Workforce Risk Intelligence

India.
Decision Intelligence Report

How market structure shapes verification outcomes, and where expectations diverge from reality

Candidate
Documents
Fake docs
Institution
No response
Process
Constraints
Report
Incomplete
No national criminal database. 28 states, 28 separate court systems.
48% of education checks require manual registrar chase. NAD covers only 20%.
9.46% discrepancy rate in IT/ITES. Detection tools exist. Most programmes do not include them.
Validate your India programme
ClassificationIntelligence briefing
Risk levelHIGH VARIABILITY
UpdatedMay 2026
Sources26 cited
India verification: key facts

If this is how your verification works, you already have a visibility gap

Most verification gaps in India do not come from poor processes.
They come from what the ecosystem is able to confirm within standard timelines.

Non-response is treated as completion
No reply from employer or institution.
No confirmation received.
Case still closed.
The outcome reflects process completion, not institutional confirmation.
Partial checks are marked as "Green"
Limited data is interpreted as a clean result.
Missing information is not flagged as risk.
"Green" reflects availability, not validation.
No source traceability
The report does not show who confirmed the data,
how it was verified,
or what remains unknown.
Without traceability, the result cannot be defended.
No escalation logic
Unverifiable data is treated as delay, not risk.
The case is completed without defining what is missing.
Constraints emerge from how the ecosystem operates. Closure reflects timeline pressure, not risk assessment.

Green should mean verified.
Not simply unresolved.

Decision trigger
Does your current process:
  • Flag non-response as a risk in your report?
  • Mark incomplete checks as Amber or Red?
  • Show exactly what was not confirmed?
Or does everything still come back as "Green"?

If this reflects your current model, you are operating with incomplete visibility.

Validate your India programme Review your verification model
Quick self-check

Is your current verification model doing this?

If you recognise even one of these, your verification process is operating with incomplete visibility.
Strategic model

Verification Reality Model

How outcomes are produced in constrained environments

Verification Reality Model A layered strategic model showing how verification outcomes are produced in India, from document inputs through dependencies, constraints, interpretation, and output to business impact. 01 WHAT ENTERS THE SYSTEM Candidate documents IDs, certificates, letters Employment history Roles, tenures, references Education records Degrees, transcripts, awards 02 WHAT THE PROCESS DEPENDS ON Employers Universities Databases Courts / Police 03 HOW THE SYSTEM BEHAVES IN REALITY Non-response Silence = no data Fragmented data No central source Payment friction Bank drafts, delays Legal timelines Court backlogs Closed entities Unreachable sources These constraints shape every outcome below this line 04 HOW OUTCOMES ARE RESOLVED Wait vs Proceed SLA pressure decides Escalate vs Close Process logic decides Partial vs Complete Scope defines result 05 WHAT IS REPORTED Green / Clean Case closed No discrepancy Nothing flagged Incomplete Rarely flagged In many cases, what is not verified is not always visible in the final report. THE INVISIBLE GAP 07 WHAT IT MEANS Client trust Relationship risk Audit exposure Documentation gaps Compliance risk Regulatory exposure Contract continuity Commercial consequence Outcomes are not driven by isolated failures. They are shaped by how the system operates.
01 / Reality

India is the largest verification corridor in global screening

5.4M+ IT-BPM workforce. 28 states. 1,168+ universities. No centralised criminal database.
This scale shapes your verification outcomes in ways your programme may not account for.

0
IT-BPM workforce
NASSCOM, 2024
0+0
States + UTs
Decentralised judiciary
0
UGC-recognised universities
As of 2024
DPDP
In force
Rules notified Nov 2025
What your organisation assumes
Fixed timelines across all cases
Complete data from every source
Fast closure on all checks
National criminal database search
Cost correlates with quality
SLA compliance = thoroughness
What actually happens
Variable timelines driven by institution, geography, and employer responsiveness
48% of education checks require manual registrar chase. Data quality is inconsistent.
Closure depends on external response at every step. The process controls timing, not outcome.
No national DB exists. District + state search is geography-dependent.
Low cost means fewer verification layers, not more efficient operations.
SLA compliance is often achieved by closing cases before institutional confirmation is received.
Decision trigger

Does your current process differentiate by candidate geography, or does it apply the same workflow to a Bangalore engineer and a Jaipur graduate?

