Operational Risk Senior Analyst - Johannesburg at Citi

Job Purpose

• Partner with Operations to ensure operating resiliency through standards, controls & governance.
• Provide monitoring through executing the day-to-day Ops Control activities to identify and prevent potential operational gaps.
• Work in cross geographical teams to analyse Sub-Sahara Africa and Middle East & Africa key risk elements and provide the relevant MIS to management periodically.
• Ensure timely escalation of issues to Ops control head/Management team track till closure.
• Maintain a flexible control framework to support evolving technologies and risks.
• Establishing a common control framework across Operations through analysis, reporting, training & control forums.

Responsibilities:

Key Responsibilities: Country

The Control Environment

• CAP management – Be engaged with Operations through full lifecycle of CAP, review of the CAPs prior to raising in iCAPs to ensure the quality of the CAP, perform validation to ensure sustainable remediation for level 3 and above and all IA CAPS
• Regulatory requirements tracking - Ensure effective implementation of new/amended regulatory requirements within Operations processes by the deadlines established.
• Ops Risk Events (ORE) oversight (e.g. PLE/Near Miss, Ops Losses etc.) – Provide guidance and be point of escalation, follow through units to ensure timelines are adhered to for input into system, challenge remedial actions and root cause. Check data quality for OREs and be part of the approval chain wherever required. Work with stake holders in root cause analysis and documenting lessons learnt.
• Audit interface & oversight - In partnership with Operations, ensure a state of audit readiness at any point of time. Close monitoring of the IA, regulatory and other reviews.
• MCA oversight - Review the effectiveness of MCA and ensure it properly covers risks & controls for area of responsibility, monitoring methodologies capture the issues effectively.

Risk Assessment

• Proactive reviews – Execute proactive review schedule for the year including:
• Health checks: Conduct targeted reviews focused on specific operating areas /functions or a business unit driven by control concerns/high risk areas/OREs.
• Process deep-dive: Conduct front to back review of a function of business aligned process driven by function/process failures and control indicators.
• Conformance reviews: Conduct targeted reviews to ensure compliance/conformance with procedures and programs relating to operations global, regional functional policies etc. driven by new or changed policies, standards or directives, audit and business monitoring issues.

Control Activities

• Controls advisory - Provide guidance to Operations as it relates to control design. Control evaluation of key policies, standards and directives as it relates to processes within Operations. 
• Risk & control support - On an ad-hoc basis, provide specific onsite support on the following areas: TPM, COB, Fraud Management, Entitlements, EUCs, etc.
• Control forums – Participate in Risk & Controls forums, focus on emerging trends and key risk indicators, be engaged in key developments and awareness.
• Enhance the culture of controls and reinforce the institutional operating principles & code of conduct.
• MPP – Provide guidance on Manual Payments Processing to Operations, monitor MPP deviations. Review of MPP process and underlying controls on periodic basis.

Monitoring

• Standard Controls Test Plan – Being responsible to execute the Standard Controls Test Plan, review country specific processes based on local requirements, ensure timely submission of review results and corrective actions with focus on content & quality. Work with Operations teams in monitoring of exceptions trend, planning corrective actions and ongoing assessment of the controls environment.
• Enhance the controls plan by identifying opportunities to improve, eliminate, automate and/or centralize controls testing to focus on pro-active reviews and extend coverage to all ICG business lines.
• Balance Sheet Exceptions Reporting - Monitor BSER exceptions, work with Operations to understand key BSER risk items for escalation where required, monitor trends and variances, work with operations on remediation plans and minimize manual touch points.
• Red account oversight - Monitor the number and value of red accounts, review underlying root cause, analyse and monitor trends, work with Account Owner/Proof Owner on remediation.
• End User Computing EUC Oversight - Understand and evaluate inherent and residual risk, work with Operations to mitigate use of EUCs, oversight and advice to ensure all EUCs are registered and correctly classified.
• Provide effective back up to the unit head.

Key Responsibilities: Cluster/Regional

Information and Communication

• Participate in projects as per supervisor requirements and guidelines.
• Work with the Sub-Sahara Africa (SSA) KRI team to extract relevant data to analyse and key risk indicators breaches communicate to cluster O&T Management on a weekly basis
• Work with the Middle East and Africa (MEA) Risk and Controls team to create a monthly MIS deck for Senior O&T management in the cluster
• Provide key risk volume data and continuous monitoring indicators trend, both pertaining to Sub Sahara African (SSA) countries, on a monthly basis to the EMEA regional Ops Control team
• KRI oversight & challenge – Monitor metrics and key risk indicators via Operations MIS and ICG dashboards. Analyse and monitor emerging trends, engage with Operations to drive remediation, challenge key risk items within Operations metrics and continuous monitoring for improvements in key risk indicators.

Qualifications:

• 5-8 years of Financial Crimes, AML Investigations, or Operational Risk experience
• Minimum 1 year of Operational Leadership Experience including delivering in a high-volume, goal-based production/operations-based environment

Education:

• Bachelor’s/University degree or equivalent