White-collar and corporate governance lawyers advise how in-house counsel can be prepared when lawmen – namely the ED, CBI and tax officials – show up at the door. Indrajit Basu reports
ONa weekend morning earlier this year, teams from the Enforcement Directorate (ED) arrived simultaneously at the offices of a large Indian manufacturing company. The general counsel was overseas. By the time substitute counsel reached the premises, officers had already reviewed key financial records – unobserved, unchallenged and without the legal oversight that might have preserved important protections.
That episode, anonymised but representative, captures the reality of India’s current enforcement climate. Recent ED actions have extended across companies such as Merlin Group, Reliance Infrastructure and Reliance Power, Mantri Developers, entities linked to IDFC First Bank, and the Anas Group, while the long-running SRS and PACL matters continue to move through successive layers of investigation, attachment and litigation.
For corporate India, the question is no longer whether scrutiny will arrive, but whether the organisation is prepared when it does. While a full annual report for the 2025–26 fiscal year is yet to be released, in the final nine months of 2025 alone the ED initiated 620 new investigations into financial irregularities. This highlights a sustained high-intensity era of corporate oversight in India.
India’s major watchdogs – the ED, Central Bureau of Investigation (CBI), the Income Tax Department, and Competition Commission of India – each follow their own rules but often end up chasing the same leads.
The lesson, reinforced across cases and sectors, is consistent: the most effective defence is not improvised at the door, it is built long before the door opens.
The architecture
In the high-stakes environment of Indian corporate enforcement, a company’s response architecture is not merely a policy manual, it is a critical structural defence that should be crafted long before an agency comes knocking. Given that enforcement bodies are increasingly employing “shock and awe” tactics – arriving at dawn and hitting multiple locations at once – relying on an individual is no longer safe.
Effective systems in place that have preselected office or branch staff assuming representative roles, and assuring that any conversations with investigators are funelled through the legal team, will ensure the best possible outcomes and also avoid so-called parallel (repeated) conversations between staff and agents, a recipe for confusion and detriment to the company.
That aside, modern raids are increasingly about imaging digital data. Abinash Pradhan, the lead of litigation and alternate dispute resolution at Wadia Ghandy & Co in Mumbai, says the first few hours dictate legal evidence for years. “A raided company must act as its own historian and log every action an officer takes, and every device that is copied.”
This internal record becomes a vital tool for lawyers to evaluate whether the search complied with law and provides a factual foundation for later challenges in the high court.
“The conduct of the first six hours decides the evidentiary record for the next six years,” says Pradhan. “Co-operation, in the sense of permitting lawful officers to exercise lawful powers, is non-negotiable, but co-operation is not the same as concession.”
This architecture ensures that later legal challenges, such as seeking the return of devices or the unfreezing of accounts, rest on a foundation of documented discipline rather than chaotic panic.
Rights and protections
Every enforcement agency derives its search and seizure powers from law, but those powers have limits. The Supreme Court’s landmark ruling, in Justice KS Puttaswamy v Union of India (2017), established privacy as a fundamental right. That ruling sets a boundary, says Tanya Ganguli, founder of TG Law Offices in New Delhi, a firm that focuses on corporate governance and white-collar matters. The judgment “does not prohibit searches, however it requires that they be reasonable, proportionate and conducted in accordance with the law,” says Ganguli. In other words, an agency can knock on your door – but it cannot do whatever it wants once inside.
However, when officers arrive, the immediate legal inventory is more extensive than most companies realise. The starting point is verification, says Sneha Jaisingh, partner and lead of the disputes practice group at Bharucha & Partners in Mumbai.
Setting out the threshold steps, Jaisingh says personnel on site “must also verify the identity and credentials of the officers to avoid impersonators, and they may ask the officers to identify themselves, produce the search authorisation, and disclose the relevant enforcement case information report or other reference details to the extent they are willing to disclose them in the course of the search. The onsite team must co-ordinate with management and external counsel offsite to verify these credentials.”