If your process treats India as a single market, this variability is already shaping your verification outcomes.

This means completeness depends on what is accessible at source, not what your programme expects to receive.

These conditions exist across most verification environments in India. They are not exceptions.

In India, verification depends on external response and institutional cooperation.
Both vary by geography, institution, and timing.

The question is not whether your organisation screens. It is what your screening actually confirms.

Your verification outcomes are influenced by what can be confirmed within this environment.

02 / Where It Breaks

Where It Actually Breaks

Verification does not fail in one place.
It breaks across a chain of ecosystem dependencies that shape your verification outcomes at every stage.

Your verification dependency chain
Step 01
Document Level
Candidate submits documents. Without institutional verification infrastructure, documents are accepted as presented.
Constraint point
Fake, altered, or incomplete records enter the process unchallenged.
No institutional validation infrastructure exists to catch them at intake.
Every subsequent check is built on unverified input.
Authenticity is assumed because the ecosystem provides no mechanism to confirm it at this stage.
This means your entire check rests on documents the ecosystem has no way to validate at intake.
Step 02
Institution / Employer Level
The institution or employer is contacted. No response is received.
Constraint point
The check cannot complete without external cooperation.
The process must either wait or proceed with available inputs.
In practice, cases often move forward. Silence is recorded as absence of risk, not absence of data.
The gap is filled with interpretation, not evidence, because the ecosystem did not respond.
This means your result reflects available data, not confirmed data.
Step 03
Process Decision Point
Data remains incomplete. The SLA deadline is approaching.
Constraint point
SLA timelines and institutional response timelines are misaligned.
The process must close the case. Incomplete information is interpreted, not escalated.
The outcome is shaped by what was accessible, not what was confirmed.
Completion reflects process requirements, not institutional confirmation.
This means your report reflects a process outcome, not an institutional confirmation.
Step 04
Report Output
Your final report is delivered. It shows a clean result.
Break point
Incomplete checks are marked "Green" or "No discrepancy found."
What was never confirmed is not distinguished from what was verified.
Your organisation acts on this result. Hiring decisions follow.
The report reflects completion, not confirmation. The distinction is not visible.
This means your report reflects what was available, not what was confirmed.

If your process moves forward within these constraints without clearly defining what is confirmed and what is not, you may be operating with incomplete visibility.

These gaps are rarely visible during hiring. They are often identified during audit, dispute, or incident review.

In many cases, what is not verified is not always visible in the final report.

Decision trigger

How does your current process handle non-response?
What actually happens when verification cannot be completed?
Are you distinguishing between confirmed data and available data?

where verification actually resolves
Education verification paths: operational reality
Distribution across institutional access tiers. 48% still resolve via manual registrar chase.
100%
verification paths
NAD digital lookup1-2 day TAT, near-zero cost
20%
University portal with fee3-5 day TAT, online payment
18%
Manual registrar email/form5-10 day TAT, multiple chases
48%
Bank draft / physical submission10-14 day TAT, bank intermediary
14%
Source: OutsourceVerify India operating distribution, weighted across UGC-recognised institutions.
detection frequency
Red flag detection rate: Indian tech-outsourcing programmes
Per 1,000 candidates verified. IT services and GCC client base, 2023-2026.
Concurrent EPFO contributionsmoonlighting
3-6%
30-60 / 1k
Date manipulationoffer/relieving letter mismatch
2.5-4.2%
25-42 / 1k
Affiliated-college issueunauthorised programme
1.8-3.5%
18-35 / 1k
Inflated designationtitle vs contribution wage band
1.5-2.8%
15-28 / 1k
Non-operational employershell or struck-off entity
0.8-1.8%
8-18 / 1k
Fabricated reference networksame number across candidates
0.3-0.6%
3-6 / 1k
Source: OutsourceVerify operating data, 2023-2026. Rates vary by industry vertical and seniority mix.
turnaround time by check
Realistic TAT range per check type (days)
Observed ranges across India programmes. Gold marker = typical median.
IdentityAadhaar + PAN
0d3d7d10d14d
0-2 days
EmploymentUAN + HR confirm x 2
0d3d7d10d14d
3-5 days
EducationNAD if covered, else registrar
0d3d7d10d14d
2-10 days
Criminaldistrict + 1-2 states
0d3d7d10d14d
5-10 days
Address, urbanfield-visit, metro
0d3d7d10d14d
3-7 days
Address, remotefield-visit, tier-2/3
0d3d7d10d14d
5-10 days
Source: OutsourceVerify India operating data, 24-month rolling window.
4x
Investigation increase
Since 2019
9.46%
IT/ITES discrepancy rate
AuthBridge, H2 2024
25-30%
Moonlighting rise
IT sector, 3-year trend
2
Detection methods
UAN + PAN 26AS
Decision trigger

How does your current process handle non-response?
What actually happens when verification cannot be completed?
Are you distinguishing between confirmed data and available data?

