ESG_Framework

Download as pdf or txt
Download as pdf or txt
You are on page 1of 27

Effective from October 19, 2021

ESG FRAMEWORK

1
INDEX

Particulars Page No.


INTRODUCTION TO ENVIRONMENT SOCIAL & GOVERNANCE 4
(ESG) FRAMEWORK
1. About ICICI Securities 4
2. Materiality assessment 4
3. Reporting framework 4
4. Governance and administration 5
5. Review of ESG framework 5
ENVIRONMENT 6
6. Environment Policy 6
7. Sustainable finance practices 6
SOCIAL 7
8. Customers 7
9. Government and regulatory bodies 8
10. Shareholders 9
11. Communities 10
12. Business partners 11
13. Employees 11
GOVERNANCE 14
14. Governance framework 14
15. Board and Committee composition 14
16. Board Diversity Policy 15
17. Functioning of the Board 15
18. Details of the Committees 15
19. Governance Controls 16
Responsibilities of the Board 16
20. External Auditors 17
Appointment of Statutory Auditors 17
21. Meeting Attendance 17
22. Board operation and meetings 17
23. Independence and Qualifications of the Directors 18
24. Duties of Directors 19
25. Duties of Independent Directors: 20
26. Evaluation of performance of the Board and Committees 20
27. Board compensation 21
28. Annual Strategic and Operating Plans 21
29. Succession Planning 22
30. Ethics and conduct 22
31. Framework for Managing Conflicts of Interest 22
32. Policy on Related Party Transactions 23
33. Whistle Blower Policy 23
34. Anti-Bribery and Anti-Corruption Policy 24
35. Compliance Framework 24
36. Compliance Policy 24
37. Anti-Money Laundering Policy 24
38. Risk Management Framework 25

2
39. Privacy Protection Standard 27
40. Personal Data Protection Standard 27

3
INTRODUCTION TO ENVIRONMENT SOCIAL &
GOVERNANCE (ESG) FRAMEWORK
1. About ICICI Securities

Established in 1995, ICICI Securities is one of India’s leading digitally powered integrated
securities firm, offering a wide range of services including retail and institutional broking,
financial products distribution, private wealth management, and issuer and advisory services
to our retail, affluent and institutional clients.

It is one of the pioneers in the e-brokerage business in India. ICICI Securities operates
ww.icicidirect.com, India’s leading virtual financial supermarket which acts as a one stop
shop offering wide range of investment products, protection solutions and distributing
lending products, all in an open architecture format.

The Company is registered with the Securities and Exchange Board of India (‘SEBI’) as a
Stock Broker, Merchant Banker, Portfolio Manager, Investment Adviser and Research
Analyst. It is a member of BSE Limited, National Stock Exchange of India Limited and MSEI.
It is also registered as Corporate Agent with the Insurance Regulatory and Development
Authority of India (‘IRDAI’) and Point of Presence (‘POP’) with the Pension Fund Regulatory
and Development Authority of India (‘PFRDA’) for distribution of National Pension Scheme
(‘NPS’).

Our strong foundation of corporate governance and ESG led responsible business practices
help us to fulfil our duty as a responsible corporate citizen to conduct business sustainably
and make a meaningful difference to all our stakeholders. Our ESG framework articulates our
approach of conducting business sustainably managing all environmental, societal and
governance related aspects.

2. Materiality assessment

Materiality assessment is an exercise to identify parameters and issues that can materially
affect our ability to create long-term sustainable value for our stakeholders. We regularly
interact and seek feedback from various stakeholders through platforms such as client
satisfaction surveys and review meet, employee engagement scores, industry and
Regulatory reports, etc. The material issues are analysed, and right process interventions are
designed, implemented and sustained. This ESG framework is designed to manage material
issues identified through a detailed materiality assessment exercise covering both internal
and external stakeholders which helped us prioritise our ESG focus areas.

3. Reporting framework

ESG report: In our ESG report, we discuss how we are conducting our business responsibly
and covers information relevant for our key stakeholders such as our policies, practices
relevant to addressing material ESG issues, and practices for responsible and ethical
business, as well as our approach towards fulfilling the expectations of various stakeholders
including our business partners, clients, employees, investors, community and the
environment. We have also mapped the impact of our operations with the United Nations
Sustainability Development Goals.

4
Business Responsibility Report: The Annual Business Responsibility Report highlights
our performance against stated principles of the National Voluntary Guidelines developed by
the Indian Ministry of Corporate Affairs (MCA).

Integrated Report: Our annual Integrated Report provides an in-depth account of our
performance and strategy as well as reports on our Governance. The non-statutory section
of the Report follows the Integrated Reporting Framework recommended by the International
Integrated Reporting Council (IIRC) and provides an update on how the six capitals, financial
capital, intellectual capital, Human capital, Natural capital, Manufactured capital and Social &
relationship capital, have been deployed. The other statutory reports, including the Directors’
Report, its annexures, including the Management Discussion and Analysis (MDA), and the
Corporate Governance Report, are as per the Companies Act, 2013, Securities and Exchange
Board of India (Listing Obligations and Disclosure Requirements) Regulations, 2015 and the
revised Secretarial Standards issued by The Institute of Company Secretaries of India. The
financial statements are in accordance with the Indian Accounting Standards.

Reporting Boundary: The reporting scope and boundary for our disclosures, unless
otherwise stated, covers the India operations of ICICI Securities.

All the above reports are published annually and made available on the website of the
Company icicisecurities.com.

4. Governance and administration

The Board reviews the ESG roadmap of the Company and the various initiatives are
implemented by a cross functional team comprising senior members from Finance,
Technology, Risk, Treasury, Human Resources, Compliance & Legal, Secretarial and
Business under the guidance of the Managing Director & CEO and the Executive Director.
The ESG framework is built on various policies, procedures and frameworks which are in
turn approved and reviewed by either Board or its committees e.g. Audit Committee or Risk
Management Committee.

5. Review of the ESG framework

The ESG framework would be reviewed at least once in two years. The individual
components including policies, procedures and frameworks are reviewed as per their
respective stated frequency usually annually.

5
ENVIRONMENT
6. Environment Policy

The Company is committed to building a sustainable, socially conscious, ethical and


responsible business. The Company, being a corporate entity, considers creating a positive
impact through all its processes as its prime duty and responsibility being a corporate entity.
The Company’s business model entails limited use of natural resources, however, it
recognises the impact of its operations on the environment due to consumption of resources
like energy, water, etc. procurement of materials including paper, etc. and disposal of any
waste. Board approved Environment Policy of the Company governs the management of
all the above areas and practices having a bearing on the environment.

