🚀 New: thola v1 is live. Read the launch post →
Blog
A payroll mistake costs ₹2 lakh. We saw three this quarter
Payroll mistakes and statutory exposure

A payroll mistake costs ₹2 lakh. We saw three this quarter.

2026-05-19 · 10 min read · by the thola team

The EPFO notice arrived at Ananya's office on a Wednesday.

She runs a 22-person digital agency in Gurgaon. The notice said her firm had under-deposited Provident Fund contributions for the last four months. The under-deposit was ₹47,000. The interest came to ₹14,000. The penalty was a flat ₹1.6 lakh under Section 14B. Total damage: about ₹2.2 lakh, plus the half-day Ananya spent at the EPFO office, plus the loss of dignity of explaining to her CA that her HR person had been using "the same Excel sheet she used last year" and had not updated the contribution ceilings when she added two senior hires.

This is not a rare story. 45–49% of Indian companies have at least one material payroll error per year. Penalties run ₹10,000 to ₹1 lakh per violation. 40%+ of Indian SMEs still run payroll on spreadsheets, which is exactly the substrate this kind of error is most likely to grow in.

We saw three of these in our customer base last quarter. One PF under-deposit. One TDS that got the wrong slab. One overtime calculation that was correct in the contract and wrong on the payslip for nine months running.

This is the post about how to stop being the fourth.

The three quiet mistakes

There is a particular shape to the payroll mistakes that bite Indian SMEs. They are not dramatic. They are not "we forgot to pay payroll this month." They are small, structural, and they hide for months before they surface.

1. The wrong-rate mistake

You hire a senior. Their CTC bumps over the PF wage ceiling of ₹15,000/month basic. You forget to flag them as "above ceiling." The system keeps deducting 12% of full basic instead of 12% of ₹15,000. Four months later, the contribution is wrong, and EPFO knows.

Or the reverse: you hired someone at basic ₹14,800 thinking you were below the ceiling, and then a contract revision pushed them to ₹15,200, and the ceiling logic should have kicked in retroactively, and didn't.

These mistakes are not about effort. They are about the rules changing under you faster than your spreadsheet does.

2. The attendance abuse mistake

Buddy punching — one employee clocking in for another — is endemic in Indian retail, field services, and project sites. The American Payroll Association estimates this costs up to 7% of payroll in industries where it occurs. For a ₹40 lakh annual payroll, that's ₹2.8 lakh leaking every year, to people who weren't even at work.

The reverse problem is just as bad and almost never talked about: your best worker quietly working 60-hour weeks because no one is measuring their hours, until they burn out and quit. We have seen this kill two key hires at customer companies in the last six months.

3. The compliance-drift mistake

Statutory rates change. ESIC wage ceiling, professional tax slab, TDS thresholds, gratuity-eligible service period, leave-encashment formulas. None of these change with great fanfare. They change in a notification you didn't read because it was 4 PM and you were on a sales call.

Your spreadsheet doesn't know. Your spreadsheet was last updated by the person who set it up, who was the founder's cousin, who left in 2023.

What "running payroll on a system" actually does for you

Let's be specific. Saying "use a payroll system" is the kind of advice that founders hear ten times before they act on it once, because they imagine it as a heavy implementation with a vendor and a contract. So let's describe what the actual mechanics look like inside thola — not in abstract terms.

When Priya, Ananya's HR person, opens thola's HRM module on the 25th of the month, here is what she does:

  1. She taps "Run payroll preview." The system pulls every employee's attendance, leave balance, salary structure, ad-hoc reimbursements, and the current statutory rates. It produces a draft of every payslip for the month.

  2. She scans an exception view, not every payslip. The exception view lists only the people whose pay this month is different from last month's pay. New joiner. Salary revision. Excess leave. Overtime crossing 20 hours. Two employees who crossed the PF ceiling this month. Six exceptions, total. She reviews six payslips carefully, not 22.

  3. She approves the run. Payslips generate, get emailed to employees, and the bank-transfer file is ready for upload to her bank's portal. PF, ESI, and TDS dues are computed and shown with their respective due dates.

  4. Anyone who has a question taps their payslip in the employee portal. The breakdown is there. Basic, HRA, conveyance, special, gross, PF, professional tax, TDS, net. They can request regularisation for a missed punch without having to message Priya. The leave balance shows them where they stand.

This is not a heavy implementation. Setup is a one-time onboarding — salary structures, statutory profiles, leave policies. The first month is the work; every month after is the exception review.

Attendance, the honest version

Buddy punching is solved by one specific decision: the first check-in wins, and the system is immutable.

When Karthik clocks in at 8:57 AM at Site A, the check-in is recorded with a timestamp and a geo-location. If the network drops mid-tap or the screen is tapped twice, thola recognises the retry and keeps a single clean check-in. No double clocks. No correction by the manager later. No "someone clocked in for Karthik at the other site at 9:01."

