Proactively manage the risk of the division/department to reduce the likelihood or impact of negative impact events.
Risk management is through the proactive identification of risks facing by the unit. Identification techniques range from the formal use of risk management tools (such as Risk Control Self-Assessment) through to the informal recognition of control weaknesses from day to day management of a unit. The role holder should ensure that the division/department has the appropriate level of knowledge and understanding to ensure that material risks are identified. The role holder also has the responsibility to ensure that identified risks are reviewed to see if they are unique to their area or have wider implications for the group.
Risks identified require measurement using the Group's methodology, rating each of the risks as High, Medium or Low. The role holder should provide guidance to staff who are rating risks to ensure risk ratings agree with definitions in the Group's methodology.
Where residual risks require mitigation, action plans should be developed to address the risk permanently where possible. Role holder has the responsibility to ensure action plans are appropriate and that action plans are closed by the due date.
Role holder has the responsibility to report risk to the Head of Division/Department so that Heads of Division/Department have a clear view of the control effectiveness of their unit.
To execute the operational risk and compliance frameworks of the bank in a robust and disciplined manner so as to achieve sound risk management practices and reporting.
Operational risk framework includes the following tools:
Risk Control Self-Assessment/ Operational Event and Loss Data Management
Control Issue Management
New Product Approval
Operational Risk Committees
Key Risk Indicators
To constructively engage with the second line of defence to achieve an optimal outcome of risk management for the CIMB Group.
Role holder to assist with the coordination of the second line of defence challenge activities.
To provide constructive feedback to the Operational Risk Department on improvements to the framework.
To build and execute the compliance risk framework within the division/ department in a robust and discipline manner so as to achieve sound compliance risk management practices and reporting.
Ensures that every business/support units within the division/department has a DCORO and the appointment is properly executed via GHR.
Coordinate and track an updated list of the DCOROs within their business and set the relevant DCORO KPIs.
Facilitate all relevant DCORO training and to cascade information on all regulatory updates to the DCOROs and respective business heads.
Provide guidance on the Compliance Self-Testing Matrices/Risk Control Self-Assessment to the DCOROs.
Act as the liaison person in all regulatory visits made to the division/department.
To support and lead the division/ department in relation to proactive identification and management of compliance risk.
Engage with the business units on compliance and control initiatives with an objective of educating the business to proactively manage their risk and controls by leveraging on the compliance tools:
Risk Control Self-Assessment
Control Issue Management
Loss Event Data Management
Provide support and advice to the first line of defence in understanding and mitigating the expectation of the regulatory guidelines/circulars/notification.
Assist the first line of defense in formulating the compliance framework and all regulatory risk associated to the business e.g. to review new/amended regulatory guidelines.
Assist in identification of key risks and remediation of risks relative to new initiatives e.g. submission of proposals, review of marketing materials.
To proactively identify areas with ineffective controls and work with the relevant stakeholders to enhance overall control environment to mitigate compliance risks.
Conduct gap analysis to identify business risk and control assessments to ensure compliance with applicable regulations.
Ensure efficient and effective compliance risk management practices are adhered to the required standards and processes e.g. timely reporting of regulatory breaches, analysis on the root cause of breaches.
Work together with all risk control functions to ensure emerging risks are appropriately addressed and captured in the Compliance Risk Framework.
Maintain tracking of remediation efforts related to review findings and other activities, as and when necessary.
Minimum 8 years of working experience in risk / audit / compliance / governance related roles.
Sound technical competency in understanding, identifying and managing risk & control drivers in different type of businesses.
Excellent communication skills both, verbal and written.
Good stakeholder management skills and able to build relationships across different management levels.
Able to work independently with minimal supervision pro-active and resourceful.
Internal Number: 5908405
About CIMB Malaysia
eFinancialCareers is a career site specializing in financial services.