Stakeholder Engagement and Enterprise Risk Management

TCS engages with a broad spectrum of stakeholders, to deepen its insights into their needs and expectations, and to develop sustainable strategies for the short, medium and long term. Stakeholder engagement also helps to manage risks and opportunities in business operations. The key stakeholders identified in consultation with the company’s management are: customers, employees, shareholders, academic institutions, head-hunters, staffing firms, other suppliers, partners and collaborators, industry bodies, governments, NGOs, local communities, regulators and society at large.

Some other stakeholders that TCS closely engages with – such as industry analysts, equity analysts, and the news media –are proxies for other named stakeholders – i.e. customers, shareholders, and society at large, respectively. Stakeholder interactions might be structured (e.g. surveys, account statements) or unstructured (town halls, 1x1 meetings). Based on mutual convenience and need, the engagement maybe scheduled as needed, or pre-scheduled on a periodic basis (fortnightly/ monthly/ quarterly/ annual) or continuous (e.g. website, social media).

TCS conducts annual materiality assessments to update the list of material topics. The key elements of that assessment include:

Key Elements

Stakeholder interactions

To identify a broad funnel of issues important to each of the constituencies. The Company’s Sustainability Council uses discussions with internal and external stakeholders, as well as its own judgment, to prioritize and arrive at a list of material topics with significant economic, environmental, or social impacts on TCS’ business, reputation, and operations.

Key Elements

Sustainability context and value chain

The company looks at the role of TCS in wider sustainability issues, the impact the company has through its customer engagements and its operations, and the role that the company experts play in professional associations, industry forums and other thought leadership activities to address important issues raised by stakeholders.

Enterprise Risk Management

TCS understands the importance of effectively managing and mitigating risks to protect the Company’s business and its clients and to add value for all its stakeholders. Based on the Risk Management Policy approved by the Board, the Company follows a comprehensive enterprise risk management framework (based on best practices from COSO 2017 and ISO 31000:2018) that encompasses risk identification, risk assessment, risk response planning and actions, risk monitoring and overall risk governance. TCS fosters a risk-aware culture, empowering leaders to take intelligent risks to maximize value. Regular risk reviews, assessments, and scenario planning help anticipate challenges and develop mitigation plans. Key risk indicators and control indicators are used to assess risks, provide early warnings, and consider effectiveness of the mitigation actions, respectively. TCS engages with all stakeholders, including customers, employees, suppliers, partners and regulatory authorities, to ensure transparent and collaborative risk management practices. The focus remains on driving sustainable growth, fostering innovation, delivering value to its clients, employees, and shareholders, being resilient and enhancing its reputation.

TCS takes a holistic view of its enterprise risk profile, covering strategic, operational, compliance, financial and catastrophic risks, thus enabling informed decision-making. Risks are assessed and managed at various levels with a top-down and bottom-up approach across the enterprise, business units, geographies, corporate functions, customer relationships and individual projects.

By proactively managing and mitigating these risks, TCS aims to ensure the long-term sustainability and success of the Company. TCS is confident that its robust risk management initiatives, coupled with its commitment to innovation and excellence, will enable the Company to navigate the challenges of the IT industry and global environment, and capitalize on the opportunities that lie ahead.

While the Company tracks various risks to the business, listed below are some of the key risks (R) and opportunities (O), anticipated impact on the Company and mitigation strategies.

Expand All

Risk: The volatility of geo-political events and macroeconomic changes, like wars, adverse trade policies and continuing high inflation in major economies can impact client spending and also squeeze liquidity. TCS’ clients’ business outlook could be affected and in turn result in demand uncertainty for TCS’ services, and an increase in TCS’ cost of doing business. Risks to service delivery, business continuity, cybersecurity, sanctions compliance and human rights in geo-politically sensitive zones may increase costs and impact revenue growth.

Mitigation: Broad-based business mix with diversified focus across geographies and industry verticals and targeting CXO business in addition to CIOs aid in balancing the risk impact. Active monitoring of the changing geo-political landscape, ensuring business continuity plans and strengthening internal controls against secondary risks continue.

Risk: The global delivery model requires the mobility of the Company’s skilled professionals across the globe, and any regulatory restrictions in key markets can pose a threat. This may also have an impact on the cost of doing business and client project delays.

Mitigation: Promoting usage of Location Independent Agile^TM model with increased collaboration, material reduction in dependency on work visas through increased hiring of local talent and promoting local talent building in STEM areas helps to minimize this risk.

Risk: In a knowledge industry, growth is dependent on the ability to attract, develop, inspire, and retain talent. New emerging technology areas also require niche skill sets, and talent scarcity in the industry may result in attrition in these areas.

Mitigation: Huge investments in talent development with the focus of re-skilling programs to adapt to new and emerging technologies have been made and which will continue at a rapid pace. Expanding business delivery centres to tier-2/tier-3 cities in India to enable leveraging local talent supply and diversification also aids in addressing the talent risk. Investments are also made in branding, STEM/goIT programs and campus engagements in global markets, to improve local hiring and retention.

