Operational Risk Officer

  • Negotiable
  • Petaling Jaya, Malaysia
  • Permanent, Full time
  • Standard Chartered Bank
  • 12 Sep 16

Please view Job Description for details.

The Control Analyst (RP) is responsible for working with the UORM to effectively manage operational risk by ensuring business management implements and maintains operational risk controls in accordance with Risk Management Framework, Group Operational Risk Policies and Procedures. The Control Analyst places particular emphasis on:
1.Ensuring business risk/return and control cost/benefit decisions prior to product launch and during business life cycles are made transparently and based on assessment in accordance with Group standards and Board's Risk Appetite

1.1To report OR issues and losses to UORM through use of the Operational Risk Assessment Matrix

1.2To maintain independence in the conduct of KCSA and report OR issues, exceptions and losses to UORM and undertake preparation and submission of the operational risk and losses issues via the Phoenix System

1.3Identify and report all exceptions on non-compliance and weakness inherent in the standard controls via regularly assess existing business key controls to ensure the level of controls remains cost effective, efficient and relevant

2.Implementing effective risk management process of: risk identification, assessment and measurement, acceptance and monitoring to reduce gross operational risk exposure to acceptable levels within the risk appetite

2.1Risk Identification - The risk identification, measurement and management process should be operating as part of BAU with regular update of Risk Profiles and reporting of exposures for acceptance at the appropriate governance level. Gross Operational risk exposures are identified and assessed by the PGCs and documented in the Risk Profiles. At the country level, Control Analyst works with first line units to perform risk identification which must be end-to-end, comprehensive and utilizing reactive and proactive source of information. Risk identification must be performed in country addenda, significant projects, mergers and acquisition, internal and external incidents, and regulatory changes.

2.2Risk Assessment and Measurement - Risk assessment must be performed on a consistent basis, reflecting the scope and complexity of the operation. At the country level, Control Analyst works with first line business / function to assess Gross risk exposures in accordance with the Operational risk assessment process. Gross risk exposures are assessed and mitigated to acceptable levels via design and implementation of effective process controls end-to-end.

2.3Risk Acceptance - Risk must be accepted at the appropriate level depending on the source of identification and residual risk and as per the delegated authority matrix. At the country level, Control Analyst will follow through the acceptance process to ensure risk acceptance at business unit level is complied with Group's Delegated Authority Matrix

2.4Risk Monitoring - Operational risk assessments and acceptance must be reviewed periodically to appropriately reflect changes in environment and the progress of the mitigation plans. At the country level, Control Analyst must establish operational risk management reporting and intelligence information for ensuring that adequate and credible information is provided to appropriate levels of management, so that there is timely oversight, understanding and acceptance of risk exposures at the right organization level, for risk management purposes. This helps ensure that senior management at a country level have a good, accurate and informed understanding of the business unit's operational risk profile at the key operating levels. The systematic monitoring of process control effectiveness is achieved through the implementation and monitoring of key control indicators (e.g. KRI, KCI) and independent sample testing of controls (e.g. KCSA).

2.5Risk & Loss Reporting - There is regular reporting on significant OR exposures, issues and results of independent reviews on the effectiveness of and compliance with established OR framework to the OR governance committees, including the Board, or its delegate. Significant OR exposures and loss experience, together with proposed action plans are regularly reported to senior management and OR governance committees. At the country level, Control Analyst must capture gross and residual risk exposures identified and OR loss promptly and accurately in Phoenix in accordance with Group's Operational Risk Policies and Procedures.

3.Influencing the development of an operational risk culture which is forward looking, risk based and customer focus

3.1Operational Risk Management Policies & Procedures - Implement OR policies and procedures, develop remediation plans, monitor OR policy compliance and propose deviation from OR policies and procedures

3.2People and Skills - Ensure completion of mandatory e-Learning by the business

Diversity and Inclusion

Standard Chartered is committed to diversity and inclusion. We believe that a work environment which embraces diversity will enable us to get the best out of the broadest spectrum of people to sustain strong business performance and competitive advantage. By building an inclusive culture, each employee can develop a sense of belonging, and have the opportunity to maximise their personal potential.