Risk Management Committee is the committee formed by board of directors to oversee the risk management policy and global risk management framework of the business.
Risk Management Committee will assist the Board of Directors in fulfilling its oversight responsibilities with regard to the risk appetite of the Corporation, the Corporation’s risk management and compliance framework, and the governance structure that supports it.
The Company already has an elaborate risk management system to inform Board Members about risk assessment and minimization procedures. A Risk Management Committee headed by Whole-time Director evaluates the efficacy of the framework relating to risk identification and its mitigation. Board Members are accordingly informed.
We are stating below mentioned statement in Annual Report:
“The Board periodically reviews Compliance Reports of all laws applicable to the Company and steps taken by the Company to rectify instances of non-compliances, if any. With a view to foster an improved compliance reporting and monitoring in the Company, the Company implemented a web based legal compliance tool called “Compliance Manager” developed by Ernst & Young (EY), which is working effectively. Further, legal risks are monitored and mitigated through regular review of changes in the regulatory framework. The Board is also satisfied that plans are in place for orderly succession for appointments to the Board and to senior management.”
However constitution of the committee not done by the Board. Therefore it is advisable to constitute the proper Risk Management Committee and conduct Meetings as well.
Legal Compliance in relation to the Risk Management Committee
1. SEBI (LODR) Regulation 2015– Regulation 21
|1||Applicability||Top 500 listed entities determined on the basis of market capitalisation at the end of immediate previous financial year|
|2||Composition||Majority of member of Committee shall consist of Members of the board of directors or may be senior executives (in case listed company has issued SR equity shares at least two third of the committee shall comprise of independent directors).|
|3||Chairperson||Shall be Member of the board|
|4||Frequency of Meeting||at least once in a year|
|5||Who will constitute||Board of Directors|
** As per law majority of the members of the committee should be the Member of Board.
Regulation 4 of SEBI (LODR)-Responsibilities of Board of Directors
> The board of directors shall be responsible for framing, implementing and monitoring the risk management plan for the listed entity.
> The board of directors shall have ability to ‘step back’ to assist executive management by challenging the assumptions underlying: strategy, strategic initiatives (such as acquisitions), risk appetite, exposures and the key areas of the listed entity’s focus
> Reviewing and guiding corporate strategy, major plans of action, risk policy, annual budgets and business plans, setting performance objectives, monitoring implementation and corporate performance, and overseeing major capital expenditures, acquisitions and divestments
> Ensuring the integrity of the listed entity’s accounting and financial reporting systems, including the independent audit, and that appropriate systems of control are in place, in particular, systems for risk management, financial and operational control, and compliance with the law and relevant standards.
Schedule-II Part C-Roles & Responsibilities of Audit Committee
Quarterly details of foreign exchange exposures and the steps taken by management to limit the risks of adverse exchange rate movement, if material.
Evaluation of internal financial controls and risk management systems;
2. The Companies Act 2013
Section 134 (3)(n) of Companies Act 2013
A statement indicating development and implementation of a risk management policy for the company including identification therein of elements of risk, if any, which in the opinion of the Board may threaten the existence of the company shall be included in Board’s Report of the Company.
Section 177 (4): Terms of reference to Audit Committee shall include
Vii evaluation of Internal Financial Controls and Risk Management Systems.
Schedule IV – Code of Independent Directors: Role and Functions:
♦ Satisfy themselves on the integrity of financial information, and that financial controls and the system of Risk Management are robust and defensible.
♦ Help in bringing an independent judgement to bear on the Board’s deliberation especially on issues of strategy, performance, risk management, resources, key appointments and standards of conduct;
Agenda Items for the First Committee Meetings
> Terms of Reference of Risk Management Committee including Noting of the Role and Responsibilities of the RMC specified by the Board
Agenda Items for other Committee Meetings
> Ensure Quarterly Compliances are done on time and no violation of any statutory provisions
> Declarations of Material Financial and Commercial Transactions by the Sr. Management Personnel under Regulation 26 of SEBI (Listing Obligations & Disclosure Requirements) Regulations, 2015
> Review Status of legal compliances via E&Y compliance software
> Ensure payments are being made to MSMEs within 45 days (payment cycle of 40-42 days) and there are no outstanding
> Review the Show Cause, Demand and Penalty Notice(s) received and legal cases filed by or against the Company during the Quarter
> Ensure due compliance of the provisions of Sexual Harassment of Women at the Workplace (Prevention, Prohibition & Redressal) Act, 2013 for the quarter
> Development of Digital Database as required under PIT Regulations.
> To identify total exposure of the Company towards Commodity risks of material nature and commodity hedging position
> Presentation on following risks:
Risk Management Policy
Risk Management Policy is a document which tells us to perform specific action to deal with the risks. It is to provide guidance in management of risk, to support the achievement of corporate objectives, protect staff and business assets and ensure financial stability.
Board of Directors shall formulate and review the Risk Management policy.
Types of risks
As risks are associated with business, therefore they vary from business to business. Some common risks are:
– Physical risk- related to physical assets
– Strategic risk- related to business strategy
– Compliance risk- related to legal compliances
– Human risks- related to employees or workers
– Technology risk- related to technology
– Financial risk- related to financial planning and projection
Responsibilities and Duties
The Committee shall:
i. Approve and periodically review the risk management policies of the Corporation’s operations;
ii. Review significant reports from regulatory agencies relating to risk management and compliance issues, and management’s responses.
iii. Policies and procedures establishing risk management governance, risk management procedures, and risk control infrastructure for operations; and
iv. Review and approve the Corporation’s risk appetite statement on an annual basis; approve any material amendment to the risk appetite statement;
v. Review and approve the Contingency Funding Plan contained in the Corporation’s Liquidity Policy at least annually, and approve any material revisions to this plan prior to implementation;
vi. Review significant risk exposures and the steps, including policies and procedures, that management has taken to identify, measure, monitor, control, limit and report such exposures, including, without limitation, credit, market, fiduciary, liquidity, reputational, operational, fraud, strategic, technology (data-security, information, business-continuity risk, etc.), and risks associated with incentive compensation plans;
vii. Evaluate risk exposure and tolerance;
viii. Review and evaluate the Corporation’s practices with respect to risk assessment and risk management;
ix. Review reports and significant findings of Risk and Compliance and the Internal Audit Department with respect to the risk management and compliance activities of the Corporation, together with management’s responses and follow-up to these reports, and
x. To evaluate various risks of the business and to draw out a risk management plan for the Company;
xi. To take steps to identify and mitigate Information Technology and Cyber Security Risks that the Company is or may be exposed to, on a regular basis.
xii. To monitor and review risk management and mitigation plan of the Company;
xiii. To inform board on the effectiveness of the risk management framework and process of risk management;