RBI-Aligned | Stakeholder-Focused | Curated by A2I Legal
In an increasingly regulated financial ecosystem, strong governance is the foundation of a resilient NBFC. The Reserve Bank of India’s Framework places significant emphasis on structured oversight through specialised committees at the Board and Executive levels.
A2I Legal has curated this comprehensive Governance Committee Framework to provide Base Layer and Middle Layer NBFCs—as well as regulators, investors, lenders, and internal stakeholders—with a clear, transparent, and regulator-aligned view of the committees that drive effective governance, risk management, and consumer protection.
Governance Hierarchy
Board of Directors
Overall responsibility for governance, strategy, and regulatory compliance
⬇️
Board-Level Committees
Strategic oversight, independence, and regulatory supervision
- Risk Management Committee (RMC)
- Audit Committee
- Nomination & Remuneration Committee (NRC)
- IT Strategy Committee (ITSC)
- Special Committee of the Board for Monitoring & Follow-up of Frauds (SCBMF)
- Corporate Social Responsibility (CSR) Committee
- Review Committee (Willful Defaulters)
⬇️
Executive-Level Committees
Operational execution and continuous risk monitoring
- Asset Liability Management Committee (ALCO)
- Operational Risk Management Committee (ORMC) (where applicable)
- IT Steering Committee
- Information Security Committee (ISC)
- New Product Approval Committee
- Consumer Protection Committee
- Ethics Committee
- POSH Committee
- Identification Committee (Willful Defaulters)
About This Framework
Pursuant to the RBI Framework and Guidelines, NBFCs are required to establish governance mechanisms that ensure:
This framework, prepared by A2I Legal, presents a structured, simplified, and implementation-ready overview of all key committees applicable to Base Layer and Middle Layer NBFCs, making it suitable for publication on corporate websites for maximum stakeholder clarity and outreach.
Committees Applicable to NBFCs
🛡️ Risk Management Committee (RMC)
Applicability: Base Layer & Middle Layer
The Risk Management Committee constitutes a core pillar of an NBFC’s governance framework and may be constituted at either the Board level or the executive level; however, in line with best governance practices and regulatory expectations, it is preferably constituted at the Board level to ensure effective oversight and strategic risk supervision.
Key Functions:
- Board-level oversight of enterprise-wide risks
- Coverage of credit, liquidity, operational, strategic, reputational, and regulatory risks
- Alignment with RBI’s risk governance and SBR framework
- Oversight of stress testing, risk appetite, and mitigation strategies
- Supervision of the Operational Risk Management Committee (ORMC), where constituted
Primary Objective: To establish a proactive, integrated, and forward-looking risk management culture.
📊 Audit Committee
Applicability: Middle Layer
Constituted under Section 177 of the Companies Act, 2013, the Audit Committee safeguards financial discipline and transparency.
Key Functions:
- Oversight of financial statements and disclosures
- Review of internal and statutory audit reports
- Monitoring adequacy of internal controls
- Ensuring compliance with regulatory and accounting standards
Primary Objective: Ensure financial integrity, transparency, and accountability.
👥 Nomination & Remuneration Committee (NRC)
Applicability: Middle Layer
Formed under Section 178 of the Companies Act, 2013, the NRC ensures sound leadership governance.
Key Functions:
- Appointment and evaluation of Directors and KMPs
- Verification of “fit and proper” status
- Oversight of remuneration policies and performance linkage
- Succession planning
Primary Objective: Strengthen leadership quality, independence, and governance standards.
💰 Asset Liability Management Committee (ALCO)
Applicability:
- Base Layer NBFCs with asset size ≥ ₹100 crore
- All Middle Layer NBFCs
ALCO is central to balance-sheet and liquidity risk management.
Key Functions:
- Monitoring liquidity and interest rate risks
- Managing asset-liability mismatches
- Implementing Board-approved liquidity strategies
- Ensuring compliance with RBI’s Liquidity Risk Management (LRM) framework
Primary Objective: Maintain financial stability, funding resilience, and solvency strength.
💻 IT Strategy Committee (ITSC)
Applicability:
- Base Layer NBFCs with asset size ≥ ₹500 crore
- Middle Layer
A Board-level committee responsible for digital governance.
