By Sandeep Agrawal
In ancient times, Kautilya introduced the concept of risk management in “Arthashastra” wherein the King is responsible for protecting his people from the risks originating from “Acts of God” and “Acts of Man”. The concept kept evolving over the years and is currently being practiced by corporates.
Risk Management: Indian Context
India is amongst the several emerging economies witnessing an economic revolution with continuous improvements in GDP growth, industrial productivity, per capita income supported by a large skilled workforce, policy reforms, and global investments. These growth opportunities bring along many threats which require detailed assessment and mitigation plans. Hence the ‘Vision’ for business transformation goes hand in hand with “Caution”.
The Ministry of Corporate Affairs as well made the requirements of risk management mandatory under various sections like Clause 49 of the Listing Agreement (company to inform Board Members about Risk Assessment and minimization procedures), Section 134 (3) of Companies Act 2013 (Board Report to include a statement indicating development and implementation of a Risk Management Policy), etc.
Risk Management: Concept
Risk management is an important practice that supports businesses in identifying, evaluating, & prioritizing, defining the mitigation plans, and monitoring the same. It is practiced by all corporates irrespective of their size; small businesses do it informally, while enterprises codify it. Risks, in general, can be classified as either:
Internal risks: Those which the company has the power to prevent it. For example Union strikes, employee frauds, leadership issues, legal risks, etc.
External risks: Those which the Company has no power to prevent but can only be “mitigated”. For example natural calamities, civil disruptions, etc.
It is interesting to note that Legal/Litigation risks are generally classified as an “Internal Risk” as it is a probable loss arising due to regulatory action that can be initiated due to an individual’s or corporation’s actions, inaction, products, etc.
Legal risks can be categorized as follows:
Contractual risk can originate from any facet of the business i.e. can be triggered due to failure or negligence in fulfilment of contractual liabilities either to customers, vendors, employees, etc.
Regulatory/compliance risk relates to requirements of laws and regulations applicable to any corporation and litigation can be triggered by several authorities for any non-compliance. It would be surprising to note the period of Jail Term per the current regulatory provisions in India. A broader range of maximum Jail Term under various categories of Laws is depicted below:
Labour Laws: 01 Month – 84 Months
Industry Specific Laws: 01 Month – 240 Months
Commercial Laws: 01 Month – 168 Months
Environment, Health & Safety Laws: 15 Days – 120 Months
Finance / Tax Laws: 03 Months – 84 Months
General Laws: 03 Months – 120 Months
Secretarial Laws: 03 Months – 120 Months
It is evident that the repercussions of non-compliances of the law can severely impact the corporates as well as their directors/employees.
Regulatory Litigation: Risk Analysis
Considering the criminal provisions and related Jail terms, Corporates need to assess and evaluate the regulatory risks and adhere to the following steps to avoid/minimize the probabilities of litigation:
– Identification of applicable laws and regulations
– Assignment of roles and responsibilities for each applicable regulation
– Prioritize based on the associated penal/criminal provisions i.e. risk ratings
– Design and implement a framework to facilitate ongoing assessment and monitoring of status of the identified regulations
Once the framework is effectively designed and implemented, the corporations, to some extent, can avoid getting ‘surprises’ in terms of departmental notices for non-compliances.
Role of Technology: Effective Implementation of Framework
Corporates mainly deploy people in the overall process; from identification to ongoing monitoring. Considering a lot of departments in a Corporate are responsible for various regulations, the sheer spread within the organization makes it extremely difficult to implement any framework effectively. The situation gets further complicated in case the organization is spread across sectors and geographies.
Technology can play a crucial role in the overall process especially in elimination of manual / paper-based and adhoc processes. It ensures discipline, consistency and timely reporting for senior management and helps the organization in building a culture of compliance which can keep litigation at bay. But that’s just one half of litigation.
Mitigating ongoing litigation matters can get complex too, the hearing dates, responses, orders/judgements, appeals, etc. all need to be monitored. An expert legal team with a litigation platform can not only create a thriving environment for the organization but also lay down procedures and best practices for identifying potential risks and mitigation before they get into the realm of litigation.
(Sandeep Agrawal, Co-Founder & Director, TeamLease Regtech. Views are author’s own.)