Healthvista India Limited (“the Company”) considers ongoing risk management to be a core component of the Management of the Company, and understands that the Company’s ability to identify and address risk is central to achieving its corporate objectives.
The Company’s Risk Management Policy (“the Policy”) outlines the program implemented by the Company to ensure appropriate risk management within its systems and culture.
The Policy is formulated in compliance with Regulation 17(9)(b) of SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015 (“the Listing Regulations”) and provisions of the Companies Act, 2013 (“the Act”), which requires the Company to lay down procedures about risk assessment and risk minimization.
- The Board of Directors of the Company shall form a Risk Management Committee (hereinafter referred to as “Committee”) who shall periodically review this Policy of the Company so that the Management controls the risk through properly defined network. The Board of Directors may re-constitute the composition of the Committee, as it may deem fit, from time to time.
- The responsibility for identification, assessment, management and reporting of risks and opportunities will primarily rest with the business managers. They are best positioned to identify the opportunities and risks they face, evaluate these and manage them on a day to day basis.
The Risk Management Committee shall provide oversight and will report to the Board of Directors who have the sole responsibility for overseeing all risks.
Risk Management Program:
The Company’s risk management program comprises of a series of processes, structures and guidelines which assist the Company to identify, assess, monitor and manage its business risk, including any material changes to its risk profile.
To achieve this, the Company has clearly defined the responsibility and authority of the Company’s Board of Directors as stated above, to oversee and manage the risk management program, while conferring responsibility and authority on the Company’s senior management to develop and maintain the risk management program in light of the day-to-day needs of the Company. Regular communication and review of risk management practice provides the Company with important checks and balances to ensure the efficacy of its risk management program.
The key elements of the Company’s risk management program are set out below:
In order to identity and assess material business risks, the Company defines risks and prepares risk profiles in light of its business plans and strategies. This involves providing an overview of each material risk, making an assessment of the risk level and preparing action plans to address and manage the risk.
The Company majorly focuses on the following types of material risks:
- Commodity risk;
- Business risk;
- Foreign exchange risk;
- Technological risks;
- Strategic business risks;
- Operational risks;
- Quality risk;
- Competition risk;
- Realization risk;
- Cost risk;
- Financial risks;
- Human resource risks; and
- Legal/Regulatory risks.
Oversight and management:
Board of Directors-
The Board of Directors (“the Board”) is responsible for reviewing and ratifying the risk management structure, processes and guidelines which are developed and maintained by Committees and Senior Management. The Committees or Management may also refer particular issues to the Board for final consideration and direction.
Risk Management Committee-
The day to day oversight and management of the Company’s risk management program has been conferred upon the Committee. The Committee is responsible for ensuring that the Company maintains effective risk management and internal control systems and processes, and provides regular reports to the Board of Directors on the effectiveness of the risk management program in identifying and addressing material business risks.
To achieve this, the Committee is responsible for:
- managing and monitoring the implementation of action plans developed to address material business risks within the Company and its business units, and regularly reviewing the progress of action plans;
- setting up internal processes and systems to control the implementation of action plans;
- regularly monitoring and evaluating the performance of management in managing risk;
- providing management and employees with the necessary tools and resources to identify and manage risks;
- regularly reviewing and updating the current list of material business risks;
- regularly reporting to the Board on the status of material business risks;
- review and monitor cyber security; and
- ensuring compliance with regulatory requirements and best practices with respect to risk management.
Further, the Company is exposed to commodity risks on a routine basis due to multiple commodities (imported or domestically procured) utilized in its manufacturing operations. Such risks are managed by a detailed and regular review at a senior level of various factors that influence the commodity prices as well as tracking the commodity prices on a daily basis and entering into fixed price contracts with overseas suppliers in order to hedge price volatility.
The Company’s Senior Management is responsible for designing and implementing risk management and internal control systems which identify material risks for the Company and aim to provide the Company with warnings of risks before they escalate. Senior Management must implement the action plans developed to address material business risks across the Company and individual business units.
Senior Management should regularly monitor and evaluate the effectiveness of the action plans and the performance of employees in implementing the action plans, as appropriate. In addition, Senior Management should promote and monitor the culture of risk management within the Company and compliance with the internal risk control systems and processes by employees. Senior Management should report regularly to the Risk Management Committee regarding the status and effectiveness of the risk management program.
All employees are responsible for implementing, managing and monitoring action plans with respect to material business risks, as appropriate.
Review of risk management program:
The Company regularly evaluates the effectiveness of its risk management program to ensure that its internal control systems and processes are monitored and updated on an ongoing basis. The division of responsibility between the Board, the Committee and the Senior Management aims to ensure the specific responsibilities for risk management are clearly communicated and understood.
The reporting obligation of Senior Management and Committee ensures that the Board is regularly informed of material risk management issues and actions. This is supplemented by the evaluation of the performance of risk management program, the Committee, the Senior Management and employees responsible for its implementation.
Risk Management System:
The Company has always had a system-based approach to business risk management. Backed by strong internal control systems, the current risk management framework consists of the following elements:
- Risk Management system is aimed at ensuring formulation of appropriate risk management policies and procedures, their effective implementation and independent monitoring and reporting by Internal Audit.
- A combination of centrally issued policies and divisionally-evolved procedures brings robustness to the process of ensuring business risks are effectively addressed.
- Appropriate structures have been put in place to effectively address inherent risks in businesses with unique / relatively high risk profiles.
- A strong and independent Internal Audit Function at the corporate level carries out risk focused audits across all businesses, enabling identification of areas where risk managements processes may need to be improved. The Board reviews internal Audit findings, and provides strategic guidance on internal controls. Monitors the internal control environment within the Company and ensures that Internal Audit recommendations are effectively implemented.
The combination of policies and processes as outlined above adequately addresses the various risks associated with our Company’s businesses. The Senior Management of the Company periodically reviews the risk management framework to maintain its contemporariness so as to effectively address the emerging challenges in a dynamic business environment.
Any change in the Policy shall be approved by the Board of Directors or any of its Committees (as may be authorized by the Board of Directors in this regard). The Board of Directors or any of its authorized Committees shall have the right to withdraw and / or amend any part of this Policy or the entire Policy, at any time, as it deems fit, or from time to time, and the decision of the Board or its Committee in this respect shall be final and binding. Any subsequent amendment / modification in the Listing Regulations and / or any other laws in this regard shall automatically apply to this Policy.