The business ORO ensures that operational risk is being effectively managed by ensuring business management implements and maintains the operational risk aspects of the Bank’s Risk Management Framework, group operational risk strategy and associated operational risk procedures.
•Ensure the operational risk appetite is understood by the business
•Ensure the business is proactively identifying, registering, measuring, accepting and monitoring risk across end to end processes
•Ensure the business’ control environment is effective in:
•Reducing gross operational risk exposure to acceptable levels of target residual risk commensurate with the risk appetite
•Obtaining a favourable audit outcome
•Ensure appropriate consideration is given to operational risk versus return prior to launching new products
•Maintain an optimal balance between risk and the cost of control
•Communicate with both external stakeholders to demonstrate compliance with their requirements and with internal stakeholders to highlight critical OR issues
•Help develop an operational risk culture by ensuring compliance with operational risk governance procedures and policies, management information is used intelligently and by delivering on training
Key Roles & Responsibilities
PLAN
Ensure the operational risk appetite is understood by the businessRisk Appetite
•Educate the business about risk appetite through use of the Operational Risk Assessment Matrix, Delegated Authorities Matrix and the Risk Register
•Review and challenge annual budgets of the business
•Evaluate new/ updated Product Programs and ensure both the end to end process has been clearly documented and all significant gross operational risks have been identified, assessed and monitored through use of the Risk Registers.
INFORM
Ensure the business is proactively identifying, registering, measuring, accepting and monitoring risk across the end to end processesRisk Identification
•Ensure business has clearly documented its critical end to end processes and sufficient ongoing review is being performed by the business to review its processes and identify BAU gross operational risks.
•Ensure the business is documenting their end-to end processes and proactively utilising process risk analysis techniques to identify gross operational risks within:
•New products through the product program process
•New business projects (including integrations)
•Ensure business management are proactively utilising root cause analysis techniques to assess internal business incidents
•Understand the root causes associated with significant external incidents and the applicability of these to the bank’s processes.
Risk Assessment and Measurement
•Ensure business management have incorporated new gross risks into the risk register, and validate and challenge:
•Assessment of gross risk against the Operational Risk Assessment Matrix
•Identification of risk mitigation (including the identification of existing controls)
•Assessment of residual risk against the Operational Risk Assessment Matrix (including an assessment of control effectiveness)
Risk Monitoring
•Ensure business and the PGC :
•Update and ensure the business risk register is an accurate reflection of the risk profile of the business.
•Have developed effective risk monitoring mechanisms to monitor the risks and controls highlighted in the Risk Register including Key Risk Indicators (KRIs), Key Control Indicators (KCIs) and Control Sample Testing
•Regularly monitor risk registers, key risk indicators (KRIs), key control indicators (KCIs),control sample testing, assurance and audit results and determine actions required.
•Identify systemic and aggregate risks impacting the business.
Risk Acceptance
•Ensure business has adequately completed a Risk Record Template for acceptance of high and extreme residual risks
•Ensure Risk Register is completed for acceptance of medium risks
•Ensure all risks are either accepted or escalated by the PGC in accordance with the Delegated Authorities Matrix
•Approve Product Program if risks have been appropriately identified, assessed, accepted and sufficient risk monitoring plans are in place
Stress Testing
•Conduct stress testing on operational risk scenarios for business risk appetite reviews and ICAAP reviews
Risk Reporting
•Manage event reporting:
•Ensure business capture risk events (losses and near misses) in Phoenix
•Approve operational risk losses in Phoenix according to delegated authority
•Escalate significant operational risk events (SORE) in accordance with OR procedures
•Prepare material loss reports and SORE reports as required
•Investigate and report root causes of events (near misses and losses) for incidents within and above your level of delegated approval authority
•Perform periodic risk and event reporting:
•Prepare and present OR reports (ensuring accurate and reliable information) to PGC / CBRC / GORC
•Prepare and present OR components (ensuring accurate and reliable information) to other committees as required
CONTROL
Ensure the business’ control environment is effective in reducing gross operational risk exposure to acceptable levels of target residual risk commensurate with the risk appetite and in obtaining a favourable audit outcomeRisk Treatment
•Constrain business to avoid excessive risk as per delegated authority