Every number above reflects an outcome shaped by ecosystem constraints, not process design.

The question is not whether discrepancies exist in your pipeline.

It is whether your programme is structured to surface them.

9.46%discrepancy rate in Indian IT/ITES screening
03 / Operational Reality

How verification resolves when the ecosystem does not cooperate

Four check types. Four structural constraints. Four outcomes shaped by how India's verification infrastructure operates.

Education Verification
What happens

48% require manual registrar chase.
NAD covers only 20%. Affiliated colleges do not respond independently.
Bank draft submissions add 10-14 days.

How it resolves

Database lookup is attempted. If NAD returns nothing, document authentication substitutes for institutional confirmation.
The case closes on time.

What your report shows

Your report shows "verified" but confirms document appearance, not institutional award.
Whether the institution awarded the degree remains unknown.

Reality insight

"Degree looks authentic" is not the same as "institution confirms award."
One is a document check. The other is education verification. The ecosystem often supports only the first.

Employment Verification
What happens

Small employers, dissolved companies, informal contractors do not respond.
Pre-2014 EPFO records are incomplete. GST-deactivated entities are unreachable.

How it resolves

After 2-3 contact attempts with no response, experience letters are accepted as available evidence.
UAN trace is not included if outside scope. The case closes as "verified."

What your report shows

Employment "verified" against documents the candidate supplied, not independent sources.
Concurrent employment is invisible without UAN.

Reality insight

UAN reveals every PF-registered employer, contribution dates, and concurrent employment.
Without it, the process verifies documents, not employment. This is a scope limitation, not a shortcut.

Criminal Record Search
What happens

No national criminal database.
District courts searchable via eCourts. Pending FIRs are invisible.
State High Courts maintain separate portals with varying quality.

How it resolves

Database search runs against available portals.
"No record found" is reported without qualifying the search scope.
No distinction between "searched and clear" and "not searchable."

What your report shows

"Clear" in your report means "nothing found in the databases searched."
Not "no criminal history."
Pending cases and out-of-scope districts remain invisible.

Reality insight

A clean criminal report tells you what was searched, not what exists.
The scope qualification is the most important line in the report.

Address Verification
What happens

Physical field visits required.
Metro: 3-5 days. Tier-2/3: 5-10 days.
Remote locations require multiple attempts.

How it resolves

Postal verification or digital-only methods substitute for field visits.
In some cases, satellite imagery is used in place of physical presence.

What your report shows

Address "confirmed" without physical presence.
No geo-tagged photograph. No neighbour corroboration.

Reality insight

GPS-tagged field visit with neighbour corroboration is the gold standard.
Everything else is a trade-off between coverage and cost.

Decision trigger

How does your current process handle non-response?
What actually happens when verification cannot be completed?
Are you distinguishing between confirmed data and available data?

These are not process failures. They are structural constraints. The question is whether your programme accounts for them.

This means verification results are shaped by available data, not always confirmed data. The outcome reflects what the ecosystem could provide.

These patterns are not exceptions. They are common operating conditions across India's verification infrastructure.

Penalties up to ₹250 crore.

The compliance gap is not in the regulation. It is in how your programme aligns with it.

04 / Risk Impact

Three risk dimensions. One verification programme.

Your exposure depends on where ecosystem constraints intersect with your onboarding expectations and business consequence.

