Sr.Operational Risk Officer at Standard Chartered Bank

Job description

SCOPE OF RESPONSIBILITIES

The management and monitoring of all the operational risk Standard Chartered Group and its subsidiaries are exposed to as a result of the business activities and end to end processes that exist in Angola. This includes oversight of the Country's operational risk profile and working with the business and functions to identify material risks requiring management attention.

PURPOSE:

• To ensure that operational risks are properly assessed; that processes , roles and responsibilities are clearly understood; that all risk/return and control cost/benefit decisions are made transparently on the basis of a complete and proper assessment , and all controls are implemented in accordance with the Group standards and in line with the Risk Appetite.
• To ensure Operational Risk Framework all associated policies and procedures and the Risk Management Framework are effectively embedded and communicated in country.
• To be the central point of contact for operational risk within the country arising within the processes , including being responsible for the evaluation of the design and operational effectiveness of all controls
• To ensure risks of processing failure are being actively managed and monitored on an end-to-end basis in country; including providing regular control assessments of required controls and escalation in instances

AUTHORITIES

The Senior Operational Risk Officer, has delegated authority to:

• Accept the classification and accurate reporting of operational risk losses and events and to accept the appropriateness of mitigation actions.
• Validate the 1st line gross and residual risk assessments.
• Challenge and constrain relevant business activities where risks are not aligned with Risk Tolerance of the business and the Group; or controls have not been appropriately designed.
• Sign off on new products introduced in the country on behalf of Operational Risk through the PPG and Country Addenda process as outlined in the Product Governance Policy and Procedures

RESPONSIBILITIES:

• Embed use of ORF in country
• Embed Top Risks in metrics and ensure those risks are managed in country
• Ensure the completeness of the Operational Risk Profile at country level, including consideration of all risks which have been accepted by Group risk committees
• Table the Risk Information Report and risk management action plans at CORC
• Recommend and oversee implementation of business restrictions, process and/or control improvements where necessary
• Plan and deliver scenario analysis and stress tests to CORC
• Be the focal point of operational risk review on strategy, process and control embedded in the country to ensure fit for growth
• Ensure compliance with OR policies
• Ensure immediate escalation to Group of unsatisfactory operational risk events
• Drive comprehensive, high quality root cause analysis of unsatisfactory operational risk events and agree risk management action plans with Local Process Owners
• Ensure new activities, changes to processes and products conform with the Project Governance Policy and the Product Governance Policy
• Monthly oversight of gross and residual risk ratings and risks requiring escalation under the Risk Assessment and Acceptance Policy
• Embed Operational Risk policies, ensuring first and second line are aware of and understand their responsibilities under them
• Deliver second line assurance
• Assurance over integrity of country level ORF metrics (KCIs, CSTs, KRIs) for all processes
• Monthly assurance of residual risk assessments using the Group Risk Assessment Matrix
• Ensure controls are operating effectively and defects are resolved or escalated according to the ORF Hierarchy of Monitoring
• Identify differences in standards set by Country Risk Control Owners and escalate to CCRO
• Monthly assurance performed on identified processes and controls mapped under top risks in the country
• Maintain end to end oversight of all risks which have escalated to Group for acceptance and conditions and other feedback given to the country about them
• Risk Governance
• Align the country operational risk management approach to the Risk Management Framework and oversee its effective application.
• Ensure that the business heads and relevant staff understand and accept their risk management responsibilities in relation to operational risk.
• Risk Appetite
• Assess periodically the country operational risk profile and maintain alignment with risk appetite by rebalancing of risks or controls that may be required in response to internal and external factors.
• Assist to review and challenge country strategy where this is not aligned with the risk appetite ;
• Assist to maintain operational risk capability and a control environment which is in line with the operational risk
• Risk identification and Assessment
• Validate and challenge the first line risk identification and assessment of gross and residual risks arising from its end to end processes and identify any gaps.
• Assess the control environment including, but not limited to, control design, control execution, control testing and control history.
• Recommend changes to the control environment or to business practice where necessary to reduce the level of operational risk exposure to within the agreed appetite.
• Design effective process controls where there are material risks of process control failure.
• Identify Local Control Gaps - Regularly assess all key controls against the country risk profile to monitor exceptions and identify gaps.
• Optimise portfolio of local controls - Regularly assess existing Local Key Control Standards, key risk indicators (KRIs) and key control indicators (KCIs) to ensure cost effectiveness, efficiency and relevance.
• Provide balanced and informed assessment of operational risks arising from acquisitions and major change initiatives or country projects.
• Risk Acceptance
• Review and approve risk record templates for acceptance of medium, high and very high country risks.
• Accept the classification and accurate reporting of operational risk events and the appropriateness of mitigation actions.
• Challenge and constrain relevant business activities where risks are not aligned with control requirements or risk appetite.
• Sign off on new products on behalf of Operational Risk through the Country Addenda process.
• Risk Monitoring
• Ascertain and confirm that country risk registers, KRIs, KCIs, and control sample testing are effectively implemented.
• Periodically review operational risk assessments to ensure these appropriately reflect changes in environment, mitigating controls and the progress of treatment plans.
• Systematically monitor process control effectiveness where there are material risks of process control failure.
• Work with local business representatives to receive control and risk metrics in order to monitor KRIs and KCIs.
• Review and update annual key control testing plans.
• Risk & Loss Reporting
• Approve the classification and accurate reporting of operational risk losses.
• Report and escalate significant operational risk events (SORE).
• Provide risk information/updates to Country Operational Risk Committee (CORC)/ Country Risk Committee as appropriate.

Qualifications and Skills

KNOWLEDGE AND SKILLS

• Operational risk management experience.
• Relevant business/function experience.
• A clear understanding of the Bank's approach to the management of operational risk, or equivalent experience gained in other organisations.
• Ability to work in a matrix organisation, leveraging resources across the organisation to complete deliverables.
• The sound judgement and courage necessary to perform a control role and maintain effective working relationships.
• Experience and understanding of information technology risk

Diversity and Inclusion

Standard Chartered is committed to diversity and inclusion. We believe that a work environment which embraces diversity will enable us to get the best out of the broadest spectrum of people to sustain strong business performance and competitive advantage. By building an inclusive culture, each employee can develop a sense of belonging, and have the opportunity to maximise their personal potential.