Operational Risk Manager

Job description

Reports to: Group Head of Operational Risk

Job Purpose:

To assist and facilitate the management of operational risk across ABC Group.

This includes:

• Engaging with the first line on risk management (identification of risks and appropriate mitigation strategies) starting from a good understanding of the business processes & products
• (Facilitation) of the implementation of the group-wide framework for management of operational risk in Bahrain and other Units;
• Supporting the risk management by the first line;
• Provide assistance to second line Risk Departments of Units;
• Overseeing the processes for identification and controlling of risks in existing and new activities and products
• Representing risk in efforts to launch new products, change processes, implement systems, etc.;
• Analysis of risk data and translating same in action plans;
• Reporting of risks and status of risk management;
• Preparation Operational Risk Committees;
• Raising awareness and promoting best practices for the management of operational risk.
• Assistance with the further development of the framework for the management of operational risk

  The job holder needs to have a thorough understanding of the products and business processes, and be familiar with operational risk management practices and regulatory requirements. He should be able to articulate these and have meaningful discussions with internal and external stakeholders at various levels. He should also never lose sight of the “big picture” of the markets ABC is in and the overall trends in the financial industry as a whole.

  Principal Responsibilities, Accountabilities and Deliverables of Role:

  Operational risk management

  • Facilitate the management of operational risk across the Units.

    This includes (list is not exhaustive):

    (Facilitation of the) implementation of the group-wide framework for the management of operational risk;

    Organization and facilitation of risk management workshops (e.g. RCSA workshops, etc.);

    Coordination and facilitation of the implementation of the various risk management policies and procedures within the Units:

    Assistance with the identification of risks and the definition of appropriate controls;

    Assistance with development of action plans to mitigate risks;

    Challenging / testing the effectiveness of controls;

    Analysis of risk data such as loss events and other incidents, KRIs, etc. and ensuring that they are translated into appropriate action;

    Investigating risk events and incidents;

    Following up on completion of action plans;

    Review – and approve – local policies & procedures to ensure compliance with group standards and policies

    • Provide day-to-day direction, guidance, training and support to the first line and second line of the Units for the management of operational risk.
    • Ensure respect of the group-wide and local risk management policies and procedures and raising any exceptions to the appropriate decision level (Unit and group level).

      Quality Control

      • Quality control of the various ORM projects (i.e. the reliability of the results of the various risk management projects reported to the Operational Risk Committees and Board Risk Committees both at the local level and at the group level);

        Change management

        • Participate in the development of new products and change management projects (e.g. outsourcing of processes) to ensure that the inherent risks are assessed and mitigated prior to launch/implementation.

          Cooperation with other risk and control functions

          • Ensure that the management of operational risk is aligned to the management of other non-financial risks (Compliance, IT Risk, BCM, Audit)
          • Cooperation with other risk and control functions of the Unit/group to ensure that all non-financial risks are adequately managed

            Operational risk reporting

            • Prepare / oversee the preparation of actionable (consolidated) risk reports for the various internal and external stakeholders.
            • Reporting ORM matters to the local/group senior management, the local/group ORCO, the local/group Board Risk Committee, etc. and to the local (“host”) regulators.
            • Reporting on the progress against the approved operational risk management planning;
            • Development of operational risk policies and procedures
            • Participate in the development of best practices for management of operational risk at the group level and at the Unit level to ensure that ABC group’s risk management processes are aligned to new regulations and evolving industry practices
            • Acting as sounding board for new risk management initiatives considered at the group.

              Raise awareness for operational risk – Training

              • Conduct necessary training and provide guidance to the risk managers in the Unit, subsidiaries, branches and rep offices on all aspects of the management of operational risk management
              • Disseminate – and explain – policies and procedures for the management of operational risk to the various stakeholders in the Unit.

                Other

                • Acting as point of contact for local external auditors and regulators in operational risk matters.
                • Serving as secretary of the local ORCO.
                • Carrying out “ad hoc” tasks as directed by Senior Management.

                  Job Requirements:

                  Knowledge

                  • Extensive first line product and process experience, preferably gained in / related to commercial credits and/or trade finance and/or trading & sales.
                  • Relevant experience in risk management in the financial industry, supported by:

                    Practical working experience with risk & control frameworks;
                    – Good understanding of the international regulatory environment and in the different countries where ABC group operates;
                    – Broad knowledge of operational risk disciplines, information security, business continuity and disaster recovery, compliance;
                    – Relevant knowledge of industry process, risk and control frameworks, e.g., COSO ISO,

                    • Strong practical experience with risk and control assessment frameworks, tools and methodologies as applied to business processes, business applications, technology infrastructure and third parties.

                      Education / Certifications

                      • Master degree of reputable university or acceptable equivalent.

                        Experience

                        • 5 years to 10 years of relevant banking experience.

                          Personal Attributes

                          • Strong written & oral communication / presentational skills;
                          • Proficient in English, Arabic and other language (French or Portuguese)
                          • Good time-management skills;
                          • Self-motivation and leadership attributes;
                          • People management and relationship skills;
                          • Experience leading business critical projects;
                          • Good PC skills (current applications).