Operational risk has evolved significantly as an independent risk discipline to include managing risks, implementing effective controls and identification of risk events. Operational risk today involves providing both an advisory capability and a challenge function to ensure robust business processes & systems are developed and implemented. Operational risk also ensure that businesses comply with both local regulatory expectations and extra territorial regulations It is imperative that the Bank has a well-resourced and technically capable Operational risk management function to support, advise.
- Lead the setting of a strategic vision for Operational risk and other non-financial risks across the group including subsidiaries & international locations.
- Provide thought leadership in management and implementation of Operational risk frameworks across the group including international & subsidiaries based on a thorough understanding of the risk management practices and regulatory requirements related to Operational risk in Bahrain and across jurisdictions that ABC operates in.
- Influence & support senior leadership including C-suite with regards to operational risk framework delivery
- Ensure appropriate support for regulatory interaction at Bahrain and across various jurisdictions related to operational risk
- Ensure ‘fit for purpose’ group operational risk framework, policies and procedures are defined and documented supported by appropriate systems.
- Enable and support the operational risk capital & stress testing processes
- Drive the operational risk focus at appropriate governance forums including Board Risk Committees
- Develop a high performing ‘Operational Risk’ team
- Provide operational risk oversight and advisory capability to divisional and international subsidiary leadership.
- Provide operational risk advisory for change activities to ensure robust & regulatory compliant business process and systems are delivered in the organisation
- Develop assurance capability to ensure there is independent review and reporting of group wide implementation of the operational risk framework including managing eve
Principal Responsibilities, Accountabilities and Deliverables of Role
The key responsibilities, accountabilities and deliverables can be considered in three sections, as below:
Strategy, Governance and Frameworks
- Develop sustainable strategies to ensure the Group Operational Risk Framework including its constituent policies; procedures and guidance remain effective to meet the regulatory requirements of Bahrain and the international jurisdictions ABC operates in.
- Define, document and ensure currency of the Group Operational Risk Framework and any other non-financial risk frameworks including their constituent policies, procedures and guidance.
- Ensure there are ‘fit for purpose’ systems to support the Group Operational Risk Framework and any other non-financial risk frameworks
- Develop and deliver a Controls Assurance Framework as part of the Operational risk framework to provide oversight, challenge and review of the efficacy of controls identified by divisions, international and subsidiaries’.
- Lead incorporation of global better practices with respect to Operational risk in the ABC operational risk framework including constituent policies, procedures and guidance
- Align the Operational risk framework including constituent policies, procedures and guidance with complementary functions including Compliance, Business Continuity & Crisis Management, Sourcing, Financial Crime (incl. AML/CTF, FATCA, Sanctions & Fraud) and Technology
Delivery, Implementation & Reporting
- Ensure that elements of the Operational Risk Framework are developed and implemented across the group including;
- Incident Management including identification & reporting of incidents and events
- Issue and Action Management including development of root cause analysis, Issues and actions
- Risk and Control Assessment including identification and assessment of risks; development and documentation of controls including assessment and actions plans to improve the effectiveness of the control
- Key Indicators to drive monitoring and reporting of operational risks and related action plans.
- Develop risk profile for divisions, international locations, subsidiaries and group level.
- Ensure appropriate and adequate reporting to key stakeholders (internal/external) and group wide risk committees
- Develop and implement an Operational risk training programme across ABC to increase awareness and to improve implementation effectiveness of the Operational risk framework
- Act as the liaison for ABC with external parties including auditors and regulators with regards to Operational risk
- Ensure appropriate operational risk committees are instituted with approved terms of reference including quorum, secretary, minutes and escalation process.
Change, Advisory & Emerging risks
- Develop and implement an ‘Operational Risk in Change’ framework to identify operational risks and implement relevant controls across major change activities including new products, systems and outsourcing
- Conduct deep dives to understand cause & effect of any major enterprise wide events
- Develop a scenarios based approach to understand large infrequent events and their impact on the Group
- Develop an emerging risks approach
- Provide Operational risk related effective change management & advisory support across the group.
- Quality control of the various ORM projects (i.e. the reliability of the results of the various risk management projects reported to the Operational Risk Committees and Board Risk Committees both at the local level and at the group level)
- Participate in the development of new products and change management projects (e.g. outsourcing of processes) to ensure that the inherent risks are assessed and mitigated prior to launch/ implementation.
Cooperation with risk and control functions
- Ensure that the management of operational risk is aligned to the management of other non-financial risks
- Cooperation with other risk and control functions of the unit/ group to ensure that all financial risks are adequately managed.
Operational Risk Reporting
- Prepare/ oversee the preparation of actionable (consolidated) risk reports for the various internal and external stakeholders
- Reporting ORM matters to the local/group senior management, the local/group ORCO, the local/ group Board Risk Committee, etc. and to the local (“host”) regulators
- Reporting on the progress against the approved operational risk management planning
Development of operational risk policies and procedures
- Participate in the development of best practices for management of operational risk at the group level and at the unit level to ensure that ABC group’s risk management processes are aligned to new regulations and evolving industry practices
- Acting as sounding board for new risk management initiatives considered at the group
Raise Awareness for Operational Risk
- Conduct necessary training and provide guidance to the risk managers in the Group, subsidiaries, branches and rep offices on all aspects of the management of operational risk management
- Disseminate – and explain- policies and procedures for the management of operational risk to the various stakeholders in the Group / unit.
- Acting as point of contact for local external auditors and regulators in operational risk matters
- Serving as secretary of the Group ORCO
- Carrying out “ad hoc” tasks as directed by Senior Management
- Job Requirements
Extensive work experience in Operational Risk in the financial services industry, including demonstrable experience in;
- Developing and implementing Operational Risk Management Frameworks including Incident, Issue & Action and Risk & Controls assessments
- Understanding of the international regulatory environment in the context of operational risk (including jurisdictions where ABC group operates)
- Knowledge of industry practices with regards to Incident Management, Risk frameworks, control assessments
- Implementing Systems and Processes to support effective Operational risk management
- Developing and managing high performing teams
- Master’s degree from a reputed university
- At least 15 years of relevant work experience with a minimum of 10 years in risk or audit
- Strong written & oral communication / presentational skills
- Good time-management skills
- Self-motivation and leadership attributes
- People management and relationship skills
- Experience leading business critical projects