Career Opportunity at Standard Chartered Bank

PURPOSE:

• To ensure that operational risks are properly assessed; that processes, roles and responsibilities are clearly understood; that all risk / return and control cost / benefit decisions are made transparently on the basis of a complete and proper assessment, and all controls are implemented in accordance with the Group’s standards and in line with the Risk Appetite.
• To ensure that the Operational Risk Framework and all associated policies and procedures, and the Risk Management Framework are effectively embedded and communicated in country to Businesses and Functions.
• To be the central point of contact for operational risks, in the Country, arising within the processes, including being responsible for the evaluation of the design and operational effectiveness of all controls. To ensure risks of processing failure are being actively managed and monitored on an end-to-end basis in Country; including providing regular control assessments of required controls and escalation from time to time.

AUTHORITIES:
The Operational Risk Officer has delegated authority to:

• Accept the classification and accurate reporting of operational risk losses and events and to accept the appropriateness of mitigation actions.
• Validate the 1st line gross and residual risk assessments particularly the country variations to gross risk assessments delivered from Group.
• Challenge and constrain relevant business activities where risks are not aligned with the risk appetite of the Businesses and Functions and the group; or controls have not been appropriately designed.
• Sign off on new products introduced in the country on behalf of Operational Risk through the PPG and Country Addenda process as outlined in the Product Governance Handbook.

RESPONSIBILITIES:

• Risk Governance
• Align the in-country Operational Risk Management approach to the Operational Risk Framework and the Risk Management Framework and oversee its effective application. This will comprise but not limited to:
• Implement ORF in country
• Embed use of ORF in country
• Ensure compliance with OR policies
• Deliver second line assurance
• Risk Governance
• Ensure that the Business Heads and Function Heads and relevant staff understand and accept their operational risk management responsibilities.
• Represent Operational Risk in the Country Operational Risk Committee and Functions Operational Risk Forums in the country.
• Support training initiatives from Group OR, wherever required, and when time permits, to Functions and Business UORMs.
• Risk Appetite
• Periodically assess the Country operational risk profile to maintain alignment with the Country Risk Appetite.
• Review and challenge Country strategy where this is not aligned with the Country Risk Appetite ;
• Maintain operational risk capability and a control environment which is in line with the Operational Risk

Risk Control Ownership of Country Operational Risk

• Provide a central contact point and oversight over all controls required to effectively manage Operational Risk within the Country that arises from the end to end processes.
• Challenge the completeness of risk identification, monitoring and assessment of the corresponding control activities required within the end to end processes to identify and follow through the remediation by the 1st line of any significant deficiencies.
• Ensure compliance with Operational Risk policy & procedures.
• Where the country 1st line redesigns controls in response to internal and external factors validate such redesign and ensure global sign off on the redesign prior to implementation in country.

Risk Identification and Assessment

• Validate and challenge the first line risk identification and assessment of gross and residual risks arising within the end to end processes.
• Assess the control environment including, but not limited to, control design, control execution, control testing and control history.
• Recommend changes to the control environment or to business practice where necessary to reduce the level of operational risk exposure to within the agreed appetite. Ensure such changes are agreed with global process owners and global OR Officer for that function prior to in country implementation.
• Review the design of effective process controls by the 1st line to manage all material risks linked to the process control failure.
• o Identify Local Control Gaps - Regularly assess all key controls against the country risk profile to monitor exceptions and identify gaps.
• o Optimise portfolio of local controls - Regularly assess existing Local Key Control Standards, key risk indicators (KRIs) and key control indicators (KCIs) to ensure cost effectiveness, efficiency and relevance.
• Provide a balanced and informed assessment of all operational risks arising from acquisitions or major change initiatives or projects within the Country.

Risk Acceptance

• Review and approve risk record templates for acceptance of Medium, High and Very High country level risks.
• Accept the classification and accurate reporting of operational risk events and the appropriateness of mitigation actions.
• Challenge relevant Business / Functions’ activities where risks are not aligned with control requirements or Risk Appetite.
• Sign off on new products on behalf of Operational Risk through the Country Addenda process.

Risk Monitoring

• Ascertain and confirm that Country risk registers, KRIs, KCIs, and Control Sample Testing are effectively implemented.
• Periodically review operational risk assessments to ensure these appropriately reflect changes in environment, mitigating controls and the progress of treatment plans.
• Systematically monitor process control effectiveness where there are material risks of process control failure.
• Work with local Business and Functions representatives to receive control and risk metrics in order to monitor KRIs and KCIs.
• Review and update annual key control testing plans.

Risk & Loss Reporting

• Ensure that risks requiring acceptance as escalated as per the policy for Operational Risk Assessment and Acceptance
• Approve the classification and accurate reporting of operational risk losses.
• Report and escalate Significant Operational Risk Events (SORE).
• Deliver Root Cause Analysis reports for relevant events
• Provide risk information/updates to Country Operational Risk Committee (CORC)/ Country Risk Committee as appropriate.

Stress testing

• Conduct, at least annually and with guidance from Group specialists, a stress test and scenario programme for Operational Risk (as part of ICAAP), review the results and assess their implications.
• Root Cause Report
• Ensure that operational losses, Near Misses and audit fails are escalated to Group Functions in a timely fashion within the 1st line & Group OR
• Support the preparation and ensure the delivery of RCA for Unsatisfactory Operational Risk event as per procedure.

Strategy & Planning
Inform the development of country business plans, exercising appropriate focus on the implementation of robust operating environments, within risk appetite, to support business aspirations.
KEY RELATIONSHIPS
Relationship: For:

• Business/ Function heads Ensure operational risk management within the Country is effective in containing risks within risk appetite.
• Provide guidance on how effective operational risk management can be achieved.
• Group Operational Risk Operational Risk Officer works closely with Group Operational Risk who provide functional leadership and support.
• Country / Group Internal Audit Team Maintain regular dialogue to both ensure Assurance work is carried out in accordance with a consideration of relevant Business risks and issues and to ensure GIA fully consider core OR tools and techniques in performing their core audit work.
• External Auditors and Regulators Risk Maintain a strong partnership with external auditors and regulators to facilitate effective external reviews.

KNOWLEDGE AND SKILLS:

• Minimum of a second class degree from a reputable university.
• A Master’s degree or professional qualification will be an added advantage
• Operational Risk management experience.
• Business/function experience.
• A clear understanding of the Bank’s approach to the management of Operational Risk, or equivalent experience gained in other organisations.
• Ability to leverage resources across the organisation to complete deliverables.
• Sound judgement and courage necessary to perform a control role and maintain effective working relationships.