Risk: With new consumer patterns/behaviour unfolding, industries are evolving their business models. Some customers and segments may see restructuring initiatives, to adapt to newer markets, competition, mergers/acquisition, regulatory drivers and enhance efficiencies to create new business opportunities. This may result in an impact on the current services being provided.

Mitigation: Scanning future industry outlook for both business & technology for trends, capabilities & solutions, and providing pro-active, agile responses to drive transformation for the customer using differentiated offerings.

Opportunity: Technology enabled business model innovation for clients, driving value for clients in their business transformation journey.

Risk: Volatility in TCS’ functional currency (INR) against major currencies may cause fluctuation in the reported revenue, profitability/margins, which may impact stakeholder perceptions of the underlying business momentum and profitability.

Mitigation: To limit the impact of short-term exchange volatility, the currency hedging policy aligned with best practices is in place. Hedging strategies are guided and monitored by the Risk Management Committee of the Board. Management commentary is based on constant currency for better stakeholder understanding of business performance.

Risk: Risks of cyber-attacks are on a constant rise and evolving quickly with far-reaching consequences. Attacks may emerge due to geo-political events, pandemic themed cyber threats etc. Security breaches could result in reputational damage, penalties, and legal and financial liabilities along with impact on business operations.

Mitigation: Investments in state-of-the-art security operations centre with automated playbooks; continued reinforcement of stringent security policies, procedures and controls (ISO 27001 certified), enterprise-wide training/awareness programs and communication with internal and external audits. Use of advanced AI/ML based tools to detect and prevent incursions with advanced quarantine capabilities, including perimeter security controls with enhanced internal vulnerability detection, data leak prevention tools, incident management and recovery process, red/purple teaming, “breach and attack” simulations in compliance with industry best practices are implemented. Close collaboration with Computer Emergency Response Team (CERT) and other private cyber intelligence agencies help to stay ahead of the curve.

Opportunity: It is imperative for all enterprises to create robust and proactive cyber resilience strategies to address increasing threats. This presents opportunities for TCS to modernize security operations, transform and uplift cyber defense & cyber offense, invest in GenAI and Cloud security offerings and de-risk future quantum computer-based attacks for its customers.

Risk: TCS’ global nature of operations requires it to be compliant with various privacy legislations like GDPR, DPDPA etc. carrying severe consequences for violations and data breaches. Privacy risks have increased with AI adoption getting democratized with the latest tools. Any violations or data breaches can have an impact on the Company’s business operations and its brand with material liabilities.

Mitigation: The global privacy policy supported by the Privacy governance framework PriVACE, organization structure with a Global Privacy Office and Geography level DPOs, embedding ‘Privacy by design’ in TCS’ solution/service delivery, risk based due diligence on third parties, data protection controls and audits across all its areas of operation ensure the risk is minimized. Keeping up to date with regulatory changes, training and awareness for all stakeholders and strong governance at regional and enterprise level has continuous focus.

Opportunity: Enterprises, increasing their investments in enhancing Data Privacy, opens a fast-growing business opportunity for TCS.

Risk: TCS’ global nature of operations requires it to comply with ever-evolving, complex regulatory requirements across multiple jurisdictions & compliance areas. Failure to comply can result in penalties, reputational damage, and criminal prosecution.

Mitigation: A centralised program for horizon scanning of all regulatory changes, combined with an enterprise-wide regulatory compliance framework for adoption into policies, processes and controls ensure compliance with all regulatory obligations. Continued focus on fostering an ethical and compliance culture, with governance at board, executive and management levels through quarterly declarations, risk assessments and audits enable the Company to stay compliant in an ever-changing environment.

Opportunity: Enterprises need to invest in compliance programs to keep up with evolving regulations in their sector or geography. TCS provides Governance, Risk and Compliance (GRC) services and offerings to enterprises in various industry compliance domains, especially regulated industries.

Risk: Risk of infringement of IP of customers, suppliers, partners and alliance organizations by TCS associates may lead to potential liabilities, increased litigation and reputation impact. Also, inadequate protection of TCS’ IP may lead to potential loss of ownership rights, revenue and value.

Mitigation: An industry leading IP Management Framework with processes, contractual and operational controls and tools to prevent and detect risks of IP infringement has been established, with a well-defined (software) asset lifecycle governance framework ensuring that TCS products are safe to create, safe to protect and safe to use. Employee level key controls include employee confidentiality agreement, training and awareness for IP protection and prevention of IP contamination and infringement.

Risk: With globally distributed operations, the Company faces physical risks to life and property due to extreme weather events; transition risks resulting from disruptions in the market and emerging regulations; disruptions to operations due to water scarcity; risks of inadvertent non-compliance to emerging regulatory requirements, impacting health and safety in local communities and business disruption. All of these could affect TCS’ growth, profitability and reputation.

