CFM ASSET RECONSTRUCTION PRIVATE LIMITED

RISK MANAGEMENT POLICY

Valid up to August 31, 2023

Last Amended on: August 5, 2022

 Table of Contents
1. Introduction...................................................................................................................................2
2. Background....................................................................................................................................3
3. Objective.........................................................................................................................................4
4. Risk Management Process...........................................................................................................5
5. Risks at Organisational Level......................................................................................................7
6. Risks at Transactions Level.......................................................................................................12
7. Escalation Matrix........................................................................................................................16
8. Reporting to the Board...............................................................................................................17
9. Review of the Policy...................................................................................................................18

Page 1 of 14
 CFM ASSET RECONSTRUCTION PRIVATE LIMITED

RISK MANAGEMENT POLICY

1. Introduction

CFM Asset Reconstruction Private Limited (‘CFM ARC’), a Company limited by shares
having its registered office at Block no. A/1003, West Gate, Near YMCA Club, Sur No.
835/1+3, S. G. Highway, Makarba, Ahmedabad-380051 Gujarat and Corporate office at 1st
Floor, Wakefield House, Sprott Road, Ballard Estate, Mumbai 400 038 is incorporated under
Companies Act, 2013 on July 30, 2015.

CFM ARC has been granted a Certificate of Registration by Reserve Bank of India (‘RBI’) to
commence the business of securitization of asset reconstruction under section 3 of The
Securitization And Reconstruction Of Financial Assets and Enforcement Of Security
Interest Act, 2002 (Act 54 of 2002) (hereinafter referred to as the ‘SARFAESI Act’) subject to
the conditions given in the letter DNBR. PD. NO 168/ 26.01.019 / 2016-17 dated August 3,
2016.

2. Background

Primarily, the business of Asset Reconstruction Companies (‘ARC’) consist of acquisition

and reconstruction of Non performing/ distressed assets acquired from Banks/ Financial
Institutions. Further, RBI requires ARCs to frame Policies pertaining to operations and
regulations for which it issues guidelines from time to time. The last update of the
Guidelines is contained in RBI Master Circular RBI/2015-2016/94 DNBR.(PD).CC.No.
03/SCRC/26.03.001/2015-16 dated July 1, 2015 (hereinafter referred to as ‘Guidelines’).

3. Objective

3.1. The Objective of this Policy is to set out the framework for CFM ARC to undertake all
such activities to improve the ability to identify, measure, monitor and control the
overall level of risk undertaken by CFM ARC within the ambit of applicable
regulatory guidelines.

3.2. The management shall follow and adhere to the provisions of this policy and the Risk
Management Committee of CFMARC shall monitor the provisions of this Policy.

4. Risk Management Process

4.1. Risk is inherent in any business particularly in the distressed assets business. Risk
entails the business of distressed assets right from the pre-acquisition stage up to
complete resolution of the acquired Financial Assets (FA).

4.2. CFM ARC creates a Trust which proposes to invest in the FAs which can be
characterized as high risk Non-performing Assets/ stressed Financial Assets. All of

Page 2 of 14
 these FAs are in default and there is no assurance or guarantee that the objectives of
the Trust, being the resolution/reconstruction of such assets, will be achieved in the
manner it is envisaged.

4.3. CFM ARC is confronted with various kinds of financial and non-financial risk i.e.
credit risk, reputational risk, operational risk etc. The objective of this Policy is to put
in place a Risk Management Framework for:
4.3.1. Identification of various risks at Organisational level and transaction level;
4.3.2. Determine level of risks acceptable to CFM ARC;
4.3.3. Extent and severity to which potential risk events may have an impact on the
business of CFM ARC and/or interest of the stakeholders;
4.3.4. Quantification of the risk if risk materialises;
4.3.5. Developing various risk mitigation strategies.

4.4. An effective internal control and risk management program is the foundation of safe
and sound operations of CFM ARC. CFM ARC shall properly design and consistently
enforce an effective system of internal control which will help in safeguard of the
resources, produce reliable financial reports, and comply with applicable laws and
regulations. It will also reduce the possibility of significant errors and irregularities, as
well as assist in their timely detection when they do occur. The Risk management
framework of CFM ARC shall ensure systematic and uniform assessment of risks,
compliance with regulatory authority and business growth with financial stability.

