Professional Documents
Culture Documents
Risk Management Policy-Valid Upto 31082023
Risk Management Policy-Valid Upto 31082023
Page 1 of 14
CFM ASSET RECONSTRUCTION PRIVATE LIMITED
1. Introduction
CFM Asset Reconstruction Private Limited (‘CFM ARC’), a Company limited by shares
having its registered office at Block no. A/1003, West Gate, Near YMCA Club, Sur No.
835/1+3, S. G. Highway, Makarba, Ahmedabad-380051 Gujarat and Corporate office at 1st
Floor, Wakefield House, Sprott Road, Ballard Estate, Mumbai 400 038 is incorporated under
Companies Act, 2013 on July 30, 2015.
CFM ARC has been granted a Certificate of Registration by Reserve Bank of India (‘RBI’) to
commence the business of securitization of asset reconstruction under section 3 of The
Securitization And Reconstruction Of Financial Assets and Enforcement Of Security
Interest Act, 2002 (Act 54 of 2002) (hereinafter referred to as the ‘SARFAESI Act’) subject to
the conditions given in the letter DNBR. PD. NO 168/ 26.01.019 / 2016-17 dated August 3,
2016.
2. Background
3. Objective
3.1. The Objective of this Policy is to set out the framework for CFM ARC to undertake all
such activities to improve the ability to identify, measure, monitor and control the
overall level of risk undertaken by CFM ARC within the ambit of applicable
regulatory guidelines.
3.2. The management shall follow and adhere to the provisions of this policy and the Risk
Management Committee of CFMARC shall monitor the provisions of this Policy.
4.1. Risk is inherent in any business particularly in the distressed assets business. Risk
entails the business of distressed assets right from the pre-acquisition stage up to
complete resolution of the acquired Financial Assets (FA).
4.2. CFM ARC creates a Trust which proposes to invest in the FAs which can be
characterized as high risk Non-performing Assets/ stressed Financial Assets. All of
Page 2 of 14
these FAs are in default and there is no assurance or guarantee that the objectives of
the Trust, being the resolution/reconstruction of such assets, will be achieved in the
manner it is envisaged.
4.3. CFM ARC is confronted with various kinds of financial and non-financial risk i.e.
credit risk, reputational risk, operational risk etc. The objective of this Policy is to put
in place a Risk Management Framework for:
4.3.1. Identification of various risks at Organisational level and transaction level;
4.3.2. Determine level of risks acceptable to CFM ARC;
4.3.3. Extent and severity to which potential risk events may have an impact on the
business of CFM ARC and/or interest of the stakeholders;
4.3.4. Quantification of the risk if risk materialises;
4.3.5. Developing various risk mitigation strategies.
4.4. An effective internal control and risk management program is the foundation of safe
and sound operations of CFM ARC. CFM ARC shall properly design and consistently
enforce an effective system of internal control which will help in safeguard of the
resources, produce reliable financial reports, and comply with applicable laws and
regulations. It will also reduce the possibility of significant errors and irregularities, as
well as assist in their timely detection when they do occur. The Risk management
framework of CFM ARC shall ensure systematic and uniform assessment of risks,
compliance with regulatory authority and business growth with financial stability.
4.5. Risk management is defined as the ability of CFM ARC to identify, measure, monitor
and control risk. CFM ARC shall primarily identify risk on following parameters:
4.5.1. The occurrence of the event is uncertain and having adverse consequences on the
business operations;
4.5.2. The occurrence of the event adversely impacts interest of stakeholders either
individually or collectively.
4.6. Once the risk is identified, the risk shall be categorised at following levels:
4.6.1. Risk at Organisational Level i.e. events/ occurrence which may adversely
impact to the organisation as a whole;
4.6.2. Risk at Transaction Level i.e. events/ occurrences which adversely affects
business operations at pre-acquisition, acquisition and resolution stages.
4.7. Once the risk is identified and categorised, CFM ARC shall assess, to the extent
feasible, the likelihood and effect of the identified risk on the overall operations of
CFM ARC. The Risk may be measured in the three categories i.e. High, Medium and
Low depending on the severity of the risk.
4.8. Finally, CFM ARC shall employ sufficient, adequate and appropriate risk mitigation
measures with sole objective to reduce the loss or injury, if any, materializing from
identified risk exposures. CFM ARC shall adopt systematic approach to mitigate risks
by mapping various risks involved during different stages of business, based on the
criticality and likelihood of the occurrence of events and mitigating tools to manage
them.
4.9. The mitigating tools given herein are indicative and efforts shall be made by CFM
ARC to come up with effective risk mitigation tools after analysing the extent of risk
and initiate steps on case to case basis to minimise the risk to large extent. When the
risks are unavoidable, CFM ARC shall determine the levels of risks which are
Page 3 of 14
acceptable or unacceptable. CFM ARC shall strive to strike a balance between risks in
such a manner that it does not cause distress to the organisation nor it would result in
non-achievement of business objectives.
