1. Preamble

The Board of Directors (“Board”) of Aman Fincap Limited (“Company”) has adopted the following policy, encompassing practices relating to identification, assessment, monitoring, and mitigation/treatment of various risks to the business.

The Risk Management Policy (“Policy”) aims to minimize unfavourable impacts on business objectives and enhance stakeholder value. Furthermore, risk management practices are intended to sustain and enhance the Company’s long-term competitive advantage.

2. Purpose

This Policy is framed in accordance with the Risk Management Framework issued by the Reserve Bank of India (RBI) via Master Direction DNBR. PD. 008/03.10.119/2016-17 dated September 01, 2016, and subsequent amendments.

It addresses potential losses to the Company’s human resources and financial assets, without unnecessarily limiting activities that advance its mission and goals. Effective systems have been introduced to manage various risks critical to the Company’s growth.

3. Principles

• Risk management must create and protect value.
• It must be integrated into organizational processes.
• It supports informed decision-making.
• It focuses on uncertainties around achieving objectives.
• It must be tailored to the business context.
• It must be dynamic, iterative, and responsive to change.

4. Definitions

• Board: Board of Directors of the Company
• Company: Aman Fincap Limited
• Directors: Members of the Board
• Policy: Risk Management Policy
• RBI: Reserve Bank of India

5. Policy Objectives

• Continuously identify organizational risks affecting business operations.
• Protect shareholder rights and values through an effective risk management framework.
• Enhance and maintain risk management tools to support strategic and operational decisions.

6. Risk Identification, Measurement, and Assessment

• Management, under Board supervision, implements the Risk Management Program.
• Risks are measured using qualitative and quantitative methods.
• Risks are categorized into inherent and residual types.
• Key Risk Categories:
  • Strategic Risk
  • Operational Risk
  • Market Risk
  • Financial Risk
  • Credit & Concentration Risk
  • Regulatory & Compliance Risk
  • Human Resource Risk
  • Reputational Risk

7. Risk Categorization and Mitigation Factors

7.1 Strategic Risk

Risk: Poor responsiveness to market changes or flawed strategic decisions.

Mitigation:

• Regular strategic reviews.
• Board/Committee consultations.
• Directors’ & Officers’ Liability Insurance.

7.2 Operational Risk

Risk: Technology failure, fraud, security, and human error.

• Document digitization and secure storage.
• Whistle Blower Policy.
• Periodic internal audits.
• Robust IT infrastructure and cybersecurity.
• Security systems (CCTV, safes, ID cards).
• Employee insurance coverage.

7.3 Market Risk

Risk: Unanticipated market changes affecting investments.

• Business model and competitor analysis.
• Monitoring economic indicators.

7.4 Financial Risk

Interest Rate Risk

• Strategic loan pricing.
• Monitoring NII and NIM.

Foreign Exchange Risk

• Use of RBI-approved hedging tools.
• Dedicated forex management personnel.

Liquidity Risk

• ALM Committee oversight.
• Monitoring lender exposures.
• Maintaining conservative leverage and capital adequacy.
• Use of cash flow mismatch analysis.

7.5 Credit and Concentration Risk

Credit Risk Mitigation:

• Structured credit approval & monitoring.
• Due diligence (legal/technical).
• Staff training and performance tracking.

Concentration Risk Mitigation:

• Diversified lending portfolio.
• Third-party verification.

7.6 Regulatory and Compliance Risk

Risk: Non-compliance with statutory norms.

• Compliance Management System.
• Quarterly audits.
• CEO/CS certificates to Board.

7.7 Human Resource Risk

Risk: Inability to attract or retain talent.

• Fair HR policies and appraisals.
• Talent retention initiatives.
• ESOP schemes.

7.8 Reputational Risk

Risk: Negative perception from misconduct or poor service.

• Fair Practices Code compliance.
• Grievance redressal system.
• Ethical recovery practices.
• Strict employee/vendor background checks.
• Confidentiality agreements.

8. Responsibility

• Risk management is shared across the organization.
• The Board reviews the risk framework annually.
• The Risk Management Committee guides management on risk matters.

9. Amendments

This Policy may be amended by the Board of Directors to reflect evolving business requirements or changes in regulatory directives.