- To develop a comprehensive risk management framework at the Bank level for assessing, identifying, monitoring, and mitigating pertinent operational risks.
- To supervise the effective implementation of this framework to ensure that the objectives and goals are not in any way affected by inherent and external operational risks
- To Perform Risk and Control Self Assessments (RCSA), both at Corporate and at granular levels to ensure maximum adherence to Bank processes and policies
- To provide critical input to enhance from operational risk perspective on availability of controls and effectiveness of the controls on all Standard Operating Procedures and processes (including review of BRD, FSD documents, and UAT testing)
- To supervise the preparation of RBI tranche Data Control Template (DCT) at quarterly intervals and to provide compliance to observations made by the Reserve Bank of India.
- To develop and monitor KRI trends and key functions/Businesses, and work with National Manager Operational Risk on discussions with stakeholders to improve KRI(s) so as to bring them within an acceptable threshold.
- To develop, maintain and update the repository of the organization's acceptable risks, issues, and action and control library.
- To have principal responsibility in reviewing and providing critical input on Risk Control Matrix prepared for identified processes of the Bank for the annual IFC review as per the Companies Act 2013, and to supervise the testing of each control with multiple samples to ensure compliance. This is mandatory for annual certification by External Auditors.
- Carry out frequent BCP simulations across branches, regions, and corporate functions to evaluate the preparedness of the Bank to carry out business as usual in the event of business disruption.
- To manage operational risks arising from material outsourcing activities, and review gaps and recommendations, and continuity with stakeholders.
- To oversee and where required participate in the preparation of pre-on boarding risk assessment of material vendors.
- To maintain operational loss data for the Bank, carry out Root Cause Analysis (RCA) of critical and recurring events to identify gaps, recommend process and system enhancement to minimize or eliminate future operational losses.
- To supervise from an operational risk perspective, the RCU activities and use data to provide critical input to RCU unit of Vigilance on risks emerging or inherent in some sectors and processes with the aim to provide a more focussed and meaningful sampling of the granular RCU process.
1. PRIMARY RESPONSIBILITIES
Business:
- Review and provide critical input on new products/processes and any amendments to products/processes to highlight Operational Risks and recommend additional controls to mitigate the risks.
- Carry out independent risk and control self-assessment (RCSA) in order to identify inherent risk and residual risks associated with the process. Discuss it further with respective stakeholders and agree on a time-bound action plan.
- Prepare, evaluate and update Business Impact Analysis (BIA) documents to determine and evaluate the potential effects of an interruption to critical business operations as a result of a disaster, accident, or emergency.
- Prepare a schedule for Business Continuity Plan (BCP) simulation covering activities carried out at branches, regions, and corporate offices to evaluate the preparedness to minimize the effect of disruption. Facilitate regional Ops Risk team across branches and regions to carry out BCP simulation as per approved schedule.
- Review the result of BCP testing and share the same with ORMC and BCP committee on its effectiveness in the event of a disaster and its continuing relevance to the Business to evaluate the preparedness of the Bank to minimize the effect of disruption.
- Direct and participate in product and process review for the availability of controls and also in reviews related to Business Requirements Document (BRD), Functional Specific Development (FSD) and perform User Acceptance Testing (UAT) to ensure the effectiveness of controls before moving to Production
- Perform pre-on-boarding material outsourcing vendors risk assessment with regards to compliance to regulatory guidelines on managing risks and code of conduct.
- Carry out an annual risk assessment of material outsourcing vendors across regions and share the deviations with respective stakeholders for control gaps and associated risk.
- Manage operational risks arising from material outsourcing activities so as to ensure outsourcing vendors maintain a high standard of compliance to code of conduct and service level agreement (SLA) in performing activities on behalf of the organization.
Customer:
- Develop and implement risk scorecards across branches and backend activities to analyze risk indicators and identify remedial measures in coordination with functional units, and initiate suitable actions.
- Carry out thematic control testing to review the effectiveness of various controls and provision for automation.
- Devise KRIs for each critical function and monitor periodically.
- Visit branches across regions to review process adherence on identified and assessable parameters to measure the effectiveness of controls and process implementation.
- Develop Risk and Control Matrixes (RCM) along with concerned stakeholders for various processes and products of organization SFB.
- Develop and periodically monitor operational risk dashboard through different key risk indicators (KRI) at the organization level covering Process, People, System, Legal, Outsourcing, Compliance risks and report to the Board and ORMC.
- Supervise the Test of Design and Test of Operating Effectiveness and discuss the failure with the risk owners for putting controls and mitigations
- Coordinate, review, and submit all the necessary data and reports/information for the purpose of submitting various DCTs to RBI on a quarterly basis.
- Participate in National Inter-Departmental Meeting (NIDM) to review process non-adherence, people issue and similar other regional issues including external development impacting risk so as to recommend process enhancement, process reiteration, and punitive action where applicable.
Internal Process:
- Supervise and review the Internal Financial Control (IFC) testing on behalf of organization SFB to comply with various sections under the Companies Act 2013.
