Gully Labs, a D2C sneaker brand that gained national attention after appearing on Shark Tank India, has reported a loss of nearly ₹2 lakh after a recently hired employee allegedly abused backend access to generate full-discount vouchers, exposing internal control weaknesses common to fast-growing startups.
How the alleged fraud unfolded
Founded by Arjun Singh and Animesh Mishra, Gully Labs built its reputation by selling premium, street-culture–inspired sneakers and expanding rapidly after its televised appearance. The incident is said to have occurred within a week of a new customer service executive joining the team.
The employee allegedly created 100% discount codes using administrative privileges. These vouchers caused orders to register as “paid” in the company’s system, prompting fulfilment teams to dispatch products from the warehouse despite no actual payment being received.
Approximately ₹2 lakh worth of merchandise was reportedly shipped; after delivery, the employee resigned.
Recovery attempts and legal complications
Founders confronted the former employee after discovering the irregularities. Reports indicate roughly half of the dispatched products were returned, while several items were allegedly used and could not be recovered.
When the company sought restitution for the unrecovered goods, the ex-employee is reported to have sent legal notices alleging harassment, adding a legal dimension to the financial loss and complicating recovery efforts for the young company.
Strengthening controls and wider lessons for D2C startups
In response, Gully Labs has tightened backend security, restricted administrative permissions, and implemented stronger monitoring and audit trails to curb misuse of discount codes and other privileges.
The episode underlines an important governance challenge for Indian startups scaling rapidly: small teams built on trust must progressively adopt formal processes such as role-based access control, multi-level approval for discounts, transaction audits, and regular system reviews to prevent internal fraud.
While ₹2 lakh may be a modest sum for a high-growth brand, the incident highlights the operational and reputational costs of weak internal controls, and offers a cautionary example for emerging D2C firms expanding their teams and technology stacks.
