Risk Management @ NPCI

The management of risks is core to NPCI's vision mission and objectives of ensuring safety, security and sustainability of national retail payment systems. Effective risk management is fundamental to being able to generate critical mass and optimum risk-reward and is thus considered to be the epicenter of decision making at NPCI. The risk management activities are carried out under the realm of enterprise risk management framework, with the objective of maximizing risk-adjusted returns while remaining within defined risk appetite and tolerance levels.

Risk Management: Governance & Framework

A comprehensive risk management process allows management to take risks in a controlled manner. In order to provide all-inclusive view of retail payment systems, risks and opportunities are assessed and identified in a seamless manner using elements of top-down and bottoms-up approach. As part of the risk management framework we use a set of principles that entails the risk management culture we wish to promote, preach and practice at NPCI.

  • Recognition - to identify any risk early on and take proactive steps before it gets out of hand
  • Improvisation - of new methods, techniques and tools to secure better monitoring, and providing for a feed-forward rather than a feed-back system
  • Segmentation - to address smaller systems and sub-systems individually so as to address their unique features while also being mindful of the systemic impact; and
  • Knowledge - to enable knowledge-based decisions in a knowledge-powered economy, resulting in scientifically-engineered and output-oriented action

Our risk management process is in place for timely identification and assessing of risks facing the organization, monitoring the trend and pattern of identified risks and finally mitigating the risks in analogy with the identified risk owners. NPCI has designed the Enterprise Risk Framework drawing guidance from regulatory guidelines of Reserve Bank of India, ISO 31000:2009 standard; COSO framework and guidelines from Bank for International Settlements. Additionally basis regulatory requirement NPCI is aligned with PFMI guidelines of applicable principles. This ensures that NPCI has effective systems and controls in place to identify; measure; monitor; manage and report risks arising in and across NPCI's operations, business and business enabling functions. Ultimately, the responsibility for setting our risk appetite and for proficient management of risks rests with the Board of Directors to provide overall risk management supervision. Board Committees are specifically entrusted to oversight on risk management. Committees that form part of Governance, Risk & Compliance include Risk Management Committee (RMC) of the Board & Internal Risk Management Committee for efficient governance.