institutions were following the mandate of the RTI Act and the quality of data shared voluntarily was low. On many occasions, public information officers were not forthcoming in their replies. Eventually, obtaining information through RTI became a challenge in itself and continues to be so. 16
The paradigm shift in the philosophy of data sharing came with the announce- ment of the National Data Sharing Accessibility Policy in 2012. 17 The Policy under the aegis of the Ministry of Science and Technology recognises that “data collected or developed through public investments when made publicly available and maintained over time, their potential value could be more fully realized”. The Policy relies on the United Nations Declaration on Environment and Development (Rio de Janeiro, June 1992), and the RTI Act 2005 as the bedrock to enable acces- sible sharing of government data. As per the Policy, such sharing must be based on “Openness, Flexibility. Transparency, Legal Conformity, Protection of Intellectual Property, formal Responsibility, Professionalism, Standards, Interoperability, Quality, Security, Efficiency, Accountability, Sustainability and Privacy”. It rec- ognised the fact that a huge amount of data generated through public funds is not accessible to the public. The Policy clarified that “The National Data Sharing and Accessibility Policy (NDSAP) is designed to apply to all sharable non-sensitive data available either in digital or analogue forms but generated using public funds by various Ministries / Departments /Subordinate offices/organizations/agencies of Government of India”.
In pursuance of the said policy, the Indian government established the Open Government Data Portal in a joint venture with the US government. 18 The portal hosts information proactively shared by various government departments, includ- ing datasets shared by the Ministry of Corporate Affairs. However, the dataset available on the portal is limited and is not updated frequently, 19 making the entire exercise futile.
The repository of data available on the MCA21 portal finds tremendous usage across various sectors. The bulk of MCA data lies in the public document section. The high interest in the usage of MCA data can be gauged from the fact during FY 2014-15, various stakeholders accessed more than 1.4 million company filings behind a paywall. The project was not even a decade old at the time. In subse- quent annual reports, MCA did not share this statistic but it seems likely that the number would have increased in leaps and bounds.
The MCA portal data is currently used in two ways 20 : “One is the micro-dataset at the entity level, i.e., of each company and two, the macro-dataset that aggre- gates insights across various companies and LLPs. At the macro level, the data has been used by the Central Statistical Organization for calculating National Income Statistics and for the estimation of Gross Domestic Production by the National Sample Service Office. 21 It helps governments monitor the corporate sector that contributes to one-third of the gross domestic capital formation”. 22 Further, it is also used for making critical lending decisions by financial insti- tutions 23 and has been used by the MCA in collaboration with other regulators such as the Central Board of Direct Taxes, the Securities and Exchange Board of India, the Reserve Bank of India, etc. to prevent corporate frauds at scale 24 and monitor companies’ compliance with their CSR obligations 25 . The data has also been proposed to be used by the Financial Intelligence Unit for regulatory compliance. 26
The use of the data is not limited to government and large financial institutions. Journalists have used MCA data to investigate companies 27 . The private sector has also used the MCA repository to bring disruption to multiple industries. Probe42 and Saverisk help banking and financial institutions make risk assessments on potential and existing borrowers. Prime Database and Tofler provide an exten- sive layer of search over MCA data which enables the user to perform deep and extensive market research. Dun & Bradstreet India makes use of MCA data for creating credit assessment reports. Paper.vc and VCCEdge use MCA data for com- prehensive business reporting. Altinfo help lawyers and auditors take a deep dive into companies for their clients saving time and providing actionable info on ongoing transactions.
