RISK MANAGEMENT FRAMEWORK
As our efforts are directed towards achieving long-term growth,
we understand the need for proactive risk identification and management, that is crucial for
sustaining exceptional growth and achieving our strategic vision and devised several
strategies that align with our overall goals.
We operate under an approved Enterprise Risk Management Policy
which is meticulously designed to assess the state of our business risks effectively. The
management team identifies, evaluates, manages and reports risks and the associated
opportunities. We secure sustainable value for all our stakeholders through effective risk
identification and its prompt mitigation.
The approach of our integrated quantitative risk analysis in day-to-day
activities and performance management of the Company allows us to proactively address
potential risks and capitalise on the growing opportunities in the sector and also guides
our corporate decision-making. While ensuring continuous operations and sufficient
liquidity, our focus has also been on safeguarding our supply chains, customers and the
communities we operate within.
Key Risks
R1
Talent Management – Recruitment and Retention
Risk definition
- There has been an increase in demand for skilled
talent in the industry, leading to dearth of talent for skilled
professionals
- Loss of talent to competitor and inability to
ensure optimal staffing levels may lead to operational/delivery issues
Risk drivers
- Development of identified successors
- Identification of talent pool
- Engaging and developing talent
- Adequate rewards for talent
Implication for value creation
- Loss of talent to competition
- Knowledge and skill gap
- Loss of intellectual capital
- Missed opportunities and stagnation
- Disruption of operations
- Company’s information moves out with talent
loss to
competition
Mitigating controls
- Talent Management process developed and implemented
- Critical positions identified
- Successors identified and development plan for
them
is in progress
- Established a talent readiness assessment
framework
- Process automation initiated to reduce
dependability
R2
Information and Cyber Security Risk: Cyber Attacks/ Cyber
Security Threats, Vulnerability Management & Application Security and Inadequate
Data Governance Procedures
Risk definition
- Cyber-attacks are a potential threat on the IT
resources, resulting in theft, damage or sabotage and disruption/loss
- Inadequate business continuity and disaster
recovery plans resulting in business disruption or delay in service
restoration in the event of IT disaster may lead to unavailability of
systems that are required for the normal functioning of the business
- Inability to generate/retain/retrieve information
timely, competition intelligence, dashboards, etc., due to sub-optimal
utilisation of systems, absence of effective document management system
and poor quality of data may hamper decision-making and operations
Risk drivers
- Limited resources and infrastructure
- Evolving threat landscape
- Inadequate security controls
- Lack of training and skills
- Inadequate plan testing and exercises
- Limited communication and awareness
- Incomplete documentation and document management
Implication for value creation
- Disruption in operations
- Regulatory consequences
- Damage of customer trust and reputation
- Financial loss
Mitigating controls
- Governance for ITSM, IT project management and
IT
incident management has been established
- The principle of ‘Secure by Design’ has been
integrated into all development activities
- A dedicated leadership within IT has been
formed to
strategically focus on cybersecurity, SAP and development projects
- A Cybersecurity Maturity Assessment was
conducted
and a three-year roadmap has been developed
- An AI-ML-based Endpoint Threat Detection &
Response
system has been implemented
- A robust system for managing privileged
accounts
has been established
- Vulnerability Management processes have been
put in
place, including assessments and penetration testing on critical
business applications and governance for Vulnerability Management
has
been implemented
- IT and cybersecurity policies have been revised
and
rolled out
- Regular cybersecurity awareness sessions and
phishing simulations have been conducted to enhance staff vigilance
and
resilience against evolving cyber threats, with staff receiving
interactive training
R3
Financial Performance Risk Affecting Margins
Risk definition
The Company may face a risk of inadequate gross margins on the products
manufactured and businesses/subsidiaries with low margins may lead to lower
EBITDA and PAT.
Risk drivers
- Market volatility
- Increase in cost of commodity prices
- Cost inflation
- Pricing pressure from the market
- Deterioration in operating efficiency
Implication for value creation
- Financial performance
- Competitive positioning
- Investor confidence
- Long-term sustainability
- Fluctuating EPS
Mitigating controls
- Enrich product mix for higher margins
- Innovative products introduction with better
efficiency to generate premium in the market
- Enhancement in volumes through campaigns and
awareness
- Penetration of untapped territories
- Debottlenecking of manufacturing capacities
- Conduct benchmarking exercise to control identify
and control leakage areas
- Enhanced governance via focussed teams to monitor
costs and Working Capital
- Focus on value engineering to make the products
cost competitive
R4
Delay in Commercialisation of New Technologies
Risk definition
In the product development cycle, the transition from the R&D phase to the
commercialisation phase may get delayed and the timeline for successfully
launching and monetising the technology may further be extended.
Risk drivers
- Complex regulatory requirements and intellectual
property rights
- Competitive landscape
- Ineffective targeting and segmentation
- Resource constraints
Implication for value creation
- Revenue loss
- Reputation damage
- Competitive disadvantage
- Loss of investor confidence
Mitigating controls
- Develop KPIs to accelerate new products to the
market
- Implement a robust intellectual property strategy
- Conduct pro-active market research and analysis
- Enhance technical expertise
R5
Rise in Procurement Cost and Heavy Dependence on Limited
Suppliers
Risk definition
There is a risk of potential increase in expenses related to sourcing
materials, goods or services, coupled with a high reliance on a limited
number of suppliers. This may limit the negotiation power of the Company and
further make it vulnerable to price fluctuations and supply disruption.
Risk drivers
- Supplier concentration
- Currency fluctuation
- Inflation
- Supply and demand imbalance
- Global commodity shortage
Mitigating controls
- Leveraged tools to track direct expenditure
- Strategic partnership with suppliers for key
purchase category
- Introducing alternate suppliers and category
management to keep track of overall spend
- Regular monitoring of raw material price index
to facilitate timely purchase decision
- Consistently evaluating negotiation tools; for
example – E Auction
- Sufficient stocking of key raw material(s)
- Hiring category experts for cost reductions
Implication for value creation
- Escalation of costs
- Limited negotiating power
- Higher exposure towards supply chain disruption
and subsequent delays
- Affecting production plan
Risk definition
The Company has subsidiaries in numerous geographies across North America,
EMEA and Asia Pacific and is exposed to risks on account of external factors
originating from geopolitical events which may adversely affect the
Company’s international operations.
Risk drivers
- Volatile international commodity prices
- Political instability/conflict/global power
shifts
- Regulatory changes/policy
uncertainty/protectionist policies
- Trade disputes and tariff barriers
- International sanctions and embargoes
- International financial turmoil
Implication for value creation
- Impairment of value of investments in
international subsidiaries
- International Go-To Market (GTM)/ expansion
decisions
- Disruption in supply chain and increase in
costs
- Abandoned, hold or cancelled projects and
orders
Mitigating controls
- Stringent governance oversight for high-risk
countries and for exports
- Diversified spread of international operations
and exports
- The Company has put in place, alternate
strategic sourcing options to minimise the impact
- Increased local sourcing share