The Company aims at reducing consumption/wastage which directly or indirectly reduces


environmental impact as well as helps in promoting advocacy of environment friendly
practices. The Company endeavours to reduce any adverse impact on the environment by
conducting its operations in a sustainable manner. The Company is also committed to
continuously reduce its foot print of impact on environment and natural resources by its own
actions and engagement with the various stakeholders viz., employees, clients, partners,
vendors, etc.

We measure and report on Scope 1, 2 & 3 emissions, water consumption and other
environmental resources we consume although in limited quantum. The business model of
Company is already highly digital requiring limited usage of resources, however, the
Company continuously works on integrating technology thereby further limiting usage of
paper, energy, etc.

7. Sustainable finance practices

The Company does not provide finance to corporates for their businesses and does not have
a large proprietary investment pool, however it has integrated environmental and social
factors into its decision making process while making investments. The Corporate Risk
and Investment Policy (‘CRIP’) details out how the Company will factor in environment
and social factors into its investments including by way of limiting investments in equity
shares and fixed income securities of companies having considerable exposure to certain
sensitive sectors as detailed and updated from time to time in CRIP. Currently, the following
have been considered as Sensitive sectors under CRIP:

i. Oil and Gas;


ii. Metals and Mining;
iii. Power generation (Coal based); and
iv. Tobacco.

6
SOCIAL
The Company has elaborate frameworks, policies and practices which dictate how the
Company maintains and manages the expectations of its various stakeholders. viz.,
customers, investors, employees, business partners and community at large. This section
details out such frameworks.

8. Customers

We endeavor to fulfill our customers’ expectations by having a customer centric and


responsible approach to designing our products and services coupled with a responsive
customer service. We are proud of our effective governance, comprising of a well-defined
customer grievance redressal mechanism which is reviewed by Customer Service
Council and a Product Committee to provide oversight on products getting developed
and a Product Governance Forum which looks at suitability of products to a customer
type.

Customer Service: At ICICIdirect, we believe that customer service is one of our key
differentiators. We offer new age Self Servicing channels like Chatbot, Whatsapp bot,
iCommunity along with traditional channels including phone, email, Chat as well as walk-in
to our branches. Being there when customer needs assistance is what drives satisfaction in
the online investment world. Pre-empting and offering help is taking the same to the next
level.

The voice and the non-voice teams at the call center have been specifically designated for
customer service. Looking at the complexities of the products that we deal in, a lot of effort
is put in to ensure that the Company’s service officers are well-trained and equipped to
respond to customer queries quickly and correctly.

The call center and email services are hosted using state of the art technology to respond to
the customers. The team uses a sophisticated CRM system and an integrated platform for
Inbound/Outbound and email interactions. During the pandemic, the team ensured
continuity of services by adopting the Work from Home (WFH) model. The entire Customer
service team has been enabled for WFH to ensure continuous services to our customers.

At ICICI Direct, the Company provides its customers with an easy access to information,
services as well as the means to redress their grievances. The Company’s endeavor is to
provide with first contact resolution to the customers’ satisfaction. However, in case the
customers are not happy with the response provided, they can email to the Company’s
escalated channels provided on its website.

The key “moments of truth” have been identified for the customers at various life stages and
have set service quality indicators that cover the processes from lead management to
transaction and query management. The Company continuously monitors VOC (Voice of
customer) as well as internal process standards. Several such parameters that are tracked
and reviewed by Customer Service Council on a regular basis include:

 Number of customer interactions;


 Number of Service requests and Critical requests;

7
 Turn-around Time (TAT) for Service request and Critical Request;
 Net promoter score;
 Quality of resolution;
 Customer Escalations/Regulatory complaints; and
 Social media interactions and response/resolution TATs.

To assess the existing customer advocacy based on their overall experience with the
Company, NPS measurement which is a widely used scale is used. Net Promoter Score (NPS)
aims to measure the loyalty that exists between the Company as a Service Provider and the
customer. NPS is unique and different from traditional C-sat mechanism as it works on
emotions and expressions rather than traditional aspects of customer’s perception. NPS as
a tool is used to understand the customer experience around various touch points such as
account opening, website and application, RM/Advisor/Partner and overall service quality.

Enabling Financial Learning: The Company believes in the power of knowledge and
firmly believes in educating all the existing and potential investors about investment basics,
emerging trends, gains and risks involved in various investment avenues and answering their
investment queries to help them invest safely and securely in the market.

The ICICIdirect Knowledge Centre helps investors to have a better understanding of how,
when, and where to invest. The customers can consume simplified knowledge on stock
markets through their choice of learning mediums including Articles, Podcasts, Videos,
Virtual stocks and Courses curated by experts in industry. The Company continuously keeps
adding to its large repository of knowledge based on contemporary needs and feedback from
learners.

Keys features of Knowledge centre:

 Customized curated content by experts on wide range of investment products;


 In-depth knowledge through our detailed courses, short 2-4 minutes learning bytes in the
form of articles, videos or podcasts;
 Practice without the fear of losing money through Virtual Stocks, a live stock investing
platform that uses virtual money; and
 Interact and learn from others through our iCommunity platform.

9. Government and regulatory bodies

The Regulatory Authorities, forums and other regulatory agencies are some of the most
important stakeholders. The Company endeavours to actively engage with all relevant
organisations by way of regular meetings with various regulatory bodies, participation in
industry bodies and forums to contribute to policy formation and table discussions relevant
to business environment and industry as well as by providing feedback to regulator on
various business operating aspects. The Company regularly participates in an inter-
regulatory forum which is chaired by Deputy Governor of RBI, comprising the regulators of
all the group companies like SEBI, IRDAI, NHB, etc. The forum allows the regulators to
exchange ideas and ensure synergy amongst their reporting requirements. The regulators
are also given a perspective of the performance and compliance of the specific subsidiary
and the group overall.

8
The compliance framework of the Company is designed to ensure the highest standards of
adherence with applicable regulations, guidelines, circulars and other procedural
requirements as well as to promote sustainable capital market practices.

10. Shareholders

The Company is committed to providing timely and accurate information as well as access
to management to provide complete information regarding the Company to enable them to
accurately assess its future potential. The Company disseminates information on its
operations and initiatives on a regular basis. The Company’s website
(www.icicisecurities.com) serves as a key awareness facility for all its shareholders allowing
them to access information at their convenience. It provides comprehensive information on
the Company’s strategy, financial performance, operational performance and the latest press
releases.

The Management has designated Investor Relations Officer to engage with the investor
community. The Company’s investor relations personnel respond to specific queries and
play a proactive role in disseminating information to the shareholders. All the information
having a material bearing on the Company’s share price is released as per regulatory
requirements. The information is also disseminated to National Stock Exchange of India
Limited (‘NSE’) and BSE Limited from time to time.

The financial results, presentations made to the institutional investors or to the analysts,
other information and various compliances as required/prescribed under Listing Regulations
are filed electronically with the stock exchanges and are also available on their respective
websites in addition to the Company’s website.

