Litigation due diligence on a listed Indian IT services company is an exercise in asymmetry. Take a company listed on the BSE and NSE with operations across dozens of countries: its registered office, its listing obligations and its primary regulators sit in India, but the contested dockets tend to sit where the workforce and the customers are, above all in the United States. A review that searches Indian databases thoroughly and everything else casually will miss the matters most likely to move price, warranties or insurance terms. What follows is a working methodology for the exercise: which sources to consult, which exposure categories to test, how to grade materiality, and where public-record searching stops being reliable.
Start with the Footprint, Not the Registered Office
The first step is a corporate profile assembled from the company's own disclosures: exchange listings, headquarters, subsidiaries, operating countries and delivery centres. That profile fixes the diligence perimeter. For a global IT and BPO provider the perimeter typically runs to six tiers: the home jurisdiction (India); the largest overseas market (usually the United States, federal and state); the United Kingdom and Europe; Asia-Pacific hubs such as Singapore and Australia; the Middle East; and the delivery-centre jurisdictions, which in this sector often include countries such as Hungary, Egypt and Mexico.
The reason for weighting effort towards the largest overseas market is structural. IT services litigation follows headcount and data, not domicile. Onshore employees and visa-sponsored staff in the United States generate employment and discrimination claims; the home jurisdiction generates company-law, listing and tax paper; delivery centres generate labour-compliance risk that rarely surfaces in searchable form. A defensible report allocates search effort in that order, and says so.
Method should be fixed before searching begins: a defined query budget per region or topic (five queries per region is a workable discipline), a stated date range, a source hierarchy that prefers government and court records over commentary, and express exclusions for social media, forum posts and other user-generated content. Recording these choices in a methodology appendix is not bureaucracy; it is what allows the reader to judge how much weight a negative finding can bear.
The Source Stack: Regulators, Dockets and the Company's Own Paper
Regulator and government sources first
Enforcement agencies publish their own wins, which makes their newsrooms the highest-signal starting point. In the United States, the Equal Employment Opportunity Commission announces the suits it files and the settlements it extracts, including the monetary and injunctive terms. The Department of Labor and USCIS publicise scrutiny of the IT consulting sector's visa practices. In India, SEBI enforcement records, and the disclosure feeds of the BSE and NSE, show both regulatory action and the company's own notifications. If an agency has acted against the target, this tier will usually say so in plain language before any docket search does.
Court dockets and case-law databases
For the United States, federal docket aggregators such as Justia and subscription litigation trackers such as Bloomberg Law surface district court and appellate activity, including orders that never generate a press report. For India, the working set is Indian Kanoon, CaseMine and LegitQuest for judgments, and National Company Law Tribunal records for schemes and insolvency-adjacent matters. Indian aggregators come with a known defect: a judgment may surface with the parties named but little or no substantive text. Where that happens, the full judgment must be obtained from the court record before the matter can be graded; the honest interim grade is "unknown", not a guess.
The target's own disclosure documents
A listed company's paper trail is a risk map drawn by management itself. Exchange notifications and scheme documents show corporate restructurings and their approval status. The code of ethical conduct and its training materials show which risks management considers live: where a code trains at length on non-discrimination, competition law, protection of confidential information and insider trading, it is reasonable to infer management awareness of exposure in those areas. The whistleblower policy shows the internal reporting perimeter, which for an Indian listed company will typically cover code violations, financial fraud or misstatement, leakage of unpublished price-sensitive information under SEBI regulations, and breaches of law. These documents rarely disclose disputes directly, but they tell the diligence team what to ask for.
Legal news services
Reuters Legal, Bloomberg Law's reporting arms and, for India, services such as LiveLaw often supply the only public narrative connecting docket entries into a story: why a claim was revived, what an appellate court actually held, what a settlement resolved. They are secondary sources and should be cited as such, but they are frequently the fastest route from a case number to an understanding of posture.
The Exposure Map: What to Test, Category by Category
Employment and discrimination litigation in onshore markets
For the sector, this is where contested litigation concentrates, and a diligence review should treat it as the presumptive centre of gravity. Two claim families dominate. The first is disability discrimination in hiring under the Americans with Disabilities Act: agency enforcement actions in this area typically seek back pay, compensatory and punitive damages, and injunctive relief directed at hiring protocols, and typically resolve by settlement pairing a payment with forward-looking undertakings. The second is systemic bias litigation under Section 1981 of the Civil Rights Act of 1866, which gives individuals a private right of action over race and national-origin discrimination in employment. In the IT services sector these suits characteristically allege preferential hiring, staffing, promotion and retention of one national-origin cohort, plead workforce-composition statistics as the factual predicate, and are framed as putative class actions. Certification status matters enormously to exposure: an uncertified proposed class is, for the moment, an individual claim carrying class-scale contingent risk.
