Brickwork Ratings has put in place an outsourcing policy, based on SEBI circular
CIR/MIRSD/24/2011 December 15, 2011.
All Credit Rating Agencies are required to have an Outsourcing Policy as per the comprehensive
guidelines for outsourcing provided by SEBI, in a circular dated Dec 15, 2011, with a view to protect
the interests of investors in securities and to promote the development of, and to regulate the
securities market. This circular is available on SEBI website at www.sebi.gov.in under the categories
“Legal Framework” and “Circulars”.
The guidelines seek to mitigate the risks associated with outsourcing including operational risk,
reputational risk, legal risk, strategic risk, systemic risk, and others.
Statement of Purpose
This Outsourcing Policy is consistent with the “Guidelines on Outsourcing of Activities by
Intermediaries” issued by the Securities and Exchange Board of India (SEBI), and ensures that:
BWR renders at all times high standards of service and exercises due diligence and ensures proper
care in their operations.
BWR follows prudent and responsive practices on management of risks arising out of outsourcing
with a view to preventing negative systematic impact and to protect the interests of investors.
This policy document constitutes a policy framework, procedures, and restrictions, which will
govern all outsourcing activities carried out by Brickwork Ratings. This policy will provide guidance
to BWR in assessing the requirement of Outsourcing activities of BWR which are non-core in
nature and can be appropriately outsourced to third Parties.
For the purposes of this policy, the terms below shall have the following meanings:
- Outsourcing : The use of one or more than one third party – either, within or outside BWR group
(referring to BWR India Pvt Ltd and its subsidiaries and group companies) by BWR to perform the
activities associated with the credit ratings services on a continuous basis.
- Third Party : The entity to which an activity is outsourced by BWR.
- Regulator : Securities and Exchange Board of India (SEBI).
Applicability of the Policy
This policy shall be applicable to all outsourcing arrangements (as defined under this policy) entered
into by BWR with a third-party service provider.
Activities that cannot be outsourced
BWR will not outsource any of the below mentioned core business activities:
Activities within the credit ratings division that influence the decision of the management in the
process of offering services to clients
“Analytical” activities such as assignment of credit ratings; surveillance of assigned credit ratings;
and development of rating criteria
Activities that can be outsourced
Activities that are not “core” including business development, tele-calling for follow up of data or
fees, follow-up for sourcing data or other activities like Legal, Finance, IT, Admin, HR, and any other
activities that are not involved in delivering services to BWR clients, may be outsourced and shall be
covered under this policy guidelines.
Activities not considered as outsourcing
The below situations will not be considered as “outsourcing” and hence shall not be governed by this
Services of a Third Party engaged on a one-time basis
Hiring professionals as consultants to perform a part of an activity where such associates are fully
supervised by BWR employees and are provided BWR email IDs and work on BWR computer
Housekeeping, catering, cab/transport and other such services that are part of the facilities and
Risk Management practices for outsourced Services
- Risk Assessment
BWR shall conduct an assessment of outsourcing risk by considering the following:
- The impact on the financial, reputational, and operational performance of BWR owing to the
failure of a third party to adequately perform their service
- The backup arrangements by BWR to manage the work, in case of non-performance or failure
by a third party
- Regulatory status of the third party, including its fitness and probity status
- Any conflict of interest between BWR and the third party and the measures put in place by
BWR to address such potential conflicts
- Due Diligence of the Service Provider
BWR shall be fully liable and accountable for the activities that are being outsourced and ensures
that the rights of an investor or client are not impacted in any way. BWR shall conduct appropriate
due diligence in selecting and monitoring the third party, ensuring that outsourcing arrangements
neither diminish BWR’s ability to fulfil its obligations to customers and regulators, nor impede
effective supervision by the regulators.
- The Outsourcing Agreement
BWR will govern all outsourcing relationships through legally binding, standard contract
agreements. Contracts will clearly define the scope of work, expected service and performance
levels; and provide for confidentiality, mutual rights, obligations and responsibilities, liabilities,
termination clauses and allow for BWR to retain an appropriate level of control over the
outsourcing and the right to intervene with appropriate measures to meet legal and regulatory
- Confidentiality and Security
BWR shall take appropriate steps to ensure that third parties protect confidential information of
both BWR and its customers from intentional or inadvertent disclosure to unauthorised persons;
and do not in any way misuse or misappropriate such confidential information. BWR shall prevail
upon the third party to ensure that the employees of the third party have limited access to the
data handled and only on a “need to know” basis and the third party shall have adequate checks
and balances to ensure the same. Wherever the third-party acts as an outsourcing agent for
multiple CRAs, BWR shall ensure that strong safeguards are put in place by the third-party to
avoid co-mingling of information, documents, records and assets.
- Business Continuity and Management and Disaster Recovery Plan
BWR and its third parties shall establish and maintain contingency plans at the third party or at
BWR in the event of non-performance by the third party and ensure that third party maintains
appropriate IT security and robust disaster recovery capabilities.
- Conflict of Interest
BWR may use one of its group companies or subsidiaries as a third party, however for avoidance
of potential conflict of interests, systems shall be put in place to have an arm’s length distance
between BWR and the third party in terms of infrastructure, manpower, decision-making, record
keeping, etc., as well as risk management practices that are identical to those followed while
outsourcing to an unrelated party. Necessary disclosures in this regard shall be made to the
- Record Keeping
The records relating to all activities outsourced shall be preserved centrally so that the same is
readily accessible for review by the BWR Board and / or its senior management, as and when
needed. Such records shall be regularly updated and may also form part of the corporate
governance review by the management of the BWR.
BWR shall report to Financial Intelligence Unit (FIU) for any suspicious transactions / reports or
any other competent authority in respect of activities carried out by the third parties.
Monitoring and Review of Outsourced Activities
- A Committee consisting of the Compliance Officer and Finance Manager shall be the approving
authority for permitting any outsourcing activity and selection of Third Party. Any clarification
regarding the policy may be obtained from the Compliance Officer.
- Annual reviews by company auditors of the outsourcing policies, risk management system and
requirements of the regulator, shall be done to assess the third parties’ ability to continue to
meet its outsourcing obligations. This report shall be presented to the Board.
- The BWR Board shall ensure that all ongoing outsourcing decisions taken by BWR and the
activities undertaken by the relevant third-party, are in keeping with this policy. The Board may
mandate reviews of risk management system and requirements as stipulated by SEBI through
internal or external auditors, wherever felt necessary.
Date 07 September 2022