Job description / Role
* Overall responsible for the preparation, communication, implementation, delivery and expansion of T&O OR plan, working in close coordination with country, Regional and Global stakeholders.
* Support ITO units in understanding and implementing Regulatory requirements.
* Represent Group R&C ITO at the country level for implementation of standards, continuous improvement programs and strategic transformations.
Pro-active Risk Management
* Peer Reviews/Risk Assurance - schedule periodic peer reviews with a view to be 'ever audit ready'. Leverage Group Subject Matter Experts where necessary.
* Validate 'Process Risk Analysis' conducted by ITO units.
* Review of BOLD matrix and feedback "where applicable"
iGear (where introduced)
* Identify key hotspot processes for workflow automation through iGEAR.
* Review defined workflows and ensure required controls are embedded.
* Risk Identification, Assessments, Measurements, Acceptance and Monitoring
* Control Testing/Risk Identification - determine effectiveness/ineffectiveness of defined controls and arrive at control strength matrix and on the ground residual risk.
* Risk Acceptance/Treatment Plan/Escalation - for all cases where residual risk is medium, high or very high, prepare a RAR along with treatment plan. Update risk in Group OR systems i.e. Optial/ Phoenix etc. Monitor progress towards target residual risk.
* Regular review of controls to improve design towards automation and preventive management.
Risk Management through Standardised MI
* KRI Review, Analysis & Action Plans - highlighting key trends of concern.
* Phoenix/Optial Maintenance/Review/Cleanup - ensure information on Phoenix and Optial is kept up-to-date.
* Review weekly reports circulated by central team in Chennai and take appropriate action.
* Risk Register/Heatmap Review - review heatmap and risk registers and arrive at action plans for reducing residual risk.
* Review of Audit failure/issues/action plans - identify cross border issues, track and resolve.
* Conduct a threat/stress & scenario based assessment and update risk register.
* Review open regulatory risks and assess/agree treatment plans.
Day to Day Operating Controls
* Review/define COPMAN Controls - checklist of day to day summary controls performed by unit heads and their staff - embedded these within the processes.
* Monitor/review COPMAN Controls through spot checks - management of exceptions and feedback to line managers.
Root Cause Analysis
* Identify and define the problem (operational loss, audit failure, near miss, significant event, high severity incidents)
* Drive root cause analysis
* Update Risk Register/Agree Treatment Plan and follow-up for closure.
Operational Loss Management/Near Miss
* Operational Loss Approval & Booking - ensure losses are approved in line with delegated authorities granted.
* Ensure the accounting is correctly done to register the loss.
* Reconciliation of Ops loss to GL - reconcile the GL account against Phoenix records.
* Audit Coordination (Group + Regulatory) - whilst the primary responsibility for every audit will still remain with the Unit Head, R&C will be expected to play a critical role going forward.
* Every ROF and quality of its management response will have to be vetted by R&C to ensure that the findings are factually correct and the agreed action plans, along with target dates, are reasonable and achievable. R&C will take joint responsibility for audit outcomes.
* Audit Issue Tracking & Closure - track aging of findings and ensure periodic follow-up.
* Keep audit informed of progress and ensure any delays in resolution are appropriately approved before due date.
Risk Governance Representation and Preparation of Risk Packs
* Local Interface to Country OR Head - be the main ITO liaison point to the Country OR Head.
* Represent ITO in country FORC, BORGs, CORC - where necessary.
* Support/lead as applicable - key thematic risk reviews/mitigation projects i.e. data quality/confidentiality, outsourcing, EUC, user access, MAR, reconciliations, Stability, Change Quality, Frauds, FCR, Regulatory ect. within applicable units.
* Academic or Professional Education/Qualifications: As per Bank's requirements and HR policy
* Licences and Certifications/accreditation: None
* Professional Memberships: None
* Language: English
About the Company
Standard Chartered Bank started in 1958 in UAE with its first branch in Sharjah. The Group’s business gradually increased in Dubai with the opening of several branches and today, Dubai is the administrative hub of the Middle East and South Asia Region. In its 43rd year, the Bank enjoys the position of having the most extensive branch network among foreign international banks in UAE with 10 branches emirate-wide.
Standard Chartered is an international bank, focused on the established and emerging markets of Asia, Africa, the Middle East and Latin America with an extensive global network of more than 600 offices in over 50 countries. The three principal business groups are Global Markets, Personal Banking and Corporate and Institutional Banking.
In UAE, we are one of the leading banks, offering an extensive range of products and services for personal customers, local companies, multinational corporate and financial institutions.