Hiring Risk

  • Concurrent employment undetected in your pipeline
  • Fabricated credentials pass your document-only checks
  • Deepfake identity fraud: 42% encounter rate
  • Shell company references in your candidates' history
  • 30-60 per 1,000 with concurrent EPFO contributions

Operational Risk

  • Variable TAT breaks your SLA reporting at scale
  • Tier-2/3 candidates create outlier timelines in your programme
  • Field visit coverage gaps in your remote locations
  • Institutional non-response forces closure before confirmation
  • Speed optimisation creates trade-offs with verification depth

Audit / Compliance Risk

  • DPDP Act 2023: penalties up to ₹250 crore
  • No consent capture trail in your verification platform
  • Sub-processor lists not maintained or disclosed in your programme
  • RBI, SEBI, IRDAI require deeper checks than standard screening provides
  • Check-level closure evidence may not be available in your current process
Scenario simulation

How ecosystem constraints in your verification become a compliance incident

1
Candidate passes your screening
All green. Education and employment marked verified in your report.
2
Verification was constrained
Education: document check only, institution did not respond. Employment: experience letter only, UAN not in scope.
3
Candidate joins your organisation
Onboarded to your regulated client project. Access to customer data.
4
Incident occurs
Concurrent employment discovered. Or: credential questioned during your client's audit.
5
Audit exposure
Institutional confirmation was never received. Consent trail incomplete. DPDP breach notification required.
Decision trigger

How does your current process handle non-response?
What actually happens when verification cannot be completed?
Are you distinguishing between confirmed data and available data?

Most organisations do not see these constraints until an audit, dispute, or incident makes them visible.

This means the outcome reflects what could be validated within the constraints, not necessarily what is true.

In most cases, these gaps are not immediately visible. They surface when the outcome is tested.

Lower cost reduces your verification depth.

The trade-off is not visible until a discrepancy surfaces in your programme.

05 / What This Means

Executive intelligence summary

7 conclusions for decision-makers

Executive Intelligence Summary

India: 7 conclusions for decision-makers

  1. Variability is the defining characteristic. 28 states, 1,168+ universities, no national criminal database. The infrastructure is fragmented by design, not by accident.

  2. Sub-3-day SLAs on full packs signal a scope trade-off, not efficiency. They indicate database-only checks without institutional confirmation. If your programme operates on this timeline, your education checks are likely document-level only.

  3. DPDP compliance is now a contractual requirement, not a roadmap item. Rules notified, deadlines fixed, penalties up to ₹250 crore. If your programme does not reference DPDP, it is operating outside the compliance framework.

  4. Moonlighting and deepfake fraud are operational threats, not hypothetical risks. 9.46% discrepancy rate in IT/ITES. 42% encounter rate for suspected deepfake fraud. Detection tools exist. Most standard programmes do not include them.

  5. Price comparison without scope comparison is misleading. Lower-cost options often exclude the checks that surface the most serious discrepancies. If your evaluation does not compare scope, it compares the wrong thing.

  6. The UAN trace is the single most powerful tool in India verification. It reveals every PF-registered employer, contribution dates, wage bands, and concurrent employment. If your programme does not include it, your employment checks are structurally incomplete.

  7. Your programme evaluation should test for operational depth, not presentation quality. Ask for check-level closure evidence, consent capture audit trails, field network coverage maps, and DPDP compliance documentation.

DPDP Act 2023 + Rules 2025: the binding compliance timeline
Penalties up to ₹250 crore. Phased through May 2027.
What's happening

Digital Personal Data Protection Act, 2023 enacted August 2023. DPDP Rules notified 13 November 2025 with binding obligations phased through May 2027. Consent infrastructure now mandatory.

Why it matters

This applies to all entities processing Indian personal data, including BGV vendors as data processors. Explicit, informed, purpose-limited consent before every check. Breach notification SLAs codified.

Where it breaks

Programmes without documented DPDP compliance: no consent capture, no sub-processor list, no breach notification SLA. Legacy platforms built before consent-by-design requirements.

Reality insight

Most enterprise BGV contracts signed before Nov 2025 do not reference DPDP compliance. Your renewal cycle is the remediation window. Miss it, and your programme inherits the compliance gap.

Sector-specific mandates: RBI, SEBI, IRDAI

Procurement implication If your offshore workforce serves regulated clients (banking, insurance, capital markets), your verification programme must meet the regulator's standard, not just your internal policy. Confirm which regulatory frameworks your programme complies with. If the answer is unclear, that is the gap.

In many cases, what is not verified is not visible in the final report. If none of this is reflected in your current reporting, these constraints are already shaping your outcomes.

These gaps are rarely visible during hiring. They are often identified during audit, dispute, or incident review.

06 / BPM Impact

What this means for BPM and outsourcing operations

In BPM and outsourcing environments, verification outcomes are closely tied to client trust, compliance obligations, and operational integrity.