In addition to the above, the information about the significant corporate actions is also
conveyed to the shareholders by e-mail within by the Secretarial Team.

In order to protect shareholders' rights, the Company appropriately discloses to the


shareholders all material relevant information affecting their investment decision on a timely
basis. The Board members, KMPs or any officers of the Company do not conduct any
transactions that conflict or compete with the interests of the shareholders without the
approval of the Board. The following Board approved policies govern various aspects of
relationships with our shareholders:

Dividend Distribution Policy: The Company has been regularly paying dividends to its
shareholders and this policy documents the guidelines on payment of dividends and sets out
the key considerations for arriving at the dividend payment decision.

Code of Conduct for Prevention of Insider Trading (‘Insider Trading Code’): The
Insider Trading Code comprises formal Company policy in a number of areas based on,
amongst other things, the requirements under the Act, SEBI (Prohibition of Insider Trading)
Regulations, 2015 and SEBI (Research Analysts) Regulations, 2014 and other applicable
Laws, each as amended from time to time. It forms an integral part of the Standards of
Corporate Conduct and must be adhered to by all the employees including Directors. In
addition to the above, the Company has framed various Codes of Conduct applicable to the
employees in different departments.

9
Pursuant to the Insider Trading Code, all the employees including Designated Persons are
expected to maintain the confidentiality of Unpublished Price Sensitive Information (‘UPSI’)
in their possession and must not pass it on, expressly or by way of making a
recommendation for purchase or sale of Securities based on the same, to any person. The
records containing such information are kept under appropriate security. Employees are
prohibited from making any personal profit or deriving benefit through their access to UPSI.
Such information should be used only in compliance with the applicable laws. All the
employees are not allowed directly or indirectly and in any manner whatsoever circulate or
cause to circulate rumours or unverified information obtained from client, industry, any trade
or any other source without verification.

Code of practices and procedures for fair disclosure of unpublished price


sensitive information (‘Fair Disclosure Code’): Pursuant to Regulation 30 of Listing
Regulations, the Company framed a Fair Disclosure Code for determination of materiality for
disclosure of events or information to Stock Exchanges based on the criteria specified in
Listing Regulations. The events/information that would be disclosed are as presently
prescribed by the SEBI vide circular CIR/CFD/CMD/4/2015 dated September 9, 2015 and as
would be amended from time to time. Fair Disclosure Code is framed based on the principles
of fair disclosure outlined in the SEBI (Prohibition of Insider Trading) Regulations, 2015, as
amended from time to time.

The Chief Financial Officer or the Company Secretary is the authorised Key Managerial
Personnel (KMP) to determine the materiality of an event or information and for the purpose
of advising on the disclosure to the stock exchanges through the Chief Investor Relations
Officer designated under the Company’s Code of fair disclosure.

Under the Fair Disclosure Code, all the employees, designated persons and insiders of the
Company are required to ensure that handling of all UPSI, including onward communication,
is done on a need-to-know basis and in line with any other applicable codes, policies and
procedures of the Company, including specifically, this Code and the Insider Trading Code.

Policy for determination of materiality for events/information and disclosure


thereof to the stock exchange: Pursuant to Regulation 30 of Listing Regulations, the
Company has framed a Policy for determination of materiality for disclosure of events or
information to Stock Exchanges (‘the Policy’) based on the criteria specified in the Listing
Regulations. The Policy provides guidance to determine the materiality of events/information
and disclosure thereof. The events or information which are necessary to be disclosed to the
Stock Exchanges are broadly divided into three categories as specified in the Listing
Regulations, inter alia, covering: (a) Events whose disclosure is mandatory and which would
need to be disclosed without any application of the test/guidelines for materiality thresholds;
(b) Events which may be disclosed to the Stock Exchanges based on the test of materiality
thresholds; and (c) Any other event/information that is likely to affect business.

11. Communities

The Company is committed to provide resources and support activities focused on


enhancing economic and social development enabling a larger number of people to
participate and benefit in India’s economic progress. Corporate Social Responsibility
Policy (CSR Policy) governs the various initiatives undertaken by the Company in its
identified impact areas with regular reporting to and oversight by the CSR Committee.

10
The CSR Policy sets out the framework guiding the Company’s CSR activities. The CSR Policy
also sets out the rules that need to be adhered to while taking up and implementing CSR
activities. The CSR Policy pertains to the activities undertaken by the Company towards
fulfilling its CSR objectives. The Company has articulated its CSR philosophy as supporting
the causes of education, healthcare including preventive healthcare, skill-development and
sustainable livelihood, creation of job opportunities through technology incubation of
start-ups and financial inclusion.

A detailed reporting of the CSR initiatives and their impact is done to the CSR Committee
and is also reported as a part of our Integrated Report and ESG report.

12. Business Partners

We have robust mechanisms of maintaining relationships with our business partners


including various service providers, business partners and other specialist agencies, vendors
and consultants. These mechanisms ensure fair and transparent dealing, integrity and ethical
behavior, confidentiality of data and an oversight on the functioning of the partner where
relevant. The mechanism entails comprehensive documentation which binds both the
parties to clauses pertaining to integrity, confidentiality of data where applicable, detailed
services description, transparency in trade and payment terms. These terms safeguard both
the parties in case of any breach in terms of the contracts.

Apart from the above, there is a laid down on-boarding process including background
checks, detailed information memorandum and wherever relevant, declarations and
undertakings as required by Outsourcing Policy or other regulations applicable to the
Company. Transparency and fairness is ensured by mechanisms such on electronic bidding
for price discovery, regular feedback through engagement calls, providing a line of
communication through a dedicated email id isecpartners@icicisecurities.com for reaching
out to management as well as an escalation mechanism in case of any concerns.

13. Employees

PLEDGE - Our Employee Value Proposition: The Company has always believed that its
employees – its human capital – are the key contributors towards its performance and are its
greatest assets. The employee value proposition (EVP) called ‘PLEDGE’ is a formal
articulation of what we as a Company promise to our employees. The 5 anchors of ‘PLEDGE’
are Pride @ Workplace, Care, Growth & Learning Enabling Work Environment & Meritocracy.
Each of the 5 anchors comprise important aspects of our value proposition to employees.

 Pride @ Workplace: The employees can take Pride in that they are part of an engaging
organization that is conscious of its larger role in society and in serving the nation - an
organization that continues to espouse principles of ethics, good governance and good
business practices. Pride of being associated with brand ICICI Securities, feeling inspired
by the top management, being part of an organisation, which serves as a “trusted
adviser” to its customers and being part of an organisation that promotes ethics and good
business practices, in addition to adding value to society at large.

 Care: Standing by employees in their hour of need, just as they go the extra mile for the
organization whenever required stands for both personally and professionally.