Three modes for the geofence:

  • Strict — check-in only succeeds inside the fence (warehouse manager).
  • Warn — check-in works outside the fence but flags for review (field sales).
  • Off — pure timestamp, no location (creative or remote work).

The other direction — burnout from unmeasured overtime — is solved by the same data. Every check-in and check-out builds an attendance pattern. When someone has been working >50 hours/week for three consecutive weeks, it shows up in your weekly People brief. Not as a chart. As a sentence: "Reema has logged 156 hours in the last three weeks. She's averaging 52/week. Worth checking in."

That sentence is the entire feature. Most founders we work with say it's the single most useful nudge HRM has ever given them. None of them ever asked for it.

Payroll severity tiers and where small mistakes hide

The story of the three customers, expanded

I owe you the three real stories. They're disguised but accurate.

Customer A — the PF ceiling miss

26-person retail chain in Hyderabad. Hired two new managers in January at basic ₹18,500/month. Old payroll spreadsheet treated everyone's PF as 12% of full basic. Under-deposit ran for four months before they switched to thola.

On their first run-through with thola, the preview flagged a discrepancy: "Two employees marked as 'standard' PF have basic above the ceiling. Are these voluntary higher contributions, or should they be capped?" The owner picked "cap." The next month was correct. They still got the EPFO notice for the prior four months — thola doesn't time-travel — but they didn't have a fifth month of exposure.

Customer B — the field-staff overtime

12-person events-rental company in Mumbai. Field crew works site shifts that often run past midnight. The contract specified overtime at 2× basic for hours beyond 9 PM. The payroll spreadsheet had the formula at 1.5× because someone copied a template from a different industry.

Nine months. ₹3.6 lakh in cumulative underpayment, on a 5-person field crew. One of them found out, talked to the others, two of them quit, the owner had to settle. Total cost including the settlements: north of ₹6 lakh, plus two trained crew members gone.

The thola payroll engine reads the salary structure as a structured object — base components, OT rules, statutory overlays. The 2× overtime rule, configured once, applies correctly every month forever. It would not have made this mistake.

Customer C — the TDS slab change

8-person bootstrapped SaaS in Bangalore. Two engineers got salary revisions in April that pushed them into a higher TDS bracket. The HR person used the old computation. Three months of under-deduction. ₹84,000 to settle, plus interest at 1.5%/month on the under-deducted amount.

On thola, statutory rate updates land as small backend changes — when slabs revise, the system uses the new slab from the effective date. The HR person does not need to update a sheet. She cannot accidentally use the wrong slab.

What it looks like a month later

For Ananya, after switching:

  • The payroll run on the 25th went from "a stressful 6-hour day" to "a 40-minute review of seven exceptions."
  • Three employees who had previously challenged their payslips because the breakdown wasn't transparent stopped challenging them, because they could now see the breakdown themselves.
  • The compliance dashboard tells her, at any given moment, what her next PF/ESI/TDS deposit is, what date it's due, and what amount.
  • She has not received another EPFO notice. (Yet — but the structural reasons she got one are gone.)

The deeper change is something she said to us in a customer interview: "I used to dread the 25th. Now I dread the day before, because I'm waiting for the exception list, and I'm anxious it'll be longer than usual. It usually isn't."

Anxiety relocated from a six-hour task to a five-minute one. That's roughly the value of the whole product.

What we're not pretending to do

The honest limits:

  • Shift scheduling optimisation is not yet shipped. We do attendance, leave, and payroll cleanly. We don't yet help you build a multi-shift roster from headcount and demand forecasts.
  • Per-role KPI scoring (closing rate for sales reps, deployment frequency for engineers) is planned, not shipped. The performance signals you get today are time-and-attendance based.
  • The compliance engine is India-first. If you have employees in the UAE or Singapore, you have payroll capability but the statutory profiles are India-specific. UAE WPS and Singapore CPF are on the roadmap.
  • We don't replace your CA. The system computes PF/ESI/TDS correctly and shows you the due dates. Filing still goes through your CA.

Get started

If you want to move payroll off a spreadsheet without a heavy implementation, the HRM setup walkthrough takes about ninety minutes for a 20-person company.

The next EPFO notice doesn't have to be yours.

The 9-second bill at the kirana counterStuck deals are not a sales problem
Share this post
Post on XLinkedIn

Related posts

Projects·19 May 2026

Onboarding a project worker without a thola account.

The mason. The electrician. The freelance designer. The contractor's crew. The people who do the work but don't have your software. Here's how they sign in anyway — and why that changes project sites.

Language·19 May 2026

What changes when your shop floor finally speaks Tamil.

Your factory supervisor speaks Tamil. Your HRMS is in English. He stopped using it in week one. Here's what happens when the software finally meets him where he is.

Finance·19 May 2026

Catching cashflow trouble three weeks earlier.

Most founders learn they have a cash problem on the Sunday they update the runway sheet. Here's what the same problem looks like when you see it the day it starts.