1. Preamble

The Board of Directors (“Board”) of Aman Fincap Limited (“Company”) has adopted the following policy, encompassing practices relating to identification, assessment, monitoring, and mitigation/treatment of various risks to the business.

The Risk Management Policy (“Policy”) aims to minimize unfavourable impacts on business objectives and enhance stakeholder value. Furthermore, risk management practices are intended to sustain and enhance the Company’s long-term competitive advantage.

2. Purpose

This Policy is framed in accordance with the Risk Management Framework issued by the Reserve Bank of India (RBI) via Master Direction DNBR. PD. 008/03.10.119/2016-17 dated September 01, 2016, and subsequent amendments.

The Policy addresses potential losses to the Company’s human resources and financial assets, without unnecessarily limiting activities that advance its mission and goals.

3. Principles

• Risk management must create and protect value.
• It must be integrated into organizational processes.
• It supports informed decision-making.
• It focuses on uncertainties around achieving objectives.
• It must be tailored to the business context.
• It must be dynamic, iterative, and responsive to change.

4. Definitions

• Board: Board of Directors of the Company
• Company: Aman Fincap Limited
• Directors: Members of the Board
• Policy: Risk Management Policy
• RBI: Reserve Bank of India

5. Policy Objectives

• Continuously identify organizational risks affecting business operations.
• Protect shareholder rights and values through an effective risk management framework.
• Enhance and maintain risk management tools to support strategic and operational decisions.

6. Risk Identification, Measurement, and Assessment

• The management, under Board supervision, implements the Risk Management Program.
• Risks are measured using qualitative and quantitative methods based on likelihood and impact.
• Risks are categorized into inherent and residual types.
• Key Risk Categories:
  • Strategic Risk
  • Operational Risk
  • Market Risk
  • Financial Risk
  • Credit & Concentration Risk
  • Regulatory & Compliance Risk
  • Human Resource Risk
  • Reputational Risk

7. Risk Categorization and Mitigation Factors

7.1 Strategic Risk

Mitigation:

• Regular strategic reviews
• Board/Committee consultations
• Directors’ & Officers’ Liability Insurance

7.2 Operational Risk

• Document digitization and secure storage
• Whistle Blower Policy
• Periodic internal audits
• Robust IT infrastructure and cybersecurity
• Security systems (CCTV, safes, ID cards)
• Employee insurance coverage

7.3 Market Risk

• Business model and competitor analysis
• Monitoring macro/microeconomic indicators

7.4 Financial Risk

• Interest Rate Risk: Strategic loan pricing, NII & NIM monitoring
• Foreign Exchange Risk: RBI-approved hedging instruments, managed by designated personnel
• Liquidity Risk: ALM Committee reviews, lender monitoring, leverage ratio controls, cash flow analysis

7.5 Credit & Concentration Risk

Credit Risk:

• Structured credit approval & monitoring
• Legal and technical due diligence
• Ongoing training and performance tracking

Concentration Risk:

• Diversified loan portfolio
• Third-party validation

7.6 Regulatory & Compliance Risk

• Compliance Management System
• Quarterly internal audits
• CEO/CS certification to Board

7.7 Human Resource Risk

• Fair HR policies and appraisal systems
• Retention initiatives
• ESOP programs

7.8 Reputational Risk

• Fair Practices Code adherence
• Robust grievance redressal system
• Ethical collections process
• Strict vendor/employee vetting
• Confidentiality contracts

8. Responsibility

• Risk management is a shared responsibility throughout the Company.
• The Board reviews the framework annually.
• The Risk Management Committee advises and monitors key risks.

9. Amendments

This Policy may be updated by the Board in line with evolving business or regulatory needs.