RISK MANAGEMENT POLICY

RISK MANAGEMENT POLICY

Harshreejee Finance & Leasing Company Pvt. Ltd.
Registered Office: 202, Second Floor, Chaudhary Complex, Plot No. 9, Veer Savarkar Block, Shakarpur, East Delhi – 110092
(Approved by the Board of Directors on ____________)

1. PREAMBLE

This Risk Management Policy (“the Policy”) has been formulated and adopted by Harshreejee Finance & Leasing Company Pvt. Ltd. (“HSFLCL” or “the Company”) in compliance with the provisions of the Companies Act, 2013, the Reserve Bank of India (Non-Banking Financial Company – Scale Based Regulation) Directions, 2023, and other applicable regulatory guidelines. The purpose of this Policy is to establish a robust and effective risk management framework that identifies, assesses, mitigates, and monitors various risks associated with the Company’s lending and operational activities.

2. OBJECTIVE

  • Safeguard the Company’s assets and reputation through prudent risk management practices.
  • Define a structured approach to manage all material risks.
  • Ensure regulatory compliance, transparency, and accountability.
  • Promote a culture of risk awareness across all levels of the organization.

3. SCOPE AND APPLICABILITY

  • All business units, operations, and staff of HSFLCL.
  • All categories of risks including strategic, financial, operational, technological, and reputational.
  • All lending, collection, and customer interaction processes whether digital, branch-based, or third-party.

4. REGULATORY FRAMEWORK

  • Companies Act, 2013 – Section 134(3)(n) and related provisions.
  • RBI SBR Directions, 2023 – Applicable to NBFC–Base Layer entities.
  • Master Directions on IT Framework for NBFCs, 2017.
  • Guidelines on Fair Practices, Grievance Redressal, and Internal Control Systems.

5. RISK GOVERNANCE STRUCTURE

The Company’s risk governance is structured as follows:

  • a. Board of Directors: Holds ultimate responsibility for oversight of all risk management processes. Reviews reports and approves the Risk Management Policy annually.
  • b. Director (Risk Oversight): Mr. Tanmay Gupta oversees the overall risk management function, ensuring implementation, assessment, and reporting to the Board.
  • c. Functional/Departmental Heads: Identify and manage risks in their operational areas and report to the Director (Risk Oversight).
  • d. Internal Auditor: Conducts independent evaluations of controls and reports findings directly to the Board.

6. RISK MANAGEMENT FRAMEWORK

The Company follows a systematic process involving identification, measurement, monitoring, and mitigation of key risk categories:

6.1 Credit Risk

  • Risk arising from potential default by borrowers.
  • Controlled through due diligence, credit appraisal, verification, and post-disbursement monitoring.

6.2 Operational Risk

  • Risk from inadequate processes or human errors.
  • Mitigated through SOPs, training, segregation of duties, and audits.

6.3 Liquidity Risk

  • Managed by maintaining cash buffers and monitoring cash flows daily.
  • Director monitors mismatches and projections monthly.

6.4 Market and Interest Rate Risk

  • Exposure to market rate changes minimized through regular Board reviews.

6.5 Compliance and Legal Risk

  • Ensuring compliance with RBI and statutory norms via audits.

6.6 IT and Cybersecurity Risk

  • Systems protected through firewalls, secure servers, antivirus, and limited user access.
  • Two-factor authentication and employee training ensure data safety.

6.7 Reputation Risk

  • Maintained through ethical conduct, transparency, and adherence to Fair Practice Code.

7. RISK IDENTIFICATION AND ASSESSMENT

Risks are identified through periodic reviews, audits, and operational monitoring. Likelihood and impact are evaluated using a risk matrix.

8. RISK APPETITE AND TOLERANCE

The Board defines acceptable risk levels based on strategy and liquidity. HSFLCL follows a conservative profile with zero tolerance for regulatory or reputational risk.

9. RISK MONITORING AND REPORTING

  • Monthly reports submitted to Director (Risk Oversight).
  • Significant risk events escalated immediately to the Board.
  • Annual consolidated risk reports reviewed by the Board.

10. INTERNAL CONTROLS AND AUDIT INTEGRATION

Internal controls ensure compliance, verified by audits. Findings are presented to the Board, and corrective actions are tracked.

11. BUSINESS CONTINUITY AND DISASTER RECOVERY

The Company maintains backups and contingency plans for uninterrupted operations during failures, cyberattacks, or disasters.

12. REVIEW AND AMENDMENTS

This Policy is reviewed annually or upon regulatory changes. Amendments are approved by the Board and recorded.

13. APPROVAL

This Policy has been approved by the Board of Directors of Harshreejee Finance & Leasing Company Pvt. Ltd. in its meeting held on ____________.

For and on behalf of
Harshreejee Finance & Leasing Company Pvt. Ltd.
Director