01
Client trust and contractual risk

Enterprise clients expect verified workforces as a baseline, not a value-add. Contractual obligations typically include screening completion rates, turnaround SLAs, and documentation standards. When hiring integrity is dependent on ecosystem constraints that are not visible in reporting, the gap sits between what was promised and what was delivered.

This means hiring outcomes directly influence client relationships and contractual commitments.
02
Audit and compliance exposure

Client audits and regulatory reviews examine verification records at the check level. They surface what was confirmed institutionally, what was closed on available data, and where documentation trails are incomplete. Programmes that do not distinguish between these outcomes carry exposure that is invisible during normal operations.

This means gaps that are not visible during hiring are often identified during audit.
03
Operational risk at scale

BPM operations hire at volume. When a small percentage of checks resolve on available data rather than confirmed data, the absolute number of unverified records compounds across hiring cycles. A 3% gap in a 500-person intake is 15 individuals. Across four quarters and multiple delivery centres, these inconsistencies become systemic.

This means small gaps can scale into systemic operational risk.
04
Client contract impact

Enterprise contracts increasingly include compliance clauses tied to verification depth, regulatory alignment, and data protection standards. Breach scenarios arise not from deliberate non-compliance, but from structural gaps between what the programme covers and what the contract requires. When verification scope does not match contractual expectations, disputes follow.

This means verification gaps can translate into contractual disputes or loss of client relationships.

Verification is not only a hiring control.

In BPM environments, it operates as a client assurance mechanism.

These dynamics are not unique to any single programme. They reflect how risk translates into business impact across BPM operations in India.

Decision trigger

Does your verification programme align with your client contractual obligations?
Are check-level outcomes visible at the audit level?
How does your programme account for ecosystem constraints at scale?

India is hiring AI roles faster than it can verify them.

The screening models built for 2020 hiring volumes do not survive 2026 role categories.

07 / AI Workforce Pressure

India's AI hiring is outpacing the screening models built for it

AI-linked job postings projected at ~380,000 positions in 2026. AI/ML hiring up 40% year-on-year. 55% of occupational categories now reference AI skills. Three different role categories. Three different screening problems.

0
AI/ML hiring YoY growth
Naukri JobSpeak, Feb 2026
~380K
AI-linked postings (2026 projection)
+32% YoY
1.25M
AI talent demand by 2027
NASSCOM + Deloitte
~230K
Data science shortage by 2026
NASSCOM
AI is not one workforce. It is three workforces with three different screening problems.
Build · Deploy · Transformed-By. Each category creates its own verification gap.
What's happening

AI-linked job postings in India will reach ~380,000 positions in 2026, a 32% year-on-year jump. IT-Software and Services leads with 37% of AI roles; BFSI is second at 15.8%. AI/ML hiring grew 40% YoY in February 2026 even as the overall IT sector remained flat. GenAI and LLM skills surged 60% YoY.

Why it matters

AI roles cluster into three distinct categories: candidates who build AI systems, candidates who deploy AI into production, and candidates whose work is being transformed by AI tooling. The screening implications are completely different across the three, and most BGV programmes do not distinguish between them.

Where it breaks

Standard packages screen for identity, education, prior employment, and criminal record. None of those signals validate what an AI candidate actually built, what they actually deployed, or what credentials they actually used AI to manufacture. The gap is not in the checklist. It is in what the checklist was designed to detect.

Reality insight

The demand-supply gap on key AI roles sits between 60% and 73% per NASSCOM. That premium pulls candidates with weak or inflated credentials into hiring pipelines that were never designed to verify them. The screening model is the last control before the offer letter.

Industry breakdown: 2026 AI hiring growth across five focus industries

YoY AI hiring growth
AI/ML role hiring growth by industry, India 2026
Year-on-year hiring growth for AI-skilled roles. IT-Software leads in absolute volume; BFSI and Healthcare lead in growth rate.
BFSI & FinTechAI hiring growth
+41%
+41% YoY
Healthcare & PharmaAI hiring growth
+38%
+38% YoY
IT-Software & BPO37% of all AI roles in India
+37%
+37% YoY
Retail & E-commercecustomer-facing AI deployment
+31%
+31% YoY
Logistics & Supply Chainroute, demand, fleet AI
+25%
~+25% YoY
Sources: Naukri JobSpeak Index Feb-Mar 2026 · NASSCOM AI Talent Outlook · LinkedIn India Workforce Report 2026. Logistics growth interpolated from sectoral trend data.