11
 Growth and Learning: Opportunities for personal growth of employees, as they work
towards Company’s growth & success. This anchor stands for being there for employees
in their time of need both personally and professionally.

 Enabling Work Environment: Work environment that facilitates achievement of


aspirational goals - an environment which facilitates employees to perform and deliver
their best. Whether it is through clearly defined performance expectations, policies and
processes or access to productivity tools or facilitating employees to participate in
shaping policies/processes/strategy.

 Meritocracy: A merit-oriented organization, setting high performance standards and


linking rewards to performance.

Leadership Competency framework: We have a mutually valuable relationship with our


employees. This relationship is characterised by the investment we make towards providing
challenging roles and assignments, opportunities for personal growth, relevant and timely
performance support, training and an enabling environment.

Our cultural ethos is embodied in our DNA Anchors (Leadership Competencies). There are a
total of 10 DNA anchors as below, which explain the expectations (in terms of leadership
behaviours) from all employees:

 People Leadership
o Nurturing Talent
o Collaboration
o Sensitivity
 Task Leadership
o Leadership through
o Execution
o Strategic Agility
o Leading Change
o Organisation Capability
 Threshold
o Passion
o Customer First
o Compliance with Conscience

To reinforce these expectations, we use 360 Degree Feedback as a developmental tool for
employees, designed to obtain feedback on the extent to which a particular employee
displays behaviours in line with the DNA anchors. For this purpose, inputs are collected from
an employee’s superiors, peers and subordinates about his/her work related behaviour and
the impact of that behavior. This feedback serves as an important input for organisational
processes like Leadership Potential Assessment and Succession Planning. Positive
reinforcement is ensured by recognizing employees displaying these DNA anchors.

Policy framework: The Company believes that every employee is important and that their
well-being and safety are our utmost priorities. We provide fair and equal employment and
advancement opportunities to all our employees and there is no discrimination on the basis
of race, caste, color, age, sex, disability and socio-economic status. We ensure a fair
recruitment process that helps us identify and hire people with the right values, who are then

12
groomed, encouraged and retained through a combination of financial and non-financial
incentives. We measure and disclose gender mix amongst our workforce. The Company has
an elaborate policy framework, comprising the below policies that ensure safety and well-
being of our employees:

 Prevention of Sexual Harassment Policy


 Employee Safety policy
 Compensation Policy
 Higher Education Policy
 Grievance redressal policy

13
GOVERNANCE
The Company has in place a robust Governance architecture comprising the Governance
framework, Compliance framework and Risk Management framework. The section below
details out each of these frameworks:

14. Governance Framework

Corporate governance broadly refers to the accountability of the Board of Directors towards
various stakeholders of the Company, viz., shareholders, employees, suppliers, customers
and society in general. It ensures Board’s accountability for providing the Company with a
fair, efficient and transparent administration which eventually results in benefitting all the
stakeholders. The Corporate Governance framework aims at ensuring the conditions
whereby the Company’s Management and the Board of Directors act in the interest of the
Company and its stakeholders and ensure the means by which the Management is held
accountable to various stakeholders.

The Company firmly believes that strong corporate governance and compliance practices
are of paramount importance to maintain the trust and confidence of its stakeholders and the
reputation of the Company. To ensure transparency, fairness and objectivity in the
organisation’s functioning and unquestioned integrity of all personnel involved, the
Company has proactively adopted best practices with regard to corporate governance and
compliance.

As an entity, our strategic goals and the experience offered to our stakeholders are aligned
to our ESG approach. This is an area which remains to be of continued focus and importance
as we embark on our journey with an end objective of emerging as full stack open
architecture ‘’digital platform’’ for serving financial services’ needs of retail Indian across life
stages.

The Company’s policy on compliance with regulatory requirements is backed by stringent


internal policies, codes, standards and principles towards ensuring compliance with law,
maintenance of confidentiality of client information and prevention of insider trading. The
Company has developed policies that have a bearing on its businesses. The Company is
committed to conducting its business in accordance with applicable laws, rules and
regulations with highest standards of business ethics and ethical conduct. The Company has
processes in place towards complying with all the applicable laws, rules and regulations in
letter and spirit.

15. Board and Committee composition

The Board composition is in compliance with the provisions of the Companies Act, 2013 and
rules made thereunder (‘the Act’) and SEBI (Listing Obligations and Disclosure Requirements)
Regulations, 2015 as amended from time to time (‘Listing Regulations’) and such other
laws/regulations in force for the time being to the extent applicable to the Company. The
Board has an optimum combination of Executive and Non-executive Directors and currently,
the Board consists of eight Directors, out of which four are Independent Directors, two are
Non-executive Non-independent Directors and two are Whole-time Directors. The Board has
one Independent Woman Director. The composition of Directors may change from time to

14
time within the broad regulatory provisions in this regard. Except the Managing Director &
CEO and the Executive Director, all other Directors including the Chairman of the Board are
Non-executive Directors. The Board has a designated Chairperson. The Chairman of the
Board is an Independent Director. The Managing Director & CEO and the Executive Director
oversee implementation of strategy, achievement of the business plans and the day-to-day
operations of the Company.

16. Board Diversity Policy

The Act and Listing Regulations stipulate the requirements in relation to the composition of
the Board of Directors of the Company. To comply with these requirements at all times, the
Company has adopted Board Diversity Policy (‘Policy’). The Policy sets out the approach in
relation to the diversity on the Board. The Company recognises that a diverse Board will have
different thoughts, perspective, knowledge, skill, industry experience, age and gender, which
will ensure that the Company retains its competitive advantage based on these principles.

17. Functioning of the Board

In terms of Section of 166 of the Act, the Directors are required to act in good faith in order
to promote the objects of the Company for the benefit of its members as a whole, and in the
best interests of the Company, its employees, the shareholders, the community and for the
protection of environment.

The Board functions either as a full Board or through various Committees constituted to
oversee specific areas. The Board of Directors of the Company meets at regular intervals to
discuss and decide on business policy and strategy apart from other businesses. The Board
has, inter alia, constituted requisite mandatory Committees, viz., Audit Committee,
Nomination & Remuneration Committee, Stakeholders Relationship Committee, Corporate
Social Responsibility Committee and Risk Management Committee. The constitution of these
Committees is in compliance with the provisions of the Act and Listing Regulations.

The Board reviews compliance with the terms of reference of all the Committees once in year
and if required, the Board may change the terms of reference of these Committees. The terms
of reference of the Committees are provided in the Annual Report.

