In today’s volatile, uncertain, complex, and ambiguous (VUCA) world, robust risk
governance is not optional—it is essential. The Risk Management Committee (RMC)
serves
as the organizational compass, helping companies navigate potential threats while
seizing strategic opportunities.
Understanding the Role of the Risk Management Committee
Under the Companies Act, 2013 and SEBI (LODR) Regulations, the Risk Management Committee
plays a vital role in:
- Framing, reviewing, and monitoring
risk management policies.
- Identifying key business risks
across strategic, financial, operational, compliance, cybersecurity, and
reputational domains.
- Ensuring appropriate mitigation
strategies and internal controls.
- Aligning risk appetite with
business objectives and stakeholder expectations.
The RMC acts as both a shield and a guide—protecting the company while enabling informed
risk-taking.
My Value Addition as an Independent Director
1. Legal and Regulatory Insight
As a practicing advocate, I bring in-depth understanding of legal frameworks that govern
enterprise risk—ranging from corporate, contract, environmental, and labour laws to
compliance mandates under SEBI, RBI, and sectoral regulators.
My contribution includes:
- Identifying regulatory risks early
and proposing compliance frameworks.
- Interpreting laws and judgments
that may impact strategic decisions.
- Advising on emerging legal risks
such as data privacy, ESG litigation, or competition law issues.
This ensures risk management is not reactive but anticipatory and legally robust.
2. Independent Oversight and Risk Objectivity
One of the key roles of an Independent Director on the RMC is to bring objective,
unbiased evaluation of risk exposures. I aim to:
- Ask the difficult questions that
might be overlooked internally.
- Challenge assumptions behind risk
ratings or mitigation plans.
- Safeguard against under-reporting
or normalization of deviance.
Independence brings clarity. I will serve as a sounding board that encourages risk
awareness at the highest level.
3. Building a Risk-Aware Culture
Risk management should not be confined to frameworks—it must be embedded in the
organizational culture. I will help the RMC:
- Promote awareness of risk
ownership at all levels of the company.
- Encourage a culture of
transparency in reporting near misses or red flags.
- Integrate risk management with
strategic planning and operational execution.
An informed culture is the best first line of defense.
4. Focus on Emerging and Non-Financial Risks
Traditional risks (credit, market, operational) are no longer enough. I bring a broader
view by advocating attention to:
- Cybersecurity: Data
breaches,
ransomware, and digital infrastructure threats.
- Climate and ESG Risks:
Regulatory
and reputational impacts of unsustainable practices.
- Reputational Risks: Social
media
dynamics, stakeholder perception, and activist scrutiny.
- Geopolitical and Supply Chain
Risks: Regulatory shifts, international sanctions, and disruptions.
I aim to support horizon scanning and ensure that the company is not blindsided by
tomorrow’s threats.
5. Crisis Management and Business Continuity
A true test of risk resilience is seen in crises. I will help develop:
- Comprehensive business continuity
plans (BCP) and disaster recovery plans (DRP).
- Crisis communication strategies
for regulators, media, and stakeholders.
- Board-level simulations and
reviews of emergency response readiness.
Preparation today determines survival tomorrow.
6. Governance-Linked Risk Frameworks
As an advocate and governance professional, I view risk through a governance lens. I will
help:
- Align risk appetite with Board
directives and shareholder mandates.
- Ensure disclosures in the risk
section of the Annual Report are clear, complete, and compliant.
- Drive accountability in ownership
of identified risks across departments.
I aim to embed risk thinking into the company’s governance DNA.
7. Risk Metrics, Reporting, and Review
Effective risk management is measurable. I will advocate for:
- Development of Key Risk Indicators
(KRIs) and early warning signals.
- Structured dashboards for risk
tracking at Board and committee levels.
- Periodic review and recalibration
of risk frameworks in light of internal or external changes.
These tools enable actionable insights, not just documentation.
8. Vendor, Partner, and Third-Party Risk
With increasing outsourcing, third-party risks are significant. I will support the
committee in:
- Reviewing due diligence processes
for partners and vendors.
- Ensuring contract clauses include
adequate risk-sharing, indemnities, and compliance obligations.
- Monitoring ongoing performance and
risk exposure from third-party relationships.
Third-party risks are often underestimated until it’s too late—I aim to help the company
stay ahead of them.
Collaboration Across Functions
Effective risk governance requires cross-functional collaboration. As an
Independent
Director, I will:
- Encourage alignment between Risk,
Legal, Compliance, Audit, and Strategy functions.
- Advocate for centralized risk
registers but decentralized accountability.
- Foster communication between the
Board and frontline risk managers.
This ensures risk oversight is integrated, not isolated.
Ethics, Transparency, and Reporting Integrity
As an advocate for corporate ethics, I strongly support:
- Honest reporting of risks without
dilution or deferral.
- Whistleblower protection and
grievance redressal systems.
- Board-level visibility into red
flags and internal audit findings.
Transparency is not a liability—it’s a leadership strength.
Risk as a Strategic Enabler
Risk management is not just about protection—it’s about preparation, prediction, and
performance. When managed well, risks become enablers of growth, innovation, and
resilience.
As an Independent Director with legal expertise, I bring to the Risk Management
Committee:
- A compliance-conscious yet
commercially realistic perspective.
- The ability to anticipate emerging
challenges and systemic shifts.
- A deep commitment to ethical,
transparent, and accountable risk oversight.