Visa-programme compliance
An Indian IT major's United States operations usually depend heavily on H-1B sponsorship, and the Department of Labor and USCIS have scrutinised IT consulting firms for visa fraud and abuse: false labour certifications, prevailing-wage violations and discriminatory assignment practices. Visa allegations also intertwine with the discrimination claims above, on the theory that sponsorship is used to build and favour a particular cohort. Even where no investigation of the specific target is found, the sector-wide scrutiny justifies two diligence asks: disclosure of any agency correspondence or inquiry, and an audit trail for how sponsorship and project-assignment decisions are made.
Commercial disputes and arbitration
Most commercial disputes in this sector are arbitrated and therefore invisible to public search; they surface only when an award is challenged or enforced in court. Indian doctrine on that fringe is comparatively settled: courts have rejected the expansive argument that any breach of municipal law makes an award contrary to public policy, and public-policy challenges are narrowly construed, favouring arbitral finality. The methodological point is to search enforcement and set-aside proceedings as a proxy for the underlying arbitration history, and to note expressly that confidential arbitration is a blind spot the public record cannot cure.
Corporate, securities and regulatory matters at home
The home-jurisdiction record is dominated by administrative rather than adversarial matters, and the diligence task is to confirm that characterisation. Schemes of merger or amalgamation of subsidiaries into the listed parent proceed under Sections 230 to 232 of the Companies Act 2013: board approval, notification to the exchanges, shareholder and creditor approval, and NCLT sanction. The review should confirm the scheme's current status and check for objections. Listing compliance runs through the SEBI (Listing Obligations and Disclosure Requirements) Regulations 2015, with insider-trading restrictions managed through the code of conduct and related policies. The review should also record, as an explicit finding, whether any SEBI, RBI or Ministry of Corporate Affairs enforcement action was located, with the standing caveat that settled administrative matters are often not publicly disclosed.
Data protection and intellectual property
An IT and BPO provider handles client and employee data across regimes: the GDPR and the UK Data Protection Act 2018 in Europe, the CCPA and sector rules such as HIPAA in the United States, India's data-protection framework, and, for banking-sector clients, RBI guidelines. Data-protection litigation and regulatory action should be searched, but the public record here is thin even where risk is real, so the assessment leans on the target's preventive structures: incident-response procedures, data-residency and access-control protocols, and contractual data-handling terms. Intellectual property follows a similar pattern. The recurring dispute types in tech services are client allegations of trade-secret or confidential-information misappropriation during employee transitions, and contests over ownership of IP created in custom development engagements. Where no target-specific IP litigation is found, the report should say so while flagging the sector pattern and checking the contractual IP-assignment protocols.
Tax and routine compliance
Search results will often show the company's name in tax-administration contexts, such as withholding questions, without any live dispute. The diligence discipline is to distinguish routine administration from contested assessments before the appellate tribunals, and to report an absence of contested matters as a dated finding rather than a clean bill of health.
Read the Docket for Posture, Not Just Existence
A list of case captions is not a risk assessment. The value of the exercise lies in reading procedural posture correctly, and four patterns recur.
A limitation dismissal is not a merits exoneration. Employment class claims in United States federal courts are frequently dismissed as time-barred, and just as frequently revived: equitable tolling, and in particular wrong-forum tolling where the claimant first sued in a different forum, can send a dismissed claim back down on remand. A matter dismissed at first instance but alive on tolling questions in the court of appeals must be graded as ongoing exposure and placed on a monitoring calendar, with the expected decision window stated.
Remand is a forwarding address. Employment suits filed in state court are often removed to federal court and then remanded when state-law claims predominate or federal jurisdiction fails. The remand order that appears in the federal docket is not the end of the matter; the file continues in the county-level superior court, and the state registry must be pulled to learn what the claim actually is before materiality can be assessed.
Settled agency actions are compliance evidence. A concluded enforcement settlement tells the diligence team which compliance gap the regulator found credible, what forward-looking undertakings now bind the company, and prompts a specific insurance question: was the payment covered, and is any coverage dispute outstanding?
Unreadable records get graded honestly. Where a judgment or filing cannot be obtained in full, the report should grade materiality as unknown and list retrieval of the record as a follow-up action, rather than inferring insignificance from inaccessibility.
Grading Materiality and Building the Risk Matrix
Each located matter should carry a materiality grade, and the grade should be reasoned from stated factors: who the adversary is (a regulator with enforcement powers weighs more than a single private plaintiff); procedural status and resilience (a claim that has survived dismissal attempts or been revived on appeal weighs more than one disposed of and unappealed); quantum paid or plausibly claimed; whether the allegations are one-off or pattern-and-practice; class potential; reputational salience in the talent and customer markets; and whether insurance responds.