4.5. Risk management is defined as the ability of CFM ARC to identify, measure, monitor
and control risk. CFM ARC shall primarily identify risk on following parameters:
4.5.1. The occurrence of the event is uncertain and having adverse consequences on the
business operations;
4.5.2. The occurrence of the event adversely impacts interest of stakeholders either
individually or collectively.

4.6. Once the risk is identified, the risk shall be categorised at following levels:
4.6.1. Risk at Organisational Level i.e. events/ occurrence which may adversely
impact to the organisation as a whole;
4.6.2. Risk at Transaction Level i.e. events/ occurrences which adversely affects
business operations at pre-acquisition, acquisition and resolution stages.

4.7. Once the risk is identified and categorised, CFM ARC shall assess, to the extent
feasible, the likelihood and effect of the identified risk on the overall operations of
CFM ARC. The Risk may be measured in the three categories i.e. High, Medium and
Low depending on the severity of the risk.

4.8. Finally, CFM ARC shall employ sufficient, adequate and appropriate risk mitigation
measures with sole objective to reduce the loss or injury, if any, materializing from
identified risk exposures. CFM ARC shall adopt systematic approach to mitigate risks
by mapping various risks involved during different stages of business, based on the
criticality and likelihood of the occurrence of events and mitigating tools to manage
them.

4.9. The mitigating tools given herein are indicative and efforts shall be made by CFM
ARC to come up with effective risk mitigation tools after analysing the extent of risk
and initiate steps on case to case basis to minimise the risk to large extent. When the
risks are unavoidable, CFM ARC shall determine the levels of risks which are

Page 3 of 14
 acceptable or unacceptable. CFM ARC shall strive to strike a balance between risks in
such a manner that it does not cause distress to the organisation nor it would result in
non-achievement of business objectives.

4.10. Each Organisational Risk of the Risk Management framework shall be examined and
evaluated in following manner:

4.10.1. Indicative Risk factors

4.10.2. Identification of factors responsible for the risk
4.10.3. Overall Criticality of risk (High/ Medium/ Low)
4.10.4. Risk Mitigation/ Management system

5. Risks at Organisational Level

5.1. The Risk at Organisational level can be broadly classified into the following:
5.1.1. Reputational Risk;
5.1.2. Regulatory/ Compliance Risk;
5.1.3. Capital Risk;
5.1.4. Liquidity Risk;
5.1.5. Operational Risk;
5.1.6. Human Resource risk;
5.1.7. Competition risk;
5.1.8. Information technology and systems risk.

5.2. Reputational Risk, broadly, is the risk of loss of reputation among stakeholders or in
the financial/ distress assets market.

5.2.1. Indicative Risk Factors:

5.2.1.1. Commitments given to stakeholders are not achieved;
5.2.1.2. Negative perception in the industry regarding CFM ARC business practices;

5.2.2. Identification of factors responsible for Reputational Risk:

5.2.2.1. Inadequate returns to the investors due to delay in envisaged resolution of
acquired FAs;
5.2.2.2. Delay in raising capital from investors;
5.2.2.3. Possibility that the seller Banks/ FI do not reveal adverse/negative
information in their knowledge at the time of acquisition.

5.2.3. Overall Criticality of risk: High

5.2.4. Risk Mitigation/ Management system:

5.2.4.1. CFM ARC shall carry the business of securitisation and reconstruction of FA,
including activities incidental thereto, within the framework of applicable
regulations.
5.2.4.2. Evaluation of Business strategies, peer strategies and making suitable
adjustments to the existing strategies, wherever necessary;
5.2.4.3. Periodical review of FAs acquired by Competent authority vis-à-vis the
envisaged expectations and reasons for variance;
5.2.4.4. Proper and reliable due diligence exercise to be undertaken at the time of
acquisition;

Page 4 of 14
 5.2.4.5. CFM ARC shall follow prudent and ethical business practices in line with the
policies and procedures laid down by it.

5.3. Compliance risk is the risk associated for non-compliance of regulatory and/or
statutory requirements applicable to CFM ARC.
5.3.1. Indicative Risk Factors:
5.3.1.1. Non- compliance with Regulators’ guidelines or directions issued from time
to time;
5.3.1.2. Non-compliance with the provisions of Companies Act, 2013 including
submission of timely returns and forms;
5.3.1.3. Non-adherence of obligations pertaining to harassment to employees as per the
Human Resource Policy;
5.3.1.4. Non- Compliance with respect to provisions of Income Tax Act, Goods and
Service Tax, Provident Fund and any Act, Rules or regulations applicable to
CFM ARC which may raise employee related or tax related liabilities;
5.3.1.5. Non-compliance related to Corporate Social Responsibility as applicable to
CFM ARC.

5.3.2. Identification of factors responsible for Compliance risk:

5.3.2.1. Oversight by responsible employees in filing of necessary returns/forms in
timely manner;
5.3.2.2. Responsible employees being unaware about the notifications/guidelines or
directions issued by Regulators, Ministry of Corporate Affairs (MCA), etc.
which are relevant to CFM ARC;
5.3.2.3. Irregular follow up with Regulators, MCA of the ongoing/pending matters
with them.

5.3.3. Overall Criticality of risk: High

5.3.4. Risk Mitigation/ Management system:

5.3.4.1. Compliance officer and Company secretary shall review and monitor the
necessary compliances on regular basis;
5.3.4.2. A calendar and a checklist of statutory compliances to be maintained and
monitored at periodic intervals;
5.3.4.3. Compliance certificate shall be presented to Board on quarterly basis. Any
default/ deficiency in fulfilling the necessary compliance shall be brought to
the notice of the Board through this certificate;
5.3.4.4. Internal auditors shall periodically verify the statutory compliances.

5.4. Capital Risk is the risk inherent to the business of CFM ARC as a result of its
investments in distressed assets.
5.4.1. Indicative Risk Factors:
5.4.1.1. Overleverage or underleverage;
5.4.1.2. Adverse impact on Capital adequacy ratio as mandated by RBI.

5.4.2. Identification of factors responsible for Capital risk:

5.4.2.1. Inappropriate cash flow management from the acquired FAs;
5.4.2.2. Interest rate changes by the Bank thereby affecting the borrowing capacity of
CFM ARC;

Page 5 of 14
 5.4.3. Overall Criticality of risk: High

5.4.4. Risk Mitigation/ Management system:

5.4.4.1. CFM ARC shall monitor Capital adequacy ratio at periodic intervals. The
Capital adequacy ratio shall always be higher than the mandated ratio on an
ongoing basis. Any deficiency shall be immediately flagged to competent
authority.

5.5. Liquidity Risk, broadly is the risk to CFM ARC may be unable to meet its financial
demands on timely manner.
5.5.1. Indicative Risk Factors:
5.5.1.1. Liquidity mismatch due to insufficient cash flows from the envisaged
resolution plans;
5.5.1.2. Adequate funds not available with CFM ARC for operational purposes;
5.5.1.3. Non-Generation of market expected Internal rate of Return on the acquired
FAs;
5.5.1.4. Risk of loss that may occur from the failure of CFM ARC to abide by the terms
and conditions of any financial contract, principally the failure to make the
required payments;

5.5.2. Identification of factors responsible for Liquidity risk:

5.5.2.1. Inappropriate cash flow management from the acquired FAs;
5.5.2.2. Cash flows from large acquisitions are not as per the envisaged resolution thus
affecting the liquidity;
5.5.2.3. Insufficient capital at the disposal of CFM ARC.

5.5.3. Overall Criticality of risk: High

5.5.4. Risk Mitigation/ Management system:

5.5.4.1. Careful and effective cash flow management to mitigate risk of liquidity
mismatch, if any.
5.5.4.2. CFM ARC shall invest surplus funds in different instruments as specified in the
Resource Policy based on market and interest rate behaviour;
5.5.4.3. CFM ARC shall plan its short/medium term liquidity commensurate with the
expected cash flows;
5.5.4.4. Preparation of Master list stating name of probable investors from where funds
may be raised for operational purposes.

5.6. Operational Risk is the possibility of loss arising from inadequate or failed internal
processes, people, and systems or from external events.
5.6.1. Indicative Risk Factors:
5.6.1.1. Inadequate structure/ systems and processes of CFM ARC;
5.6.1.2. In case of take-over/ change in management of the Borrower company,
inadequate strength or experience available with CFM ARC to revive such
assets;

5.6.2. Identification of factors responsible for Operational risk:

5.6.2.1. Inadequate structure, processes and procedures employed at CFM ARC;
5.6.2.2. Lack of implementation of established systems and processes by CFM ARC
5.6.2.3. Ineffective Internal/ external audit

5.6.3. Overall Criticality of risk: High

Page 6 of 14
 5.6.4. Risk Mitigation/ Management system:
5.6.4.1. Organisational structure (including clearly defined Authority Matrix) and
process with applicable reporting framework shall be in place;
5.6.4.2. The Asset Acquisition Note shall ensure that all critical information is
consolidated to facilitate reliable decision-making process;
5.6.4.3. Preparation of Operational manual and complying with it on regular basis;
5.6.4.4. The Management Information System Report shall be developed to monitor the
acquired cases and any exceptions shall be reported to Competent Authority;
5.6.4.5. Comprehensive internal and external audit shall be carried out at periodic
intervals;
5.6.4.6. Preparation of master list of sector specific management firm/ individual
having expertise in running firms/ companies.

5.7. Human Resources Risk may arise because of circumstances such as Employee
misconduct, Loss of key personnel (Difficulty in attracting and retaining talent),
Inadequate manpower etc.
5.7.1. Indicative Risk Factors:
5.7.1.1. Inadequate Man-power to handle operations of CFM ARC;
5.7.1.2. Loss of trained personnel to other Companies/ ARCs;
5.7.1.3. Disgruntled employees;
5.7.1.4. Employees engaged in unethical business practices;
5.7.1.5. Lack of knowledge of the operations and regulations of ARCs business.

5.7.2. Identification of factors responsible for Human Resources risk:

5.7.2.1. Process inefficiency due to gap in knowledge, experience and skills required for
business of CFM ARC;
5.7.2.2. The level of compensation is not according to the industry standards;

5.7.3. Overall Criticality of risk: Medium

5.7.4. Risk Mitigation/ Management system:

5.7.4.1. CFM ARC shall develop appropriate code of conduct and monetary and non-
monetary incentives for employees;
5.7.4.2. CFM ARC shall provide in-house and external training programmes to enhance
knowledge levels across functions;
5.7.4.3. CFM ARC shall develop a growth driven business culture without engaging in
unethical business practices;
5.7.4.4. The employees alleged to be engaged in the unethical business practices shall
be given an opportunity to be heard and if allegations are proved, they shall be
severely dealt it.
5.7.4.5. The Compensation levels of CFM ARC, to the extent feasible, may be in line
with the industry standards to retain the trained talent;
5.7.4.6. Develop succession plan for key personnel of CFM ARC.

5.8. Competition Risk is the chance that the competitive forces will prevent the
organisation from achieving goals.
5.8.1. Indicative Risk Factors:
5.8.1.1. Impact of Competitor strategy;

Page 7 of 14
 5.8.1.2. Acquire FA at unrealistic/ unreasonable prices.

5.8.2. Identification of factors responsible for Competition risk:

5.8.2.1. Competitors ability to influence the market through aggressive pricing to
acquire FA.

5.8.3. Overall Criticality of risk: Medium

5.8.4. Risk Mitigation/ Management system:

5.8.4.1. CFM ARC shall review the FAs to be acquired and assess its behaviour to
arrive at competitive bids;
5.8.4.2. CFM ARC may avoid risk of over pricing through monitoring markets by
collecting and analysing trends and movements of NPAs in the banking sector.

5.9. With the high dependence on the IT and System for daily business activities, CFM
ARC may expose to the risk of tampering of data access to critical information and
misuse thereof. CFM ARC shall ensure systematic maintenance and data backup
process. System of Maker and Checker for data entry and other access controls shall be
in place.

6. Risks at Transactions Level

6.1. CFM ARC entails taking risks at every stage from pre-acquisition through acquisition
to post-acquisition and finally to resolution of / recovery from the acquired assets. The
criticality of risk at transaction level may be high/ medium/ low and shall be
determined based on its impact on following factors:
6.1.1. Business loss to CFM ARC;
6.1.2. Revenue loss to CFM ARC;
6.1.3. Reputational loss to CFM ARC.

6.2. The risks at transaction level are identified into following three stages:
6.2.1. Risks Associated with acquisition of FA;
6.2.2. Risks Associated during Period of Holding of FA;
6.2.3. Risks Associated with Resolution of FA;
6.2.4. Legal Risk.

6.3. Risks Associated with acquisition of FA

6.3.1. Indicative Risk factors Identification of factors responsible for it:
6.3.1.1. Risk of adverse selection of Accounts may arise due to suppression of crucial
information by the originator or inability of Business Group to filter out the
critical information during the process of Due Diligence can lead to the risk of
adverse selection of accounts.
6.3.1.2. Expectations of seller banks is on higher side in terms of pricing of FAs being
sold and structure of the transactions;
6.3.1.3. Inadequate documentation particularly relating to the title deeds of the
underlying secured assets;
6.3.1.4. Fraud, already existing prior to acquisition of FAs.
6.3.1.5. CFM ARCs may expose to the risk that price quoted to acquire FA do not
reflect correct realisable value of financial assets acquired. The Risk arises
mainly because of gaps in Financial and Legal Due Diligence, Inadequate/

Page 8 of 14
 incomplete information about underlying collateral, Unpaid statutory dues of
underlying collateral etc.
6.3.1.6. CFM ARC might face the risk of large exposure towards any particular
industry / geographical area this could affect recovery in an adverse business
cycle.
6.3.1.7. Inadequate or inaccurate information from the Seller Banks/ Financial
Institution about the Financial Assets relating to underlying secured assets in
terms of valuation, statutory dues outstanding, legal dues and such other
information in their knowledge;
6.3.1.8. Inadequate due diligence process carried out at the time of acquisition of FAs.;
6.3.1.9. The pricing of the seller bank does not account into the time and cost of
resolution of FAs as well as the distress element of sale;

6.3.2. Risk Mitigation/ Management system:

6.3.2.1. CFM ARC shall carry out fresh valuation of property, visit sites, insurance of
underlying secured assets as per the terms of the Holding Period Policy;
6.3.2.2. CFM ARC, to the extent feasible, collect and collate information from the
market/ other sources for decisions pertaining to valuation of underlying
secured assets;
6.3.2.3. Due diligence shall be carried out as per the terms of the Asset Acquisition
Policy of CFM ARC;
6.3.2.4. CFM ARC shall have discussion with Bank officials of the selling Banks to
acquire additional information prior to acquisition;
6.3.2.5. Sessions shall be held between the CEO/ President and the Business Group to
discuss the acquired cases and discuss alternatives to resolve, if any;
6.3.2.6. Periodical verification of legal documents as per the terms of Holding Period
Policy;
6.3.2.7. CFM ARC shall have an effective monitoring system to ensure minimal delays/
default in the envisaged cash flows;
6.3.2.8. CFM ARC shall lay down appropriate procedures and educate the Business
Group in separating relevant information required for the purpose of
acquisition.
6.3.2.9. CFM ARC shall avoid acquisition of FAs where there is legal criticality related
to title of assets is questioned.
6.3.2.10. FAs involving fraud, and where the cases have been filed for criminal offence,
cases being investigated by CBI or any other agency shall not be acquired
ordinarily.
6.3.2.11. While acquiring FA, CFM ARC may avoid concentration of Assets on
geographical as well as sectoral basis by close monitoring of asset built up in
different geographies and industries. At the same time, acquisition in states
affected by insurgencies or other complexities to be avoided.

6.4. Risks Associated during Period of Holding of FA

6.4.1. Indicative Risk factors and Identification of factors responsible for it:
6.4.1.1. Risk of Non-Compliance with Procedures may arise during the acquisition and
the stage of resolution of respective FA. Non-compliance with the same may
lead to legal fines and penalties.
6.4.1.2. CFM ARC are exposed to the risk of deterioration in the rating of Security
Receipts (SR)
6.4.1.3. Legal Risk arises during negotiation for settlement of dues with borrower as
there is huge dependence on legal processes with its uncertainties and
unpredictability. There is also the risk that transaction was not sufficiently

Page 9 of 14
 well-documented to be legally enforceable which ultimately led to time and
cost overrun.
6.4.1.4. Once the FA is acquired by an CFM ARC, the charge for the underlying
collateral is modified in favour of CFM ARC. The underlying secured asset is
exposed to several risks such as the risk of natural calamity, fire, theft,
pilferage, property damage, legal liability, employee related risk, etc.
6.4.1.5. CFM ARC shall consider and undertake all the relevant activities as mentioned
in the Holding Period Policy and procedural manual and the same shall be
continuously monitored;
6.4.1.6. Finding new management, technology etc. to revive the acquired FAs.

6.4.2. Risk Mitigation/ Management system:

6.4.2.1. CFM ARC shall ensure SRs are rated on timely basis and monitor the ratings
regularly;
6.4.2.2. CFM ARC shall be ensured that legal actions initiated by CFM ARC do not
leave any loophole which the opposite party could exploit. Also, all legal cases
shall be periodically reviewed to ensure that they are on track, and issues if any
needs to be addressed;
6.4.2.3. Cases where FAs are acquired under Consortium banking or Multiple Banking
arrangements shall be rigorously monitored to the extent that the resolution
process shall not get frustrated;
6.4.2.4. To avoid risk to the underlying collateral CFM ARC shall ensure proper
maintenance of underlying collateral, Payment of all applicable statutory dues,
Insurance of underlying secured assets for appropriate value, etc;
6.4.2.5. Scouting of new talents/ resources/ technology on periodic basis to revive the
acquired FAs.

6.5. Risks Associated with Resolution of FA

6.5.1. Indicative Risk factors and Identification of factors responsible for it:
6.5.1.1. Borrowers not meeting his commitments to repay the debts as per the agreed
resolution plan;
6.5.1.2. Recovery is likely to be lower than the envisaged cash flows;
6.5.1.3. The likely period of resolution of FA exceeds Five years;
6.5.1.4. No further recovery is feasible by enforcement of security interest in
accordance with the provisions of SARFAESI Act or through other means
permissible to CFM ARC;
6.5.1.5. Liquidity risk arising from sudden/ unexpected exit of an investor(s).
6.5.1.6. Potential investor(s) back out from reviving / restructuring the FAs under
distress.

6.5.2. Risk Mitigation/ Management system:

6.5.2.1. CFM ARCs formulate the resolution plan for each FA acquired in a manner
ensuring resolution within a period of five years from the date of acquisition of
respective FAs;
6.5.2.2. In case the resolution period for any FA is likely to exceed five years or
recovery likely to be lower than the assumed at the time of acquisition, such
cases shall be brought to the attention of Competent authority for their
guidance and necessary actions. Necessary approvals shall be obtained for
extension in resolution of acquired FAs on case-to-case basis;
6.5.2.3. CFM ARC shall continuously monitor recovery for each FA acquired as per the
resolution plan. If the current resolution strategy does not work, alternative or

Page 10 of 14
 parallel resolution strategy shall be in place to ensure timely and maximum
recovery.
6.5.2.4. CFM ARC shall constantly track status of all the acquired FAs where there is
slight doubt about the recovery the same shall be brought to the notice of the
Competent Authority for further necessary actions.

6.6. Legal risk arising due to legal processes including judiciary and bureaucracy in
resolving the acquired FAs. The operations of CFM ARC, to a large extent depends on
the external elements for e.g. legal processes, Judiciary, etc which may lead to
uncertainties in resolution timelines.

6.6.1. Indicative Risk Factors:

6.6.1.1. The period of limitation for appeals under applicable Acts in the acquired FAs
has already expired;
6.6.1.2. The name of the nominee and/ or the beneficiary in the acquired FAs is not
substituted in the name of CFM ARC;

6.6.2. Identification of factors responsible for Legal risk:

6.6.2.1. The Legal documents do not capture all details and thus found unenforceable
under applicable law;
6.6.2.2. The Substitution application not made in the name of CFM ARC by the Legal
group;
6.6.2.3. Inadequate legal due diligence at the time of acquisition;

6.6.3. Risk Mitigation/ Management system:

6.6.3.1. CFM ARC shall maintain safe custody of legal documents particularly the title
deeds. CFM ARC may appoint an external agency for safekeeping of the
security documents.
6.6.3.2. The Asset Acquisition Note shall give complete disclosures of pendency of
legal matters of that particular asset and the forum at which it is pending;
6.6.3.3. CFM ARC shall engage services of competent lawyers/ advocates to ensure
flawless progress in resolution of FAs as per plan;
6.6.3.4. CFM ARC shall have an effective monitoring mechanism to ensure that the
legal group along with external agencies including lawyers/ consultants’
functions efficiently to minimise delays caused by the judicial processes and
bureaucracy.

7. Escalation Matrix

7.1. The Organisational framework along with the roles and responsibilities for the Risk
Management of CFM ARC shall be as follows:
7.1.1. Board of Directors
7.1.1.1. The Board will lay down the Risk Policy of CFM ARC and review the
implementation and amendments at periodic intervals.

7.1.2. Risk Management Committee

7.1.2.1. Risk Management Committee shall review the Risk framework and processes
of the Company in compliance with the regulatory provisions and the best
practices;

Page 11 of 14
 7.1.2.2. It shall evaluate various risks such as regulatory risk, liquidity risk, operational
risk, etc. at the company and asset/portfolio level and approve measures to
mitigate the same, as may be presented by the Management;
7.1.2.3. It shall also review any issues arising from the change in Business
environment/ regulations etc, as may be presented by the Management
7.1.2.4. It shall have access to any internal information necessary to fulfill its oversight
role. It shall also have authority to obtain advice and assistance from internal or
external legal, accounting or other advisors.

7.1.3. CEO/ President

7.1.3.1. CEO/ President shall shape the risk strategy and appetite of CFM ARC;
7.1.3.2. Manage and mitigate risks associated on firm wide basis and define risk
policies and procedures;
7.1.3.3. Review risk arising from existing portfolio and report to CARFA and/ or Board
as considered necessary;
7.1.3.4. Review findings of Internal/ external audit and address deficiencies if any;

8. Reporting to the Board

8.1. The President / CEO shall report to the Board, the business report about any major
risk involved with FAs acquired along with the details of the necessary mitigating
tools adopted on periodic intervals as considered necessary.

9. Review of the Policy

9.1. The Policy shall be reviewed by the Risk Management Committee on annual basis, or
as and when the need arises, and the same shall be recommended to the Board for
approval.

9.2. The validity of this Policy may be extended with the approval of CEO for a period not
exceeding 3 months or till the Policy is reviewed by the Risk Management Committee,
whichever is earlier.

Page 12 of 14
Annexure on Amendments, Renewal of Policies, etc.
Sr No. Particulars (Amendment/ Date Approved by
Renewal etc.)
1. Extension of Policy by 3 months 30 September 2020 Managing Director
& CEO
2. Renewal of Policy for 1 years 29th December 2020 Board of Directors
3. Amendment to Point 3.2 and Board of Directors
Point 7.1.2
4 Renewed for 1 year 28th December 2021 Board of Directors
5. Renewed for 1 year 05th August 2022 Board of Directors

Page 13 of 14