Corporate Governance Policy

The Company’s Board has a fiduciary role to protect and enhance stakeholder’s value through strategic supervision. The Board along with its Committees provides direction and exercises appropriate controls directly as well as through the procedures and policies mandated.

Composition of the Board of Directors

The Board of Directors (“Board”) of the Company has an optimum combination of executive and non-executive directors (including one independent woman director) in line with the provisions of the Act, SEBI Regulations as amended from time to time. The Board provides leadership, strategic guidance and discharges its fiduciary duties of safeguarding the interest of the Company and its stakeholders. The Chairman of the Board is an Independent Non Executive Director and majority of the Board comprises Non-Executive and Independent Directors. None of the Directors of the Company are related to each other.

Meetings of the Board

Meetings of the Board of Directors shall be held at least four times a year in such manner that not more than 120 (one hundred and twenty) day shall intervene between two consecutive meetings. The detailed notes/information for agenda of the Board/Committee meetings shall be circulated to all the Directors, well in advance for fruitful discussions and making informed decisions. The minimum information to be statutorily made available to the Board/Committees, pursuant to the applicable guidelines, Sections/Regulations as per the Act, SEBI Regulations and RBI Master Directions shall be furnished to the Directors.

Responsibilities of the Board

1. 1. The Board's key purpose is to ensure the company's prosperity by collectively directing the company's affairs, whilst meeting the appropriate interests of its shareholders and stakeholders.
2. The Board is primarily responsible for :
   • Establishing vision, mission & values and determining, reviewing the goals, policy of the Company from time to time.
   • Setting strategy and structure and deciding the means to implement and support them.
   • Delegating to management, determining monitoring criteria to be used and ensuring effectiveness of internal controls.
   • Exercising accountability to shareholders and be responsible to relevant stakeholders

Board Independence

Independent Directors are expected to play a key role in the decision-making process of the Board by participating in the process of framing the overall strategy of the Company. The Independent Directors should strive to bring in an independent, impartial and objective view to discussions at the meetings of the Board and its Committees and they shall act in a way that is in the best interest of the Company and its stakeholders.

Independent Directors appointed on the Board of the Company shall fulfill the criteria of independence as set out under the provisions of the Act and the Listing Regulations. They shall submit a declaration affirming compliance with the criteria of independence for every financial year and such declaration shall be submitted whenever there is any change in circumstances which may affect their independence. An Independent Director may hold office for a term of up to five consecutive years and shall be eligible for re-appointment for another term of up to five consecutive years on passing of a special resolution by the Members of Company and disclosure of such appointment in the Board’s Report. Provided that an Independent Director, who completes two consecutive term(s) shall be eligible for appointment as Independent Director in the Company only after the expiration of three years of ceasing to be an Independent Director in the Company.

In terms of the Act, SEBI Regulations and RBI Master Directions, the Board has constituted several committees to deal with specific matters in compliance with the requirements of applicable laws and for operational convenience and delegated its power to function on its behalf. Presently the Board has, amongst others, constituted the following committees:

• Audit Committee
• Asset Liability Management Committee
• Nomination & Remuneration Committee
• Corporate Social Responsibility Committee
• IT Strategy Committee
• Risk Management Committee
• Stakeholders Relationship Committee
• Credit Committee
• Finance Committee
• Environmental Social and Governance Committee

1. Audit Committee

The Company has in place the Audit Committee in accordance with the provisions of the Act, SEBI Regulations and applicable provisions of the RBI Master Directions. The powers and role of the Committee encompass accounting matters, financial reporting and internal controls. They primarily include the review of systems and procedures of internal control, review financial operating systems, ensure compliance with regulatory guidelines, review accounting policies of the Company and its subsidiaries. The Committee also oversees the Company’s Whistle Blower policy / Vigil Mechanism and to review and approve and monitor transactions with related parties.

Periodicity of meetings:
At least four meetings of the committee shall be held every year and not more than 120 days shall elapse between two meetings of the Committee

2. Asset Liability Management Committee (ALCO)

The ALCO is primarily responsible for monitoring the asset liability gap and strategize action to mitigate the risk associated with the business of the Company from time to time. The Committee ensures adherence to limits regarding management of risks as set out by the Board, deciding on business strategy in line with the budget and risk management objectives, fulfilling funding requirements based on the quantum of business expected for the following quarter, half year and year, determine the level of funding required, in order to ensure that adequate funding is at all times available to meet the needs of the Company’s business, identifying suitable funding sources, including committed stand by lines, desired maturity profile, mix of incremental liabilities and articulate current interest rate view, develop a view on the future direction of interest rates and accordingly decide on funding mixes, resources etc.

Periodicity of meetings:
As and when any matter for consideration of the Committee is required.

3. Nomination & Remuneration Committee:

In accordance with the provisions of Section 178 of the Act and the Companies (Meetings of Board and its Powers) Rules, 2014 (“the Rules”), and SEBI Regulations and applicable provisions of the RBI Master Directions the Company has constituted the Nomination and Remuneration Committee. The Committee is responsible to (i) Identify and selection of candidates for appointment as Directors / Independent Directors based on certain laid down criteria (ii) identifying potential individuals for appointment as Key Managerial Personnel and to other Senior Management positions (iii) formulate and review from time to time the policy for selection and appointment of Directors and analyzing criteria for fit and proper status of the Directors , (iv) decide on remuneration of Directors, Key Managerial Personnel and senior management employees (v) review the performance of the Board of Directors and Senior Management Employees and (vi) devising a policy on diversity of board of directors, etc (vii) Administer, monitor & formulate detailed terms & conditions of ESOP Scheme (viii) Fit & Proper status of Directors (xi) Evaluation of skills of Independent Directors at every appointment.

Periodicity of meetings:
At least one meeting of the Committee shall be held in every year

4. Corporate Social Responsibility Committee:

The Company has in place the Corporate Social Responsibility Committee (CSR Committee) in accordance with the provisions of the Section 135 of the Act. The Committee is responsible to review the existing CSR Policy indicating activities to be undertaken as specified in Schedule VII

Periodicity of meetings:
At least one meeting of the Committee shall be held in every year

5. IT Strategy Committee:

The Committee has been constituted pursuant to RBI Master Direction dated June 8, 2017 regarding Information Technology Framework. The Committee is responsible for (i) approving IT strategy and Policy in line with corporate strategies and ensure that the management has put an effective strategic planning process in place (ii) Oversight and effectiveness of IT governance (iii) oversight associated risk with existing and planned IT operations and risk tolerance of the organization to ensure timely mitigation (iv) ensuring IT investments represent a balance of risks and benefits and that budgets are acceptable (v) monitoring the method that management uses to determine the IT resources needed to achieve strategic goals and provide high-level direction for sourcing and use of IT resources (vi) ensuring proper balance of IT investments for sustaining organization’s growth and becoming aware about exposure towards IT risks and controls and (vii) other IT Outsourcing related responsibilities, etc.

Periodicity of meetings:
At least two meetings of the Committee shall be held in a year, such that not more than six months should elapse between two meetings.

6. Risk Management Committee:

The Company has constituted Risk Management Committee pursuant to RBI guidelines and SEBI Regulations. The position of all perceived risks is periodically put up to the Risk Management Committee which critically evaluates the same and provides operational and policy guidance to the Company which paves the way for an effective risk management so as to safe guard the interest of the Company. The Committee identify, monitor, and mitigate credit risk, market risk, interest risk, operational risk and other risk that affect / may affect the Company through integrated risk management systems, strategies and mechanism.

Periodicity of meetings:
At least one meeting of the Committee shall be held in every half year.

7. Stakeholders’ Relationship Committee

The Committee is constituted pursuant to Section 178 of the Act and SEBI Regulations. The Committee should consist a Chairperson who should be a Non-Executive Director and such other member as may be decided by the Board. The Committee is responsible to oversee, monitor and address grievance of shareholders, debenture holders, investors and other security holders, perform all functions related to the interest of the security holders, oversee the performance of registrar and transfer agents, etc

Periodicity of meetings:
At least one meeting of the Committee shall be held every year.

8.Credit Committee:

The Credit committee consists of Directors and Senior executives. The Credit committee critically analyses the credit proposals placed before it.

Periodicity of meetings:
As and when any matter for consideration of the Committee is required.

9.Finance Committee:

The Finance committee consists of Directors and Senior executives. The Committee look into the routine transactions of Company which inter alia include borrowing funds, investments, authorizing opening, operation & closure of bank accounts of the Company, authorizing officials of the Company to execute various documents/agreements, issuing power of attorney for representing the Company in various courts of Law and before various Statutory Authorities, etc.

Periodicity of meetings:
As and when any matter for consideration of the Committee is required.

10.Environmental Social and Governance (ESG) Committee:
The ESG Committee has been constituted to assist the Company in the evolution of its ESG practices with a specific focus on creating value for the Company represented by increased profitability, brand and reputational value, new and enhanced products and services that deliver business and social value. The mandate of the Committee does not address compliance matters (that is addressed by the compliance functions in the Company). The ESG committee comprises of members representing the investors, senior management and board members.

Periodicity of meetings:
The ESG Committee will meet quarterly at mutually convenient times.

In addition to above, the Board may constitute such other Committees, as may be required for effective functioning of the Company.

In terms of the Act read with Schedule IV of the Act and the Listing Regulations, the Nomination and Remuneration Committee has laid down the criteria for performance evaluation of Executive Directors, Non Executive Directors including Independent Directors (“IDs”) and Board as a whole, on an annual basis.

The Company shall ensure compliance with the following corporate governance requirements with respect to its subsidiaries.

The Audit Committee shall review the financial statements including particulars of investments made by all the unlisted subsidiary companies.

The Company shall have a system of placing the minutes of the Board/ Audit Committee and statements of all the significant transactions/ developments of all the unlisted subsidiary companies at the Meeting of Board of Directors of the Company.

The policy for determining ‘material’ subsidiaries as approved by the Board may be accessed on the website of the Company i.e. https://www.iifl.com/investor-relations/corporate-governance.

Pursuant to the guidelines on Fair Practices Code issued by RBI , the Company has adopted a policy on Fair Practices Code which is posted on the website of the Company and is reviewed annually or as and when any amendments pursuant to change in the RBI guidelines required.

The Company’s internal audit is conducted as per the Annual Audit Plan approved by the Audit Committee. The scope of internal audit covers all aspects of business including regular front-end and back-end operations and internal compliances. It lays emphasis to check on process controls, measures undertaken by the Company to monitor risk and to check on leakages or frauds. The Company has invested in ensuring that its internal audit and control systems are adequate and commensurate with the nature of business, regulatory prescriptions and the size of its operations. The internal control system is supplemented by concurrent and internal audits, as well as special audits and regular reviews by the management. For Company-wide internal audits, the Company has distributed the audit of major businesses to separate top audit firms to have wider and heterogeneous verification approach and inputs, and derive larger value from the audit process. In this regard, the Company has in place global firm as Internal auditor for NBFC, HFC and MFI businesses.

The Company has put in place enhanced risk based supervision systems and ensures continuous monitoring. The Company has an internal team of audit professionals at its head office in Mumbai, supported by regional teams at zonal offices. The Company has in place separate internal audit teams dedicated for major business verticals i.e., NBFC, HFC and MFI. The internal team undertakes special situation audits and follows up on implementation of internal auditors’ recommendations and action taken reports. In addition, the Company complies with several specific audits mandated by regulatory authorities such as SEBI / Exchanges / Depositories, and the reports are periodically submitted to the regulators.