18. Details of the Committees

 Audit Committee
 Nomination & Remuneration Committee
 Stakeholders Relationship Committee
 Corporate Social Responsibility Committee
 Risk Management Committee

In addition to the mandatory Board Committees, there are certain other Committees,
Councils and Forums that oversee various functional and operational aspects. Currently,
these include:

 IT Risk and Information/Cyber Security Committee


 Compliance Committee
 Commitment Committee

15
 Investment Committee
 Product Committee
 Process Approval Committee
 Operations Committee
 Customer Service Council
 Product Governance Forum
 Asset Liability Forum

The Company continues to ensure good governance, inter alia, through the implementation
of effective policies and procedures in compliance with the Act, Listing Regulations as well
as applicable acts, rules, regulations, etc. The policies are reviewed by the Board or the
Committees from time to time.

19. Governance Controls

Responsibilities of the Board

The responsibilities of the Board, inter alia, include the following:

 Supervising the effectiveness of the Company’s governance practices and making


changes as and when needed;

 Establishment of Board Committees, their mandate (terms of reference), composition and


working procedures;

 Understanding, reviewing and monitoring the implementation of Strategic Plans;

 Reviewing and approving significant corporate actions;

 Approval of the charters, codes, guidelines and policies as per the statutory requirements
as well as ICICI Group norms;

 Periodically reviewing the Board/Committee meeting action items on specific matters;

 Reviewing and guiding corporate strategy, major plans of action, risk policy, annual
budgets and business plans, setting Key Performance Indicators (KPIs), and monitoring
implementation and corporate performance;

 Selecting, compensating, monitoring and when necessary, making requisite changes in


the Key Managerial Personnel and Senior Management and overseeing succession
planning;

 Aligning Key Managerial Personnel, Senior Management and Board remuneration with
the long-term interests of the Company and its shareholders in terms of achievement of
KPIs; and

 Other general responsibilities as per the laws/regulations in force for the time being,
applicable to the Company.

16
20. External Auditors

Appointment of Statutory Auditors

The Company ensures adherence to regulations governing auditor appointment as may be


amended from time to time. Currently the framework requires:

 An individual auditor or an auditor firm maybe appointed by the members at the Annual
general meeting for a tenure not exceeding 5 years.
 The members may not reappoint an individual auditor for more than one term of 5 years
and an audit firm for more than 2 consecutive terms of 5 years.
 As on the date of appointment, no audit firm having a common partner or partners to
the other audit firm, whose tenure has expired in a company immediately preceding the
financial year, shall be appointed as auditor of the same company for a period of five
years.

Auditors engagement with Audit Committee

A separate meeting of the Chairperson of the Audit Committee with the Statutory Auditors
is held on a quarterly basis before the Audit Committee meeting to discuss on the audit
undertaken, processes followed, observations, if any. Additionally, a separate meeting of the
Audit Committee members with the Statutory Auditors and the Secretarial Auditors is also
held on a half-yearly basis to discuss major areas of concern, if any. None of the
representatives of the Management are present in such meetings of the Audit Committee
members with the Auditors.

21. Meeting Attendance

The Board members are expected to prepare, attend and participate at all the Board
meetings, committee meetings and the General Meetings of the shareholders. The Company
makes the arrangements to enable Directors’ participation virtually, through Video
Conferencing and any other audio-visual means. Further, the Board members spend their
quality time on these meetings and discharge their obligations properly. Further, the
Management encourages healthy participation at all the meetings of the Board and
Committees. The Directors review meeting materials prior to the Board and Committee
meetings and, wherever required, they communicate, in advance of the meetings, about any
areas that they wish to discuss so that the Management is prepared to address the same
during the meeting.

22. Board operation and meetings

 Board and Committee meetings schedule and place: The calendar of dates for
Board and Committee meetings for the ensuing year is decided well in advance in
consultation with the Board members. The Board meets at least once a quarter and also
meets at such other times as may be necessitated by the needs of Company’s business.
The Board meetings generally are held at the registered office of the Company. The
Board meetings are held through Video Conferencing as well especially during Covid-19
pandemic period.

17
 Agenda for the meetings: The draft agenda of the Board as well as the Committee
meetings along with respective agenda notes are circulated to the Board members and
the members of the Committees respectively, for their reviews well in advance in terms
of the applicable Secretarial Standards. The agenda includes such matters as decided
by the Management as well as the issues suggested by any of the Directors from time to
time. Each Board member is free to suggest the inclusion of items on the agenda. Each
Board member is also free to raise at any Board meeting the subjects that are not on the
agenda for that meeting with the permission of the Chairman of the meeting and with
the consent of majority of the Directors.

 Advance distribution of Agenda and Meeting materials: The agenda and meeting
materials for the Board/Committee meetings are sent to the Directors prior to the Board
meeting except those matters which are material, unpublished and price sensitive. The
objective is to ensure that agenda and meeting schedule must permit adequate time for
discussion between Board members and the Management. The Management ensures
that the materials distributed are as concise as possible yet give Directors sufficient
information to make informed decisions.

 Separate meetings of Independent Directors: Clause VII of Schedule IV of the Act


and Regulation 25 (3) of Listing Regulations require the Company to hold at least one
meeting of Independent Directors in a year without the presence of non-independent
directors and members of the Management. Accordingly, the Independent Directors
meet at least once in the first quarter of every year without the presence of executive
management. The Independent director (Chairman of the Board) presides over such
meetings and in his absence, one of the Independent Directors chosen by the group of
Independent Directors can act as the chairman of the meeting. Such meetings, inter alia:

o review the performance of non-independent directors and the Board as a whole;


o review the performance of the Chairperson of the Company, considering the views
of executive directors and non-executive directors; and
o assess the quality, quantity and timeliness of flow of information between the
company management and the Board that is necessary for the Board to effectively
and reasonably perform their duties.

In addition to the above separate meeting of Independent Directors, the Independent


Directors meet during the remaining quarters as well to discuss the performance of the
Company and other matters and provides guidance to the Management from time to time.

23. Independence, Qualifications and tenure of the Directors

All the Independent Directors fulfil the criteria of independence as specified in Listing
Regulations and the Act and are independent of the Management.

The terms of appointment/re-appointment and tenure of Independent Directors are governed


as per the applicable provisions of the Companies Act, 2013 (‘the Act’) and SEBI (Listing
Obligations and Disclosure Requirements) Regulations, 2015 (‘Listing Regulations’).
Independent Directors of the Company can hold office for a term up to five consecutive years
on the Board of the Company, however, they are eligible for re-appointment for a further
term of five consecutive years, subject to the approval of the shareholders by Special
Resolution and meeting the criteria of independence provided in the Act and Listing

18
Regulations at all times. Additionally, prior approval of the shareholders is required to be
obtained for appointment/continuation of appointment of a non-executive Director who has
attained the age of seventy-five years during his tenure of appointment in the Company.

