The Board of Directors of ………………… has adopted the following policy and procedures with regard to “Risk Management and Compliance Policy” as defined below. The Board may review and amend this policy from time to time.

The Companies Act, 2013 requires the Board of Directors to devise proper system to ensure compliance with provisions of all applicable laws and to report that such systems are adequate and operating effectively.

Purpose of the Policy

The purpose of this Policy is

1. To ensure protection of shareholder value through the establishment of an integrated Risk Management  framework for identifying, assessing, mitigating, monitoring, evaluating and reporting of all risks.

2. To provide clear and strong basis for informed decision making at all levels of the organization.

3. To continually strive towards strengthening the“Risk Management &  Compliance  System” through Continuous  learning and improvement.

Applicability of Policy

This policy applies to all employees of company including Management members of Company’s decision-making bodies with effect from 01st April, 2014.


“Board of Directors” or “Board”in relation to a Company, means the collective Body of Directors of the Company.  [Section 2(10) of the Companies Act, 2013]

“Compliance” means adhering to the requirements of laws, industry and organisational standards/regulations.

“Compliance Framework” means a series of activities that when combined are intended to achieve compliance.

“Governance” means the processes by which Company is directed, controlled and held to account. It encompasses authority, accountability, stewardship, leadership, direction and control exercised in the organisation.

“Policy” means Risk Management and Compliance Policy.

“Risk” are events or conditions that may occur, and whose occurrence, if it does take place, has a harmful or negative impact on the achievement of the organization’s business objectives. The exposure to the consequences of uncertainty constitutes a risk

“Risk Management” means the process of systematically identifying, quantifying, and managing all risks and opportunities that can affect achievement of a corporation’s strategic and financial goals.

“Risk Assessment”defined as the overall process of risk analysis and evaluation.

“Risk Estimation” is the process of quantification of risks.

“Risk tolerance for Risk appetite” indicates the maximum quantum of risk which the company is willing to take as determined from time to time in accordance with the Risk Strategy of the Company.

Identification and Categorization of risks

Recognizing the kind of risks that company is/may be exposed to, risks will be classified broadly into the following categories:

1. Strategic Risk: include the range of external events and trends (like Government policy,competition, court rulings or a change in stakeholder requirements) that can adversely impact the company’s strategic growth trajectory and destroy shareholder value.

For Example

  • Organizational Growth.
  • Comprehensive range of products.
  • Sustain and Growth of Strong relationships with dealers/customers.
  • Expanding our presence in existing markets and penetrating new geographic markets.
  • Continuing to enhance our industry expertise.
  • Enhance our capabilities through technology alliances and acquisitions
  • Competition risk
  • Technology Obsolescence
  • Inflation Risk
  • Economic Environment and Market Conditions

2. Business Risk: include the risks associated specifically with the company and having an adverse impact on the company’s capability to execute activities critical for business growth, thereby affecting its near-term performance.

For Example:

  • Raw Material Risk
  • Quality Risk
  • Foreign Exchange Risk
  • Cost Risk
  • Compliance with Laws
  • Environmental Management
  • Culture and values
  • Human Resource Management Risk
  • Financial Reporting risk

3. Operational Risk: are those risks which are associated with operational uncertainties.

For Example

  • Consistent Revenue growth.
  • Consistent profitability.
  • High quality production.
  • Further develop Culture of Innovation.
  • Attract and retain quality technical associates and augmenting their training

Regulatory framework

A – Companies Act, 2013

1. Provisions of the Section 134(3)

There shall be attached to financial statements laid before a company in general meeting, a report by its Board of Directors, which shall include—

(n)  a statement indicating development and implementation of a risk management policy for the company including identification therein of elements of risk, if any, which in the opinion of the Board may threaten the existence of the company.

2. Schedule IV [Section 149(8)] – Code for Independent Directors

II. Role and functions:

The independent directors shall:

(1) Help in bringing an independent judgement to bear on the Board’s deliberation especially on issues of strategy, performance, risk management, resources, key appointments and standards of conduct;

(2) Satisfy themselves on the integrity of financial information and that financial controls and the systems of risk management are robust and defensible;

Mohan Clothing Company Private Limited is required to adhere to the regulations made by the Companies Act, 2013.

Under the Companies Act 2013, the Board of Directors of Company are required to state in their annual Board Report that they have devised proper systems to ensure compliance with the provisions of all applicable laws and that such systems are adequate and operating effectively.

Checklist For Risk & Compliance Management Obligation

Checklist For Risk & Compliance Management Obligation

Compliance Management Plan

Compliance Management Plan

List of Company

Policy statement:

Company’s Board of Directors and Executive Management are committed to the implementation and maintenance of a “Risk and Compliance Management System”, which ensures compliance with all national and state legislation, regulations, Codes of Conduct and other Group Compliance Policies that are applicable to the operations and governance of Company and its activities. Towards this end it has devised this “Risk Management &Compliance Policy” which sets out the Compliance Framework required to achieve the highest standards of diligence in meeting its legal obligations and in the promotion of a “Compliance Culture”.

This Policy is supported by the related reporting procedures, as well as the Checklist of Compliance Obligations which lists Company’s primary compliance obligations.

Compliance Framework:

To meet the requirements of this Policy, Company has framed this “Risk &Compliance Management System” (Framework).  The framework seeks to articulate the main elements, responsibilities and relationships of Company’s key Compliance management Controls in order to develop and promote a “Compliance Culture” and set up diligence standards required to meet its compliance obligations.

This “Risk &Compliance Policy” lays down a Compliance Framework comprising of the following 4 elements to ensure Compliance

i) Commitment

ii) Implementation

iii) Monitoring

iv) Improvement

(i) Commitment

This element comprises

– A commitment from the Board and Executive Management to promote effective compliance practices across Company.

– A Checklist of Compliance Obligations Identified and assessed.

ii) Implementation:This element comprises of

– Creating a three tier compliance organisational structure with defined roles and responsibilities for implementing of and reporting against this compliance Policy.

– Providing Continuous training of staff to create awareness and provide guidance of the requirements under various laws.

 – Promoting a Compliance culture

–  By encouraging proactive reporting of potential compliance breaches, issues, incidents and complaints.

 – Establishing controls to prevent and detect non-compliance .

detect non-compliance

(iii)Monitoring:This element comprises of

– Monitoring  and Reporting compliance performance by the Executive Management/Head of the Department relating to their area of operations on a quarterly basis.

– Demonstrating compliance through documentation and practice

(iv) Improvement: This element comprises of

  • Continuous improvement of this “Risk & Compliance Management”Frame work through periodical review of the same.

Author Bio

Qualification: CS
Location: Gurugram, Haryana, IN
Member Since: 17 Jul 2018 | Total Posts: 41
CS YOGESH GUPTA is founder of Yogesh Gupta & Associates, Company Secretaries & Co- founder of IURIS Consultants LLP & E & A Consultants LLP and Corporate & IPR Law Professionals. He is a Commerce Graduate and an Associate Member of the Institute of Company Secretaries of India ( View Full Profile

My Published Posts

More Under Company Law

Leave a Comment

Your email address will not be published. Required fields are marked *

Search Posts by Date

March 2021