Unit Operational Risk Manager
Effective management of Operations Risk within the business unit including ensuring the proper functioning of embedded and periodic controls.
Timely identification & escalation of Risk issues.
Escalation of Risk related KCSA, CST & KCI exceptions / to BORF.
Help Business to establish the First Line of Assurance in the Business unit by implementing a program of Key Control Self Assessment / Control Sample Testing
Assist Business Unit Head and SORO in coordinating, driving and directing effective compliance and Operational Risk management at the Business unit level.
Implement controls within the Business unit to meet all Regulatory, Group / Internal policy requirements.
Identifying Risk from KCSA exception, Key Risk Indicator, audit points, Operation Losses and near miss, then assessing the risk and ensuring appropriate mitigating action is implemented and monitoring progress.
Ensure proper functioning of day-to-day controls, periodic monitoring activities and timely resolution of risk issues.
Assist in coordinating, facilitating and promoting understanding of operational risk and in implementation and management of OR within the Unit.
Participate in country review meetings and project OR related information. Key Responsibilities
· Assist SORO in the implementation of OR framework or other relevant OR initiatives
· Ensure, jointly with the Business / Function, that the business heads and relevant staff understand and accept their risk management responsibilities in relation to operational risk.
· Ensure smooth conduct of BORF and other unit level risk related meetings and ensure quality / accurate updates of various OR events and initiatives.
· Co-ordinate periodic business monitoring (self-assessment) activities within the Business Unit and escalate findings and or breaches to Business Unit Head and SORO, when they occur.
· Design and implement control measures and monitoring plans for compliance and operational risk management. Ensure effectiveness of controls for compliance monitoring and risk management.
· Support the initiatives and risk reviews driven across the hub.
· Assess periodically the unit's operational risk profile and maintain alignment with risk appetite by rebalancing of risks or controls that may be required in response to internal and external factors.
· Review and challenge the existing process to identify the gaps on Systems Design, Systems Control , Process Design and Process Control
· Engage closely with Peer Groups within Hubs to share the lessons learnt, process gaps and adhere to effective control measures.
Risk Control Ownership of Operational Risk
· Implement approved plans /Recommend for implementation of enhanced /new control measures and monitoring plans for compliance and operational risk management.
· Ensure effectiveness of controls for compliance monitoring and risk management. Challenge the completeness of risk identification, monitoring and control activities and identify/address any significant gaps that may exist between them.
· Ensure compliance with Operational Risk policy & procedures.
Risk identification and Assessment
· Validate and challenge risk identification and assessment of gross and residual risks arising from executed processes and identify any gaps.
· Assess the control environment including, but not limited to, control design, control execution, control testing and control history.
· Recommend changes to the control environment or to business practice to reduce the level of operational risk exposures.
· Propose effective process controls where there are material risks of process control failure.
o Validate Business / Functions Controls - Regularly assess implementation of Business/functions Key Control Standards as defined by the business to ensure cost effectiveness, efficiency and relevance.
o Identify Local Control Gaps - Regularly assess all key controls against the risk profile to monitor exceptions and identify gaps.
o Optimise portfolio of local controls - Regularly assess existing Local Key Control Standards, Key Risk Indicators (KRIs) and Key Control Indicators (KCIs) to ensure cost effectiveness, efficiency and relevance.
· Provide balanced and informed assessment of operational risks arising from acquisitions and major change initiatives or country projects, where applicable Risk Acceptance
· Review and recommend for approval risk record templates within the unit for Local KCSAs/CSTs..
· Recommend for approval the classification and accurate reporting of operational risk events and the appropriateness of mitigation actions.
· Challenge and recommend on relevant business activities where risks are not aligned with control requirements or risk appetite.
· Escalate Risks according to the Risk Acceptance policy.
· Ascertain and confirm that KRIs, KCIs, and Key Control Self Assessment (KCSA) or Control Sample Testing (CST) as approved, are effectively implemented.
· Periodically review operational risk assessments to ensure these appropriately reflect changes in environment, mitigating controls and the progress of treatment plans.
· Systematically monitor process control effectiveness where there are material risks of process control failure.
· Review and recommend for approval risk treatment plans.
· Monitor treatment plans to ensure they are implemented accordingly by the business.
· Lead and support implementation of OR initiatives for the Business unit.
· Proactively communicate with the Business Unit Head and SORO on operational risk issues. Escalate significant events to Business Unit Head/SORO/Business Head as appropriate.
· Co-ordinate and consolidate operational risk and loss reporting of the unit for the reporting to the BORF, SORO and Business Unit head. Ensure data accuracy and completeness.
· Review and Recommend for approval for annual key control testing plans. Risk & Loss Reporting
· Validate the classification and accurate reporting of operational risk losses.
· Support SORO in reporting and escalating Significant Operational Risk Events (SORE).
· Facilitate units for conducting Root Cause Analysis (RCA) reports for relevant events.
· Provide risk information/updates to functions/domains/Country GTO Operational Risk Committee (GTO FORC) as appropriate. KEY RELATIONSHIPS INTERNAL
SORO, and RPs undertaking business monitoring in various units.
Business Head and Unit Managers EXTERNAL
Operational risk management, money laundering prevention, compliance and financial crime issues.
Operational risk management and compliance initiatives
Interpretation of and consultations on regulatory requirements
System Implementation, enhancement, user requirements and reporting requirements.
Coordinating operational risk, compliance and money laundering prevention training for staff.
Inspection and regulatory requirements( as required) Key Measurables
The performance of the UORM will be measured by:
Cross team collaboration and leadership skills - proactive engagement with Business unit head and all responsible persons in the unit
Effectiveness of the control and monitoring of Operational risk, compliance risk and money laundering prevention at the Business Unit level.
Satisfactory results on audit undertaken by Group Internal Audit, regulators and external auditors.
Timely communication of changes to the regulatory environment and Internal policies from Legal & Compliance and Operational Risk Management Group. Timely reporting and escalation of all operational risk exposures.