The MCA21 framework has been operating since 2006 and has undergone many changes in the last 15 years. However, some inherent problems con- tinue to plague the system and often affect its reliability. The Report of the Committee for Formulation of Data Dissemination Policy of the Ministry of Corporate Affairs 28 states that “each Indian company is provided with a unique corporate identification number (CIN) and foreign company a unique foreign company registration number (FCRN)”. However, this is not entirely correct. Each company is indeed provided with an identifica- tion number, but, unfortunately, the number is not unique or permanent. For a simpler understanding, let us equate CIN with Aadhaar. A person might change their name, address, phone number, email or even gender, but their Aadhaar number will remain the same. CIN as a concept has a similar background, but the CIN number of a Company can be changed under the following circumstances:
◆ Conversion of type of company from one type to another. For example, the conversion of a private company to a public company;
◆ Change of registered office address from one state to another; and
◆ Listing or delisting of a company.
Although MCA21 was made as part of a mission mode project, its under- lying technology has not been solid and error-free. The MCA21 website goes down for an entire month, often at the time of annual filings. This not only results in inconvenience but causes actual losses to businesses, char- tered accountants, and the entire data analytics industry. The plaguing issue has also caught the attention of the press 29 , and the question of whether MCA21 is currently down features regularly on Twitter 30 and isitdownrit- ghtnow? 31 Unfortunately, two of India’s biggest technology companies, i.e., Tata Consultancy Services (TCS) and Infosys have had their turn at man- aging the MCA21 system, but the downtime problem continues to exist.
Another problem with the MCA21 system is that on many occasions, it does not register the completion of payment, even as the money has been deducted from the bank account of the subscriber.
A major boost to the idea of open data and data sharing has been the Application Programming Interface programmes. These allow a dataset to get connected to an interface and help in easily making available the required data, which can also be based on certain parameters and conditions. In addition to the Policy on Open Standards for e-Governance 34 and Technical Standards on Interoperability Framework for e-Governance 35 , the GoI has also notified the Policy on Open APIs for the Government of India. 36 As per its Preamble, the policy aims to “encourage the formal use of Open APIs in Government organizations.” 37 API Setu, which is a platform that is a direct result of the Policy on Open APIs for the Government of India has integrated with the MCA21 system and offers MCA Company Details APIs. However, a cursory look at the platform will make one realise that the API platform is a half-baked one, without any substantial results. Often, the results obtained through API Setu are inaccurate and contain errors. On the aspect of design, API Setu uses a basic framework, but its Terms of Service page is empty. 38 Therefore, to make API Setu a tool of practical use, it needs to be expanded and solidified.
The Report of the Committee for Formulation of Data Dissemination Policy of the Ministry of Corporate Affairs 39 , which came out in 2013, noted, “information available under VPD [View Public Documents] is essentially the documents as filed by the company, and therefore these are individual compa- ny-related information presented in a ‘non-machine readable’ format’”. In more than eight years that have gone by, this dataset continues to remain in a non-ma- chine-readable format. In the words of the Committee itself, “the objective of NDSAP is to facilitate the access of the public to Government of India owned shareable data and information in both human-readable and machine-readable formats through a network all over the country in a proactive and periodically updatable manner, within the framework of various related policies, Acts and rules of Government of India, thereby permitting a wider accessibility and use of public data and information.” However, the lack of any progress in this regard is one of the most crucial drawbacks of the MCA21 system. As soon as the data is put into the machine-readable format, it will open up the possibilities of micro- data analysis through machines and also macro analysis of data. For example, a Natural Language Processing operation on the letters of resignation of auditors from a Company will reveal that most of these resignations are due to “personal reasons”. The use of the cryptic term “personal reasons”, without further expla- nation makes the filling up of form ADT-3 a completely futile bureaucratic exercise. A careful analysis of more data points and forms will surely reveal other processes that can be streamlined or altered to ensure optimum results and transparency. Putting such data into a machine-readable format will ensure faster processing and better analysis; thereby aiding corporate governance and enforcement in the country.
The data present in MCA21 is crucial to analyse lending and charges present in a Company. If the same is made easily available, the public can gauge the health of financial institutions such as banks and non-banking financial institu- tions. Granular access to data in this regard would mean that the public gets to see if the loans given out by a particular institution are too concentrated (maybe to the same group of companies, or the same sector), or if there is something wrong with the financial health of the entity. Using present-day tools, this data can be used to predict the failure of financial institutions such as the PMC Bank and other cooperative banks that are on the verge of collapsing. Comprehensive access to data in a machine-readable format supports public activism and aware- ness in a big way, and MCA21 should at least provide such mechanisms for the greater good.
