EXHIBIT 10.1
Everything Blockchain, Inc.
Risk Committee Charter
April 22, 2022
Purpose of Risk Committee
The purpose of the Risk Committee of the Board of Directors (the “Board”) of Everything Blockchain, Inc. (EBI) is to assist the Board in its oversight of EBI’s management of broad strategic and operational risks including security, resilience and operational stability. The Risk Committee will also provide guidance regarding ongoing implementation of, and compliance with, the EBI products and services. Risk assessment, risk management and protection of EBI information assets are the responsibility of EBI’s management. The Risk Committee’s responsibility is one of oversight, review, and guidance, including setting the direction and scope of risk treatment strategies.
Risk Committee Membership
The Risk Committee shall be appointed by the Board Chairman and consist of no fewer than three members of the Board. The CEO shall also be a member of the Risk Committee.
Risk Committee Structure and Operations
The Chairman of the Board shall appoint one member of the Risk Committee as its chairperson. The Risk Committee shall meet at least twice a year.
The Risk Committee may meet with such members of management as it may deem desirable or appropriate.
The Risk Committee shall report to the Board after each of its meetings summarizing the Risk Committee’s actions and any significant issues considered by the Risk Committee.
Risk Committee Duties and Responsibilities
The following are the duties and responsibilities of the Risk Committee:
| 1. | Review and discuss with management EBI’s plans (as applicable) for any necessary legislative and regulatory compliance. |
|
|
|
| 2. | Recommend to the Board an initial risk appetite statement and risk tolerance levels for EBI as a governance control to measure EBI’s risk alignment and remediation needs. At least annually, the Committee will review the risk appetite statement and risk tolerance levels and provide any recommended changes to the Board. |
|
|
|
| 3. | Review and discuss with management EBI’s information assurance and cyber-security risk management strategy and management policies and controls, including any relevant regulatory requirements, and other relevant control frameworks and required resources needed to achieve such policies and controls. |
|
|
|
1 |
| 4. | Review and discuss with management EBI’s resilience risk management strategy and business continuity policies and controls. |
|
|
|
| 5. | Review and discuss with management EBI’s operational risk strategy and operational risk policies and controls for each operations area within EBI, including, without limitation, business risk, human resources risk (hiring, skills development) and strategic risk (brand, positioning, funding). |
|
|
|
| 6. | Review and discuss with management EBI’s physical risk strategy and associated risk policies and controls covering facilities security, personnel security as well as fire and life safety. |
|
|
|
| 7. | As, and when appropriate, receive reports from EBI’s management on the results of risk management reviews and assessments on internal controls (other than financial internal controls, which is reviewed by the Audit Committee). |
|
|
|
| 8. | Receive and review any significant actual or “near-miss” incidents related to any of the relevant risks. |
|
|
|
| 9. | Discharge any other duties or responsibilities delegated to the Committee by the Board from time to time. |
|
|
|
| 10. | Review and approve all related party transactions. |
In fulfilling its duties and responsibilities, the Risk Committee shall consider, among other things, the potential effect of any matter on EBI’s reputation.
Performance Evaluation
The Board shall conduct an annual performance evaluation of the Risk Committee, which evaluation shall, among other things, compare the performance of the Risk Committee with the requirements of this charter. The performance evaluation shall be conducted in such manner as the Board deems appropriate.
Review of Charter
The Risk Committee shall review the adequacy of this charter on at least an annual basis and shall recommend to the Board for its review any revisions the Risk Committee deems necessary or desirable.
Subject Matter Experts
The Risk Committee may, in its discretion, invite and/or retain outside experts as risk consultants to provide advice to the Risk Committee.
2 |