In the context of the Company’s business for effective functioning, the Company has
distinguished individuals on its Board of Directors with each of the Directors having the
requisite core skills/expertise/competence as well as several years of vast experience and
knowledge in various diversified functions and fields, viz., corporate & international banking,
treasury, corporate planning, project & portfolio/asset management, economics, capital
markets, investment banking, institutional & retail broking, private equity fund management,
financial services, competition & corporate law, corporate affairs, commerce, economic
regulations, technology, business strategies and management, institutional strengthening &
business transformation, banking & finance, corporate laws, business and finance laws,
insurance, human resources development, venture capital, retail & rural banking,
SME/Commercial banking, rural and inclusive banking, etc. Thus, the Board has a right blend
of dynamism, leadership and experience.

The Independent Directors are members of the Board of Directors of various reputed
companies including listed entities and they provide their treasured inputs and guidance at
the Meetings of the Board which have been of immense help to the Company in pursuing
strategic goals.

The Board is suitably equipped to understand the ever changing business dynamics of the
stock broking, distribution, wealth management and investment banking sectors in which the
Company operates and ensures that appropriate strategies are articulated benefitting the
Company in the long run.

24. Duties of Directors:

 Subject to the provisions of the Act, a director of a company shall act in accordance with
the articles of the company;
 A director of a company shall act in good faith in order to promote the objects of the
company for the benefit of its members as a whole, and in the best interests of the
company, its employees, the shareholders, the community and for the protection of
environment;
 A director of a company shall exercise his duties with due and reasonable care, skill and
diligence and shall exercise independent judgment;
 A director of a company shall not involve in a situation in which he may have a direct or
indirect interest that conflicts, or possibly may conflict, with the interest of the company;
 A director of a company shall not achieve or attempt to achieve any undue gain or
advantage either to himself or to his relatives, partners, or associates and if such director
is found guilty of making any undue gain, he shall be liable to pay an amount equal to
that gain to the company; and
 A director of a company shall not assign his office and any assignment so made shall be
void.

19
25. Duties of Independent Directors:

In addition to the above duties of the Directors, the independent directors shall:

1. undertake appropriate induction and regularly update and refresh their skills, knowledge
and familiarity with the company;
2. seek appropriate clarification or amplification of information and, where necessary, take
and follow appropriate professional advice and opinion of outside experts at the expense
of the company;
3. strive to attend all meetings of the Board of Directors and of the Board committees of
which he is a member;
4. participate constructively and actively in the committees of the Board in which they are
chairpersons or members;
5. strive to attend the general meetings of the company;
6. where they have concerns about the running of the company or a proposed action, ensure
that these are addressed by the Board and, to the extent that they are not resolved, insist
that their concerns are recorded in the minutes of the Board meeting;
7. keep themselves well informed about the company and the external environment in which
it operates;
8. not to unfairly obstruct the functioning of an otherwise proper Board or committee of the
Board;
9. pay sufficient attention and ensure that adequate deliberations are held before approving
related party transactions and assure themselves that the same are in the interest of the
company;
10. ascertain and ensure that the company has an adequate and functional vigil mechanism
and to ensure that the interests of a person who uses such mechanism are not prejudicially
affected on account of such use;
11. report concerns about unethical behaviour, actual or suspected fraud or violation of the
company’s code of conduct or ethics policy;
12. acting within his authority, assist in protecting the legitimate interests of the company,
shareholders and its employees; and not disclose confidential information, including
commercial secrets, technologies, advertising and sales promotion plans, unpublished
price sensitive information, unless such disclosure is expressly approved by the Board or
required by law.

26. Evaluation of performance of the Board and Committees

The Company has in place an evaluation framework for evaluation of the Board, Directors
and Chairman. The Board also carries out an evaluation of the working of the Audit
Committee, Nomination & Remuneration Committee, Stakeholders Relationship Committee,
Corporate Social Responsibility Committee and Risk Management Committee. The
evaluation of the Committees is based on the assessment of the compliance with the terms
of reference of the Committees.

The evaluations for the Directors and the Board are done through circulation of
questionnaires for evaluation of the performance of the Board, the Committees of the Board
and the individual members of the Board, which assesses the performance of the Board on
selected parameters related to roles, responsibilities and obligations of the Board and
functioning of the Committees including assessing the quality, quantity and timeliness of
flow of information between the Company management and the Board that is necessary for

20
the Board to effectively and reasonably perform their duties. The evaluation criteria for the
Directors (including Independent Directors) is based on their participation, contribution and
offering guidance to and understanding of the areas that are relevant to them in their capacity
as members of the Board.

The Nomination & Remuneration Committee (‘NRC’) reviews the performance of Whole-time
Directors. The NRC defines Key Performance Indicators (‘KPIs’) for the Company and the
Executive Director and the actual performance is assessed against the KPIs set out at the
beginning of the financial year. The KPIs include both quantitative and qualitative aspects.

27. Board compensation

The Company has Remuneration Policy for the Non-executive Directors.

The Non-executive Independent Directors are remunerated by way of sitting fee for attending
each meeting of the Committee/Board and profit related commission, within the limits as
provided under the Act, as approved by the Board from time to time.

The Company does not pay any remuneration/sitting fees to Non-executive


Non-independent Directors.

The Company has in place Compensation Policy applicable for the Whole-time Directors
(WTDs), Key Managerial Personnel (KMP), Senior Management and other employees. The
Compensation Policy is framed under the guidance of the Nomination & Remuneration
Committee (‘NRC’) to ensure effective governance and to drive meritocracy under a prudent
risk framework. The compensation of the Whole-time Directors is determined by the NRC
after taking into consideration the achievement of KPIs. The NRC assesses organizational
performance as well as the individual performance of Whole-time Directors. Based on its
assessment, it makes recommendations to the Board regarding compensation for Whole-
time Directors, Key Managerial Personnel and Senior Management along-with bonus and
long term incentive plan (LTIP) for employees.

28. Annual Strategic and Operating Plans

At least once a year, a Strategy Board Meeting, generally spread over a period of two days
period is conducted during which the Managing Director & CEO, Executive Director and the
various Business and Functional Heads present the Company’s overall Corporate Strategy
and proposed strategies for each of the business segments/functions. The Management
seeks inputs/directions from the Board towards the end of the meeting. The suggestions of
the Board are then built into the strategic plans of the Company.

During the quarterly Board Meetings, the Board spends sufficient time in going through the
implementation of the annual plans and various initiatives emanating from the Annual
Strategy Board Meetings to assess whether these are being implemented effectively in a
timely manner and suggests course corrections, wherever felt appropriate by the Board
members. Thus, the Board reviews the performance of the Company against its strategic
plan in the quarterly Board Meetings.

Further, once annually, all the CEOs of the group companies present the performance of their
respective franchise and inform about their strategies to the Board of ICICI Bank Limited.

21
29. Succession Planning

The Nomination and Remuneration Committee periodically reviews and assesses the
adequacy of the Company’s policies, plans and procedures with respect to succession
planning, including policies and principles for KMP and Senior Management selection and
performance review. The review of policies also encompasses succession in the ordinary
course of business and in the event of unexpected events or emergencies.

