You're just a click away!
- Loan within 30 min
- Minimal Documentation
- A Quick, Secure & Transparent Process
OUTSOURCING POLICY
R.K. Bansal Finance Pvt. Ltd.
(This policy was reviewed and approved by the Board of Directors in the Board Meeting held on 21st April 2025.)
Document Details
| Particulars | Details |
|---|---|
| Title | Outsourcing Policy |
| Classification | Public |
| Approved Date | 20th March 2024 |
| Review Date | 21st April 2025 |
| Approved by | Board of Directors |
| Custodian | Operation |
1. Introduction
This policy shall be termed as the Outsourcing Policy for RK Bansal Finance Pvt. Ltd. (hereinafter referred to as the "Company"). The terms in this policy shall be considered as defined by the Reserve Bank of India (RBI) in Master Direction – Reserve Bank of India (Non-Banking Financial Company – Scale Based Regulation) Directions, 2023 dated 19th October 2023.
With the rapid growth in the financial services industry, Non-Banking Financial Companies (NBFCs) have increasingly outsourced various activities to third-party service providers or affiliated entities within a group. Outsourcing allows the Company to focus on core functions while leveraging external expertise for non-core activities. However, outsourcing also exposes the Company to various risks, including strategic, reputational, compliance, operational, legal, and systemic risks.
To mitigate these risks and ensure compliance with regulatory requirements, the Company has formulated this Outsourcing Policy, which is aligned with the RBI's guidelines on "Managing Risks and Code of Conduct in Outsourcing of Financial Services by NBFCs."
This policy was approved and reviewed by the Board of Directors of the Company on 21st April 2025 and shall be reviewed and amended periodically as required.
2. Objective of the Policy
The objective of this policy is to:
- Identify activities that may be outsourced and establish criteria for selecting service providers.
- Define the delegation of authority based on the risks, materiality, and complexity of the outsourced activities.
- Establish systems to monitor, review, and manage risks arising from outsourcing arrangements.
- Ensure compliance with applicable laws, regulations, and RBI guidelines.
3. Activities That Can Be Outsourced
The Company may outsource the following activities, subject to compliance with RBI guidelines:
- Sourcing/lead generation/recommendation of prospective borrowers.
- Loan application processing and document verification.
- Supervision and recovery of loans.
- Data processing and back-office operations.
- Recruitment, training, and background verification of personnel.
- Technology infrastructure management, maintenance, and support.
- Legal services, courier services, and housekeeping services.
The above list is indicative and not exhaustive. The Company may outsource other activities permissible under RBI guidelines.
4. Activities That Shall Not Be Outsourced
The Company shall not outsource its core management functions, including:
- Strategic decision-making and compliance functions.
- Internal audit functions (though internal auditors may be hired on a contract basis).
- Determining compliance with KYC norms and loan sanctioning decisions.
5. Material Outsourcing
Material outsourcing arrangements are those that, if disrupted, could significantly impact the Company's business operations, reputation, or profitability. Materiality shall be assessed based on:
- The significance of the activity to the Company's operations.
- The potential impact on earnings, solvency, liquidity, and risk profile.
- The cost of outsourcing as a proportion of total operating costs.
- The aggregate exposure to a single service provider.
- The impact on customer service and protection.
6. Risks Arising Out of Outsourcing
The Company shall evaluate and manage the following risks associated with outsourcing:
- Strategic Risk: Misalignment of the service provider's actions with the Company's goals.
- Reputation Risk: Poor service quality or customer interaction by the service provider.
- Compliance Risk: Non-compliance with legal and regulatory requirements.
- Operational Risk: Technology failures, fraud, or inadequate financial capacity of the service provider.
- Legal Risk: Fines or penalties due to the service provider's actions.
- Exit Strategy Risk: Over-reliance on a single service provider or prohibitive exit costs.
- Counterparty Risk: Inappropriate underwriting or credit assessments.
- Country Risk: Political, social, or legal risks in the service provider's jurisdiction.
- Concentration Risk: Overexposure to a single service provider.
7. Selection of Service Provider
The Company shall follow these principles for selecting service providers:
- Conduct due diligence to assess the service provider's capability, financial soundness, and reputation.
- Ensure compatibility of the service provider's systems and practices with the Company's requirements.
- Verify the service provider's security controls, audit coverage, and business continuity plans.
- Avoid conflicts of interest by ensuring that the service provider is not owned or controlled by the Company's directors or their relatives.
8. Role of the Board and Senior Management
8.1 Role of the Board:
- Approve the outsourcing policy and framework for risk evaluation.
- Define delegation of authority based on risks and materiality.
- Review outsourcing strategies and arrangements periodically.
8.2 Responsibilities of Senior Management:
- Evaluate risks and materiality of outsourcing arrangements.
- Develop and implement outsourcing policies and procedures.
- Ensure contingency plans and independent audits are in place.
- Communicate material outsourcing risks to the Board.
9. Outsourcing to Group Companies
The Company may outsource activities to group companies, provided:
- Arm's length distance is maintained in decision-making and resource sharing.
- Written agreements specify the scope of services, charges, and confidentiality clauses.
- Customers are informed about the entity offering the product/service.
10. Off-Shore Outsourcing
For off-shore outsourcing, the Company shall:
- Assess and monitor country risks, including political, social, and legal conditions.
- Ensure that original records are maintained in India and that RBI's supervisory access is not hindered.
11. Outsourcing Agreements
All outsourcing arrangements shall be governed by legally binding written agreements that include:
- Scope of services, performance levels, and confidentiality clauses.
- Rights to access books, records, and information.
- Termination clauses, dispute resolution mechanisms, and exit strategies.
- Provisions for RBI inspection and audit access.
12. Client Confidentiality & Security
The Company shall ensure that service providers:
- Protect customer information and limit access on a "need-to-know" basis.
- Isolate the Company's data from other clients.
- Report security breaches promptly.
13. Responsibilities of DSAs/DMAs/Recovery Agents
- DSAs/DMAs/recovery agents shall adhere to the Company's Fair Practices Code.
- They shall refrain from intimidation, harassment, or misleading representations.
14. Loans Sourced Through Digital Lending Platforms
- The Company shall disclose the names of digital lending platforms on its website.
- Sanction letters and loan agreements shall be issued on the Company's letterhead.
- Oversight and monitoring of digital lending platforms shall be ensured.
15. Business Continuity and Disaster Recovery
- Contingency plans shall be developed for each outsourcing arrangement.
- The Company shall retain control over outsourced activities to ensure business continuity.
16. Monitoring and Control
- Regular audits shall assess the adequacy of risk management practices.
- The financial and operational condition of service providers shall be reviewed annually.
17. Maintenance of Records
- Records of outsourced activities shall be preserved centrally and updated regularly.
- Half-yearly reviews shall be presented to the Board.
18. Grievance Redressal
- A Grievance Redressal Officer shall be appointed to address customer complaints.
- Complaints shall be resolved within 30 days.
19. Reporting Requirements
- The Company shall submit Currency Transaction Reports (CTRs) and Suspicious Transaction Reports (STRs) to the Financial Intelligence Unit (FIU) or other competent authorities.
20. Review of the Policy
This policy shall be reviewed periodically by the Board of Directors or as and when required.