•Review and approve treatment applying techniques of good control design
•Ensure business periodically review existing treatment plans
•Monitor treatment plans to ensure they are implemented by the business
Control Sample Testing
•Develop and periodically update control sample testing plan in conjunction with risk control owners
•Ensure control sample testing plan is implemented
•Ensure treatment plans are developed by the business in response to control sample testing, assurance and audit results
•Ensure treatment plans are implemented and control issues are addressed
ORIGINATE
Ensure appropriate consideration is given to operational risk versus return prior to launching new products in country•Ensure business consider operational risk appetite and existing residual risks, as identified in the risk registers, prior to the approval of new products through the Product Programs process
OPTIMISE
Maintain an optimal balance between risk and the cost of control•Regularly assess existing business key controls against the risk registers to ensure the level of control remains cost effective, efficient and relevant
COMMUNICATE
Communicate with both external stakeholders to demonstrate compliance with their requirements and with internal stakeholders to highlight critical OR issuesCommunicate to External Stakeholders
•Participate in ICAAP reviews
•Prepare quarterly Basel data submission
[
Communicate to Internal Stakeholders
•Communicate critical OR issues to key internal stakeholders in a timely manner
RISK MANAGEMENT ENABLERS
Help develop an operational risk culture by ensuring compliance with operational risk governance procedures and policies, management information is used intelligently and delivering on trainingPolicies & Procedures
•Ensure compliance with operational risk governance procedures:
•Ensure PGC complies with its governance requirements as stated in the Terms of Reference,
•Adhere to operational risk authorities
•Ensure compliance with operational risk policies:
•Understand all changes to operational risk policies and ensure they are implemented
•Ensure business monitors OR policy compliance and develops remediation plans
People & Skills
•Obtain operational risk certification
•Conduct operational risk related training for business
•Conduct systems training (Phoenix and Optial)
•Ensure completion of mandatory operational risk e-Learning by the business
OR Management Information and Intelligence:
•Implement the Group standardized MI & Intel procedures to ensure outputs meet quality and effectiveness principles and adhere to relevant timelines
•Work with stakeholders at business, country, regional and Group levels to identify additional management reporting requirements
•Continuously improve the quality and effectiveness to MI & Intel data quality and procedures to ensure relevant and direct management attention in the right areas
•Establish processes for tracking metrics relating to operational risk data quality at the business level
Qualifications & Skills
Operational risk accreditation
•Relevant business/function experience, including experience within business/function operations
•Operational risk management experience
•A clear understanding of the Bank’s approach to the management of operational risk, or equivalent experience gained in other organisations
•Ability to work in a matrixed organisation, leveraging resources across the organisation to complete deliverables
•The sound judgement and courage necessary to perform a control role and maintain effective working relationships
How To Apply
You can search and view current opportunities across our organisation and apply immediately by registering or logging in to our careers website www.standardchartered.com/careers. To help speed up your application, please note the following:
- You will need to log in (or register if you are visiting our careers site for the first time) before you can apply for a specific role
- Some roles may require you to undertake an online talent assessment in addition to completing the application form (to facilitate this process it is preferable that you provide us with an email address as part of your contact information)
- We will ask you about your education, career history and skills and experience, it may be helpful to have this information at hand when completing your application
It usually takes 15 - 20 minutes to complete the application form; you can save your application at any time and return to complete it at your convenience.
Closing Dates
The closing date for applications is 28/02/2013. Please note all closing dates are given in Hong Kong time (GMT + 8 hours). We aim to respond to successful applicants within four weeks and will keep a record or your application in our database so that we can contact you when suitable vacancies arise in future.
Diversity & Inclusion
Standard Chartered is committed to diversity and inclusion. We believe that a work environment which embraces diversity will enable us to get the best out of the broadest spectrum of people to sustain strong business performance and competitive advantage. By building an inclusive culture, each employee can develop a sense of belonging, and have the opportunity to maximise their personal potential.
