Sec 134(5) increases focus on Corporate Governance and compliance, besides risk and internal controls. Under section 134(5)(f), director’s need to certify that they have devised proper systems to ensure compliance with the provisions of all applicable laws and that such systems were adequate and operating effectively

<h2>Cost of Non Compliance</h2>
What is the worst case scenario, purely in terms of penalties imposed by the Ministry on non compliance of the section.
A very rough estimate and no way can anyone determine the true answer.

Rs 25 lakhs fine at company level.
Assuming 10 Directors, maximum penalty of Rs 5L each amounts to Rs 50L.
Each officer can be termed as key managerial person or even lower down the chain. Assuming 200 such employees in a decently large company. (200X5)= 1000 Lakhs

So, even if we aggregate at this level only and not worry about other related and connected penalties and losses due to non compliances, the total is approximately Rs 11 crore.

<h2>What can we do</h2>
As a company, you can do a lot to protect the value of the organisation and comply. Here are top five things that a company should be doing to truly comply with this section.

1. Get the Governance Right.
Section 134 is all about governance and oversight. There is no point getting risk, compliance and other things in place, when the Baord could care less about it and does not deliberate on the issues. Until the Board  oversight is present, everything else is immaterial.

2. Code of Conduct - A must

3. Start with the process
To make a beginning, establish the process and execution engine first. If there are risk, control gaps or non compliances, how will they be dealt with. How to report, whom to escalate etc. The framework is important to get the picture complete.

4. Establish policies and framework
Next, articulate the requirements in the form of Board approved policies. All four areas are important and so should have board approved policies. These are 
- Risk Management Policy
- Fraud Policy
- Internal Control Framework
- Compliance Management Policy

5. Execute identification process
Once the oversight, policy and processes are laid out, get the identification process going. Identify weak areas, control lapses, top risks, areas where fraud could occur or Regulations that are difficult to monitor for compliances. Build excel sheets, risk registers, risk control matrix etc. This helps company to identify what are the issues.