Principal, OTCR, Coverage WRB
Location | Kampala, Uganda |
Date Posted | October 31, 2024 |
Category |
Banking
Finance Management |
Job Type |
Full-time
|
Currency | UGX |
Description
JOB DETAILS:
Key Responsibilities
Strategy
• To uphold the integrity of the operational, technology and cyber risk / return decisions for Wealth and Retail Banking (WRB) in Uganda and Africa cluster, and in particular for ensuring that operational, technology and cyber risks are properly assessed, and that risk / return and control cost / benefit decisions are made transparently on the basis of this proper assessment and are controlled in accordance with the Group’s standards and its Risk Appetite.
• To ensure that the Operational Technology and Cyber Risk (OTCR) framework, policies and standards issued under the Enterprise Risk Management Framework (ERMF) are effectively embedded and communicated across Uganda. Support Country OTCR WRB in the Africa region enabling them to disseminate OTCR related procedures effectively within their individual countries.
• To provide a focal point of control over the aggregate level of operational risk related to WRB in Uganda that arises from end-to-end processes, including the design of effective controls and the systematic monitoring of process control effectiveness.
• To ensure that risks pertaining to OTCR L2/L3 risks (as RFO) are being actively controlled on an end-to-end basis in Country and Cluster.
• To support Country Head of OTCR to ensure that they are meeting local regulatory requirements as they pertain to operational risk management, prudential standards and governance, conduct and operational standards.
• Use the wider Risk talent pool available across the region for promoting regional efficiencies in undertaking or managing risk events and initiatives requiring support from OTCR perspective.
• To ensure best practices in Operational Technology and Cyber Risk across the Uganda and Africa Cluster.
Business
• Engage relevant stakeholders (e.g. Business partners, Finance, Legal and Compliance) to raise awareness of Operational, Technology and Cyber Risks and how these are managed in Uganda.
• Identify and report key risks material to WRB in Uganda and challenge the First Line to evidence that the material risks arising from their business activities have been identified, assessed, monitored and reported.
• Ensure that risk decisions are transparent and supporting rationales are explained in a professional and courteous manner, especially when turning down proposals.
• Ensure that operational risk measurement methodologies are fit-for-purpose, comprehensive and implemented with integrity.
• Continuously enhance risk measures and transparency.
• Be forward looking, taking into consideration external events which may be material to this region. Ensure that appropriate management action is being taken to mitigate their impact.
• Annually with guidance from Group ICAAP/ILAAP specialists, support the CCRO to participate in the stress test and scenario program for OTCR related risk(s), as per the ICAAP/ILAAP process.
Processes
• Control portfolio within the set risk parameters to ensure risk profile remains within risk tolerances.
• Identify training needs for OTCR staff in Uganda and collaborate with OTCR Coverage in an effective manner to enhance the skill-set available within the countries to discharge their roles in an effective manner.
• Continue to work with OTCR Coverage to provide clarifications on OTCR Policies and Standards including practical implementation guidance to enable OTCR staff in Uganda to implement Policy/Procedure prescriptions in an effective manner within the countries.
• Follow the Risk and Control Self-Assessment (RCSA) process and escalate concerns or risks to OTCR Coverage WRB.
People and Talent
• Set appropriate tone and expectations for teams and work in collaboration with risk and control partners.
• Lead through example and build the appropriate culture and values within the function and across the wider organization.
• Understand and ensure compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
Risk Management
• Take ownership for all Second-Line accountabilities within the OTCR related RTFs and the Enterprise Risk Management Framework (“ERMF”), as they pertain to Uganda and Africa cluster.
• Expert for Country and Cluster on OTCR L2/L3 risks where designated as RFO. For specialist areas (Third Party, Resilience, ICS and Technology), consult the relevant group SME teams for expertise/guidance.
• Ensure immediate escalation by countries to Group of Material risk events.
• Drive comprehensive, high quality root cause analysis of unsatisfactory operational risk events and agree risk management action plans with Country Process Owners.
• Ensure new activities, changes to processes and products conform with the policies where OTCR is the 2LOD/Risk Owner.
• Periodic oversight of gross and residual risk ratings and risks requiring escalation under the Risk and Control Self-Assessment (RCSA) Framework within the OTCR related policy and standards.
• Embed OTCR related policies, ensuring first and second line are aware of and understand their responsibilities under them.
Risk Appetite
• Review and challenge the country strategy where it is not aligned with the country risk appetite.
• Maintain operational risk capability and a control environment which is in line with the OTCR.
• Assess periodically the Country OTCR risk profile.
• Conduct, at least annually and with guidance from Group & Country specialists, the Risk Appetite Refresh for OTCR, monitor the approved metrics on an ongoing basis, and escalate incidents of breach to respective Committees.
Risk Ownership
• Provide a central contact point and oversight over all controls required to effectively manage OTCR risks within Uganda that arises from the end-to-end processes of WRB.
• Challenge the completeness of risk identification, monitoring and assessment of the corresponding control activities required within the end-to-end processes as undertaken by the countries to identify and follow through the remediation by the 1st line owners of any significant deficiencies.
• Ensure compliance with OTCR related frameworks, policies and standards.
• Engage and involve OTCR SMEs pertaining to their area of expertise where appropriate.
Risk Governance
• Support the Country Head OTCR and Africa WRB Cluster Leads in fulfilling their country and cluster OTCR responsibilities.
• Represent OTCR Uganda in relevant Risk Forums for WRB.
• Support training initiatives from Group OTCR, wherever required.
• Ensure that country OTCR are effective in identifying, monitoring, managing, remediating, and escalating risks and issues.
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
• Maintain an open and cooperative relationship in dealing with the regulators in-country.
• Support OTCR related regulatory reporting.
• Support the function of various Risk Committees/Forums in-country.
• Provide 2LoD support in regulatory reviews, Internal and External audits, and managing the overall risk governance activities for the country.
The performance of the WRB OTCR Coverage, WRB will be measured by:
• No significant findings identified by GIA reviews on adherence to OTCR related RTFs, Policies and Standards.
• Favourable external or regulatory audit outcomes.
• Effective delivery of Group Operational Risk commitments and 100% commitment to the Code of Conduct.
• Broad alignment of the ERC with GNFRC. There must be a general level of acknowledgement that controls have been made more efficient and effective and OTCR reduced, and attestation to a complete country risk profile and awareness of emerging risks.
Key stakeholders
Internal:
• Group and Cluster OTCR team
• Members of Country Risk Management Team
• Country Heads of Business segment: WRB
• Country Heads of Control Functions
• Group Internal Audit
• OTCR SMEs
External:
• Regulators and Central Banks in key markets across the Cluster
• External auditors
Other Responsibilities
• Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures.
• Support the CCRO in risk management or governance at country level as appropriate and/or assigned from time to time.
Skills and Experience
• Risk – Operational Risk Management
• Risk – Business Partnering
• Risk – Manage Change
• Risk – Communication and Influencing skills
Qualifications
• EDUCATION - Degree in Business Administration, Finance, accounting or equivalent.
• TRAINING - Operational risk management experience.
o A clear understanding of the Bank’s approach to the management of operational risk, or equivalent experience gained in other organisations.
o Sound judgement and courage necessary to perform a control role and maintain effective working relationships.
o Excellent analytical skills and sound judgement in a rapidly changing environment.
o Ability to leverage resources across the organisation to complete deliverables.
o Effective verbal and written communication skills.
o Ability to present complex risk issues to senior and non-technical stakeholders.
o Excellent interpersonal skills, multicultural awareness and sensitivity.
o Proactive risk management.
• LANGUAGES - English