Key Functions:
- Strategic IT planning and governance
- Oversight of IT investments and architecture
- Monitoring IT, cyber, and technology risks
- Ensuring compliance with RBI IT and cyber security directions
Primary Objective: Enable secure, scalable, and compliant digital growth.
🔧 IT Steering Committee
Applicability: Middle Layer
An executive committee supporting the IT Strategy Committee.
Key Functions:
- Alignment of IT initiatives with business objectives
- Oversight of disaster recovery and business continuity
- Monitoring IT implementation and performance
- Periodic reporting to ITSC and senior management
Primary Objective: Translate IT strategy into effective execution.
🔐 Information Security Committee (ISC)
Applicability: Middle Layer
Headed from the risk management function with IT and business representation.
Key Functions:
- Monitoring cyber threats and security incidents
- Approval and review of information security policies
- Ensuring data protection and system resilience
- Periodic reporting to ITSC and CEO
Primary Objective: Protect data, systems, and digital assets.
🚀 New Product Approval Committee
Applicability: Recommended for all NBFCs at the time of introduction or launch of any new product or service, or material modification to an existing product or service.
Key Functions:
- Evaluation of new products and services
- Regulatory and compliance vetting
- Risk and consumer impact assessment
- Alignment with business strategy and RBI norms
Primary Objective: Ensure responsible, compliant, and sustainable product innovation.
🚨 Special Committee of the Board for Monitoring & Follow-up of Frauds (SCBMF)
Applicability:
- Base Layer NBFCs with asset size ≥ ₹500 crore
- Middle Layer
Key Functions:
- Oversight of fraud cases
- Monitoring corrective and preventive actions
- Ensuring timely regulatory reporting to RBI
Primary Objective: Strengthen fraud risk governance and accountability.
⚖️ POSH Committee
Applicability: Companies with 10 or more employees
Mandated under the Sexual Harassment of Women at Workplace Act, 2013.
Key Functions:
- Prevention and redressal of sexual harassment
- Conduct of inquiries
- Awareness and sensitisation initiatives
Primary Objective: Ensure a safe, inclusive, and compliant workplace.
🧭 Ethics Committee
Applicability: Governance best practice
Key Functions:
- Oversight of ethical standards and code of conduct
- Review of misconduct and whistleblower complaints
- Promotion of integrity and ethical behaviour
Primary Objective: Foster a culture of ethics and accountability.
🤝 Consumer Protection Committee
Applicability: Base Layer & Middle Layer
Key Functions:
- Oversight of grievance redressal mechanisms
- Monitoring consumer complaints
- Reduction of litigation and disputes
- Compliance with RBI consumer protection guidelines
Primary Objective: Enhance customer trust and fair treatment.
🌱 CSR Committee
Applicability:
The CSR Committee shall be constituted by an NBFC where the Company meets any one of the following criteria in the immediately preceding financial year:
- Net worth of ₹500 crore or more; or
- Turnover of ₹1,000 crore or more; or
- Net profit of ₹5 crore or more.
Once applicable, the Company shall continue to comply with the CSR requirements until it ceases to meet all of the above thresholds for three consecutive financial years, in accordance with the Companies Act, 2013 and the rules framed thereunder.
Key Functions:
- Formulation and monitoring of CSR policy
- Recommendation of CSR expenditure
- Oversight of CSR initiatives
Primary Objective: Promote responsible corporate citizenship.
📑 Identification Committee (Willful Defaulters)
Applicability: Middle Layer
Key Functions:
- Issuance of show-cause notices
- Examination of evidence
- Adherence to RBI’s due-process framework
Primary Objective: Ensure fair and transparent identification of willful defaulters.
🔍 Review Committee (Willful Defaulters)
Applicability: Middle Layer
Key Functions:
- Independent review of Identification Committee decisions
- Ensuring procedural fairness and confidentiality\
Primary Objective: Provide unbiased and independent decision-making.
Why This Governance Framework Matters
A well-structured committee framework enables NBFCs to:
- Strengthen governance and internal controls
- Achieve seamless regulatory compliance
- Enhance consumer and investor confidence
- Build long-term operational and financial resilience
How A2I Legal Supports NBFCs
- Identification of mandatory and governance-driven committees
- Drafting customised committee charters aligned with RBI and Companies Act
- Board-ready documentation in precise legal language
- Ongoing governance, risk, and regulatory advisory
A2I Legal doesn’t just help NBFCs comply — we help them lead with governance.