Documentation rights follow immediately. Jaisingh lists what a legal team should do, from the first minutes onwards. “The legal team should immediately begin a contemporaneous record of events, including the names and designations of officers, the time of arrival, the areas searched, the devices accessed, the statements recorded and the materials seized,” she says.
This record, even if maintained as internal emails, provides a factual foundation for any subsequent challenge. “Parties who maintain detailed records, assert privilege promptly and approach the court without delay are better placed to seek the return of devices, defreezing of accounts, or protection against wider disclosure,” she says.
On the legal foundation for attorney-client privilege, Akshat Pande, managing partner at Alpha Partners in New Delhi, says the statutory basis of sections 132 and 134 of the Bharatiya Sakshya Adhiniyam, 2023 (formerly the Indian Evidence Act), protects professional communications between advocates and clients from compelled disclosure.
“Critically, these protections cannot legally compel a lawyer or client to produce privileged communications,” says Pande, who has years of experience in handling commercial dispute resolution, arbitration and mediation.
Separately, section 50 of the Prevention of Money Laundering Act, 2002, empowers ED officials to summon any person, record statements, and compel the production of documents. Nevertheless, Pradhan, of Wadia Ghandy, says a person being examined “is entitled to read the statement, propose corrections and append a written statement of his own before signing”, and may request time to verify information before
responding.
Common mistakes
The failure patterns observed across enforcement actions are strikingly consistent, note experts. They recur not because of carelessness but because the design of a dawn raid – simultaneous, unannounced and across multiple premises – is engineered to exploit institutional gaps.
Single-point-of-contact dependency is the most common structural failure. When the entirety of an organisation’s response is vested in one person, the system fails the moment that person is unavailable.
Commonly advising on the intersection of corporate law, regulatory enforcement and compliance, Ganguli also identifies over-broad searches as a particularly sensitive risk area.
Digital evidence protocols are often absent in companies that have not prepared for enforcement action. In one CBI search, a firm permitted officers full access to its centralised email server, including privileged communications, simply because no internal protocol existed to define the limits of access.
Ganguli cites another instance to illustrate how quickly such lapses can escalate. “During a multi-day IT search, officers on the third day sought to access the company’s overseas subsidiary’s financial records that were stored on a shared server,” she says.
“The company’s legal team was unprepared for the jurisdictional question and ultimately permitted access without objection. Those records were later used in another unrelated inquiry that went significantly beyond the domestic undisclosed income question that had originally triggered the search.”
When companies fail to assert privilege, the consequences can be long-lasting. In one case, an infrastructure group allowed officers to seize a shared drive containing legal opinions from external counsel on the very transactions under investigation. No one on site identified these as privileged. The opinions were subsequently relied on in assessment proceedings.
The risk is heightened in India, where communications with in-house counsel are not treated as privileged.
According to Amar Gupta, joint managing partner of JSA in New Delhi, this point “has significant implications for internal investigation materials, strategy documents and compliance assessments generated by in-house teams”. Gupta, who founded the firm’s disputes practice, says a compliance function designed entirely around in-house counsel provides no privilege protection under Indian law.
Statement indiscipline produces the most durable evidentiary damage. Citing a case study with its identity concealed, Pradhan describes a matter involving a premier media company in which the managing director and chief financial officer continued an examination past midnight without counsel review, signing statements drafted by officers without proposing corrections.
“These statements were used against the director and the CFO by the investigating officer throughout the investigation,” says Pradhan.
Applications seeking retraction have not produced a favourable order, consistent with the general judicial reluctance to revisit voluntarily signed statements.
Ganguli also identifies a broader behavioural trap: the natural human responses during an unannounced enforcement action – “panic, the urge to call the promoter, and the instinct of senior executives to take control” – are precisely the responses that cause the greatest damage.
Gupta puts the two-sided risk plainly: companies either “become unnecessarily confrontational or become overly accommodating and part with records or devices, or provide explanations without adequate internal control”. Neither extreme serves the company.