The Company has a framework of Leadership Cover Index (LCI) to provide cover to
leadership & critical positions in the Company. Based on the guidelines of the framework,
critical positions are identified and are included under the Leadership Cover Index.

The Leadership cover is categorized into “Immediate” and “Bench” cover and employees
identified as “Leadership Potential” are considered under this framework. It is ensured that
at all the times, for all the critical roles, the “immediate” cover is available.

30. Ethics and conduct

We are committed to maintain highest standards of conduct of our business with integrity,
ethics and transparency. This commitment is ensured by way of a set of policies and
frameworks as discussed below:

Code of Conduct of & Business Ethics (‘the Code’): The Code principally prescribes
the guidelines to the employees, officers and Directors of the Company towards fulfilling
their responsibilities.

The Company expects all its employees, officers and Directors to act in accordance with high
professional and ethical standards and to be committed with integrity in all the activities as
well as to comply with all applicable laws, regulations and internal policies. The standards of
the Code are not necessarily prescribed by the regulators. These standards are something
which a well-respected institution must have in place and adhere to on an on-going basis.
Pursuant to the Code, all the employees, officers and Directors should conduct their duties
according to the language and spirit of this Code and seek to avoid even the appearance of
improper behaviour. Their actions need to demonstrate and evidence the principle of acting
in good faith and without negligence as well as be aware that even well intentioned actions
that violate the law or the Code may result in negative consequences for the Company and
for the individuals involved. While covering a wide range of business practices and
procedures, these standards cannot and do not cover every issue that may arise, or every
situation where ethical decisions must be made, but rather set forth key guiding principles
that represent ICICI Group’s policy. The Code, inter alia, covers Employee Conduct, Conflict
of Interest, Confidentiality, Anti-Bribery and Anti-Corruption, Personal Investments,
Anti-Money Laundering, Workplace Responsibilities, Compliance with laws, rules and
regulations, Key Irregularities, Disciplinary Procedures, Grievance Redressal Policy, Duties of
Directors, etc.

31. Framework for Managing Conflicts of Interest

Conflicts of interest can occur if Company’s business practices sacrifice interests of one set
of customers in favour of another or place business interests ahead of the customers. To
address such situations, the Company has adopted a Framework for Managing Conflict of

22
Interest which articulates several measures taken by the Company in ensuring that conflicts
of interest is handled in an appropriate manner, at the individual employee level, at the level
of Board of Directors and at the Group level. As part of its management of conflict of interest,
the Company has put in place a Code of Conduct for Prevention of Insider Trading which,
inter alia, covers processes to ensure that confidential information is appropriately secured
and decisions and service to clients are independent of such confidential information. There
are information barriers between departments that routinely have access to confidential/non-
public Information from those who do not have such access. However, in case the need is
felt, the Company follows the procedure for crossing the wall including obtaining prescribed
approvals.

Four principals governing the Framework for Managing Conflicts of Interest are: (a)
Protection of customer’s interests; (b) Transparency and accountability; (c) Promoting
institutional and individual responsibility and personal example; and (d) Organizational
culture.

32. Policy on Related Party Transactions

The Board has adopted Policy on Related Party Transactions (‘RPT Policy’) pursuant to
Regulation 23 of Listing Regulations and Sections 177, 184 and 188 of the Act in this regard.

The RPT Policy covers the following salient aspects:

 Definition and identification of ‘related parties’;

 Approval of transactions with related parties by the Audit Committee, the Board and the
Shareholders, wherever applicable;

 Threshold limits for related party transactions;

 Reporting of the related party transactions; and

 Review of the RPT Policy.

The RPT Policy provides the guidance for conducting any transaction with the related parties.

33. Whistle Blower Policy

Pursuant to Section 177 of the Act and Regulation 4 of Listing Regulations, the Company has
adopted the Whistle Blower Policy (‘the Policy’). The Policy aims to set up vigil mechanism
that enables employees to report about potentially illegal and/or unacceptable practices. It
seeks to enable employees to report such practices without fear of victimisation and reprisal.
The Policy aims to administer good governance practices in the Company and to ensure that
serious concerns are properly raised and addressed. The purpose of the Policy is to enable
an employee who observes an unethical practice (whether or not a violation of law) to
approach the designated authority within the Company without necessarily informing
employee’s supervisors and without revealing employee’s identity, if the employee chooses
to do so. The Policy aims to provide a mechanism to ensure that concerns are properly
raised, appropriately investigated and addressed.

23
34. Anti-Bribery and Anti-Corruption Policy

It is the Company’s commitment to act professionally, fairly and with integrity in all our
dealings wherever it operates. Accordingly, the Company has adopted a “Zero-Tolerance”
approach to bribery and corruption and framed Anti-Bribery and Anti-Corruption Policy
(‘Policy’). The ‘Code of Business Conduct and Ethics’ also clearly articulates this intent of the
Company.

Under this Policy, the adherence to this Policy, prevention, detection and reporting of any
act of Bribery or Corruption is the responsibility of all the employees of the Company. All
employees are required to avoid any activity that might lead to or suggest a breach of this
Policy. In terms of the Policy, any gift or entertainment which is not proportionate and
reasonable and which is not consistent with the normal business practice of developing and
maintaining business relationship should not be accepted or offered.

35. Compliance Framework

The Compliance, Risk, and Internal Audit teams undertake a range of monitoring activities
during the year to provide assurance that business units are complying with applicable laws,
regulations and Company policies. The compliance and risk teams also monitor the
adequacy of the compliance framework across our Company in conjunction with the Internal
Audit function through risk-based audit plan. Key issues observed as part of this monitoring
are reported to the Audit Committee and implementation of recommendations is actively
monitored. Additionally, a Quarterly Compliance Certificate signed by the Managing Director
& CEO, based on confirmations from the respective business/functional heads is placed
before the Audit Committee and the Board of Directors at every Board meeting.

36. Compliance Policy

The compliance risks associated with the financial activities across the Company assume
significant importance as these are subject to diverse regulatory and statutory requirements.
Therefore, to put in place a framework for identification and evaluation of the significant
compliance risks in order to assess how these risks might affect the business, the Company
has put in place a Compliance Policy. The Compliance Policy articulates the compliance
philosophy of the Company and the ICICI Group at large and outlines the basic principles
governing the compliance function, the broad structure and processes to ensure compliance
and the systems to monitor the implementation of the compliance framework.