At present, MCA21 treats institutional users, researchers and individual users at the same level. That is, all of them have to pay a fee of H 50 for LLP and H 100 for a company for access to a company’s/LLP’s documents for three hours. Even though MCA21 has introduced API access, it is rendered rather meaningless due to the limitations mentioned above. MCA21 has now entered its version 3 with several new capabilities of SPICe+ (Simplified Proforma for Incorporating a Company) and AGILE-PRO-S (Application for Goods and Services Tax Identification Number, Employees State Insurance Corporation registration plus Employees Provident Fund Organisation registration, Profession Tax Registration (in Maharashtra) and Opening of Bank Account(AGILE-PRO-S)) forms added to its arsenal. At the same time, MCA21 should consider providing API-based uninterrupted access to entities that need MCA21 data regularly. In return, MCA21 can charge a high fee for this service, which in turn will open a new revenue stream for the government. For this, a mechanism such as “guidelines for obtaining data from MCA-21 by researchers for research proposals shortlisted under the funding research and studies, workshops and conferences etc. component of scheme “Corporate Data Management” of the Ministry Of Corporate Affairs” 40 should be incorporated. As per the guidelines, 41 the cost for individual and institutional researchers is summarised in table 2:
Table 2: Cost for individual and institutional researchers
|
S. No. |
Number of companies (year-wise) for which data is required |
Cost (in H ) for individual researchers |
Cost (in H ) for institutional researchers |
|
1. |
0-5000 |
5,000 |
10,000 |
|
2. |
5001-10000 |
10,000 |
20,000 |
|
3. |
10001-15000 |
15,000 |
30,000 |
|
4. |
15001-20000 |
20,000 |
40,000 |
|
5. |
20001-25000 |
25,000 |
50,000 |
|
6. |
25001 or more |
50,000 |
1,00,000 |
Data is the crucial component of “evidence-based planning of socio-economic development processes”. 42 Until now, the bulk of the MCA data has existed in silos behind paywalls,l unavailable for public scrutiny in a machine-readable format. This is in contrast with the UK’s approach where the Companies House portal (UK’s equivalent of MCA21) provides bulk data in a machine-readable format along with API options at no charge to stakeholders. 43 Also, unlike in India, there has been no distinction made for sensitive and non-sensitive data and even bulk financials of companies are available at no charge. 44 The comparison with the UK is important considering that the Indian Companies Law has English origins as discussed earlier and even the Supreme Court of India takes into consideration the decisions of English courts while interpreting matters relating to companies law in India. 45 Until India catches up in providing access to this repository in a machine-readable format and at affordable pricing, the true value of this data will not be unlocked.
In the meantime, the government has shown initiative where various intra- governmental departments have signed a memorandum of understanding or MoU with the MCA for access to the bulk data. Until now, these MoUs have been signed with the sole purpose of finding defaulters or enhancing govern- mental supervision over companies but considering almost all interaction with the Ministry is paid, including the filing of regulatory-mandated information, it is disheartening that no such arrangements are made to enhance the experience of the end user. Real-time cross-linking with other governmental databases in a manner that not only increases oversight but also satisfies users is the right way to go forward.
