Summary: This article examines India’s transition towards digital corporate governance, where technology is increasingly used for compliance monitoring, risk management, and board communications. It highlights the need for India’s legislative framework to adapt to these technological changes and establish clear regulations on AI usage, cybersecurity, and data protection, to ensure that digital transformation enhances efficiency without compromising shareholder rights or procedural safeguards. The article provides practical recommendations for companies to strengthen cybersecurity, leverage AI tools for compliance and decision-making, and prepare for a future where digital governance becomes the default standard.

Introduction

By integrating technology into governance practices, organisations can enhance efficiency, accountability, and stakeholder trust. Globally, companies already use virtual technology and Artificial Intelligence (“AI”) to streamline governance, including: (i) AI and analytics for compliance monitoring, ESG reporting, internal audits, and risk management; (ii) digital dashboards for real-time compliance and risk tracking; (iii) cloud-based governance platforms for board communication; and (iv) digital tools for stakeholder feedback and sustainability tracking. An OECD report dated April 7, 2025, shows that 87 per cent of world economies allow virtual-only meetings and 94 per cent permit hybrid meetings. The G20/OECD Principles of Corporate Governance also advocate for remote shareholder participation to enhance accessibility and reduce costs.

In India, the COVID-19 pandemic catalysed digitisation of corporate governance, prompting the Ministry of Corporate Affairs (the “MCA”) to issue circulars allowing Annual General Meetings and Extraordinary General Meetings through video conferencing or other audio-visual means. These temporary measures have since been extended multiple times, including most recently under General Circular No. 03/2025 dated September 22, 2025, which continues until further orders, implying indefinite extension. While initially reactive, these changes showed long-term benefits. With advances in technology and the growing use of AI, India stands at a pivotal point to embed digital tools into everyday corporate governance.

Legislative framework and policy developments

India’s regulatory framework is gradually becoming supportive of virtual governance. While the Companies Act, 2013, and subsequent amendments (the “Companies Act”) laid the groundwork, legislature must continue to introduce reforms, starting with making MCA circulars on virtual meetings permanent and issuing detailed guidance along with appropriate safeguards on approved tools and platforms for such meetings.

The Companies Act, read with Section 173(2) and Rule 3 of the Companies (Meetings of Board and its Powers) Rules, 2014, outlines specific safeguards for board meetings held through video conferencing or other audio-visual means. Recently, in T.P. Anilkumar and Ors. v. M/s Indus Motor Company Pvt. Ltd. and Ors. CP/02/KOB/2020, the National Company Law Tribunal (Kochi Bench) held that informal messaging platforms like WhatsApp cannot serve notices for meetings of the board of directors under the Companies Act, 2013, as they do not provide reliable audit trails or verifiable proof of service.

Virtual meetings and electronic voting should become the default, eliminating consent requirements to ease quorum and improve participation. However, companies must ensure reliable technology to prevent video or audio failures. For safe communication and participation during meetings, the chairperson and company secretary must ensure secure identification procedures, sufficient security, proper equipment, recording of proceedings, preparation of minutes, safe storage of electronic records, and restricted access. Section 134 of the Companies Act, 2013, requires disclosure of risk management, internal controls, etc., which may include AI- and technology-based protocols.

The Securities and Exchange Board of India (“SEBI”) has enforced disclosure norms to encourage transparency, secure electronic processes, thorough safety checks, and bolstered cybersecurity frameworks. For example, the Securities and Exchange Board of India (Intermediaries) (Amendment) Regulations, 2025, mandates risk assessments and audits for intermediaries using AI, promoting investor protection through standardised charters and simplified compliance reporting. 

Companies must also comply with data security and privacy regulations under the Information Technology Act, 2000, and the Digital Personal Data Protection Rules, 2025, to protect against exposure of sensitive or privileged information to cyberattacks. The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2026, effective from February 20, 2026 (“IT AI Rules”),will be crucial for regulating synthetically generated information like deepfakes and AI content on digital platforms. It may also impact virtual corporate governance by imposing stricter compliance on intermediaries used for meetings and digital communication.

