Risk Management Policy under the Companies Act, 2013 Background and Context Applicability:-

Enterprise risk management was not mandatory according to the Companies Act, 1956. However, as per the new law, there are specific requirements that a company needs to comply with. In addition, the Board of Directors and the Audit Committee have been vested with specific responsibilities in assessing the robustness of risk management policy, process and systems.

Key Compliance Requirements:-

Section 134: The Board of Directors’ Report must include a statement indicating development and implementation of a Risk Management Policy for the Company including identification of elements of risk, if any, which in the opinion of the Board may threaten the existence of the Company.

RISK MANAGEMENT:-

Risk Management, by and large involves reviewing the operations of the organization followed by identifying potential threats to the organization and the likelihood of their occurrence, and then taking appropriate actions to address the most likely threats.

The risk management process involves identifying the risks an organization is subject to, deciding how to manage it, implementing the management technique, measuring the ongoing effectiveness of management and taking appropriate correction action.

The basic activities in any risk management system are:-

Each of the risks needs to be assessed by the enterprise for its impact on profit and cash flow. Likelihood of occurrence and scope for mitigation or reduction.

Draft risk matrix is enclosed for Board’s reference and further suggestions to prepare a Risk Management Policy of the Company.

Risk matrix for Board’s reference and further suggestions to prepare a Risk Management Policy of the Company.