•Ensure the operational risk appetite is understood by the business
•Ensure the business is proactively identifying, registering, measuring, accepting and monitoring risk across end to end processes
•Ensure the business’ control environment is effective in:
•Reducing gross operational risk exposure to acceptable levels of target residual risk commensurate with the risk appetite
•Obtaining a favourable audit outcome
•Ensure appropriate consideration is given to operational risk versus return prior to launching new products
•Maintain an optimal balance between risk and the cost of control
•Communicate with both external stakeholders to demonstrate compliance with their requirements and with internal stakeholders to highlight critical OR issues
•Help develop an operational risk culture by ensuring compliance with operational risk governance procedures and policies, management information is used intelligently and by delivering on training
Key Roles & Responsibilities
PLAN
Ensure the operational risk appetite is understood by the businessRisk Appetite
•Educate the business about risk appetite through use of the Operational Risk Assessment Matrix, Delegated Authorities Matrix and the Risk Register
•Review and challenge annual budgets of the business
•Evaluate new/ updated Product Programs and ensure both the end to end process has been clearly documented and all significant gross operational risks have been identified, assessed and monitored through use of the Risk Registers.
INFORM
Ensure the business is proactively identifying, registering, measuring, accepting and monitoring risk across the end to end processesRisk Identification
•Ensure business has clearly documented its critical end to end processes and sufficient ongoing review is being performed by the business to review its processes and identify BAU gross operational risks.
•Ensure the business is documenting their end-to end processes and proactively utilising process risk analysis techniques to identify gross operational risks within:
•New products through the product program process
•New business projects (including integrations)
•Ensure business management are proactively utilising root cause analysis techniques to assess internal business incidents
•Understand the root causes associated with significant external incidents and the applicability of these to the bank’s processes.
Risk Assessment and Measurement
•Ensure business management have incorporated new gross risks into the risk register, and validate and challenge:
•Assessment of gross risk against the Operational Risk Assessment Matrix
•Identification of risk mitigation (including the identification of existing controls)
•Assessment of residual risk against the Operational Risk Assessment Matrix (including an assessment of control effectiveness)
Risk Monitoring
•Ensure business and the PGC :
•Update and ensure the business risk register is an accurate reflection of the risk profile of the business.
•Have developed effective risk monitoring mechanisms to monitor the risks and controls highlighted in the Risk Register including Key Risk Indicators (KRIs), Key Control Indicators (KCIs) and Control Sample Testing
•Regularly monitor risk registers, key risk indicators (KRIs), key control indicators (KCIs),control sample testing, assurance and audit results and determine actions required.
•Identify systemic and aggregate risks impacting the business.
Risk Acceptance
•Ensure business has adequately completed a Risk Record Template for acceptance of high and extreme residual risks
•Ensure Risk Register is completed for acceptance of medium risks
•Ensure all risks are either accepted or escalated by the PGC in accordance with the Delegated Authorities Matrix
•Approve Product Program if risks have been appropriately identified, assessed, accepted and sufficient risk monitoring plans are in place
Stress Testing
•Conduct stress testing on operational risk scenarios for business risk appetite reviews and ICAAP reviews
Risk Reporting
•Manage event reporting:
•Ensure business capture risk events (losses and near misses) in Phoenix
•Approve operational risk losses in Phoenix according to delegated authority
•Escalate significant operational risk events (SORE) in accordance with OR procedures
•Prepare material loss reports and SORE reports as required
•Investigate and report root causes of events (near misses and losses) for incidents within and above your level of delegated approval authority
•Perform periodic risk and event reporting:
•Prepare and present OR reports (ensuring accurate and reliable information) to PGC / CBRC / GORC
•Prepare and present OR components (ensuring accurate and reliable information) to other committees as required
CONTROL
Ensure the business’ control environment is effective in reducing gross operational risk exposure to acceptable levels of target residual risk commensurate with the risk appetite and in obtaining a favourable audit outcomeRisk Treatment
•Constrain business to avoid excessive risk as per delegated authority
•Review and approve treatment applying techniques of good control design
•Ensure business periodically review existing treatment plans
•Monitor treatment plans to ensure they are implemented by the business
Control Sample Testing
•Develop and periodically update control sample testing plan in conjunction with risk control owners
•Ensure control sample testing plan is implemented
•Ensure treatment plans are developed by the business in response to control sample testing, assurance and audit results
•Ensure treatment plans are implemented and control issues are addressed
