Risk Management Policy

LEGAL FRAMEWORK

The Company is prone to inherent business risks. This document is intended to formalize a risk management policy, the objective of which shall be identification, evaluation, monitoring and minimization of identifiable risks.

Companies Act, 2013 requires the Company to lay down policy which includes the procedure for riskassessment and risk minimization. The Board of Directors of the Company and the Audit Committeeshall periodically review and evaluate the risk management system of the Company so that themanagement controls the risks through properly defined network.

INTRODUCTION

Risk Management is a key aspect of the “Corporate Governance Principles and Code of Conduct” whichaims to improvise the governance practices across the Company’s activities. Risk management policy and processes will enable the Company to proactively manage uncertainty and changes in the internal and external environment to limit negative impacts and capitalize on opportunities. Head of Departments shall be responsible for implementation of the risk management system as may be applicable to their respective areas of functioning and report to the Board and Audit Committee.

APPLICABILTY

This policy applies to all areas of the Company’s operations.

OBJECTIVE & PURPOSE OF POLICY

The main objective of this policy is to ensure sustainable business growth with stability and to promote a pro-active approach in reporting, evaluating and resolving risks associated with the business. In order to achieve the key objective, the policy establishes a structured and disciplined approach to Risk Management, in order to guide decisions on risk related issues and optimize business performance, promote confidence amongst various stakeholders and meet the overall growth objective.

THE SPECIFIC OBJECTIVES OF THE RISK MANAGEMENT POLICY ARE

  1. To ensure that all the current and future material risk exposures of the company are identified,assessed, quantified, appropriately mitigated, minimized and managed i.e to ensure adequatesystems for risk management.
  2. To establish a framework for the company’s risk management process and to ensure itsimplementation.
  3. To enable compliance with appropriate regulations, wherever applicable, through the adoption ofbest practices.
  4. To assure business growth with financial stability.

The requirement of the Policy has stemmed from the Act which are summarized as follows:

  1. Provisions of the Section 134(3)(n) – There shall be attached to financial statements laid before a company in general meeting, a report by its Board of Directors, which shall include a statement indicating development and implementation of a risk management policy for the company including identification therein of elements of risk, if any, which in the opinion of the Board may threaten the existence of the company.
  2. Provisions of the Section 177(4)(vii)– Every Audit Committee shall act in accordance with the terms of reference specified in writing by the Board which shall, inter alia, include evaluation of internal financial controls and risk management systems.
  3. Schedule IV [Section 149(8)] – Code for Independent Directors Role and functions: The independent directors shall: (1) help in bringing an independent judgment to bear on the Board’s deliberations especially on issues of strategy, performance, risk management, resources, key appointments and standards of conduct; (2) satisfy themselves on the integrity of financial information and that financial controls and the systems of risk management are robust and defensible.

IDENTIFICATION OF RISKS

The Company has identified risks and has prepared a risk profile based on the overall business strategy and growth.

The Company at present identifies the following key material internal risks as well as external risks:

  • Human resource risk
  • Regulatory risk in terms of government policies and changes in laws including tax law
  • Competition risk
  • Financial/Leverage risk
  • Interest rate risk
  • Project implementation risks like modification in terms of an already assigned project, delay in collection of receivables from projects, default made by subcontractors, litigations relating to projects, disagreements with joint ventures where a joint venture is key to a project, Inability to tie up with strategic partners wherever required, Delay or inability to obtain certain key licenses to operate a project etc
  • Compliance Risk
  • Inadequate Insurance risk
  • Performance risk
  • Legal risks
  • Inflation risk
  • Joint venture risks
  • Supply- chain mismatch risk
  • Strategic acquisition risks
  • Natural calamity risk
  • Technical obsolescence risk
  • Infringement risk
  • Title risk to Land Bank
  • Political and Economic risk

RISK MANAGEMENT SYSTEM

To monitor and manage the risks, the Company needs to have a system based approach which is already inherent in the Company’s operation, which is backed by a stringent internal control system.

  • The strong internal audit functions to ensure effective addressal of the key business risks.
  • Risks are also required to be managed on a process based system where, each function shall ensure that there are adequate controls in place, process wise, to manage the risk of the respective process e.g. Human resources/treasury as a function shall ensure that there are appropriate controls in place to mitigate the material risks of Human resource/financial/funding/interest rate risk.

DISCLOSURE IN BOARD’S REPORT

Board of Directors shall include a statement indicating development and implementation of a riskmanagement policy for the company including identification therein of elements of risk, if any, which inthe opinion of the Board may threaten the existence of the company.

REVIEW

The policy shall be reviewed by the Board from time to time as may be necessary.

By order of the Board
For Wherrelz IT Solutions Limited