Know your rights
Effective raid response is a function of institutional design rather than individual competence. Regardless of the risk or possibility, Jaisingh says “a company should establish a raid-response protocol that identifies the internal response team, external counsel, information technology support, records personnel and decision makers for each location.
“Front desk staff and security personnel should know exactly who to call, the information to collect, and how to avoid both obstruction and unnecessary volunteering of information.” She says the best practice is “not a generic compliance policy but a tested operational system that employees can follow under pressure”.
On privilege architecture, Gupta recommends all investigations, litigation assessments and compliance reviews be formally instructed to external counsel, with forensic experts retained through counsel rather than directly. Sensitive material should be encrypted in clearly labelled, access-controlled folders.
According to Jaisingh, a legal team’s objectives should be two-fold. First, the company “should facilitate access, avoid confrontation and ensure that the statement, the officer’s record or the panchnama (legal document to record evidence and findings) accurately records what the officers inspect and seize”.
Simultaneously, the legal team should identify privileged material, confidential commercial information and data belonging to third parties, and should place its objections on record at the earliest available stage.
On scope management, Ganguli describes a calibrated strategy for overreach. “Through the response team lead or counsel, politely but clearly state the objection to the specific item or category of material being accessed, explain the basis, and request that the objection be recorded on the panchnama. If the officer refuses to record it, note the refusal itself.”
She points to a trading company case where officers sought personal email accounts on company laptops. An immediate, polite objection – noting these fell outside the warrant’s scope – resulted in personal emails not being accessed at all. Where privileged material is at risk, she recommends requesting a sealed-envelope procedure, segregation and sealing pending
judicial authorisation.
Building Resilience
The cases drawing sustained enforcement attention – SRS realty group, Pearls Group, and more recent actions against the Merlin Group, Reliance Infrastructure and Reliance Power, Mantri Developers, and the Anas Group – share a common structural flaw: legal exposure is often compounded by weak internal systems. When agencies interrogate complex corporate structures, even minor administrative gaps can escalate into significant liabilities.
Amar Gupta, of JSA, says legal exposure “often becomes worse where records are fragmented, decision making is undocumented, and the company has no pre-existing response framework”. In the absence of a coherent paper trail, even legitimate transactions risk appear suspect under multi-agency scrutiny.
Abinash Pradhan, of Wadia Ghandy & Co, points to beneficial ownership transparency as a critical safeguard, particularly given the Enforcement Directorate’s focus on tracing proceeds of crime through layered entities. Companies that engage with counterparties later found to be tainted may face receivables being attached, accounts frozen and management summoned. In this environment, rigorous due diligence and continuous monitoring for shell or benami structures, are not optional, they are foundational.
Information discipline is equally decisive. Sneha Jaisingh, of Bharucha & Partners, says publicly reported disputes involving advocates’ offices and legal records “show that courts do take privilege concerns seriously.
“Conversely, where companies mix legal advice, internal business discussion and operational data, they weaken their own position,” she says. “The lesson is not merely to assert privilege, but also to build the underlying record well before any investigation arises.” Effective data classification and segregation of legal communications are therefore essential to preserving privilege.
Tanya Ganguli, of TG Law Offices, says internal co-ordination can determine outcomes. “Effective co-ordination requires a pre-established command structure that is known, respected, and followed before the pressure arrives,” she says. In practice, resilience depends less on reacting well in a crisis and more on institutional design that holds under pressure.
The experts emphasise that preparedness must extend beyond immediate response. Gupta reiterates the broader lesson from recent raids is that “legal exposure often becomes worse where records are fragmented, decision making is undocumented, and the company has no pre-existing response framework”. These vulnerabilities are typically embedded in routine governance rather than triggered by the search itself.
The correct response lies in building robust compliance systems including accurate books and records, transaction-level approvals, third-party due diligence, related-party controls, document retention policies, and escalation mechanisms for red flags. Such systems create an auditable trail capable of withstanding investigative scrutiny.
Without reliable data management and backup protocols, even compliant organisations risk operational paralysis during enforcement action.