Drawing on the above, to start with, direct linkage with GST and income tax filings can be used as a method to generate pre-filled financial statements, ensur- ing that the same information is provided to various government departments; in case a change needs to be made, the same will be intimated to all of them at one go. This will help prevent financial leakages and take care of at least one annual mandatory compliance, i.e., filing of financial statements. 46
Similarly, MCA charges filings 47 in themselves should be sufficient and there should not be any additional need to file the same information with the Central Registry of Securitisation Asset Reconstruction and Security Interest (CERSAI). Various compliance overlaps require companies to file the same information with various government departments as each department is maintaining its own set of records and there is no linkage with another. The real-time cross- linking can ensure that this additional regulatory burden on companies is taken care of. Real-time linkages can also help proactive monitoring of assets for banks and financial institutions ensuring that companies with massive debt and poor management are not able to siphon off the exchequer money by lending from state-owned banks. 48
The Ministry’s digitisation programme in the form of MCA21 is indeed com- mendable but it has not kept up with the technology landscape. Recently, the MCA introduced MCA data analytics and machine learning. 49 The same can also be used to proactively not only penalise companies that do not comply with their regulatory compliances but also ensure that they are pre-emptively warned of the same. In addition to the above, the same system can also be used to get actionable intelligence information to help companies take control of their compliances. Currently, MCA uses the Straight Through Process (STP) when a form filed is approved without any manual interruption and only if it is randomly inspected by the registrar at a later stage does any discrepancy in the form get resolved. Now, in this instance, the rectification only takes place as and when a manual intervention takes place. Instead, if the Ministry makes use of well-thought-out algorithms and employs machine learning to identify deviations then the scrutiny of information submitted with MCA can be even more pervasive. An example of the same can be, say a company’s latest annual return states that it has 100 shares (Form MGT-7). Post filing of annual returns, the company issues 50 new shares and the same has been intimated to the Ministry through the filing of return of allotment (Form PAS-3). Now, this PAS-3 should provide that the total number of shares in the company is 150 shares, but, instead, it states that the total number of shares (paid up) in the company is 140 shares, then as of date, this form will be accepted by MCA as it is under the STP process making the information available with Ministry unreliable but on the other hand if well thought out processes are put in place where prior to acceptance of form such discrepancy can be flagged then it will make the overall process much more reliable.
Another unlooked segment of MCA is the limited liability partnerships (LLPs), which also come under the MCA21 portal. LLPs brought under this regime still undergo rather limited compliances but their inclusion has brought considerable transparency. Similarly, other legal entities such as trusts, societies, partnerships, proprietorships, etc. can be brought under one umbrella. This can substantially cut down on the complex web of structure created to evade taxes or avoid disclosing actual ownership. Even the Ministry has recognised this problem and it has, for this reason, introduced Form BEN-2 50 which mandates companies to provide the names of individuals who exercise control over them. However, companies are still able to exploit loopholes in the existing rule frame- work to avoid disclosing the identity of the actual controlling person, and if the MCA can bring all such organisations under one roof (assuming legislative changes are made), then all such hurdles in form of litigation and law-making will be removed on their own.
Changes were made to the Companies Act, 1956 in 2006 vide Companies (Amendment) Act, 2006 to introduce the concept of e-filing through MCA21. Section 610-B 51 gave the Government the power to make rules for uploading and verification of documents and the necessary system required regarding fees and other administrative aspects. The provision also allowed the Government to frame a scheme, which was to be published in the Gazette. In addition, the newly inserted Section 610-D allowed the Government to “provide such value-added services through the electronic form and levy such fees as may be prescribed”. 52
As mandated by Section 610-B of the Companies Act, 1956, the Government published the “Scheme for Filing of Statutory Documents and other Transactions by Companies in Electronic Mode” 53 in 2006. As per Clause 4, the Scheme was applied retrospectively to legitimise the transactions on MCA21 before the Scheme was notified. Around the same time, the Government also notified The Companies (Electronic Filing and Authentication of Documents) Rules, 2006. Rule 5(1) of The Companies (Electronic Filing and Authentication of Documents) Rules, 2006 stated, “The Central Government shall set up and maintain a secure electronic registry in which all the documents filed elec- tronically shall be stored. The electronic registry so set up shall enable public access and inspection of such documents as are required to be in the public domain under the Act on payment of the fees as prescribed under the Act or the rules made thereunder.” In the regime of the Companies Act, 1956 itself, the Government also notified Extensible Business Reporting Language) Rules, 2011 which mandated certain classes of companies to file their balance sheet, profit and loss account and other documents in the Extensible Business Reporting Language (XBRL) format.
