A policy on policies: Guide to writing corporate policies

finserv@vinodkothari.com | corplaw@vinodkothari.com

Why Policies:

  • Policies have become a regulatory necessity in many cases. The Companies Act and Listing regulations require several policies: for example, nomination and remuneration policy, CSR policy, whistle blower policy, policy for determination of material subsidiary etc.
  • The RBI’s regulations require policies every now and then – an indicative list of policies needed by NBFCs (for base layer and middle layer) is here
  • RBI regulations for banks require an even larger list of policies. An indicative list of policies for banks can be accessed here.
  • To conclude: policies are needed for companies in many respects/fields.

What’s the policy behind policies:

  • What does a policy intend to do? Policy is a guidance for action. Regulation lays permissible area, defining what is doable and what is not doable. Policies try to define the Company’s approach to play within that space permitted by regulation.
  • Policy provides a methodical approach to doing what is permissible, such that the choices or actions of the Company within the regulatory space are not completely rudderless, discretionary or lacking a method or guidance.
  • Policy should be distinguished from operating manuals or standard operating procedures (SOPs). If policy is about “what”, SOPs are about “how to”. SOPs are procedural in nature, laying down internal processes, defining roles, responsibilities, owners, checkers, documentation, etc.
  • Given the distinction between policies and SOPs, if there is a question of making a choice between various options available, or question of principle or approach to doing things, such content is more appropriately contained in policy, rather than SOPs.

Some essential features of policies

  • Policy is not a statement of regulations. Statute or Regulations lay down what is permitted and what is not. There is no point in the policy stating the regulation. If the policy intends to serve as a single point source of reference, it may repeat the regulation, but in that case, the policy should do so in a manner so as to make the regulation better explained, or better presented, adding details where needed. Skeletally reproducing regulation does not, by itself, add value.
  • Who has to frame or approve the Policy? That mostly depends on either the regulation, or, if regulation is silent, on the gravity of the matter. The highest policy making organ in a company is the company’s board of directors. Hence, by default, the board should be making policy decisions. However, if there is a delegation of power by the Board, or otherwise, looking at the nature of the matter, there is a committee or management committee who should be framing/approving policies.
  • Some policies are on the public domain; some are a matter of indoor management. Particularly, if the policies concern public dealings, dealings with external parties, the policies should appropriately be in public domain.
  • Policies are not product notes or minutes of any particular decision. Policies are a broader framework within which subsequent operating decisions, product decisions or management decisions are made.
  • Since policies indicate the making of choices, a policy should be broad and flexible. The extent of flexibility in a policy is a matter of balancing – it should not be too broad to lose its value as a reference point; it should not be too narrow so as not to allow a space for movements, a space for more decisions within the policy, etc. 
  • Are policies static pieces which remain fixed on the wall like antiques? Surely not. Policies need to remain relevant and contemporary. Therefore, policies should be reviewed periodically. Frequency of review will depend on the nature of the policy and the field it covers. Review does not necessarily mean there is a change in the policy – a review exercise may lead to conclusion that the policy does not require any change.
  • Generally a policy is revised or revisited by the body that made it, unless the power to revise it has been delegated. Once again, delegation should also be within limits, as unfettered delegation may simply bely the authority of the body approving the policy in the first place.

Minimum Content of Policies

Any policy should, at a minimum, incorporate the following:

  • Authority framing and approving the policy
  • Date of approval and subsequent modifications
  • Definition section: This section will define the important terminologies used in the policy.
  • Relevant functions or departments responsible for implementing the policy.
  • Context/Purpose/Background of the Policy:
    • If it is arising from any law/regulation, a reference should be made to the same. A brief synopsis of the requirement should be provided.
  • Expected content of the policy as provided by the regulations: For example, the regulations may specify what the policy must encompass.
  • Company’s general approach towards the matter covered by the policy:
  • Reference should be made to any other policy to which this policy correlates.
  • The policy should cover the general objectives desired to be achieved, and how the policy seeks to achieve the same.
  • The policy should be as generic and permissive as possible.
  • Specific authority or person responsible for a particular task.
  • Governance structure:
    • How the implementation and intent of the policy will be carried out.
    • Delegation matrix should also be specified.
  • Feedback process:
    • How will feedback regarding implementation be collected?
    • How will this feedback be utilized?
  • Amendment:
    • Substantive or basic amendments should be placed before the body approving the policy, but technical amendments may be done by a delegated authority.
  • Review of Policy:
    • The frequency and authority responsible for the review should be specified.
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *