Operational Risk Officer, Data Management and Privacy

Job Description

People and Talent

• Drive the engagement with Operational Risk enterprise-wide, supporting a culture that recognises and reflects Operational Risk in its operating model and its decision making.

Risk Management

• Advice & Engagement: Offering a point of deeper expertise around more technical areas of operational risk.
• Governance: Develop and inculcate the right policy, process, technology and governance architecture, in partnership with ERM and Group Management where appropriate.
• Contribute to the design of the risk committee structure for operational risk within the Data Management and Privacy PU and ensure it is effective.
• Ensure that the individual Data Management and Privacy PU Operational Risk committees are exercising their responsibilities effectively within delegated authorities; actively participate in other key committees through standing membership.
• Ensure first line process owners, Risk Framework Owners and all Operational Risk Control Owners supporting a Data Management an Privacy process universe understand and accept their risk management responsibilities.
• Training: To support the Global Head of Data Management and Privacy in the development and execution of OR training. This consists of communication, delivery and timely feedback to ensure appropriate enhancements at Group and Country level.

Risk Appetite:

• To support Risk Appetite definition for Operational Risk as it applies to Data Management and Privacy, ensuring the same informs risk identification and control design, where relevant, and proactively providing input and advice as to how to address any breaches.
• Direct appropriate response to material events or other risk issues that come to the Head, Functions Operational Risk s attention.
• Ensure that effective management response plans are in place to respond to extreme but plausible scenarios
• Uphold the integrity of operational risk / return decisions, by challenging function heads to demonstrate that risk origination and control decisions are properly informed and consistent with strategy and risk appetite.
• Risk Control Ownership of Operational Risk
• Ensure that material risk exposures and related issues are reported to the responsible risk governance committees and to the Board Risk Committee.
• To provide a focal point of control over the aggregate level of operational risk that arises from end-to-end processes.
• Design, maintain, and effectively communicate operational risk control parameters across the Functions, including policies, control standards, risk exposure limits, and other control levers in order to maintain the Functions risk profile in line with the overall risk appetite set by the Board.
• Challenge the completeness of risk identification, monitoring, and control activities across Operational Risk Control Areas within the Functions and identify and address any significant gaps that may exist between them.
• Maintain a good understanding of the requirements of the Group s key external stakeholders in respect of operational risk management and ensure these are well understood internally and reflected in internal procedures.
• Obtain assurance regarding the effectiveness of operational risk controls and compliance with applicable laws and regulations.
• Ensure effective reporting of operational losses and incidents in line with policy

Governance

• Demonstrate an awareness and understanding of the regulatory framework in which the Group operates, and the regulatory requirements and expectations relevant to the role.
• Deliver effective governance ; capability to challenge colleagues effectively; and willingness to work in an open and cooperative manner with all.

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Lead the [TDR GOR] to achieve the outcomes set out in the Bank s Conduct Principles : [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.] *
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key Stakeholders

• Group Operational Risk Team
• Data Management and Privacy team
• Country Operational Risk Team
• Operational Resilience Team
• Key other Risk colleagues
• First Line and Third Line stakeholders
• Business leadership
• Key change, operations and technology partners / vendors

Other Responsibilities

• As delegated by line management from time to time

Our Ideal CandidateThe role holder will have experience in Operational Risk management and / or experience in Privacy or Data Management, within the Banking industry, including relevant regulation and industry trends. In particular, the role holder will demonstrate:

• A rigorous and analytical approach to risk management
• Experience in enhancing frameworks and policies
• Understanding of Risk and Control Self - Assessment methodology including Control Design.
• Experience in managing operational resilience risk
• Proven experience in the development and delivery of training framework, policies and procedures
• Experience of business partnering, including the ability to synthesise and articulate complex and technical topics clearly to diverse audiences
• Ability to manage a diverse and challenging stakeholder community / team
• Proven experience with co-ordination of many dependencies in a complex, large-scale environment
• Excellent oral, written communication and presentation skills
• Specific strong competence in the use of Excel for analysis of complex data and PowerPoint for communication purposes
• Ideally the role holder will have specific experience of Operational Risk frameworks and have an in-depth knowledge of some of the key organisational and operational challenges faced by a Second-Line Operational Risk function.

Qualifications Certified Qualifications in the following areas would be preferred.

• Operational Risk Management certification
• A certified Information Privacy qualification (CIPP, CIPM or CIPT)
• Data Management Capability Assessment Model (DCAMp)
• Training will also be provided to the successful candidate.
• The role holder should comply with all mandatory e-learning as prescribed from time to time.

Apply now to join the Bank for those with big career ambitions. To view information on our benefits including our flexible working please visit our career pages . We welcome conversations on flexible working.,

Keyskills :
bcpkpireportingrisktypingeuropean works councilsenterprise risk managementoperational risk managementbusiness continuity managementfocal pointdata privacyrisk controlbusiness case