Introduction
The Board of Directors of ………………… has adopted the following policy and procedures with regard to “Risk Management and Compliance Policy” as defined below. The Board may review and amend this policy from time to time.
The Companies Act, 2013 requires the Board of Directors to devise proper system to ensure compliance with provisions of all applicable laws and to report that such systems are adequate and operating effectively.
Page Contents
Purpose of the Policy
The purpose of this Policy is
1. To ensure protection of shareholder value through the establishment of an integrated Risk Management framework for identifying, assessing, mitigating, monitoring, evaluating and reporting of all risks.
2. To provide clear and strong basis for informed decision making at all levels of the organization.
3. To continually strive towards strengthening the“Risk Management & Compliance System” through Continuous learning and improvement.
Applicability of Policy
This policy applies to all employees of company including Management members of Company’s decision-making bodies with effect from 01st April, 2014.
Definitions
“Board of Directors” or “Board”in relation to a Company, means the collective Body of Directors of the Company. [Section 2(10) of the Companies Act, 2013]
“Compliance” means adhering to the requirements of laws, industry and organisational standards/regulations.
“Compliance Framework” means a series of activities that when combined are intended to achieve compliance.
“Governance” means the processes by which Company is directed, controlled and held to account. It encompasses authority, accountability, stewardship, leadership, direction and control exercised in the organisation.
“Policy” means Risk Management and Compliance Policy.
“Risk” are events or conditions that may occur, and whose occurrence, if it does take place, has a harmful or negative impact on the achievement of the organization’s business objectives. The exposure to the consequences of uncertainty constitutes a risk
“Risk Management” means the process of systematically identifying, quantifying, and managing all risks and opportunities that can affect achievement of a corporation’s strategic and financial goals.
“Risk Assessment”defined as the overall process of risk analysis and evaluation.
“Risk Estimation” is the process of quantification of risks.
“Risk tolerance for Risk appetite” indicates the maximum quantum of risk which the company is willing to take as determined from time to time in accordance with the Risk Strategy of the Company.
Identification and Categorization of risks
Recognizing the kind of risks that company is/may be exposed to, risks will be classified broadly into the following categories:
1. Strategic Risk: include the range of external events and trends (like Government policy,competition, court rulings or a change in stakeholder requirements) that can adversely impact the company’s strategic growth trajectory and destroy shareholder value.
For Example
- Organizational Growth.
- Comprehensive range of products.
- Sustain and Growth of Strong relationships with dealers/customers.
- Expanding our presence in existing markets and penetrating new geographic markets.
- Continuing to enhance our industry expertise.
- Enhance our capabilities through technology alliances and acquisitions
- Competition risk
- Technology Obsolescence
- Inflation Risk
- Economic Environment and Market Conditions
2. Business Risk: include the risks associated specifically with the company and having an adverse impact on the company’s capability to execute activities critical for business growth, thereby affecting its near-term performance.
For Example:
- Raw Material Risk
- Quality Risk
- Foreign Exchange Risk
- Cost Risk
- Compliance with Laws
- Environmental Management
- Culture and values
- Human Resource Management Risk
- Financial Reporting risk
3. Operational Risk: are those risks which are associated with operational uncertainties.
For Example
- Consistent Revenue growth.
- Consistent profitability.
- High quality production.
- Further develop Culture of Innovation.
- Attract and retain quality technical associates and augmenting their training
Regulatory framework
A – Companies Act, 2013
1. Provisions of the Section 134(3)
There shall be attached to financial statements laid before a company in general meeting, a report by its Board of Directors, which shall include—
(n) a statement indicating development and implementation of a risk management policy for the company including identification therein of elements of risk, if any, which in the opinion of the Board may threaten the existence of the company.
2. Schedule IV [Section 149(8)] – Code for Independent Directors
II. Role and functions:
The independent directors shall:
(1) Help in bringing an independent judgement to bear on the Board’s deliberation especially on issues of strategy, performance, risk management, resources, key appointments and standards of conduct;
(2) Satisfy themselves on the integrity of financial information and that financial controls and the systems of risk management are robust and defensible;
Mohan Clothing Company Private Limited is required to adhere to the regulations made by the Companies Act, 2013.
Under the Companies Act 2013, the Board of Directors of Company are required to state in their annual Board Report that they have devised proper systems to ensure compliance with the provisions of all applicable laws and that such systems are adequate and operating effectively.
Checklist For Risk & Compliance Management Obligation
Compliance Management Plan
Policy statement:
Company’s Board of Directors and Executive Management are committed to the implementation and maintenance of a “Risk and Compliance Management System”, which ensures compliance with all national and state legislation, regulations, Codes of Conduct and other Group Compliance Policies that are applicable to the operations and governance of Company and its activities. Towards this end it has devised this “Risk Management &Compliance Policy” which sets out the Compliance Framework required to achieve the highest standards of diligence in meeting its legal obligations and in the promotion of a “Compliance Culture”.
This Policy is supported by the related reporting procedures, as well as the Checklist of Compliance Obligations which lists Company’s primary compliance obligations.
Compliance Framework:
To meet the requirements of this Policy, Company has framed this “Risk &Compliance Management System” (Framework). The framework seeks to articulate the main elements, responsibilities and relationships of Company’s key Compliance management Controls in order to develop and promote a “Compliance Culture” and set up diligence standards required to meet its compliance obligations.
This “Risk &Compliance Policy” lays down a Compliance Framework comprising of the following 4 elements to ensure Compliance
i) Commitment
ii) Implementation
iii) Monitoring
iv) Improvement
(i) Commitment:
This element comprises
– A commitment from the Board and Executive Management to promote effective compliance practices across Company.
– A Checklist of Compliance Obligations Identified and assessed.
ii) Implementation:This element comprises of
– Creating a three tier compliance organisational structure with defined roles and responsibilities for implementing of and reporting against this compliance Policy.
– Providing Continuous training of staff to create awareness and provide guidance of the requirements under various laws.
– Promoting a Compliance culture
– By encouraging proactive reporting of potential compliance breaches, issues, incidents and complaints.
– Establishing controls to prevent and detect non-compliance .
(iii)Monitoring:This element comprises of
– Monitoring and Reporting compliance performance by the Executive Management/Head of the Department relating to their area of operations on a quarterly basis.
– Demonstrating compliance through documentation and practice
(iv) Improvement: This element comprises of
- Continuous improvement of this “Risk & Compliance Management”Frame work through periodical review of the same.