Risk Management Policy

Preamble

The Board of Directors (“Board”) of ELIMU BORA SERVICES LIMITED (“Company” or “NCPL”), has adopted the following policy which encompasses practices relating to identification, assessment, monitoring and mitigation of various risks to the business. Risk Management Policy of the Company seeks to minimize unfavorable impact on the business objectives and develop stakeholder value. Further, the risk management practices seek to sustain and enhance long-term competitive advantage for the Company.

Purpose

This Policy has been framed in accordance with the Risk Management framework as issued by Reserve Bank (“RESERVE BANK”) vide Master Direction DNBR. PD. 008/03.10.119/2016-17 dated September 01, 2016 (“RESERVE BANK Circular”) and amendments thereon.

The purpose of this policy is to address unanticipated and unintended losses to the human resources & financial assets of the Company without unnecessarily limiting the activities that advance its mission and goals. NCPL has introduced effective risk management systems that address the issues relating to various risks. The effective management of risk is vital to the continued growth of the Company.

Principles

For risk management to be effective, all operations/departments of the Company must apply the following principles to the context of the business and its objectives:

Definitions

Policy

NCPL recognizes that Risk management as one of the key drivers of growth and for enhancement of corporate governance. Accordingly, the Board has framed the following Risk Management Policy:

To continuously thrive for available risks in the organization which directly or indirectly effect the functioning of the organization.

To ensure the protection of rights & values of Shareholders by establishing a well- organized Risk Management Framework.

Selecting, maintaining and enhancing the risk management tools used by the Program to provide analyses that inform and support the investment actions of the entire Organization.

Identification, Measurement and Assessment of Risk

Management’s responsibility, as delegated by the Board, is to operationalize the Risk Management Program and ensure that formal procedures are put in place to identify and define risk with input from representatives across the businesses.

Measurement of risk is completed considering both quantitative and qualitative means using the likelihood and impact criteria as developed by Management and as reviewed by the Board.

The management has identified certain inherent and residual risks which have been divided in accordance with likelihood and its impact on the business.

Following risks have been identified by the organization:

Risk Categorization and Mitigation Factors

The following broad categories of risks have been identified in our risk management framework along with possible mitigation factors:

Strategic Risk

Risk: It is the risk to earnings and capital arising from lack of responsiveness to changes in the business environment and/or adverse business decisions, besides adoption of wrong strategies and choices.

Mitigation: The management is proactive in its approach towards changes in economic/business environment as the business strategies are regularly discussed with the senior officials of the organization so that adequate steps can be taken. Also, important strategic matters are referred to the Board, consisting of members with diversified experience in the respective fields, for intense deliberations, so as to derive the benefit of collective wisdom.

Reputational risk

Risk: Reputational risk is related to adverse perception of the image or the company, on the part of customers, counterparties, shareholders, investors and regulators. It refers to the potential adverse effects, which can arise from the company’s reputation getting tarnished due to factors such as unethical practices, regulatory actions, customer dissatisfaction and complaints leading to negative publicity. Presence in a regulated and socially sensitive industry can result in significant impact on Company’s reputation and brand equity as perceived by multiple entities like the RESERVE BANK, Central/State/Local authorities, banking industry and the customers. The risk can emanate from:

Mitigation: Considering the business model the following aspects have been put in place to reduce vulnerability related to reputational risk:

Market Risk

Operational Risk

Risk: Risks inherent to business operations including those relating to client acquisition, service delivery to clients, business support activities, information security, physical security, human resource and business activity disruptions.

Mitigation:

The Compliance Manager maintains a record of all the entire case history which is signed off by senior management on closure.

Technology Infrastructure: The Company has leverage of cloud-based technologies and all its business applications are hosted in secure data centers with mirrored redundancies such that in the event of any system going down, an alternate system is made operational within hours. At the facilities where back- office and financial operations take place, alternate/back-up connectivity has been provisioned such that in the event connectivity is lost with one service provider, the alternate connection can be utilized.

Financial Risk

Interest Risk: Interest rate risk is the risk where changes in market interest rates might adversely affect an NBFC's financial condition. The changes in interest rates affect company in some way. The immediate impact of changes in interest rates is on company’s earnings (i.e. reported profits) by changing its Net Interest Income (NII). As such NCPL is into funding of loans which are always fixed rate loans. The company manages this risk on NII by pricing its loan products to customers at a rate, which covers interest rate risk. The risk from the earnings perspective can be measured as changes in the Net Interest Income (NII) or Net Interest Margin (NIM). Measurement of such risk is done at the time of deciding rates to be offered to customers. Once interest rate risk is measured, lending rates are finalized. Given the interest rate fluctuation, the company has adopted a prudent & conservative risk mitigation strategy to minimize interest risk.

