Penalties for failing to comply with time tracking in 2026: updated table
In 2026, penalties for breaching time-tracking rules have tightened significantly. What used to be a €751 fine per company can now reach €10,000 per affected employee. If your SME still lacks a compliant digital clock-in system, the financial risk already far outweighs the cost of subscribing to approved software. In this article we give you the full penalty table, what the Labour Inspectorate actually checks, and how to avoid getting on its radar.
Applicable legal framework in 2026
The regulatory basis is not a single law but a set of provisions:
- Estatuto de los Trabajadores, art. 34.9 (Workers’ Statute): the general obligation to record working hours.
- Real Decreto-ley 8/2019: develops the working-time register (in force since May 2019).
- Digital clock-in regulation 2026 (Ley fichaje 2026): introduces the five technical requirements (unique identification, time-stamping, traceability, audited export, offline operation).
- LISOS (Ley sobre Infracciones y Sanciones en el Orden Social): sets out the applicable infringements and penalties.
- Ley 10/2021 on remote work: specific obligations for teleworking.
Updated 2026 penalty table
For not having a clock-in system, or having a deficient one
| Type of infringement | Grade | Amount per company | Common scenario |
|---|---|---|---|
| Serious | Minimum | €751 – €1,500 | Formal absence of records for 1–2 isolated employees |
| Serious | Medium | €1,501 – €3,750 | Existing system but with repeated failures |
| Serious | Maximum | €3,751 – €7,500 | Systematic absence of records for several employees |
| Very serious | Minimum | €7,501 – €30,000 | Tampering with records, obstruction of the Inspectorate |
| Very serious | Medium | €30,001 – €120,000 | Repeated breach + documented tampering |
| Very serious | Maximum | €120,001 – €225,018 | Repeat offence for very serious infringements |
The figures apply per infringement report issued. If the Inspectorate detects breaches affecting multiple employees, it can impose a separate penalty for each one.
Per affected employee (new for 2026)
The 2026 regulation introduces an individualised aggravating factor: the penalty is calculated in proportion to the number of employees whose records fail to meet the technical requirements. In practice, this translates into fines of up to €10,000 per affected employee in very serious cases.
Example: an SME with 30 employees that clocked in on paper and is penalised for a serious infringement at the maximum grade may receive a report for €7,500 plus aggravating factors that push it above €50,000.
Specific penalties for the whistleblowing channel (Ley 2/2023)
Although not strictly “time tracking”, this is the other breach the Inspectorate typically cross-checks with clock-in records when inspecting SMEs with more than 50 employees:
| Infringement | Amount |
|---|---|
| Not having a whistleblowing channel (companies under the obligation) | €50,001 – €600,000 |
| Reprisals against the whistleblower | €600,001 – €1,000,000 |
| Obstruction of the AAI (independent supervisory authority) | €300,001 – €600,000 |
Specific penalties for teleworking (Ley 10/2021)
| Infringement | Amount |
|---|---|
| No signed teleworking agreement | €751 – €7,500 (serious) |
| Failure to compensate expenses | €751 – €7,500 (serious) |
| Breach of the right to disconnect | €1,500 – €7,500 (serious) |
What the Inspectorate actually checks
The Labour Inspectorate follows standardised protocols. When it visits an SME, it typically reviews:
1. Random sample of records
They request between 10 and 20 random employees and ask for their clock-in records from the previous month. They verify:
- There are records for every working day.
- The hours match the working schedule set out in the contract.
- There are no inconsistencies (e.g. a clock-in earlier than the previous clock-out).
- If there is overtime, it is correctly attributed and compensated.
2. Validation of the medium
- Does the system allow manual tampering? → Automatic infringement.
- Is there traceability of changes? → If not, an infringement.
- Is there a backup / minimum 4-year retention? → Mandatory.
3. Cross-check against payslips
They cross-check the hours clocked against the hours paid. If someone clocked 180 hours but the payslip shows 160, there is unpaid overtime — a very serious infringement.
4. Random interviews with employees
They privately question 3–5 employees about:
- Whether they clock in every day.
- Whether they have been asked to sign “blank” or amended clock-in records.
- Whether they work overtime that goes unpaid.
If an employee contradicts the records, the Inspectorate takes their account as accurate and issues a penalty.
5. Whistleblowing channel (where applicable)
In companies with more than 50 employees, they verify that the channel is published on the website, is accessible, and has a designated officer.
How to avoid getting on the Inspectorate’s radar
1. Approved digital system
The first step is to have software that meets the 5 technical requirements. Cost: from €2/employee/month. Risk avoided: five-figure fines.
2. Training for middle managers
Many penalties stem from a supervisor asking their team to “all clock in blank at the start of the week”. A basic 30-minute training session for team leaders avoids this type of error.
3. Documented internal policy
A 2-page document signed by the employee on onboarding: how to clock in, what to do if they forget, what to do about overtime, how to request a correction. The Inspectorate looks favourably on finding this document.
4. Quarterly internal audit
Randomly review the clock-in records of 5–10 employees each quarter. Spot anomalies before the Inspectorate does.
5. Respond well to the first visit
Inspectorate visits do not always end in a penalty. Very often they issue a compliance-request report with a deadline to remedy the issue. If you submit the remedy on time (digitise your clock-in system, sign the teleworking agreement, etc.), the penalty is reduced or dropped.
Recent real cases
(Data drawn from public reports of the ITSS — Inspección de Trabajo y Seguridad Social, the Labour and Social Security Inspectorate)
- Hospitality company, 85 employees (2025): €42,000 penalty for paper-based clock-in with irregularities and unpaid overtime.
- Construction company, 30 employees (2025): €15,500 penalty for a complete absence of working-time records.
- Consultancy firm, 60 employees (2024): €78,000 penalty for lacking a whistleblowing channel required by Ley 2/2023.
- Industrial company, 120 employees (2026): €92,000 penalty for a clock-in system without time-stamping or traceability (a shared Excel spreadsheet).
Frequently asked questions
Can I argue that we’re a small SME and didn’t know? The Inspectorate takes good faith into account, but it is not an exemption. The digital clock-in obligation is public and has been widely publicised. Penalties may be reduced but not avoided.
What happens if the inspection is triggered by an employee complaint? It is common: a dismissed employee, or one in dispute, files a complaint with the Inspectorate. If you are non-compliant, the penalty combined with the employment claim can exceed €100,000.
Does the Inspectorate inspect at random? Yes, there is an Annual Inspection Plan with quotas of random visits by sector. Since 2026, digital time tracking has been among the plan’s explicit priorities.
What if the company cannot pay the penalty? The penalty can be appealed (through the administrative route first, and the contentious-administrative route afterwards). With a good employment lawyer, penalties are cut by an average of 30–50%. But appealing always works out more expensive than complying from the outset.
What is the limitation period for infringements? Serious infringements lapse after 3 years and very serious ones after 5 years. The Inspectorate can review up to 5 years back.
Conclusion
In 2026, the cost of not complying with time tracking is far higher than the cost of complying. With the aggravated penalties introduced this year, an SME with 30 employees can face fines of €50,000–100,000 if the Inspectorate detects breaches. Subscribing to approved software costs €720/year with LapsoWork on the Basic plan — literally 100 times cheaper than the risk being taken on.
If you want to become compliant quickly, you can request the free 30-day demo and have your system ready in 48 hours. If you would first like to understand exactly what the law requires, or see a comparison of the software available, we have dedicated articles on both topics.