enhanced to include customers who are on boarded through various digital channels.
• evaluation of process adherence at branches: Branches across regions are reviewed against a checklist devised by the Operational Risk team to ensure adherence to branch processes. The team had visited 70% of the live branches as at March 2020 to review them on the defined parameters. the checklist is reviewed and enhanced every quarter to strengthen monitoring. With onset of COVID-19 and lockdown, and branch visits curtailed for the time being, the check list is being restructured to ensure that monitoring and review is not eased and can be done on a remote basis, based on reports derived from systems and through remote access and verification of registers.
• outsourcing risk: Progressive risk assessment of most material outsourced vendors (including legacy vendors) was completed during the year to ensure that these vendors comply with the minimum requirements prescribed by RBI. Detailed notes were recorded on the risk assessment done for each vendor through visits and were placed to ORMC/Board at quarterly intervals. All observations made by RBI in this connection in its Annual Financial Inspection (AFI) are complied with. The Bank has in place an outsourcing policy which provides guidance on outsourcing certain functions to specialized agencies for increasing efficiency and lower costs. ‘outsourcing’ is defined as the Bank's use of a third party (either an affiliated entity within the corporate group or an entity that is external to the corporate group) to perform activities on a continuing basis that would normally be undertaken by the Bank itself, now or in the future. The outsourcing policy is framed in compliance to various RBI guidelines on outsourcing issued from time to time. All vendors, deemed as material, are subjected to a rigorous pre on boarding risk assessment, done both by the Operational Risk team and the Information Security team and this is repeated at annual intervals. Renewal of outsourcing contracts are tracked by the Operational Risk Vertical. Intimation of due for renewal is sent to respective verticals at least 90 days prior to the date of renewal. Outsourcing done by the Bank is subjected to an annual audit by the Internal Audit team who provide the required compliance certificate to RBI.
• internal financial control (ifc) testing: This is an annual exercise and done by the Operational Risk team. The team along with concerned stakeholders prepare and enhance Risk & Control Matrixes (RCMs). thefinancialandoperationalcontrolsintheseRCMs are then put to test by collecting samples from across the review period and from different regions, and are then evaluated for success or failure of the control effectiveness. the critical gaps observed during such testing are discussed with concerned functions for upgrading controls which may include automation of the controls. The result of this evaluation is also presented to ORMC and RMC of Board to update them on effectiveness of the internal controls of the Bank,
and take guidance. This result is also shared with the Bank’s external auditor to provide insight on adequacy and effectiveness of the controls in the Bank. the IFC testing is also mandatory requirement as per Companies Act, 2013.
13.1.4. human resource Management
The Bank is continuously engaged in addressing people risk. The employee count at the year-end had reached 17,841. The Bank had on boarded 7,786 candidates during the year. The annualized attrition as at March 31, 2020 was 20.84%. Employees in the age band of 25 to 35 years were the highest in numbers.
Towards the end of the year, employees were reached out over phone in corporate and regions to enquire about their well-being and extend any support that they may require amidst the COVID-19 lockdown. This exercise will be undertaken at regular basis in the ensuing year using health declaration surveys on the Bank’s internal learning platform.
During the quarter, the Bank completed group health insurance enrolments with 97% of its employees opting for the same. The Bank has also negotiated a special COVID-19 insurance for its grade B and C employees.
The Bank provides rigorous training to its employees in its pursuit to develop bank related skill sets. The Bank had invested `7,566 per employee trained during the year32. The Bank has in place a detailed process and guidelines for training programs on a calendar based approach. Newly inducted employees are required to complete assigned induction programs as applicable for their role within 30 days of joining. During the year, the Bank has undertaken various training programs such as branch roll out trainings, employee induction, refresher programs, selling skills, up skills and other specialized training programs. The Bank updates its training content on various topics and areas in its SWAYAM app on a continuous basis. The Bank sponsors training programs for its employees working in critical areas/technically skilled jobs and to participate in programs conducted by renowned organizations such as College of Agriculture Banking (CAB), Indian Institute of Banking and Finance (IIBF), National Institute of Bank Management (NIBM) and others. During the quarter, the Bank had provided training to 17,775 employees in 1,441 batches.
13.1.5. information technology and security risk
The Bank, by virtue of its business, faces a plethora of information security risks. This was further exacerbated during the COVID-19 lockdown when the Bank implemented a Work from Home (WFH) policy and provided remote access to many of its employees. Provision of remote access, required enhanced monitoring to ensure that COVID-19 themed attacks were thwarted. Data security is central to the Bank and forms the core. The Bank believes that good security risk management is good business and has thus formulated an enterprise-wide Information Security Policy and Cyber
STATUTORY REPORTS
  129