The three AI workforces — and what each one breaks in standard screening

Workforce 1: Build AI
Data scientists · ML engineers · AI researchers · MLOps · data architects
Population

Smallest of the three. ~10-15% of India AI roles by volume. Concentrated in BFSI, IT services, GCCs, and AI-native startups. Entry compensation runs ₹8-15 LPA versus ₹4-6 LPA for general software developers: a 2x salary premium at entry level.

Why screening breaks

Demand-supply gaps of 60-73% mean a small population of credentialed candidates faces enormous pull. Inflated AI credentials are now systematic. Self-reported model contributions, paper authorship, and "led AI for X" claims cannot be validated from a CV. References from prior employers default to "performed assigned duties" because IP-sensitivity blocks specifics.

What an operator changes

Build-AI screening requires technical reference triangulation: validating named publications, named model contributions, and named production deployments against the actual evidence (Git history, paper authorship, named conference talks). Standard reference checks cannot do this. AI tool-assisted technical reference verification can.

Reality insight

Build-AI candidates often have active non-compete and IP-restriction clauses from prior employers. A clean criminal-and-employment package can still leave the hiring company exposed to trade-secret litigation. BGV scope must extend into IP and prior-restriction enforceability, not just identity and history.

Workforce 2: Deploy AI
Software engineers integrating AI features · AI product managers · platform engineers · agentic AI developers (LangChain, CrewAI)
Population

Middle category. ~30-40% of India AI roles by volume. LinkedIn India data: postings requiring LangChain, CrewAI, or "AI agent" skills grew 300% between January 2025 and March 2026. NASSCOM projects 50,000 specialised agentic AI professionals needed by 2027.

Why screening breaks

Deploy-AI candidates have production-system access: API keys, model endpoints, customer data flowing through prompts, vendor model agreements. Standard employment verification does not surface access-level history: who had what credentials at what employer, when revocation happened, whether they retained API keys past offboarding. The blast radius of a bad deploy-AI hire is the entire customer data corpus.

What an operator changes

Deploy-AI screening adds credential-hygiene verification to the standard pack: prior-employer offboarding confirmation, API key revocation evidence, third-party model agreement compliance, and adverse-media screening for prompt-injection incidents or data-exposure events.

Reality insight

This is the workforce where moonlighting risk is concentrated. AI tools collapse the time required to deliver Job A, freeing capacity for Job B. The Wipro disclosures of 2022-2023 surfaced moonlighting as a board-level concern; agentic AI tooling in 2026 has materially increased the surface area. Continuous monitoring is no longer optional for this category.

Workforce 3: Transformed by AI
Customer service · content writers · analysts · HR ops · finance ops · BPO operators whose work is being reshaped by AI tooling
Population

Largest of the three. ~50-60% of the AI-affected workforce by population, though usually not counted in "AI hiring" statistics because the job titles look unchanged. 55% of occupational categories now reference AI skills. This is the offshore workforce that OutsourceVerify's clients hire at scale.

Why screening breaks

Transformed-by-AI candidates increasingly use AI tools to manufacture their own CVs: AI-written cover letters, AI-generated portfolio samples, AI-augmented references. Standard CV-fraud detection patterns from the pre-AI era look for typos, dates, and inconsistencies. AI-generated CVs do not have those tells. The fraud signal moved.

What an operator changes

Transformed-by-AI screening adds behavioural and synchronous-interaction verification: structured live conversations that confirm the candidate can actually do what their AI-assisted CV claims. It also extends to candidate cyber hygiene verification: does the candidate's email, password, and identity-document hygiene match the role they are applying for? This is the workforce most exposed to deepfake-candidate fraud per US DOJ enforcement actions (2025-2026).

Reality insight

This is where the volume risk lives. A BPM operator hiring 500 people per quarter cannot screen each candidate manually for AI-augmented claims. The screening programme has to assume AI assistance is universal and design around that assumption, rather than treating it as an exception.

2x
Entry-level salary premium
AI/ML roles vs general dev
60-73%
Demand-supply gap
Key AI roles per NASSCOM
+300%
Agentic AI skill postings
Jan 2025 to Mar 2026, LinkedIn India
55%
Occupational categories
Now referencing AI skills
The BGV criticality argument, in one paragraph The screening pack that worked in 2020 verified static facts about a candidate: identity, education, prior employment, criminal record. The 2026 candidate is different in three ways: their CV may be AI-authored, their claimed skills may be AI-augmented, and their post-hire access carries higher blast radius because AI tools amplify what one credentialed person can do. None of those three changes can be detected by deeper criminal checks or faster turnaround times. They require a different screening model entirely: behavioural verification, technical reference triangulation, credential-hygiene checks, and continuous monitoring after the offer letter. This is what operator-led screening is built for, and what database-relay BGV cannot do.
Regulatory signal · AI hiring meets DPDP enforcement India's DPDP Rules 2025 (notified November 2025) place AI-driven hiring processes squarely inside the personal data protection regime. Automated decision-making in hiring, AI-augmented screening, and biometric verification all now trigger consent and disclosure obligations under DPDP. Vendors who screen AI candidates with AI tools must satisfy two layers of compliance: PDPA-equivalent consent for the candidate, and DPDP-compliant data handling for the screening output. Sources: DPDP Rules 2025, MeitY; NASSCOM State of Data Science & AI Skills in India.
Decision trigger

Does your current vendor distinguish between Build, Deploy, and Transformed-by AI candidates in their screening scope?
Can they validate technical reference claims for AI roles, or do they default to generic employment verification?
What changes in your screening package when an AI-augmented CV looks identical to a clean one?

These outcomes are not driven by isolated failures.
They are shaped by how the system operates, whether it is visible or not.

If your onboarding expectations assume complete verification in this environment, you may be operating with incomplete visibility.
Most organisations do not discover these gaps until an audit, dispute, or incident review surfaces them.
Validate your India programme See the India programme Review your verification model

In this environment, verification is not only about confirming information.
It is about understanding what cannot be confirmed, and what that means for your outcomes.

About this brief. Reflects the regulatory and operational landscape as of May 2026. Workforce data sourced to NASSCOM. EPFO data from EPFO public statistics. TAT ranges and red flag rates are first-party operating data, presented as observed ranges. DPDP compliance calendar sourced to MeitY official notifications.

References

  1. NASSCOM, Strategic Review & industry workforce estimates. nasscom.in
  2. Digital Personal Data Protection Act, 2023, MeitY. meity.gov.in
  3. DPDP Rules, 2025, notified 13 Nov 2025. meity.gov.in
  4. RBI, Master Direction on IT Outsourcing, April 2023. rbi.org.in
  5. SEBI, Fit and Proper Criteria. sebi.gov.in
  6. IRDAI, agent screening records. irdai.gov.in
  7. IT Rules, 2011, Reasonable Security Practices. meity.gov.in
  8. Section 139AA, PAN-Aadhaar linking. incometaxindia.gov.in
  9. EPFO, UAN member portal. epfindia.gov.in
  10. Moonlighting in Indian IT, corporate disclosures 2022-2023 including Wipro (Sep 2022).
  11. UGC, recognised universities. ugc.gov.in
  12. AICTE, technical programme approvals. aicte-india.org
  13. NAD, National Academic Depository. nad.gov.in
  14. DigiLocker. digilocker.gov.in
  15. UGC, fake university list. ugc.gov.in
  16. eCourts, district court case search. services.ecourts.gov.in
  17. NJDG. njdg.ecourts.gov.in
  18. Supreme Court of India. main.sci.gov.in
  19. TransUnion CIBIL. cibil.com
  20. AuthBridge, Workforce Fraud Files 2025. authbridge.com
  21. IAMAI, AI-powered verification adoption survey, 2025. authbridge.com
  22. Deepfake hiring fraud, DISA and MployChek reports, 2025-2026. disa.com
  23. US DOJ, North Korean IT worker fraud enforcement, June 2025. natlawreview.com
  24. Naukri JobSpeak Index, IT hiring recovery + AI momentum, Feb-Mar 2026. naukri.com
  25. NASSCOM, State of Data Science & AI Skills in India; India's AI talent crisis; agentic AI talent projections. nasscom.in
  26. LinkedIn India Workforce Report 2026, agentic AI skill growth (LangChain, CrewAI, AI agent), Jan 2025 to Mar 2026. linkedin.com
Share this