As AI adoption rises, regulatory and policy changes must be implemented thoughtfully to protect shareholder rights and maintain transparency, particularly until AI-specific regulations are fully streamlined to protect against misuse.

Recommendations for a future-ready digital framework to assist corporate governance

Strengthen cybersecurity

In 2024, a Hong Kong-based company lost over €28 million after an employee was deceived by AI-generated deepfakes of executives and staff in a video conference. Instances of technology misuse AI-enabled illegal practices globally have highlighted the need for appropriate checks and balances to ensure the fair and ethical use.

Companies should consider implementing robust cybersecurity measures, including multi-factor authentication, encryption, and regular security audits to not only protect sensitive data from unauthorised access and breaches, but also ensure compliance with IT AI Rules. To address emerging threats such as deepfakes and AI-generated participants in board and shareholder meetings and to ensure the integrity of decision-making processes, companies must deploy identity verification and authentication tools.

Enhance communication and dissemination of information

Companies should use dedicated websites and digital platforms to share meeting details, voting procedures, and timely updates with shareholders to ensure transparency and accessibility. Secure e-voting systems allow shareholders to receive and cast ballots online using computers or mobile devices, while digital archives provide easy access to past meeting agendas, notes, and voting records for compliance and audits. Digital platforms can flag potential conflicts of interest and facilitate timely disclosures, promoting ethical governance.

Companies should also explore blockchain technology for secure, immutable record-keeping, and AI tools can help automate minute-taking of meetings and generate accurate summaries of decisions and actions. With appropriate safeguards, AI could also help create personalised feeds for directors, aggregating jurisdiction-specific governance updates, regulatory changes affecting agenda topics, peer company reactions, committee actions, and recent transactions relevant to their oversight responsibilities. In future, increased use of AI could help measure and compare the quality of board decisions by tracking actual outcomes against pre-decision projections.

For listed companies, the SEBI could consider establishing a centralised portal enabling investors to verify whether a proposed transaction may be categorised as sharing unpublished price-sensitive information, with automated email alerts to facilitate seamless information sharing and compliance. AI-powered systems could also monitor insider-trading patterns, track related-party transactions, and identify instances of delayed or selective disclosures.

Easing compliance requirements

The MCA’s V3 portal already uses AI to analyse filings and detect discrepancies, sending automated alerts and notifications to help companies stay compliant. The MCA should also consider establishing integrated systems that outline each company’s filing and regulatory compliance requirements, including deadlines and applicable penalties, creating a useful portal for company secretaries to ensure efficient compliance and avoid delays and penalties. While tools such as “compliance.ai” already map regulatory changes to internal policies and procedures, an official government-developed tool tailored to individual companies would provide greater formality and reliability, serving as a dynamic compliance playbook that assists with predicting required actions.

While AI and other technology solutions already assist with automating contract review, compliance checks, and legal briefings, integrating these with the MCA portal to compare a company’s memorandum of association and its articles of association against the statutory Tables F and A will help identify deviations automatically. Using AI to compare final regulatory filings against press releases, investor presentations, and other public communications will ensure consistency and compliance across all materials. AI systems may also scan public and internal information sources to flag potential conflicts of interest that directors must disclose in their statutory filings. To comply with Section 15 of the Companies Act, the process of adding alterations to all copies of charter documents could be automated, reducing administrative burden and human error.

Conclusion

As India continues to modernise its corporate governance framework, embracing AI and digital transformation with appropriate safeguards is both a necessity and a strategic imperative. Companies that invest in AI and other digital tools and foster a culture of innovation will be better equipped to navigate future challenges and seize new opportunities. However, to fully leverage these benefits, legal and technological systems need to be developed holistically, ensuring that statutory flexibility facilitates effective communication without diluting procedural safeguards built into the corporate governance framework.

---