ORIGINATE
Ensure appropriate consideration is given to operational risk versus return prior to launching new products in country•Ensure business consider operational risk appetite and existing residual risks, as identified in the risk registers, prior to the approval of new products through the Product Programs process
OPTIMISE
Maintain an optimal balance between risk and the cost of control•Regularly assess existing business key controls against the risk registers to ensure the level of control remains cost effective, efficient and relevant
COMMUNICATE
Communicate with both external stakeholders to demonstrate compliance with their requirements and with internal stakeholders to highlight critical OR issuesCommunicate to External Stakeholders
•Participate in ICAAP reviews
•Prepare quarterly Basel data submission
[
Communicate to Internal Stakeholders
•Communicate critical OR issues to key internal stakeholders in a timely manner
RISK MANAGEMENT ENABLERS
Help develop an operational risk culture by ensuring compliance with operational risk governance procedures and policies, management information is used intelligently and delivering on trainingPolicies & Procedures
•Ensure compliance with operational risk governance procedures:
•Ensure PGC complies with its governance requirements as stated in the Terms of Reference,
•Adhere to operational risk authorities
•Ensure compliance with operational risk policies:
•Understand all changes to operational risk policies and ensure they are implemented
•Ensure business monitors OR policy compliance and develops remediation plans
People & Skills
•Obtain operational risk certification
•Conduct operational risk related training for business
•Conduct systems training (Phoenix and Optial)
•Ensure completion of mandatory operational risk e-Learning by the business
OR Management Information and Intelligence:
•Implement the Group standardized MI & Intel procedures to ensure outputs meet quality and effectiveness principles and adhere to relevant timelines
•Work with stakeholders at business, country, regional and Group levels to identify additional management reporting requirements
•Continuously improve the quality and effectiveness to MI & Intel data quality and procedures to ensure relevant and direct management attention in the right areas
•Establish processes for tracking metrics relating to operational risk data quality at the business level
Qualifications & Skills
Operational risk accreditation
•Relevant business/function experience, including experience within business/function operations
•Operational risk management experience
•A clear understanding of the Bank’s approach to the management of operational risk, or equivalent experience gained in other organisations
•Ability to work in a matrixed organisation, leveraging resources across the organisation to complete deliverables
•The sound judgement and courage necessary to perform a control role and maintain effective working relationships
How To Apply
You can search and view current opportunities across our organisation and apply immediately by registering or logging in to our careers website www.standardchartered.com/careers. To help speed up your application, please note the following:
- You will need to log in (or register if you are visiting our careers site for the first time) before you can apply for a specific role
- Some roles may require you to undertake an online talent assessment in addition to completing the application form (to facilitate this process it is preferable that you provide us with an email address as part of your contact information)
- We will ask you about your education, career history and skills and experience, it may be helpful to have this information at hand when completing your application
It usually takes 15 - 20 minutes to complete the application form; you can save your application at any time and return to complete it at your convenience.
Closing Dates
The closing date for applications is 28/02/2013. Please note all closing dates are given in Hong Kong time (GMT + 8 hours). We aim to respond to successful applicants within four weeks and will keep a record or your application in our database so that we can contact you when suitable vacancies arise in future.
Diversity & Inclusion
Standard Chartered is committed to diversity and inclusion. We believe that a work environment which embraces diversity will enable us to get the best out of the broadest spectrum of people to sustain strong business performance and competitive advantage. By building an inclusive culture, each employee can develop a sense of belonging, and have the opportunity to maximise their personal potential.
Company Description
Standard Chartered PLC is a leading international bank, listed on the London, Hong Kong and Mumbai stock exchanges. It has operated for over 150 years in some of the world's most dynamic markets and earns more than 90 per cent of its income and profits in Asia, Africa and the Middle East. This geographic focus and commitment to developing deep relationships with clients and customers has driven the Bank's growth in recent years.With 1,700 offices in 70 markets, Standard Chartered offers exciting and challenging international career opportunities for around 85,000 staff. It is committed to building a sustainable business over the long term and is trusted worldwide for upholding high standards of corporate governance, social responsibility, environmental protection and employee diversity. The Bank's heritage and values are expressed in its brand promise, Here for good.