The Board/Audit Committee reviews the overall risk management framework and the adequacy of internal controls instituted by the management team. The Audit Committee reviews major instances of fraud on a quarterly basis and actions are taken on the same. It also focuses on the implementation of the necessary systems and controls to strengthen the system and prevent such recurrence. The internal processes have been designed to ensure adequate checks and balances, regulatory compliances at every stage. Internal audit team carries out a risk-based audit of these processes to provide assurance on the adequacy and effectiveness of internal controls for prevention, detection, reporting and remediation of frauds.

Pursuant to the guidelines the Company shall appoint a CRO with clearly specified role and responsibilities. Following are the terms of reference:

Appointment of CRO

• The CRO shall be a senior official in the hierarchy of the Company and shall possess adequate professional qualification/ experience in the area of risk management.
• The CRO shall be appointed for a fixed tenure with the approval of the Board.

Reporting Line

• CRO shall have direct reporting lines to the MD & CEO/ Risk Management Committee (RMC) of the Board.
• In case the CRO reports to the MD & CEO, the RMC/ Board shall meet the CRO without the presence of the MD & CEO, at least on a quarterly basis.
• The CRO shall not have any reporting relationship with the business verticals of the Company and shall not be given any business targets.
• There shall not be any ‘dual hatting’ i.e. the CRO shall not be given any other responsibility.

Role of CRO

• The CRO is required to function independently so as to ensure highest standards of risk management.
• The CRO shall be involved in the process of identification, measurement and mitigation of risks.
• All credit products (retail or wholesale) shall be vetted by the CRO from the angle of inherent and control risks.
• The CRO’s role in deciding credit proposals shall be limited to being an advisor.
• If the CRO is one of the decision makers in the credit sanction process, the CRO shall have voting power and all members who are part of the credit sanction process, shall individually and severally be liable for all the aspects, including risk perspective related to the credit proposal.

Responsibilities of CRO

• Setting the vision and strategy for the enterprise risk function and building a robust risk management framework and architecture for the company. Ensuring an effective risk management program is in place within the company, by establishing the framework for risk management activities and driving consistent standards across the organization and managing the enterprise wide risk.
• Identify various risk(s); assess enterprise effectiveness in managing these risks through appropriate internal controls; and build awareness of the business implications of such risk, and how to manage the same, as part of the leadership culture.
• Understand the business and evaluate, improve, and monitor it, including assisting in reporting to the Board and Board Committees and providing leadership in the effectiveness of credit risk management controls, systems, and processes across the organization.
• Responsible for ensuring the overall quality of the lending portfolio by planning and directing all aspects of risk including credit risk. Provide regular review and analysis of portfolio trends to detect deterioration in portfolio quality. This includes the monitoring and control of the portfolio by ensuring that all credit exposure is properly approved, reported and reviewed.
• Ensuring a system-wide view and understanding of the combined risks of the business and their inter-relationships (interest rate risk, liquidity risk, operating risk, credit risk, reputational risk, regulatory risk, IT risk etc).
• Partnering effectively with third parties, regulatory bodies and others, as appropriate and serving as a role model for high personal and corporate ethical values and standards of integrity.
• Establish and manage all departmental policies and procedures. Being abreast with the latest regulatory changes with respect to effective risk management to ensure compliance thereof.
• Design sustainable processes to mitigate various risk(s) by framing the breadth and depth of control testing, evaluating business operations, participating in the evaluation of new products and business opportunities, and providing aggregated and detailed reports on risk management in line with risk appetite and limits.

Removal of CRO

• The CRO can be transferred/ removed from his post before completion of the tenure only with the approval of the Board
• Any such premature transfer/ removal shall be reported to the Department of Non-Banking Supervision of the regional office of the RBI under whose jurisdiction the Company is registered.

In case the Company is listed, any change in incumbency of the CRO shall also be reported to the stock exchanges.

The Company expects its Directors, officers and other employees to act ethically at all times and to affirm compliance with the policy(ies), process(es) and code(s) adopted by the Company.

The Directors, senior management and other employees of the Company shall endeavor to avoid any conflict of interest in their dealing with / on behalf of the Company. Directors and senior management personnel of the Company shall ensure adequate disclosure relating to all material, financial and commercial transactions entered / proposed to be entered in to by the Company where they have personal interest that may have a potential conflict with the interest of the Company at large, in terms of the Act and the Listing Regulations.

