Our client is a leading international bank based in the City. They are looking to hire a Risk and Control Officer on 12 month FTC basis.
RESPONSIBILITIES
Support the enhancement of Operational Risk Management through the following:
TPRM Framework
- Development and support to roll out TPRM Framework including policies and procedures.
- Support the reporting process for Material Third Party (MTP) aligned with PRA SS2/21.
- Review and challenge TPRM assessments done by 1LoD teams.
ORM Framework
- ORM Policies and Standards: Develop and maintain effective operational risk management policies and standards.
- OR Incident Management: Maintain the operational risk incident management and reporting framework, including operational risk root cause investigation, identification, assessment and countermeasures, and promotion of the risk-acceptance process.
- Risk Reporting: Enhance and update key operational risk indicators and controls in line with the growth and development of the Business.
- Product Risk Assessment: Identify and assess operational risk arising from product and service development, in line with Product Risk Validation Policy.
- Risk Acceptance Process: Assist departments to identify and manage operational risk in their respective activities, escalating to Senior Management for risk-acceptance when required.
- Process Evolution: Support the development of an enhanced RCSA methodology, transitioning from static assessments to dynamic, data-driven risk profiles.
- Control Libraries: Establish and maintain centralised Control Libraries to ensure consistency in control descriptions and testing standards across the Bank.
- Process Mapping: Support the 1LoD in developing detailed process maps aligned with RCSAs to identify "single points of failure" and critical control points.
- Enhanced RCSA Rollout: Plan and facilitate RCSA workshops with 1LoD Departments to ensure development of risk profile, assessing all relevant risks, documenting and assessing controls including design and operating effectiveness, and where required document and agree appropriate action plans.
- Control Attestation: Support the development and manage the periodic control attestation process, ensuring 1LoD owners formally certify the design and operating effectiveness of their controls.
- End-to-End Oversight: Enhance and manage the operational risk loss and near-miss data collection process. Ensure all incidents are captured, categorised, and analysed for root causes.
- Incident Closure: Track all operational incidents through to closure, ensuring that remediation plans are effective and prevent recurrence.
- Thematic Analysis: Use loss data to identify trends and inform the 2LoD thematic review agenda.
- 1LoD Risk Profiles: Support the development of comprehensive risk profiles for 1LoD teams, integrating RCSA results, loss data, and audit findings.
- Action Tracking: Rigorously challenge RCSA results and ensure all identified control gaps are closed via the formal tracking of management actions.
- KRI Development: Partner with the business to develop Key Risk Indicators (KRIs) that provide early warning signals of risk appetite breaches.
Governance, Reporting & Taxonomy
- ORM Reporting: Support the Operational Risk Management (ORM) Key Risk Reporting process, providing senior management with a holistic view of the Bank’s risk landscape.
- Committee Support: Improve risk governance by supporting the running of the Risk and Compliance Committee (RCC), including support with collation high-quality paper production.
- Taxonomy Management: Maintain the Bank’s ORM Taxonomy, ensuring risk events, causes, and impacts are clearly defined and consistently applied including 1st and 2nd line accountability for all risk types.
- Appetite Tracking: Monitor and report on the Bank’s performance against the Risk Appetite Statement (RAS) for operational risks. Support the enhancements of the risk appetite statements for non-financial risks.
EXPERIENCE REQUIRED
- Must be able to work 4 days a week in London
- Good knowledge of and working experience in third party risk management, operational risk management and enterprise risk management (ERM), including the ability to demonstrate and articulate risk skills and methodologies.
- Awareness of industry trends and best practices in risk management (particularly TPRM, operational risk management but with a broad understanding of other ERM categories).
- Good understanding and implementation experience of the three lines of defense operating model.
- Strong written and verbal communication skills.
- Experience preparing reports for executive-level committees (RCC/Board)
- Tact, discretion, good judgement and commonsense in dealing with sensitive and / or confidential situations.
- Sound understanding of relevant regulatory requirements from PRA/FCA on risk and control management. Specially in relation to Operational Resilience and Third Party Risk Management (SS2/21)
#J-18808-Ljbffr