Why Contract Review Matters
Every commercial contract in India is primarily governed by the Indian Contract Act, 1872 - the foundational statute that determines whether an agreement is enforceable, how it can be discharged, and what remedies are available for breach. Layered on top of this are sector-specific laws (FEMA for foreign transactions, IT Act for digital services, SEBI regulations for financial services), the Specific Relief Act, 1963 (for injunctions and specific performance), and the Arbitration and Conciliation Act, 1996 (for dispute resolution).
A contract is not just a formality. It is a legally binding document that allocates risk, defines obligations, and establishes the rules for resolving disputes. Signing without careful review - particularly of the seven clauses below - can expose businesses to financial loss, operational disruption, and regulatory risk.
1. Scope of Services or Obligations
This is the clause that defines what each party has agreed to deliver. Vague scope clauses are the single most common root cause of commercial disputes in India.
Before signing, confirm that:
• All deliverables are defined in specific, measurable terms
• Timelines and milestones are realistic and clearly documented
• Responsibilities for dependencies (e.g., client to provide data, vendor to provide tools) are assigned
• Exclusions - what is not included - are clearly stated
For technology, SaaS, and fintech contracts, also review: uptime and performance SLAs, cybersecurity and data security responsibilities, support response times, and API usage or transaction volume limits.
2. Payment and Pricing
Financial terms are among the most contested clauses in commercial agreements. Review carefully:
• Whether pricing is fixed or variable, and what triggers variable adjustments
• Payment milestones, timelines, and bank account/payment method details
• All taxes: GST applicability, TDS obligations, withholding tax for cross-border payments
• Late payment interest rates - typically governed by the MSME Development Act for dues to MSMEs
• Automatic renewal clauses - these are frequently overlooked and can lock businesses into contracts they wish to exit
• Refund conditions and circumstances under which fees are non-refundable
For fintech and SaaS contracts, also review billing triggers tied to API calls, transaction volumes, or user counts, which can create unexpectedly high charges during scaling.
3. Confidentiality and Data Protection
In today's data-driven environment, confidentiality and data governance provisions are among the most commercially and legally important clauses in any contract.
Specifically review:
• Definition of confidential information - is it narrow (trade secrets only) or broad (all business information)?
• Exclusions from confidentiality - typically public information, independently developed information, and court-ordered disclosure
• Data localisation requirements - for contracts involving personal data, alignment with the DPDP Act, 2023 is increasingly important
• Cross-border data transfer restrictions - relevant for contracts with foreign vendors processing Indian user data
• Return or destruction of confidential information on termination
• Cybersecurity responsibilities - who is responsible for securing shared data, and what are the breach notification obligations?
Weak confidentiality clauses can create serious exposure under the DPDP Act and sector-specific regulations for financial and customer data.
4. Limitation of Liability
Under the Indian Contract Act, 1872, parties generally have freedom to contractually limit liability. This makes the limitation of liability clause one of the most heavily negotiated - and most impactful - provisions in any commercial agreement.
Key points to review:
• Cap on liability: Is total liability capped? At what amount - annual fees, total contract value, or a fixed sum?
• Exclusion of consequential and indirect losses: These exclusions are standard but should be evaluated in the context of the actual risk. A data breach, for example, could cause losses far exceeding the contract value.
• Carve-outs: Many contracts exclude fraud, wilful misconduct, and IP infringement from the liability cap. Ensure these carve-outs are present.
• Regulatory penalties: Check whether the clause attempts to limit liability for regulatory fines - this is unlikely to be enforceable but should be clarified.
For regulated businesses, ensure that contractual liability terms are consistent with any regulatory requirements regarding minimum liability standards.
5. Termination
Termination clauses govern how, when, and under what circumstances the contract can be ended. Poorly negotiated termination rights can trap businesses in unfavourable or non-performing agreements.
Review the following:
• Termination for convenience: Can either party exit without cause? What notice period applies?
• Termination for cause: What events trigger a right to terminate? Is there a cure period before termination becomes effective?
• Automatic termination triggers: Insolvency, change of control, or regulatory licence revocation are common automatic triggers - check whether these apply to your situation.