4.10. Each Organisational Risk of the Risk Management framework shall be examined and
evaluated in following manner:
5.1. The Risk at Organisational level can be broadly classified into the following:
5.1.1. Reputational Risk;
5.1.2. Regulatory/ Compliance Risk;
5.1.3. Capital Risk;
5.1.4. Liquidity Risk;
5.1.5. Operational Risk;
5.1.6. Human Resource risk;
5.1.7. Competition risk;
5.1.8. Information technology and systems risk.
5.2. Reputational Risk, broadly, is the risk of loss of reputation among stakeholders or in
the financial/ distress assets market.
Page 4 of 14
5.2.4.5. CFM ARC shall follow prudent and ethical business practices in line with the
policies and procedures laid down by it.
5.3. Compliance risk is the risk associated for non-compliance of regulatory and/or
statutory requirements applicable to CFM ARC.
5.3.1. Indicative Risk Factors:
5.3.1.1. Non- compliance with Regulators’ guidelines or directions issued from time
to time;
5.3.1.2. Non-compliance with the provisions of Companies Act, 2013 including
submission of timely returns and forms;
5.3.1.3. Non-adherence of obligations pertaining to harassment to employees as per the
Human Resource Policy;
5.3.1.4. Non- Compliance with respect to provisions of Income Tax Act, Goods and
Service Tax, Provident Fund and any Act, Rules or regulations applicable to
CFM ARC which may raise employee related or tax related liabilities;
5.3.1.5. Non-compliance related to Corporate Social Responsibility as applicable to
CFM ARC.
5.4. Capital Risk is the risk inherent to the business of CFM ARC as a result of its
investments in distressed assets.
5.4.1. Indicative Risk Factors:
5.4.1.1. Overleverage or underleverage;
5.4.1.2. Adverse impact on Capital adequacy ratio as mandated by RBI.
Page 5 of 14
5.4.3. Overall Criticality of risk: High
5.5. Liquidity Risk, broadly is the risk to CFM ARC may be unable to meet its financial
demands on timely manner.
5.5.1. Indicative Risk Factors:
5.5.1.1. Liquidity mismatch due to insufficient cash flows from the envisaged
resolution plans;
5.5.1.2. Adequate funds not available with CFM ARC for operational purposes;
5.5.1.3. Non-Generation of market expected Internal rate of Return on the acquired
FAs;
5.5.1.4. Risk of loss that may occur from the failure of CFM ARC to abide by the terms
and conditions of any financial contract, principally the failure to make the
required payments;
5.6. Operational Risk is the possibility of loss arising from inadequate or failed internal
processes, people, and systems or from external events.
5.6.1. Indicative Risk Factors:
5.6.1.1. Inadequate structure/ systems and processes of CFM ARC;
5.6.1.2. In case of take-over/ change in management of the Borrower company,
inadequate strength or experience available with CFM ARC to revive such
assets;
Page 6 of 14
5.6.4. Risk Mitigation/ Management system:
5.6.4.1. Organisational structure (including clearly defined Authority Matrix) and
process with applicable reporting framework shall be in place;
5.6.4.2. The Asset Acquisition Note shall ensure that all critical information is
consolidated to facilitate reliable decision-making process;
5.6.4.3. Preparation of Operational manual and complying with it on regular basis;
5.6.4.4. The Management Information System Report shall be developed to monitor the
acquired cases and any exceptions shall be reported to Competent Authority;
5.6.4.5. Comprehensive internal and external audit shall be carried out at periodic
intervals;
5.6.4.6. Preparation of master list of sector specific management firm/ individual
having expertise in running firms/ companies.
5.7. Human Resources Risk may arise because of circumstances such as Employee
misconduct, Loss of key personnel (Difficulty in attracting and retaining talent),
Inadequate manpower etc.
5.7.1. Indicative Risk Factors:
5.7.1.1. Inadequate Man-power to handle operations of CFM ARC;
5.7.1.2. Loss of trained personnel to other Companies/ ARCs;
5.7.1.3. Disgruntled employees;
5.7.1.4. Employees engaged in unethical business practices;
5.7.1.5. Lack of knowledge of the operations and regulations of ARCs business.
5.8. Competition Risk is the chance that the competitive forces will prevent the
organisation from achieving goals.
5.8.1. Indicative Risk Factors:
5.8.1.1. Impact of Competitor strategy;
Page 7 of 14
5.8.1.2. Acquire FA at unrealistic/ unreasonable prices.
5.9. With the high dependence on the IT and System for daily business activities, CFM
ARC may expose to the risk of tampering of data access to critical information and
misuse thereof. CFM ARC shall ensure systematic maintenance and data backup
process. System of Maker and Checker for data entry and other access controls shall be
in place.