Conflict of interest exists when benefits or interests of one person or entity conflict with the benefit or interests of the Company. If a Director has a potential conflict of interest in a matter under consideration by the Board or a Committee, such Director shall disclose his interest in accordance with the provisions of Applicable Laws and abstain from deliberations and voting on such matter as may be required in terms of the Act. A Director who is interested in any proposed transaction shall not exercise any influence over other Board/Committee Members in any manner whatsoever. Other employees must disclose the circumstances of any possible conflict of interest to his / her supervisor and the Management Committee, for determination about whether a potential or actual conflict exists. If an actual or potential conflict is determined, the Management Committee may take whatever corrective action appears appropriate according to the circumstances. Failure to disclose facts shall constitute grounds for disciplinary action.

Appointment

The CCO shall be appointed for a minimum fixed tenure of not less than 3 years. However, in exceptional cases, the Board / Board Committee may relax the minimum tenure by one year, provided appropriate succession planning is put in place;

Reporting line

The CCO shall have direct reporting lines to the MD & CEO and / or Board / Board Committee.

Responsibilities of Compliance Function –

Compliance Function shall be responsible for undertaking the following activities at the minimum:

• Assist the Board and the Senior Management in overseeing the implementation of Compliance Policy, including policies and procedures, prescriptions in Compliance Manuals, internal codes of conduct, etc.
• Play the central role in identifying the level of Compliance risk in the organisation. The Compliance risks in existing / new products and processes shall be analysed and appropriate risk mitigants put in place. The Chief Compliance Officer (CCO) shall be a member of the 'new product' committee/s. All new products shall be subjected to intensive monitoring for at least the first six months of introduction to ensure that the indicative parameters of Compliance risk are adequately monitored.
• Compliance Function shall monitor and test Compliance by performing sufficient and representative Compliance testing, and the results of such Compliance testing shall be reported to the Senior Management. It shall periodically circulate the instances of compliance failures among staff, along with the required preventive instructions. Staff accountability shall be examined for major Compliance failures.
• Ensure compliance of regulatory/ supervisory directions given by RBI in both letter and spirit in a time-bound and sustainable manner. RBI will continue to expect an effective Compliance Program where all Risk Mitigation Plan (RMP) / Monitorable Action Plan (MAP) points are complied with within the timelines prescribed. Unsatisfactory compliance with RMP/MAP may invite penal action from RBI.
• Attend to compliance with directions from other regulators in cases where the activities of the entity are not limited to the regulation/supervision of RBI. Further, discomfort conveyed to the NBFC on any issue by other regulators, and action taken by any other authorities / law enforcement agencies, shall be brought to the notice of RBI.
• The Compliance Department may also serve as a reference point for the staff from operational departments for seeking clarifications / interpretation of various regulatory and statutory guidelines.
• The CCO shall be the nodal point of contact between the NBFC and the regulators / supervisors and shall necessarily be a participant in the structured or other regular discussions held with RBI. Further, compliance to RBI inspection reports shall be communicated to RBI necessarily through the office of the Compliance Function.
• In some NBFCs, there may be separate departments / divisions looking after compliance with different statutory and other requirements. In such cases, the departments concerned shall hold the prime responsibility for their respective areas, which shall be clearly outlined. Adherence to applicable statutory provisions and regulations is the responsibility of each staff member. However, the Compliance Function would need to ensure overall oversight.

Statutory Auditors

The Board and the Audit Committee of the Company shall be responsible for appointment of Statutory auditors who have professional ability and are independent. Further the Company shall rotate the partner/s of the Chartered Accountant firm conducting the audit, every three years so that same partner shall not conduct audit of the company continuously for more than a period of three years. However, the partner so rotated shall be eligible for conducting the audit of the Company after an interval of three years, if the Company, so decides. The Company shall incorporate appropriate terms in the letter of appointment of the firm of auditors and ensure its compliance.

As per RBI guidelines, NBFC shall appoint the SAs for a continuous period of three (3) years, subject to the firms satisfying the eligibility norms each year and the approval of the ACB and Board.

Internal Auditors

The Board and the Audit Committee of the Company shall appoint Internal Auditors who shall perform independent and objective assessment of the internal controls, processes and procedures instituted by the management and accordingly monitor its adequacy and effectiveness. Internal Auditor shall directly report to Audit Committee.

Secretarial Auditors

The Board and Audit Committee shall appoint an independent company secretary in practice, in accordance with the provision of the Act to conduct a secretarial audit of the Company for every financial year. The Secretarial Auditor shall provide its report in the form and manner prescribed under the Act. The Secretarial Audit report shall be placed before the Board for its noting and records and the same be annexed to the Board’s Report which shall be circulated to the members of the Company in accordance with the Act.

Disclosures & Transparency

a) The Company shall update the Board of Directors through the Risk Management Committee, on annual basis or such other frequency as decided by the Board, the following:

• The progress made in putting in place a progressive risk management system and risk management policy and strategy followed by the Company;
• Conformity with corporate governance standards viz., in composition of various committees, their role and functions, periodicity of the meetings and compliance with coverage and review functions, etc.

b) The following shall be disclosed in the Company’s Annual Financial Statements:

• registration/ licence/ authorisation, by whatever name called, obtained from other financial sector regulators;
• ratings assigned by credit rating agencies and migration of ratings during the year;
• penalties, if any, levied by any regulator;
• information namely, area, country of operation and joint venture partners with regard to Joint ventures and overseas subsidiaries and
• asset-liability profile, extent of financing of parent company products, NPAs and movement of NPAs, details of all off-balance sheet exposures, structured products issued by the Company as also securitization/ assignment transactions and other disclosures, as may be prescribed by RBI from time to time.

The Company shall make necessary disclosures to the Stock Exchanges, Regulatory Authorities as may be required under the applicable laws and policies of the Company. The disclosures shall be made through various methods i.e. by hosting the same on the website of the Company/Stock Exchanges, individual communication to the security holders, annual financial statements, press release and any other permitted methods etc

The Company, in line with the requirement of the Companies Act, 2013, the guidelines issued by the Reserve Bank of India and others acts, rules, and regulations applicable to the Company, has framed and adopted codes and policies which shall form part and parcel of the overall corporate governance framework of the Company. These policies are reviewed and updated at regular intervals based as per statutory requirement or on modification or amendments of various acts, rules, regulations, statues applicable to the Company. An indicative list of such policies is as under:

1. Fair Practices Code
2. Exposure Policy
3. KYC & AML Policy & KYC Documentation Policy
4. Policy on Fit and Proper determination of Director
5. Policy on Demand Loan
6. Interest Rate Policy
7. Outsourcing Policy
8. Grievance Redressal Policy under RBI Directions
9. Treasury manual (which consist of Borrowing Policy, Resource Planning Policy, Inter Company Deposit- Demand and Call policy, ALM Policy, Investment Policy, Risk Management Policy).
10. NPA Provisioning Policy)
11. Anti Corruption Policy
12. Information Technology Policies
13. Code of conduct for employee and Insiders
14. Policy on Preservation of Documents/Archival Policy
15. Nomination & Remuneration Policy
16. CSR Policy
17. Vigil Mechanism/whistle blower Policy
18. Policy on Related Party Transaction
19. Dividend Distribution Policy
20. Policy on determining Material Subsidiary
21. Board Diversity Policy
22. Policy on Material Litigation
23. Policy for determination of Materiality of information or events

The Annual Report of the Company shall contain a separate section on Corporate Governance stating the measures / activities undertaken by the Company as a part of its efforts towards good corporate governance.

The Company Secretary shall be Compliance Officer of the Company

The Board may review the Corporate Governance framework from time to time as may be required. Changes, if any, shall be effective only upon approval by the Board. Any other regulatory changes shall stand updated in the policy from time to time.