• Post-termination obligations: Data migration, return of assets, ongoing confidentiality, and transition support requirements.
• Technology contracts specifically: Who owns the data and IP after termination? What are the data export and deletion timelines?
6. Dispute Resolution
India has a well-developed arbitration framework under the Arbitration and Conciliation Act, 1996 (as amended in 2015, 2019, and 2021). Note: A draft Arbitration and Conciliation (Amendment) Bill, 2024 is under consultation; it proposes to promote institutional arbitration, introduce statutory emergency arbitration, and modernise digital proceedings. Separately, conciliation proceedings are now primarily governed by the Mediation Act, 2023 (in force from October 2023), which has replaced conciliation under the Arbitration Act for most purposes. However, dispute resolution clauses are frequently drafted carelessly, creating significant practical and legal uncertainty.
Key points to review:
• Arbitration vs litigation: Arbitration is generally faster and more confidential than court proceedings for commercial disputes. The clause should specify the arbitration institution (e.g., ICC, SIAC, DIAC, or domestic institutions), seat, and governing rules.
• Seat of arbitration: The seat determines which court exercises supervisory jurisdiction. Indian courts have exclusive jurisdiction over Indian-seated arbitrations.
• Governing law: Specify Indian law or the applicable foreign law. A mismatch between governing law and dispute resolution venue creates enforcement problems.
• Pre-arbitration steps: Many contracts require negotiation or mediation before arbitration. Understand the timeline and procedural requirements.
• Cross-border contracts: For international contracts, ensure enforceability in the counterparty's jurisdiction - India is a signatory to the New York Convention on enforcement of arbitral awards.
7. Compliance and Regulatory Obligations
As India's regulatory environment becomes more complex, compliance clauses have moved from peripheral boilerplate to commercially critical provisions - especially for fintech, financial services, SaaS, and data-driven businesses.
Review and negotiate:
• Each party's specific compliance obligations: AML/KYC, data protection, cybersecurity, sector-specific regulatory requirements
• Audit rights: Does the contract allow you to audit the counterparty's compliance with their obligations? This is standard in regulated financial services.
• Regulatory change clauses: What happens if a change in law materially alters the cost or feasibility of performance? Who bears that risk?
• Third-party compliance: If the counterparty uses sub-contractors or sub-processors, do equivalent compliance obligations flow down?
• Representations and warranties: Request written representations that the counterparty holds all licences required to perform the contract and is not in breach of applicable law.
Additional Clauses to Review
Intellectual property ownership
For contracts involving software development, content creation, or technology work, IP ownership should be explicitly addressed - particularly whether work product created for you is assigned to you or remains with the vendor.
Non-compete and non-solicitation
Under the Indian Contract Act, 1872, post-termination non-compete clauses are generally void as restraints of trade (Section 27) unless they fall within very narrow exceptions. However, non-solicitation of clients and employees during and for a reasonable period after the contract is generally enforceable. Understand which provisions are likely enforceable in India before relying on them.
Force majeure
Post-pandemic, force majeure clauses have taken on new importance. Check whether the clause covers: cyber incidents, regulatory action, and data centre outages - not just traditional 'acts of God.' Also check whether force majeure allows termination (not just suspension) if the event continues beyond a defined period.
Common Contract Review Mistakes
• Focusing only on commercial terms and ignoring liability, compliance, and IP clauses
• Signing standard templates without legal review - especially for contracts involving significant financial exposure or sensitive data
• Overlooking automatic renewal clauses and missing contractual notice deadlines
• Not involving legal, compliance, and IT/cybersecurity teams in technology contract review
• Failing to assess whether the counterparty actually has the regulatory licences and operational capacity to deliver
Conclusion
Careful contract review - anchored in India's legal framework under the Indian Contract Act, Arbitration and Conciliation Act, DPDP Act, and sector-specific regulations - is one of the most effective risk management tools available to any business. The seven clauses above represent the areas most likely to create material legal, financial, or compliance exposure if inadequately reviewed.
At KP Regtech, we assist businesses with compliance advisory, governance frameworks, regulatory documentation, and contract-related compliance support tailored to modern business and regulatory environments.