Liquidity Risk: Measuring and managing liquidity needs are vital for effective operations of an NBFC. The importance of liquidity transcends individual institutions, as liquidity shortfall in one institution can have repercussions on the entire system. Board should measure not only the liquidity positions of company on an ongoing basis but also examine how liquidity requirements are likely to evolve under different assumptions. Experience shows that assets commonly considered as liquid, like government securities and other money market instruments, could also become illiquid when the market and players are unidirectional. Therefore, liquidity has to be tracked through maturity or cash flow mismatches. For measuring and managing net funding requirements, the use of a maturity ladder and calculation of cumulative surplus or deficit of funds at selected maturity dates is adopted as a standard tool.

Mitigation: The key liquidity management policies being followed at NCPL include:

Credit and Concentration Risk

Credit Risk: Any lending activity by the Company is exposed to credit risk arising from repayment default by borrowers and other counterparties. Despite best efforts, there can be no assurance that repayment default will not occur and, in such circumstances, may have an effect on its results of operations. A failure to recover the expected value of security could expose the Company to a potential loss. Any such losses could adversely affect the Company’s financial condition and results of operations.

Mitigation: A strong credit risk management process helps in containing the portfolio quality of the company. Key elements of the credit risk management include a structured and standardized credit approval process supported by a strong system, effective training programs, legal and technical due diligence, monitoring and robust credit risk management strategy at a senior management level.

Portfolio Concentration Risk: Portfolio Concentration Risk is the risk to the company due to a very high credit exposure to a particular business segment, industry, geography, location, etc though in the context of finance, it pertains predominantly to geographical concentration.

Mitigation: NCPL intends to maintain a diversified exposure in advances across various sectors and geographies but to mitigate the risks that could arise due to political or other factors within a particular state.. Various loan covenants are also established in the documents to secure the loans.

Regulatory and Compliance Risk

Risk: The company is exposed to risk attached to various statutes and regulations. The company is mitigating the risk through regular review of legal compliances carried out through internal as well as external compliance audit. NCPL is present in an industry where the Company has to ensure compliance with regulatory and statutory requirements. Non- Compliance can result in stringent actions and penalties from the Regulator and/or Statutory Authorities and which also poses a risk to Company’s reputation. These risks can be:

Mitigation:

Human Resource Risk

Risk: NCPL’s Human Resource adds value to the entire company by ensuring that the right person is assigned to the right job and that they grow and contribute towards organizational excellence.

Our growth has been driven by our ability to attract top quality talent and effectively engage them in right jobs. Risk in matters of human resources are sought to be minimized and contained by following a policy of providing equal opportunity to every employee, inculcate in them a sense of belonging and commitment and also effectively train them in spheres other than their own specialization. Employees are encouraged to make suggestions on innovations, cost saving procedures, free exchange of other positive ideas etc.

It is believed that a satisfied and committed employee will give of his best and create an atmosphere that cannot be conducive to risk exposure. Employee- compensation is always subjected to fair appraisal systems with the participation of the employee and is consistent with job content, peer comparison and individual performance.

Mitigation:

Human Resource Policy and initiatives: Various programs and initiatives are carried out by the HR to retain talent and motivate them on a regular basis.

Responsibility

Responsibility for risk management is shared across the organization. Key responsibilities include:

Reporting Requirements

The Organization is reporting process will evolve as requirements and risk management leading practice evolve. Annual content will include a risk profile setting out the most significant risks faced by the enterprise, and for each risk will:

Further, on a quarterly basis, updated information materially affecting the risk profile (e.g. market developments) will be provided which will enable the Board to understand the likely future risk profile of the Enterprise. These will be reported to the Board as soon as practicable and at least quarterly. The risk assessment carried out shall consider all the relevant risk factors before determining the level of overall risk and the appropriate risk level and type of mitigation to be applied. This assessment shall be documented, updated regularly and made available to competent authorities and self-regulating bodies as and when required. In case of the change in perception the risk assessment in case of PEP borrower should be again done to ascertain whether it is prudent to continue with the exposure with such PEP borrower or not. In case it is felt that the funds are not safe, the funds should be recalled immediately.