Mitigation: TCS’ Delivery centers are designed to withstand extreme weather events, with Business continuity plans tested periodically to ensure effectiveness. Investments in Green office buildings, green IT, use of renewable energy, reduction in carbon footprint & focus on waste management with circular economy principles are being done. Water management through upgradation of water infrastructure, controls to minimize freshwater consumption, sewage treatment, recycling of treated water, and rainwater harvesting. Focus on Supply chain sustainability with responsible sourcing, sustainability assessments, training and awareness for all stakeholders. Associate engagement on environmental awareness including initiatives like TCS Circle4Life™ are done round the year.

Opportunity: Growing commitment by enterprises to reduce carbon footprint and regulatory requirements open new opportunities for TCS to provide business led technology solutions. TCS products and solutions such as TCS Clever Energy™, Envirozone™, ESG integration solution help accelerate customers’ sustainability journeys.

Risk: Litigation risks might arise from commercial disputes, alleged violation of IPR, personal data/information breach incidents/ claims and employment related matters. The Company’s rising profile and scale also makes it an attractive target for meritless lawsuits. These lead to reputation risk, legal expenses and adverse rulings can result in substantive damage.

Mitigation: Strong processes, controls and governance for compliance to contractual obligations, information security, IP policy and immigration. Strengthened the team of in-house counsels in all major geographies and a network of reputed global law firms in countries TCS operates. Arbitration has been included as a dispute resolution mechanism as against court trials and waivers of jury trial, particularly in the US Geography.

Risk: Technology disruption is happening at an unprecedented pace. Inadequate guardrails and governance to address inherent risks of use of emerging technology can cause significant quality, security, IP and ethical concerns. GenAI technologies could disrupt existing software development methods, causing unrealistic market expectations in the short term, impacting TCS’ value proposition.

Mitigation: Investments in large-scale re-skilling of TCS associates on AI and other new technologies are progressing well. Innovation in frameworks, methods, guardrails to address risks, investments in the required infrastructure and safe environments are being made. Investments in research and capabilities to devise new software development methods leveraging AI are being made. TCS is working with standards and regulatory bodies for safe use of new technology.

Opportunity: Leveraging new & emerging technology to design technology and industry specific offerings, to reimagine customer experience, improve productivity and bring significant transformation in TCS’ customer organizations.

Contact

TCS is here to make a difference through technology.

We deliver excellence and create value for customers and communities.

Extraordinary expertise leads to remarkable results.

Want to be a global change-maker? Join our team.

Find the latest news about TCS in our Newsroom

Recent Press releases

Recent News

Recent recognitions

Upcoming events

TCS works hand in hand with world-leading investors.

Global knowledge. Local support

TCS is here to make a difference through technology.

We deliver excellence and create value for customers and communities.

Extraordinary expertise leads to remarkable results.

Want to be a global change-maker? Join our team.

Find the latest news about TCS in our Newsroom

Recent Press releases

Recent News

Recent recognitions

Upcoming events

TCS works hand in hand with world-leading investors.

Global knowledge. Local support

Stakeholder Engagement and Enterprise Risk Management

Key Elements

Key Elements

Enterprise Risk Management

Volatile global, political and economic environment (R)

Restrictions on global mobility, location strategies (R)

Ability to attract and retain top talent; short supply of emerging technical skills (R)

Business model changes in customer environment (R & O)

Currency volatility (R)

Cyber Attacks (R & O)

Data protection and privacy compliance (R & O)

8)Non-compliance with complex and changing global regulations (R & O)

Intellectual Property (IP) infringement and leakage (R)

Sustainability Risks – Climate change and Environmental aspects (R & O)

Litigation risks (R)

Disruptive Technologies (R & O)

Subscribe to our investor updates

Learn more about TCS

TCS is here to make a difference through technology.

We deliver excellence and create value for customers and communities.

Extraordinary expertise leads to remarkable results.

Want to be a global change-maker? Join our team.

Find the latest news about TCS in our Newsroom

Recent Press releases

Recent News

Recent recognitions

Upcoming events

TCS works hand in hand with world-leading investors.

Global knowledge. Local support

Key Elements

Key Elements

Enterprise Risk Management​

Volatile global, political and economic environment (R)

Restrictions on global mobility, location strategies (R)

Ability to attract and retain top talent; short supply of emerging technical skills (R)

Business model changes in customer environment (R & O)

Currency volatility (R)

Cyber Attacks (R & O)

Data protection and privacy compliance (R & O)

8)Non-compliance with complex and changing global regulations (R & O)

Intellectual Property (IP) infringement and leakage (R)

Sustainability Risks – Climate change and Environmental aspects (R & O)

Litigation risks (R)

Disruptive Technologies (R & O)

Subscribe to our investor updates

Learn more about TCS

Accessibility Adjustments

Enterprise Risk Management