SEBI
on November 10, 2020 proposed
extending the requirement of constituting a risk management committee to top
1,000 listed entities from 500 at present. The risk management committee should
meet at least twice in a year from the current practice of minimum one meeting
every year.
Considering
the multitude of risks faced by listed entities, risk management has emerged as
a very important function of the board. Further, the COVID-19 pandemic has
reinforced the need for a robust risk management framework, as per SEBI.
While
LODR (Listing Obligations and Disclosure Requirements) norms specify the role
of various board committees of listed entities, defining the role and
responsibilities of the risk management committee (except for cyber-security
risk) is left to individual boards of listed entities.
SEBI has propsed the "requirement of constituting a risk management
committee may be extended from the top 500 to the top 1,000 listed entities, on
the basis of market capitalisation".
Sebi has suggested that
quorum for a meeting of the committee should be either two members or one-third
of the members of the panel, whichever is greater. This includes at least one
member of the board of directors in attendance.
Company’s risk management
committee would formulate a detailed risk management policy which will include
a framework for identification of internal and external risks specifically
faced by the listed entity. The risks include financial, operational, sectoral,
sustainability (specifically, environmental, social and governance related
risks and impact), information and cyber security.
The committee should be
responsible for taking measures for risk mitigation, business contingency plan
as well as monitoring and overseeing implementation of the risk management
policy, It should also be responsible for keeping the board informed about the
nature and content of its discussions, recommendations and actions to be taken.
Risk
management committee should also have powers to seek information from any
employee, obtain outside legal or other professional advice and secure
attendance of outsiders with relevant expertise, if it considers necessary.
The
appointment, removal and terms of remuneration of the chief risk officer, if
any, would be subject to review by the risk management committee, jointly with
the nomination and remuneration committee.
Further,
the risk management committee should coordinate its activities with the audit
committee in instances where there is any overlap with audit activities. It
should ensure that appropriate methodology, processes and systems are in place
to monitor and evaluate risks associated with the business of the listed
entity, according to SEBI
No comments:
Post a Comment