From the above, it is clear that the Government during the era of the Companies Act, 1956 used the following legislative tools to govern the aspect of E-filing and MCA
i. Statute (Amendments in Companies Act, 1956)
ii. Rules (Delegated Legislation)
iii. Scheme
The Companies Act, 2013 repealed the Companies Act, 1956. Section 465 of the Companies Act, 2013 is a repeal of certain enactments and saving clauses, i.e. it tells us what earlier provisions have been repealed and are no longer applicable, and also what actions taken under the earlier provisions would continue to hold good and not be affected by the changes. As per Section 465(2)(a), “anything done or any action taken or purported to have been done or taken, including any rule, notification, inspection, order or notice made or issued or any appointment or declaration made or any operation undertaken or any direction given or any proceeding taken or any penalty, punishment, forfeiture or fine imposed under the repealed enactments shall, insofar as it is not inconsistent with the provi- sions of this Act, be deemed to have been done or taken under the corresponding provisions of this Act;”. Section 465(2)(b), utilises the sub-section 2(a) of the same provisions and states, “subject to the provisions of clause (a), any order, rule, notification, regulation, appointment, conveyance, mortgage, deed, document or agreement made, fee directed, resolution passed, direction given, proceeding taken, instrument executed or issued, or thing done under or in pursuance of any repealed enactment shall, if in force at the commencement of this Act, continue to be in force, and shall have effect as if made, directed, passed, given, taken, executed, issued or done under or in pursuance of this Act;”.
Careful consideration of the above statutory text points out the fact that although “rule, notification, inspection, order or notice” are covered by the savings clause, a scheme is not. Therefore, it can be said that the scheme is no longer in operation. At the same time, it can be contended that the scheme was published as a Statutory Order and is covered within the savings clause. Nevertheless, a cursory look at the scheme shows that it is a mere explanatory document laying out a roadmap and not a delegated legislation granting any rights.
Chapter 24 of the Companies Act, 2013 pertains to “Registration Offices and Fees”, i.e., the Registration of Companies, and accordingly, the MCA21 regime is within its ambit. The Companies Act, 2013 gives the government the power to make rules relating to “filing of applications, documents, inspection, etc., in electronic form”. 54 In furtherance to the same, the government has also notified Companies (Filing of Documents and Forms in Extensible Business Reporting Language) Rules, 2015. The Rules mandate the following class of companies to file their financial statement in electronic form:
i. Companies listed with stock exchanges in India and their Indian subsidiaries;
ii. Companies having paid up capital of H 5 crore or above;
iii. Companies having a turnover of H 100 crore or above; and
iv. All companies are required to prepare their financial statements in accordance with Companies (Indian Accounting Standards) Rules 2015.
Importantly, the Rules 55 cover only the aspect of filing and do not cover the ambit of inspection. Remarkably, the Companies (Filing of Documents and Forms in Extensible Business Reporting Language) Rules, 2015 are the only Rules notified under Section 398 of the Companies Act, 2013. Companies Act, 2013 also covers “inspection, production and evidence of documents kept by Registrar” 56 , but no Rules have been made under the same. The MCA website, which contains the list of existing Rules, does not mention the Companies (Electronic Filing and Authentication of Documents) Rules 2006. Accordingly, it appears that there is no statutory or delegated framework for inspecting and availing documents through MCA21. Therefore, the entire aspect of utilising MCA21 data lacks solid legal backing.
