A policy on policies: Guide to writing corporate policies

finserv@vinodkothari.com | corplaw@vinodkothari.com

Why Policies:

  • Policies have become a regulatory necessity in many cases. The Companies Act and Listing regulations require several policies: for example, nomination and remuneration policy, CSR policy, whistle blower policy, policy for determination of material subsidiary etc.
  • The RBI’s regulations require policies every now and then – an indicative list of policies needed by NBFCs (for base layer and middle layer) is here
  • RBI regulations for banks require an even larger list of policies. An indicative list of policies for banks can be accessed here.
  • To conclude: policies are needed for companies in many respects/fields.

What’s the policy behind policies:

  • What does a policy intend to do? Policy is a guidance for action. Regulation lays permissible area, defining what is doable and what is not doable. Policies try to define the Company’s approach to play within that space permitted by regulation.
  • Policy provides a methodical approach to doing what is permissible, such that the choices or actions of the Company within the regulatory space are not completely rudderless, discretionary or lacking a method or guidance.
  • Policy should be distinguished from operating manuals or standard operating procedures (SOPs). If policy is about “what”, SOPs are about “how to”. SOPs are procedural in nature, laying down internal processes, defining roles, responsibilities, owners, checkers, documentation, etc.
  • Given the distinction between policies and SOPs, if there is a question of making a choice between various options available, or question of principle or approach to doing things, such content is more appropriately contained in policy, rather than SOPs.

Some essential features of policies

  • Policy is not a statement of regulations. Statute or Regulations lay down what is permitted and what is not. There is no point in the policy stating the regulation. If the policy intends to serve as a single point source of reference, it may repeat the regulation, but in that case, the policy should do so in a manner so as to make the regulation better explained, or better presented, adding details where needed. Skeletally reproducing regulation does not, by itself, add value.
  • Who has to frame or approve the Policy? That mostly depends on either the regulation, or, if regulation is silent, on the gravity of the matter. The highest policy making organ in a company is the company’s board of directors. Hence, by default, the board should be making policy decisions. However, if there is a delegation of power by the Board, or otherwise, looking at the nature of the matter, there is a committee or management committee who should be framing/approving policies.
  • Some policies are on the public domain; some are a matter of indoor management. Particularly, if the policies concern public dealings, dealings with external parties, the policies should appropriately be in public domain.
  • Policies are not product notes or minutes of any particular decision. Policies are a broader framework within which subsequent operating decisions, product decisions or management decisions are made.
  • Since policies indicate the making of choices, a policy should be broad and flexible. The extent of flexibility in a policy is a matter of balancing – it should not be too broad to lose its value as a reference point; it should not be too narrow so as not to allow a space for movements, a space for more decisions within the policy, etc. 
  • Are policies static pieces which remain fixed on the wall like antiques? Surely not. Policies need to remain relevant and contemporary. Therefore, policies should be reviewed periodically. Frequency of review will depend on the nature of the policy and the field it covers. Review does not necessarily mean there is a change in the policy – a review exercise may lead to conclusion that the policy does not require any change.
  • Generally a policy is revised or revisited by the body that made it, unless the power to revise it has been delegated. Once again, delegation should also be within limits, as unfettered delegation may simply bely the authority of the body approving the policy in the first place.

Minimum Content of Policies

Any policy should, at a minimum, incorporate the following:

  • Authority framing and approving the policy
  • Date of approval and subsequent modifications
  • Definition section: This section will define the important terminologies used in the policy.
  • Relevant functions or departments responsible for implementing the policy.
  • Context/Purpose/Background of the Policy:
    • If it is arising from any law/regulation, a reference should be made to the same. A brief synopsis of the requirement should be provided.
  • Expected content of the policy as provided by the regulations: For example, the regulations may specify what the policy must encompass.
  • Company’s general approach towards the matter covered by the policy:
  • Reference should be made to any other policy to which this policy correlates.
  • The policy should cover the general objectives desired to be achieved, and how the policy seeks to achieve the same.
  • The policy should be as generic and permissive as possible.
  • Specific authority or person responsible for a particular task.
  • Governance structure:
    • How the implementation and intent of the policy will be carried out.
    • Delegation matrix should also be specified.
  • Feedback process:
    • How will feedback regarding implementation be collected?
    • How will this feedback be utilized?
  • Amendment:
    • Substantive or basic amendments should be placed before the body approving the policy, but technical amendments may be done by a delegated authority.
  • Review of Policy:
    • The frequency and authority responsible for the review should be specified.