6.1. CFM ARC entails taking risks at every stage from pre-acquisition through acquisition
to post-acquisition and finally to resolution of / recovery from the acquired assets. The
criticality of risk at transaction level may be high/ medium/ low and shall be
determined based on its impact on following factors:
6.1.1. Business loss to CFM ARC;
6.1.2. Revenue loss to CFM ARC;
6.1.3. Reputational loss to CFM ARC.
6.2. The risks at transaction level are identified into following three stages:
6.2.1. Risks Associated with acquisition of FA;
6.2.2. Risks Associated during Period of Holding of FA;
6.2.3. Risks Associated with Resolution of FA;
6.2.4. Legal Risk.
Page 8 of 14
incomplete information about underlying collateral, Unpaid statutory dues of
underlying collateral etc.
6.3.1.6. CFM ARC might face the risk of large exposure towards any particular
industry / geographical area this could affect recovery in an adverse business
cycle.
6.3.1.7. Inadequate or inaccurate information from the Seller Banks/ Financial
Institution about the Financial Assets relating to underlying secured assets in
terms of valuation, statutory dues outstanding, legal dues and such other
information in their knowledge;
6.3.1.8. Inadequate due diligence process carried out at the time of acquisition of FAs.;
6.3.1.9. The pricing of the seller bank does not account into the time and cost of
resolution of FAs as well as the distress element of sale;
Page 9 of 14
well-documented to be legally enforceable which ultimately led to time and
cost overrun.
6.4.1.4. Once the FA is acquired by an CFM ARC, the charge for the underlying
collateral is modified in favour of CFM ARC. The underlying secured asset is
exposed to several risks such as the risk of natural calamity, fire, theft,
pilferage, property damage, legal liability, employee related risk, etc.
6.4.1.5. CFM ARC shall consider and undertake all the relevant activities as mentioned
in the Holding Period Policy and procedural manual and the same shall be
continuously monitored;
6.4.1.6. Finding new management, technology etc. to revive the acquired FAs.
6.5.1. Indicative Risk factors and Identification of factors responsible for it:
6.5.1.1. Borrowers not meeting his commitments to repay the debts as per the agreed
resolution plan;
6.5.1.2. Recovery is likely to be lower than the envisaged cash flows;
6.5.1.3. The likely period of resolution of FA exceeds Five years;
6.5.1.4. No further recovery is feasible by enforcement of security interest in
accordance with the provisions of SARFAESI Act or through other means
permissible to CFM ARC;
6.5.1.5. Liquidity risk arising from sudden/ unexpected exit of an investor(s).
6.5.1.6. Potential investor(s) back out from reviving / restructuring the FAs under
distress.
Page 10 of 14
parallel resolution strategy shall be in place to ensure timely and maximum
recovery.
6.5.2.4. CFM ARC shall constantly track status of all the acquired FAs where there is
slight doubt about the recovery the same shall be brought to the notice of the
Competent Authority for further necessary actions.
6.6. Legal risk arising due to legal processes including judiciary and bureaucracy in
resolving the acquired FAs. The operations of CFM ARC, to a large extent depends on
the external elements for e.g. legal processes, Judiciary, etc which may lead to
uncertainties in resolution timelines.
7. Escalation Matrix
7.1. The Organisational framework along with the roles and responsibilities for the Risk
Management of CFM ARC shall be as follows:
7.1.1. Board of Directors
7.1.1.1. The Board will lay down the Risk Policy of CFM ARC and review the
implementation and amendments at periodic intervals.
Page 11 of 14
7.1.2.2. It shall evaluate various risks such as regulatory risk, liquidity risk, operational
risk, etc. at the company and asset/portfolio level and approve measures to
mitigate the same, as may be presented by the Management;
7.1.2.3. It shall also review any issues arising from the change in Business
environment/ regulations etc, as may be presented by the Management
7.1.2.4. It shall have access to any internal information necessary to fulfill its oversight
role. It shall also have authority to obtain advice and assistance from internal or
external legal, accounting or other advisors.
8.1. The President / CEO shall report to the Board, the business report about any major
risk involved with FAs acquired along with the details of the necessary mitigating
tools adopted on periodic intervals as considered necessary.
9.1. The Policy shall be reviewed by the Risk Management Committee on annual basis, or
as and when the need arises, and the same shall be recommended to the Board for
approval.
9.2. The validity of this Policy may be extended with the approval of CEO for a period not
exceeding 3 months or till the Policy is reviewed by the Risk Management Committee,
whichever is earlier.
Page 12 of 14
Annexure on Amendments, Renewal of Policies, etc.
Sr No. Particulars (Amendment/ Date Approved by
Renewal etc.)
1. Extension of Policy by 3 months 30 September 2020 Managing Director
& CEO
2. Renewal of Policy for 1 years 29th December 2020 Board of Directors
3. Amendment to Point 3.2 and Board of Directors
Point 7.1.2
4 Renewed for 1 year 28th December 2021 Board of Directors
5. Renewed for 1 year 05th August 2022 Board of Directors
Page 13 of 14