In this section we will learn how we manage our risk. We categorize the customers according to the risk perceived to facilitate undertaking due diligence for the purpose of risk categorization. The customers are categorized under low risk, medium risk, and high risk during onboarding. This risk categorization is done every six months. Let us look at who are the high-risk customers in Varthana. Trusts, Society's borrower ITSIT for non-educational purposes, the borrowers having political exposure, PEPs, NRI status, banned organizations by various regulators, including co-borrower Garantor, non-face-to-face customers without Video KYC, and other account holder JS declared as fraud, fraud, willful defaulters, non-cooperative borrower chis, and red-flagged account holders. In the medium risk category, we have trusts or societies for educational purpose, self-employed and salaried customers in the informal sectors, where income is not reflecting in the bank statements, all borrower heirs not falling either in low or in high risk category, all student loans which are booked under cash salary program and loan amount exceeding 2 lakhs rupees and in the low risk we have customers whose income being reflected in bank statements self-employed professionals and salaried in the formal sector since there would be a consistent and verifiable source of income sole proprietors and student loan borrowers who are not included in medium risk category To prevent risk a full KYC exercise will be done every two years for high individuals and entities at least every ten years for low-risk and at least every eight years for medium-risk individuals and entities, taking into account whether and when customer due diligence measures have previously been undertaken and the adequacy of data obtained. Let us look at our responsibility in risk management. The sales team plays a foundational role in Varthana's risk management framework by gathering critical information at the point of onboarding. They are responsible for collecting complete and accurate data that helps categorize the customer into the correct risk level, whether low, medium, or high. Sales personnel must remain alert to red flags, including customers with a politically exposed person, PAP background, connections to offshore entities, or those presenting unclear or suspicious business profiles. Their interaction with customers also places them in a unique position to assist with periodic re-KYC by re-engaging customers when documentation updates are due, By staying vigilant and gathering accurate details, the sales team ensures early and effective risk categorization, helping prevent future compliance or credit issues. During the document review process the operations team is responsible for assigning the appropriate risk category to each customer based on defined parameters and the nature of the application They must also ensure that customer records are accurate complete and updated regularly to support ongoing risk reviews and audits The operations team must remain alert to missing KYC documents, outdated data, or inconsistencies that could impact compliance or risk profiling. The credit team leads the risk profiling process at Vartana, ensuring that each customer is assessed thoroughly before loan approval. This involves reviewing financial statements, evaluating business models, and analyzing credit reports to determine the customer's repayment capacity and risk exposure. The team must actively flag red zone and cash transactions exceeding two lakhs. For customers identified as high risk, the credit team must recommend and apply enhanced due diligence measures, including additional documentation, background checks, or stricter approval controls. Their role is vital in identifying mismatches between declared information and actual risk indicators, ensuring that only reliable, transparent, and creditworthy customers are onboarded. The technical team contributes to Vardhana's risk management efforts by validating whether the assets or institutions linked to the loan justify the assigned risk classification. Their responsibilities include assessing the collateral risk, share feedback on shortcomings about the property and watch for marketability if the property The collections team plays a critical role in the post disbursement phase of risk management by monitoring repayment behaviour and identifying patterns that may signal increased risk They are responsible for initiating risk re-evaluation when irregularities in repayment are observed, such as inconsistent EMI payments, sudden overpayments, or changes in repayment mode. A key red flag is when repayments are made by third parties or proxies, which do not match the customer's original profile or financial behavior. Additionally, they must monitor for bounce patterns, repeated delays, or repayments coming from unexpected locations, which may suggest that the borrower is no longer in control of the account or may be attempting to conceal financial difficulties. Let us now look at the support team's responsibility in risk management. HR to vet employees in sensitive roles via background checks. Ensure declarations of conflict of interest. Compliance. Audit should review if customer risk classification. Aligns with onboarding data. Validate enhanced due diligence. EDD for high-risk customers. Ensure risk reassessment in re-KYC cycles. IT team must implement access control and encryption for sensitive customer data. Risk team should monitor abnormal fund flows internally, e.g. advance adjustments, third-party repayments, flag repeat cash-heavy refunds or irregular disbursements. Admin team should onboard vendors after due diligence. Marketing team should avoid targeting high-risk geographies or profiles unless explicitly approved. you