Risk Management Function of NBFCs – A Need to Integrate Operational Risk Management & Resilience 

An examination of the RBI Guidance Note on Operational Risk Management and Resilience

Subhojit Shome & Archisman Bhattacharjee | finserv@vinodkothari.com

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download as PDF

Related articles –

12th Securitisation Summit

The who’s who of structured finance is joining the 12th edition of our flagship event, the Securitisation Summit on May 15, 2024, in Mumbai. Be shoulder-to-shoulder with leading originators, investors, lawyers, rating agencies, consultants, regulators, mediators, market makers, and everyone else who matters.

For details of the event and to book your seat, please visit our Summit page – HERE

Operation of Pre-sanctioned credit lines at Banks through UPI

Eliza Bahrainwala, Executive | eliza@vinodkothari.com

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download as PDF

Defaulters at will, and defaulters of size: RBI proposes new Directions

Middle and Upper Layer NBFCs also part of the system

Team Finserv, finserv@vinodkothari.com (updated as on March 30,2024)


The Reserve Bank of India on September 21, 2023 has issued the Draft Master Directions on Treatment of Wilful Defaulters and Large Defaulters (‘Proposed Directions’). The Directions, when finalized, will replace the existing Master circulars (referred below). The draft Directions are largely consolidating in nature, with some significant differences. Importantly, NBFCs of middle and upper layer have been brought into the framework, and additionally, as was clear from the recent circular on compromise/settlements, the tag of willful defaulter may be removed if the borrower does a compromise settlement with the lender. However, a mere sale of the loan will not cause removal of the tag, as the tag will pass on to the buyer. The draft Directions also assimilate the provisions about large defaulters, which was earlier a CIC filing requirement, and make it a part of these Directions.

Read more

Security Interest: Meaning, forms, registration, enforcement, and effects of non-registration

-Team Vinod Kothari and Company | resolution@vinodkothari.com

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download as PDF

Amended KYC norms: A move towards faceless KYC

RBI amends KYC norms to permit faceless KYC; beneficial owner of 10% or more to be subjected to KYC

– Anita Baid, Vice President | anita@vinodkothari.com

Recognising the increasing trend towards faceless lending, and the use of technology for customer due diligence, the RBI has made much-needed changes in the KYC process, permitting lenders to avoid any of physical interface with borrowers and rely on documents stored in Digilocker or other e-documents. Amendments, immediately effective, were made to the Master Direction – Know Your Customer (KYC) Direction, 2016 vide a notification dated April 28, 2023.

Watch our YouTube video on the topic here – https://www.youtube.com/live/Ewi4FW8G0xk?feature=share

The amendments in the KYC Directions are applicable to every entity regulated by the RBI, including but not limited to banks, cooperative banks, payment system providers, AIFIs  as well as NBFCs intend to achieve the following:

Read more

Classification of fraud and reporting

Should borrower be given an opportunity of being heard?

-Rhea Shah, Executive | rhea@vinodkothari.com


A recent ruling of the Supreme Court placed emphasis on the classification of an account as fraudulent and the consequences thereof. The ruling is in favour of incorporating the principles of natural justice during the process of declaring an account as fraudulent.

Fraud classification by banks and NBFCs is essentially guided by Master Directions on Frauds – Classification and Reporting by commercial banks and select FIs[1] and the Master Direction – Monitoring of Frauds in NBFCs (Reserve Bank) Directions, 2016[2], respectively (‘Fraud Directions’). However, there has been a certain extent of ambiguity as to the procedural aspects of the classification. While the basic purpose of such classification remains to ensure the early detection and reporting of a fraudulent transaction, it also entails significance in implementing a procedure that is fast and robust for the RBI to disseminate information regarding fraudulent borrowers and related parties.

Read more

Commercial Real Estate exposures: Lending risks and Regulatory focus

– Team Finserv | finserv@vinodkothari.com


Lending backed by value or liquidity of certain types of assets is regarded as sensitive sector exposure and calls for a special focus of the lending institution from a risk management perspective. Regulators view it with attention, for reasons of the vulnerability of these exposures to cyclical price changes, as also the contribution of such lending to asset bubbles and systemic instability. Capital market and commercial real estate lending are two instances. Lending to capital markets (equity shares) may cause an excess flow of liquidity into stocks, thereby creating an asset bubble. When the bubble bursts, lending goes bad, and of course with several other systemic implications. Same is the case with commercial real estate. Flow of easy or cheap money causes investor interest in CRE to build up, thereby causing prices to spiral up, resulting into asset bubble.

It is for this reason that CRE exposures have always been seen by regulators with concern.

Read more