We suggest that the Parliament should notify comprehensive rules for inspect- ing documents of a company, as well as cover the aspect of utilising the data obtained therefrom. Such rules should not be mere explanatory documentation like the Scheme for Filing of Statutory Documents and other Transactions by Companies in Electronic Mode 57 but should be drafted in the form of legislation granting rights. For greater clarity, it is important to go through Section 399(1)
(a) of the Companies Act, 2013, which states, “(1) Save as otherwise provided elsewhere in this Act, any person may—
(a) inspect by electronic means any documents kept by the Registrar in accor- dance with the rules made, being documents filed or registered by him in pursuance of this Act, or making a record of any fact required or authorised to be recorded or registered in pursuance of this Act, on payment for each inspection of such fees as may be prescribed;”
Therefore, even to give the required clarity to the existing MCA21 operations, the Parliament needs to take urgent action by framing appropriate rules.
Regarding easier access to MCA21 data through automated means, API access is necessary. Although initiatives such as API Setu do exist, their lacunae have already been pointed out in the preceding section. The Companies Act 2013 allows the government to provide value-added services through electronic forms and levy fees for the same. 58 We also suggest that the government should frame rules under Section 469 of the Companies Act 2013 read with Section 401 of Companies Act 2013, to lay out the framework for value-added services. This framework would be a suitable legislative enactment of the basic principles enu- merated in the ‘Guidelines for obtaining data from MCA-21 by researchers for research proposals shortlisted under the funding research and studies, workshops and conferences etc. component of scheme “Corporate Data Management” of the Ministry Of Corporate Affairs’. 59 The reason for the same is that the Guidelines by themselves are mere soft laws, without statutory backing. There is neither any penalty for their violation nor any grievance redressal mechanism. They have not been published in the Gazette and are mere documents, which can be changed or removed without a legislative process. These proposed Rules should lay out the API mechanism as well as other related procedures and methods to avail data from the MCA21 system.
The Report of the Committee for Formulation of Data Dissemination Policy of the Ministry of Corporate Affairs 60 identifies the following categories of data:
i. Negative list: non-shareable data
ii. Restricted data: accessible only through a prescribed process of registration and authorisation
iii. Sensitive data: As defined in various laws
iv. Shareable data: Data that is neither sensitive nor restricted.
It is correct that some of the data relating to a company might be crucial and should not end up in the hands of competitors. However, the principle of sen- sitive data needs a relook. The “guidelines for obtaining data from MCA-21 by researchers for research proposals shortlisted under the funding research and studies, workshops and conferences etc. component of scheme “Corporate Data Management” of the Ministry Of Corporate Affairs” 61 identify the following data as sensitive:
◆ “Data that comes into existence through enforcement functions of MCA: Data generated as part of internal analysis using MCAs internal tools and techniques for profiling as part of Enforcement functions, Risk Analysis, Investigations and Intelligence gathering etc., shall be considered as Sensitive.
◆ Data pertaining to the configuration/technology of MCA’s IT systems/ CDM: Data pertaining to the configuration of IT systems shall be consid- ered Sensitive.
◆ Forensic Data which is available in MCA’s IT system: Various forensic data such as signatures etc. shall be considered Sensitive.
◆ Data provided to MCA by other government organisations with whom MCA has executed any MoU or NDA: Any data shared with MCA by any other government organisation/department by virtue of a MoU or NDA shall be considered sensitive data.
◆ Third-party granular transactional data: Third-party data supplied by vari- ous other regulators shall be treated as sensitive.
◆ Information/data received under International Treaty/Agreements shall also be classified as Sensitive data.”
While one can get access to sensitive data after going through several procedures and signing a non-disclosure agreement with the MCA, the whole idea of keeping the category of sensitive data broad defeats logic. Data sharing and data process- ing are complementary to each other and together can enhance their efficiency. It is clear that not all enforcement-related data will be sensitive. In any case, if the MCA releases the data generated by its internal tools, not only will the industry benefit from the same, but it can also help utilise it better, and perhaps the same will also result in an open audit of the MCA tools.
