Can Non-Registration on SHe-Box Be Treated as Non-Compliance of the POSH Act - and Trigger Section 134(8) Penalties?

In a legal landscape increasingly focused on robust mechanisms for preventing and redressing workplace sexual harassment, the question arises: does a company’s failure to register its Internal Committee (IC) on the SHe-Box portal amount to non-compliance with the Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act, 2013 (POSH Act)? And if so, can it expose directors and key officers to penalties under Section 134(8) of the Companies Act, 2013 for false disclosures in the Board’s Report?

This article argues that the answer is yes—particularly for organisations operating in States that have issued specific notifications (Maharashtra, Delhi, Rajasthan, Noida, among others) and in light of the Supreme Court’s recent directions mandating robust enforcement of POSH norms.

For additional background on whether SHe-Box registration is a legal mandate or proactive compliance, see this detailed analysis.

The SHe-Box, an initiative by the Ministry of Women and Child Development, serves as a digital platform for women to file complaints of sexual harassment at the workplace. While initially a proactive measure, its significance has been amplified by judicial pronouncements and governmental notifications. The Supreme Court has emphasised the need for effective implementation of the POSH Act, and various states, including Maharashtra, Noida, Delhi, and Rajasthan, have issued notifications regarding SHe-Box registration. This elevates the act of registration from a mere recommendation to a crucial component of POSH compliance.

The Interplay with the Companies Act

Section 134(3)(p) of the Companies Act, 2013, read with the Companies (Accounts) Rules, 2014, mandates that the Board's Report include a statement on the company's compliance with the provisions of the POSH Act. A false or misleading statement in this regard can have severe repercussions. If a company claims full POSH compliance in its Board's Report while having failed to register on the SHe-Box portal, it can be argued that this constitutes an incorrect statement. This is where Section 134(8) of the Companies Act comes into play. This provision stipulates penalties for any false or incorrect statement in the Board's Report.

The penalties are substantial: a fine of up to INR 3,00,000/- (0.3 Million) for the company and a fine of up to INR 50,000 (0.05 Million) for every officer in default, which includes directors and Key Managerial Personnel (KMP).

Why Non-Registration Can Equal Non-Compliance

The argument that non-registration on SHe-Box is tantamount to POSH non-compliance rests on the following pillars:

1. Supreme Court directives create binding compliance standards. Directions to States to operationalise SHe-Box give it normative force. Non-registration is therefore a failure to “take necessary steps” under the Act.

   
   

2. Core POSH obligation is accessibility. Section 4 requires constitution of an IC. Registration on SHe-Box ensures visibility of that IC to potential complainants nationwide. Without registration, the mechanism remains invisible, defeating the Act’s object.

   
   

3. Functional necessity of SHe-Box. The portal routes complaints to the employer’s IC. If an organisation is unregistered, complaints cannot be forwarded—rendering redressal ineffective and undermining statutory intent.

   
   

4. Board’s Report disclosure detail has increased. Recent MCA amendments require granular data: IC constitution, complaints received, disposal, etc. Absent SHe-Box registration, the disclosure “full compliance with POSH Act” risks being an outright misstatement.

   
   

5. Regulatory posture is strict. The MCA/ROC have penalised companies for inaccurate Board’s Reports across domains. Extending this approach to POSH compliance is a logical next step.

Counterpoint: The Defence Position

Some may argue that as long as a company has a well-constituted IC, conducts training, and handles internal complaints properly, the failure to register on a portal is a minor, procedural issue.

This defence is weak and grows weaker by the day. In jurisdictions with explicit state orders, it holds no water. Furthermore, with the Supreme Court's emphasis on systemic monitoring, demonstrating compliance requires more than just internal action—it requires participation in the national oversight framework. Visibility and accessibility are now part of the compliance mandate.

Conclusion: Proactive Registration is Non-Negotiable

In conclusion, while the POSH Act itself may not explicitly state that SHe-Box registration is mandatory, the evolving legal and regulatory framework strongly suggests that non-registration is a significant compliance risk. Companies that choose to ignore this requirement are not only failing to provide a crucial redressal mechanism for their employees but are also exposing themselves to hefty penalties under the Companies Act.

The potential for financial and reputational damage far outweighs the perceived inconvenience of registration. A proactive approach to POSH compliance, which includes prompt registration on the SHe-Box portal, is not just a legal obligation but a moral and ethical imperative.