AVP - Third Party Risk Management

Job Purpose : The incumbent supports the VP – Operational Risk, Head of TPRM in directing and leading the Group-wide (including subsidiaries and international branches) strategic development and implementation of the Third-Party Risk Management Framework of the Bank. This is done in alignment with relevant regulatory requirements and reflecting the best practices to ensure proactive management of the overall Third Party Risk Management requirements. Lead the design and deployment of a firm-wide TPRM framework (including outsourcing governance framework). Manage the ongoing TPRM program which includes an integrated approach for assessing and mitigating the risk of new and existing third-party suppliers. Ensure that risks associated with Third Party relationships, before and after entering into contracts, are sufficiently identified, assessed, monitored and controlled. Manage and enhance the governance model to provide ongoing monitoring and oversight of the risks posed by third-parties. Monitor and update third-party risk assessment framework to respond and adhere to new and existing regulatory guidelines and initiatives. Lead third-party risk segmentation, deploy and maintain up-to-date annual attestations by contract owners. Develop reports for use by business areas and senior management regarding third-party risks. Identify and escalate key items of concern regarding new and existing current third–parties, including the potential of concentration risk and fourth-party risk exposures. Partner with sourcing partners, Operational Risk Team, Information Security and Technology Risk Team, Compliance, Legal, business areas and other assurance functions in the second and third line of defense to identify third-party risks and escalate those risks appropriately. Support Head of TPRM in addressing the Central Bank, Internal Audit, and Compliance observations. Monitor the first line Business Units’ status of the RCSA, ORE, KRI, Issues & Actions and NPPA programs; Perform detailed analysis on the outputs of the Group operational risk management programs; Maintain ongoing monitoring of the Bank’s Operational Risk profile at a Business Unit level; Maintain compliance to regulatory requirements and create environment for continuous improvements. Provide user support and ensure ongoing management of the Group operational risk program design on prism, the Bank’s Operational Risk Management Information System. Operating Environment, Framework & Boundaries and Working Relationship Regular interaction and working relationship with: Head of TPRM Head of Operational Risk & Resilience; Heads of Segments, Divisions, Countries, Subsidiaries and Affiliates; Heads of Second Line functions including Fraud Prevention & Intelligence, Compliance & Information Security; and Senior Management of outsourced service providers of the Bank. Problem Solving Ability to influence and challenge Business Units for effective Third Party Risk management; Ability to assimilate and adopt emerging and leading practices and developments in the area of Third Party Risk Management; and Undertake multi-dimensional assessments of operational risk data, derive risk-based analysis & conclusions. Decision Making Authority & Responsibility Empowered to approve/authorize Operational Losses in line with delegated authority; Authority to escalate breaches to Operational Risk Management policy and framework to relevant stakeholders/Governance forums; Owner of the Operational Risk General Ledger; Authority to manage the cost centre of Operational Risk; and Responsible for regulatory reporting and disclosures on Operational Risk. Knowledge, Skills and Experience Minimum of 3-5 years focused expertise in Third-party Risk Oversight, Vendor Governance, Risk Management, Operational Risk Proven related financial services experience, risk & regulatory related experience highly desired Third Party Vendor experience preferred Broad and deep third-party risk technical knowledge Strong people management, internal consulting, and partnering skills Ability to influence with or without authority to achieve desired outcomes Balance and successfully manage competing priorities