Similarly, data provided by another government organisation under an MOU or an NDA has been claimed to be sensitive. In this aspect, it should be consid- ered that data provided by another organisation, if not barred by an NDA, should be made shareable. In effect, the data being shared by another governmental organisation is also a public record and the public has the right to access the same unless barred by law. Accordingly, the restriction should only be present in the case of an NDA. The same principle should also be used for data obtained from regulators and third countries, i.e., data should be shareable by default and barred from access when expressly said to be so.
The categorisation of data such as “Company reports, Alerts/Validation Rules
/Provision reports available on CDM” in the restrictive category is a fruitless exercise. Presently, the guidelines 62 stipulate a “prescribed process of registration/ authorization by MCA” to enable access to a restricted category of data. It is nowhere suggested that there will be an opportunity for an official to deny access to this data. Therefore, this type of data should be put in the shareable category, in which each user should be mandated to have an account on MCA21.
The Draft India Data and Accessibility Policy, 63 which was released in February 2022, mandates government-to-government data sharing by saying-
“All government ministries/departments shall identify all existing data assets and create detailed, searchable data inventories with clear metadata and data dictionaries.
Approved inventories will be federated into a government-wide searchable data- base for government-to-government data sharing. This will minimize duplication of data processing efforts and enable better delivery of citizen-centric services.”
The Report of the Committee for Formulation of Data Dissemination Policy of the Ministry of Corporate Affairs 64 states, “Data will remain the property of the Ministry/Department, etc., which collected them and shall reside in their facility for sharing and providing access to the public. The legal framework of National Data Sharing and Accessibility Policy shall be aligned with various Acts and rules covering the data.” The same principle had been earlier enunciated in the National Data Sharing and Accessibility Policy 65 that was published in 2012. However, the operation of data sharing between governmental organisations needs to have the backing of legal provisions. Presently, there is no provision within the Companies Act 2013 that allows the government to transfer data between various institutions. It is correct that the MCA21 data is the property of the central government and it has complete control over the database. Nevertheless, there needs to be a proper framework for data sharing as also tangentially highlighted in The National Data Sharing and Accessibility Policy. The noble objective of creating “detailed, searchable data inventories” across different ministries and platforms will only be possible when there is a law to facilitate the same.
The next step after digitisation of paper records is their sharing and optimum utilisation. The GoI is sitting on a treasure trove of MCA21 data, to which only it has the key. Wider access to MCA21 data has numerous benefits in policymak- ing, public participation, critical lending decisions and developing a bigger data analytics industry. It is time that the government introduces a liberalised regime into the realm of non-personal data, especially data on companies. At the same time, there is an urgent need to correct the inherent problems with the MCA21 architecture and interface. The inconsistency with CIN can mar any data-based study and can be easily pointed out as a limitation. The fixed time of three hours allotted to download a company’s documents, irrespective of the number of pages, also merits a relook.
There is an increasing demand from the private sector for the release of bulk data. The data industry is also seeking separate access to the MCA21 database due to the nature of their operations. All these initiatives should not exist in different silos in the form of policies and schemes. There needs to be a legal audit to check if there are sufficient legal provisions for the operations that are currently being carried out on MCA21.
The reform in the MCA21 system also requires a reform in its legal framework.
It should follow the important requirements for a legal system:
i. The law should be made;
ii. The law should be understandable; and
iii. The law should be easily accessible to the public.
We suggest that the above principles be fulfilled through comprehensive rules, for which the Companies Act 2013 has the required provisions.
Overall, the Indian economy can benefit hugely from timely and accurate data analysis. It will reduce the redundancy in uploading the same data to different agencies and separate processing by each of them. A cross-connection between agencies and regulators will give a big spur to enforcement and increase efficiency. It is good that we have the data; it is time we utilise it to its potential.
|
Editors’ Comments This chapter intends to provide a sense of how data is and can be captured, and broad ideas on how it can be put to good use. The next two chapters discuss how data can be effectively used for public policy and governance. The practi- tioner perspective there will appeal to readers looking for practical issues and possible solutions to law-making and enforcement problems using artificial intelligence, a sophisticated discipline with data and its processing/analysis at its core. |
References