The findings then aggregate into two artefacts. The first is a jurisdiction-by-jurisdiction risk matrix; the second is a chronological timeline of filings, rulings and settlements, which shows trajectory in a way isolated entries cannot. A serviceable matrix template for this profile of company looks like this:
| Jurisdiction tier | Where to look | Exposure categories to test | Typical public visibility |
|---|---|---|---|
| Largest overseas market (typically USA) | Federal dockets and appellate records; agency newsrooms; state court registries | Employment and disability discrimination; systemic bias class claims; visa-programme compliance | High - dockets and agency releases are public and searchable |
| Home jurisdiction (India) | NCLT records; Indian Kanoon, CaseMine, LegitQuest; SEBI; BSE and NSE filings | Company-law schemes; listing and insider-trading compliance; arbitration enforcement; tax | Moderate - aggregator coverage uneven; some judgments lack full text |
| UK and Europe | Employment tribunal decisions; data-protection regulators (ICO); court records | Contractor classification (IR35); GDPR compliance; delivery-centre labour law | Low - tribunal and regulator databases are hard to sweep comprehensively |
| Asia-Pacific, Middle East, delivery centres | Institutional arbitration (e.g. SIAC); labour authorities (e.g. Fair Work Commission); local reporting | Employment and contract disputes at delivery centres | Low - confidential arbitration and local-language reporting limit visibility |
One rule keeps the matrix honest: separate evidenced exposure (matters actually located), matters requiring record retrieval before grading, and sector-wide risk for which no target-specific proceeding was found. The third category belongs in the report, because it drives warranty and insurance design, but it must never be dressed up as a finding against the target.
Insurance, Indemnities and the Follow-Up List
Litigation findings convert into transaction protections through insurance and disclosure. Employment exposure maps to employment practices liability insurance (EPLI), directors and officers (D&O) cover and umbrella policies; the diligence asks are whether past settlements were covered without coverage disputes, whether defence costs for pending matters are reimbursable, and who holds settlement authority.
The pre-closing request list that falls out of a review like this is predictable and should be issued early: complete litigation files from the target's counsel, including appellate briefs on any live tolling or certification issues; state-court records for any remanded matter; insurance certificates; where discrimination claims exist, workforce composition data and promotion and termination analytics by protected class, together with the visa sponsorship and assignment decision trail; audits of hiring-accommodation protocols; and disclosure covenants reaching threatened claims, agency charges and investigation notices, regulator inquiries and whistleblower complaints. Pending appeals go on a named monitoring calendar with dates, because a diligence report is a snapshot and its subject keeps moving.
What Public Records Will Not Tell You
The limitations section is not a disclaimer; it is part of the finding. A region returning no results has at least three possible explanations: disputes settled without public disclosure, compliance effective enough to prevent litigation, or gaps in access to regional tribunal and regulator databases. The report should say which explanation is plausible where, rather than letting silence read as safety.
Specific blind spots recur. Confidential arbitration and confidential settlements never reach the searchable record. English-language searching misses local-language reporting in delivery-centre jurisdictions such as Hungary, Egypt or Mexico. Employment tribunal and data-regulator databases in Europe are uneven to sweep. Every finding is date-stamped: rulings, appeals or settlements after the last source date are simply not captured, which is why the research date belongs on the face of the report. And a stated query budget bounds completeness by design.
Public-record diligence is therefore the beginning of the exercise, not its end. Its output is a map of where to press: the counsel files to demand, the representations to draft, the warranties and indemnities to price, and the matters to keep watching between signing and closing.
Practical Takeaways
- Fix the method before searching: jurisdictions by operational footprint, a query budget per region, a source hierarchy preferring government and court records, express exclusions, and a stated date range.
- Weight effort towards the largest onshore workforce, not the registered office; for an Indian IT major that usually means United States employment, discrimination and visa-programme exposure.
- Search regulators' own newsrooms before dockets; agencies announce their enforcement outcomes, including settlement terms.
- Read posture, not captions: limitation dismissals subject to tolling arguments, remands to state court and uncertified class claims are all live exposure, not closed history.
- Grade every matter with reasoned materiality factors, and keep sector-wide risk clearly separated from target-specific findings.
- Convert findings into transaction mechanics: EPLI and D&O coverage verification, disclosure covenants for threatened claims and agency inquiries, and a dated monitoring calendar for pending appeals.
- Treat negative findings as dated, method-bounded statements, and close the gap with counsel confirmations and management representations.
Key Authorities
- Americans with Disabilities Act (USA) - reasonable-accommodation obligations in hiring; the statutory basis for federal equal-employment enforcement against IT-sector employers.
- Section 1981, Civil Rights Act of 1866 (USA) - private right of action over race and national-origin discrimination in employment; the usual vehicle for systemic staffing-bias claims in the IT services sector.
- Companies Act 2013 (India), Sections 230-232 - the NCLT-sanctioned route for schemes of merger and amalgamation, requiring board, shareholder and creditor approval and tribunal sanction.
- SEBI (Listing Obligations and Disclosure Requirements) Regulations 2015 (India) - continuous disclosure and insider-trading compliance framework for listed companies, including exchange notification of corporate schemes.
- GDPR (EU) and UK Data Protection Act 2018; CCPA and HIPAA (USA); India's data-protection framework and RBI guidelines for banking-sector clients - the principal data regimes against which an IT/BPO provider's engagements must be mapped.
- Indian arbitration legislation, public-policy ground - Indian courts construe public-policy challenges to arbitral awards narrowly; a breach of municipal law does not by itself render an award unenforceable.
This analysis reflects the law as at June 2026. It is published for general information and does not constitute legal advice.