- Maintain a repository of loss data to capture operational losses as per the Board approved threshold limits (in the EGRC SAS module).
- Develop a focused approach to improve KRI(s) so as to bring them within an acceptable threshold.
- Implementation of Internal Audit and RBI recommendations specific to the Operational Risk unit
- Conduct Root Cause Analysis (RCA) of loss incidents for identification of control gaps and recommend corrective action.
- Monitor and reconcile operational Loss general ledgers vis- vis loss events recorded and reported to RBI.
- Maintain a repository of Issue and Action and committee recommendations, and track them for effective implementation in the designated software for tracking (ERGC SAS)
- Annual review of operational risk policy documents to incorporate all updates and amendments, and present such revised version of the document to the Board for necessary approvals.
- Develop risk and control matrix/register for various processes in organization SFB.
- Develop a risk appetite framework and continuously monitor it for tolerance.
- Contribute proactively towards capital adequacy-related Stress Testing.
- Develop and update the Operational Risk checklist on which the branches are assessed when visited across regions by the Operational Risk team.
- Eye-balling of account opening documents for customer onboarding due diligence and referring them to RCU/FCU agencies for sampling. Review reports shared by the agencies to evaluate the continuation of these accounts or to put restrictions like debit freeze or closure of the accounts.
- Maintain expenses within the budgetary allocation.
- Assist National Manager Operational Risk in carrying out the responsibilities pertaining to Operational Risk Management Committee (ORMC) which includes preparation of the information pack, presenting gaps, and suggesting controls and recommendations.
Learning & Performance:
- Build a capable team that can design, monitor, and update the Operational Risk framework
- To update self with prevailing regulations, notification, circulars, and guidelines of the regulators and statutory bodies, and disseminate the information regarding new regulatory developments.
- Develop training modules, including online modules, for the development and maintaining of risk culture.
- Coordinate and impart a multifaceted educational and training program that focuses on the elements of risk, process adherence, do's and don'ts and seeks ownership of risk controls
- Train respective stakeholders on conducting RCSA on their own with minimal support from Operational Risk.
- Continuously drive benefits of reporting risk events across branches, regional offices, and corporate offices to build risk ownership, and incentivize to encourage such reporting.
- Attend external training programs and workshops to enhance operational risk skill sets.
- Enhance knowledge through successful certification in various courses related to risk management and the latest technological developments.
- Ensure goal-setting, mid-year review and annual appraisal process happen within specified timelines for self and the team.
2. ROLE REQUIREMENTS
Desired Qualification MBA or Graduate with Certification in Risk management.
Technical Certification NA
Desired Experience At least 12 years of experience in Retail business, should have experience in both Assets and Liabilities business with at least 10+ years of hands-on experience in Risk, Audit, Compliance, or Operations.
3. PERFORMANCE METRICS
BSC Perspective Key Result Areas Key Performance Index
Financial / Business - Evaluation of process (BIA)
- BCP conducted as per schedule
- Risk assessment for onboarding
- RCSA conducted and discussed
- Review BRD, FSD, and UAT - TAT to complete
- 100% as per schedule
- 100% as per board directive
- 100% as per schedule
- 100% attended and responded
Customer - Publish Risk Scorecard
- Publish Organizational KRI and Functional KRI
- Control & mitigation - Publish within the timeline
- Publish within the timeline
- % implementation of controls for identified risk
Internal Process - IFC Testing progress and completion
- Loss data management
- Ops Loss GL
- Ops risk policy documents
- Audit & observations
- FCU
- Budget vs Expense - TAT to complete
- All reported events recorded
- 100% reconciled
- updated
- Timely closure
- 100% closure
- 100% publication of reports
Learning & Performance - Training module development & training
- Goal setting and appraisals - % coverage to stakeholders
- % completion
4. FUNCTIONAL KNOWLEDGE AND SKILLS
(Knowledge and skills needed for satisfactory performance of the job)
- Sound understanding of Risk Management principles and knowledge of the evolving practices for the management of Operational Risk
- Knowledge of microfinance and functioning of Retail organization branches; cash management, branch operations, retail Forex, payments and clearing, businesses like deposits, term deposits, credit cards, lockers, overdrafts, etc.
- Knowledge of retail assets, including secured and unsecured loans, mortgage loans, commercial vehicle loans, etc.
- Knowledge of RBI policies and guidelines relevant to SFB
- Knowledge of various statutory guidelines and laws like SARFESAI, FEMA, KYC, etc. relevant to the Banks
- Ability to anticipate and mitigate risk by developing appropriate ORM policies
- Adept at influencing process and policy changes to build control and mitigate risk
5. BEHAVIOURAL COMPETENCIES
- Strong Interpersonal skills
- Effective team player and efficient team leader
- Efficient Stakeholder management
- Project management skills
- Ability to work with cross-functional teams to deliver the desired outcome
- Strong analytical skills
- Strong written communication and presentation skills
- High standards of integrity and ethic
Didn’t find the job appropriate? Report this Job