37. Anti-Money Laundering Policy

As the Company is registered with SEBI, the Company has to comply with the various
regulatory provisions pertaining to Anti-Money laundering. Accordingly, the Board has
framed Anti-Money Laundering Policy (‘the Policy’). The key objectives of the Policy are:

 To prevent the Company’s business channels/products/services from being used as a


channel for Money Laundering;
 To establish a framework for adopting appropriate AML procedures and controls in the
operations/business processes of the Company;
 To ensure compliance with the laws and regulations in force from time to time;
 To protect the Company’s reputation;

24
 To assist law enforcement agencies in their effort to investigate and track money
launderers;
 To lay down AML compliance norms for the employees of the Company.

38. Risk Management Framework

The Company has in place and it is continually improving its prudent risk management
framework and integrating efficient on-line and off-line practices to mitigate identified and
anticipated risks. This safeguards the Company’s businesses in critical times.

The Board of Directors oversees the functioning of Risk Management Committee which
frames and reviews risk management processes and controls. The Company has a
comprehensive system of risk management and internal controls with an objective to ensure
that various risks are identified, measured and mitigated and also that the policies,
procedures and standards are established to address these risks.

The Company’s risk management system features a ‘three lines of defence’ approach:

 The first line of defence comprises our Operational Departments, which assume primary
responsibility for their own risks and operate within the limits stipulated in various
policies approved by the Board or by Committees constituted by the Board.
 The second line of defence comprises specialised departments such as Risk
Management and Compliance. These teams employ specialised methods to identify and
assess risks faced by the operational departments and provide these departments with
specialised risk management tools & methods, facilitate & monitor the implementation
of effective risk management practices, develop monitoring tools for risk management,
internal control & compliance, report risk-related information and promote the adoption
of appropriate risk prevention measures.
 The third line of defence comprises the Internal Audit department and External Audit
functions. They monitor and conduct periodic evaluations of the Risk Management,
Internal Control and Compliance activities to ensure the adequacy of risk controls and
appropriate risk governance.

A brief description of each of the risks faced within the Company is given below:

 Market Risk:

Market Risk is the risk arising from fluctuation in the value of financial instruments due
to volatility in market variables such as stock prices, interest rates, currency rates, credit
spreads and other asset prices. Being a financial services intermediary, the Company’s
business is vulnerable to such risks, including the risks pertaining to proprietary trading
activities. To mitigate this risk, the Company has a robust Corporate Risk and Investment
Policy that specifies risk management measures and controls to minimise the impact of
possible financial loss. Further, for the institutional broking business, the Company has
set terminal and dealer level limits to mitigate the risk of erroneous order flows.

 Credit Risk:

Credit Risk is the risk arising due to investments in fixed income instruments as well as
those arising out of receivables from the customers and clearing corporations of stock

25
exchanges. To mitigate this risk, the Company has specified overall and counter-party
level exposure limits for investments in fixed income instruments in Corporate Risk and
Investment Policy. Further, receivables from clearing corporations is low risk because of
low probability of them defaulting and such receivables are short-term in nature related
to securities settlements. Also receivables from customers primarily comprise
collateralised receivables relating to securities transactions and have low credit risk,
because of the value of the collateral received and their short-term nature.

 Liquidity Risk:

Liquidity Risk arises on account of our capital market-related business and trading and
investment activities. To mitigate this risk, the Company has Liquidity Risk Management
Policy to guide the actions and the continual monitoring of asset-liability gaps are done
across maturity buckets to assess the liquidity requirements.

 Operational Risk:

Operational Risk is the inability to effectively manage operations and come up with
effective products and services leading to losses. To address this risk, the Company has
Operational Risk Management Policy, Outsourcing Policy and Fraud Risk Management
Policy providing guidelines and assigning responsibility for the development of controls
and conduct of investigations. The Policy covers various areas, inter alia, manner of
detecting and identifying frauds, follow-up mechanism for prosecuting persons who
committed fraud, co-operation amongst market participants to identify frauds and
building a database of those committing frauds and sharing with other market
participants. Under the Policy, the Company has established the Fraud Prevention Cell
(FPC) as a dedicated group for handling fraud prevention, detection, investigation,
monitoring, reporting and awareness creation functions.

The Company also has Business Continuity Plan (BCP) and a Corporate Business
Continuity Policy in place for critical processes to address any service disruption, ensure
operational continuity and limit losses.

Moreover, the Company has a process to launch new products with the approval of the
Risk Management Committee/Product Committee and review of new processes/
products is done by Process Approval Committee. The Internal Audit department also
carries out the periodic audit of the risk management, internal control, and compliance
activities.

 Technology Risk:

Technology Risk arises from growing competition from fintechs and non-discount
brokers, evolving customer needs for technology-based servicing as well as the need to
protect IT systems and processes from damage and cyber threats. To mitigate this risk,
the Company has digital agility through API architecture to seamlessly on-board
customers alongside making sustained investment in emerging technologies to deliver
superior service. The Company has made investments in building a stable, secure, and
reliable technology system and it also has Information Technology Risk Management
Framework for safeguarding of IT assets and data. Further, the Company has Information
Security Management Policy and Cyber Security and Cyber Resilience Policy for

26
protecting the organisation’s cyberspace against cyber-attacks, threats and
vulnerabilities. Under this Policy, the Company has appointed the Information Security
Officer who periodically reviews the instances of cyber-attacks, if any, domestically and
globally and takes steps to strengthen Cyber Security and Cyber Resilience framework.

39. Privacy Protection Standard

The Company, as part of its business activities, collects and uses personal and sensitive
information about its customers, employees, vendors and others with whom the Company
deals with. In addition, the Company may occasionally be required to collect and use
information of this kind to comply with applicable regulatory/statutory requirements. Thus,
to protect the Personal Information collected by the Company, a Privacy Protection Standard
(‘Standard’) has been adopted within the Company. The objective of the Standard, inter alia,
includes ensuring responsible handling of Personal Information and compliance with
applicable regulatory requirements, increasing employee awareness of acceptable minimum
data handling practices and applicable requirements in relation to Personal Information and
setting minimum standards of data protection requirements across the Company.

40. Personal Data Protection Standard

We believe that continuing to maintain the trust of customers is of paramount importance to


us in a highly competitive market. Towards this end, the Company will continue to treat
customers’ data with utmost confidentiality. The Company will also continue to undertake
activities towards ensuring data/information security of customers at all the times.

The Company is strongly committed to protecting the privacy of the individuals whose
Personal Data it holds and processing such Personal Data in a way that is consistent with
applicable data protection legislation. Accordingly, the Company has adopted Personal Data
Protection Standard (‘Standard’). The objectives of the Standard are:

 Setting the minimum standards on how Personal Data should be handled within the
Company;
 Creating a responsible culture of data protection within the Company;
 Identifying and promoting compliance with all applicable data protection laws and
regulations;
 Identifying and managing the legal, regulatory and other obligations with respect to the
protection of Personal Data; and
 Increasing employee awareness of data protection in general and of acceptable data
handling practices and applicable requirements in relation to Personal Data, in particular.

27

You might also like