Head of Operation Risk Control Unit

CIMB Group is a leading ASEAN universal bank, one of the largest Asian investment banks and one of the world's largest Islamic banks. CIMB Bank Singapore offers banking solutions catered to your every financial need with our consumer banking, commercial banking, Islamic banking and asset management products and services. At CIMB, we believe that our people are our greatest assets in realising our vision of becoming Southeast Asia's most valued universal bank. We offer an environment that is inspiring, creative, challenging and above all, one where our people can realise their full potential.

Responsibilities:

Drive strong Operational Risk Management practices

• Adopt a proactive risk management strategy which involves anticipating and addressing potential/emerging risks before occurrence to reduce the likelihood and impact of negative events by taking preventive actions in advance.
• Proactively identify areas with ineffective controls or non-compliance and work with the relevant stakeholders to enhance overall control environment to holistically mitigate operational risks.
• Support and facilitate the roll-out of the Group-wide risk frameworks, policies and procedures for the department and provide advice, assurance and validation to ensure the risk management SOPs and control frameworks, policies, and procedures are defined comprehensively and adhere to Group and country level risk frameworks, policies and procedures
• Implement and execute all the relevant policies and procedures eg Operational risk framework in a robust and disciplined manner so as to achieve sound operational risk management practices and reporting within the Department. This includes ensuring that departmental policy, procedures and standard operating procedures are effective and compliance
• To be first point of contact in providing support and advice to the Department in all operational risk advisory matter. The RCU Head should resolve queries which are within their knowledge and expertise and promptly escalate the issues which are unfamiliar and/or require specialist advice/ knowledge.
• Lead the Department in proactively identifying, managing and monitoring operational and compliance risk using operational risk tools. This includes recommending appropriate action owners within the Department to the HOD for any new and or revision in processes/ controls.
• Detect, highlight and mitigate emerging risks
• Proactively partner and engage with the 2nd Line of Defence to achieve an optimal outcome of risk management for the CIMB SG.
• Ensure gap analysis is completed in a timely and comprehensive manner for the new and/or updated regulatory requirements as well as the Bank's established policies, procedures and guidelines to ensure adequate processes and/ or controls are in place for compliance.
• Handle and deep-dive into operational risk events through understanding the sequence of events to identify the root cause/control weaknesses so as to develop and implement mitigating controls/preventive action plans.
• Perform independent thematic and/or periodic reviews of incident, project, process/control, systems, etc, to identify cause and controls breakdown/deviation at a department and/or cross departments level.

Champion the Risk and Compliance Culture

• Establish a reverence for strong compliance and risk management by applying knowledge and understanding of business products, services and processes
• Facilitate strong partnerships across various stakeholder groups, determine best methods of communication and establish escalation model and ensure an alignment of tasks between the 3 lines of defense to minimize overlap or gaps arising during execution of role and responsibilities
• To work closely with 2nd LOD, to design and develop training materials, where necessary, and conduct on-going compliance and risk-related training on a periodic basis within their respective division/ department as and when required, as part of upskilling and capability building initiative, with a view to enhance risk and compliance awareness, competency and culture within the BU/BE.
• Lead specific projects/ initiatives relating to Culture & Capability to raise awareness of operational and compliance risk within the Department, including emerging risks in the industry.
• Provide advice and assurance to the department in monitoring, reporting and escalating any risk culture issues/ updates to ensure that they operate within the risk and compliance culture framework as well as escalation of any risk culture issues/ updates (including initiatives to address identified risk culture areas for improvement) to Line 2, management and/or relevant risk committees
• Provide guidance to support the RCU team in their role to strengthen the 1st LOD, relating to Risk & Compliance matters, in the day-to-day running of the BU/BE, e.g. new product or product changes, process design, development of policies/procedures/SOP, etc.
• Ensures that every business and support unit within the Department has appropriate RCS and QA testers and the appointment is properly executed via GHR.
• Track and maintain an updated list of the RCU team members (onboarding and offboarding) within the Department
• Facilitate all relevant training within the Department and cascade relevant risk and compliance related information or program updates to the RCU teams including respective business heads

Promote and maintain regulatory compliance

• Implement and execute all the policies and procedures owned by Group Compliance in a robust and disciplined manner so as to achieve sound compliance risk management practices and reporting within the Department. This includes ensuring that departmental policy, procedures and standard operating procedures are well drafted to ensure the polices and procedures are well operationalized by the Department.
• To be first point of contact in providing support and advice to the Department in all compliance advisory matter. The RCU Head should resolve queries which are within their knowledge and expertise and promptly escalate the issues which are unfamiliar and/or require specialist advice/ knowledge.
• To ensure the regulatory gap analysis is completed in a timely and comprehensive manner for the new and/or updated legal and regulatory requirements and ensure adequate processes and/ or controls are in place for regulatory compliance.
• Proactively identify areas with ineffective controls or regulatory non-compliance and work with the relevant stakeholders to enhance overall control environment to holistically mitigate compliance risks.
• Lead the Department in proactively identifying, managing and monitoring compliance risk using compliance risk tools. This includes recommending appropriate action owners within the Department to the Head of Department for any new processes/ controls.
• To ensure that all non-compliance incidents and deficiencies, the assessment of impact (both financial and non-financial), disciplinary action is taken where necessary, the recommendation of preventive measure and corrective measure to address non-compliance incidents are promptly escalated and appropriately reported.
• To ensure the timely completion and the quality of compliance controls self-testing
• Conduct surveillance of AML and Counter Financing of Terrorism (CFT) risk indicators, including overall management of these risks and any reporting, where required.

Employee Engagement and Development

• Monitor performance against KPI's of the relevant RCU team; including soliciting and incorporating performance feedback from relevant BU/BE stakeholders (e.g. Head of NFRM, Head of Compliance Business Partner, etc).
• Develop direct and indirect subordinates by to ensuring each has a well thought through and executable action plan to help them achieve their development goals and needs.
• Provide timely feedback to staff and complete appraisal processes in line with CIMB SG process.
• Comply with HR performance processes and meet internal KPIs
• Attract, develop and retain talent by ensuring constant engagement surrounding risk & compliance related agenda
• Through leadership by example, actively work to create an environment for the team that encourages open and honest dialogue and escalation of issues.

Projects

• Participate/manage projects where required,
• Provide/Review business requirements, provide/review Functional Specification Document(FSD)
• Monitoring the projects that the team/department participated in for the testing.
• Providing guidance to the team on the projects
• Liaising with IT, BU or vendor on the defects, changes/resolution on the defects etc

Requirements:

• University Degree or Diploma or equivalent
• Professional or post graduate qualifications e.g. Chartered Accountant, CFA, MBA, LLB, Operational Risk Management Certification, etc
• Minimum 10 years work experience with relevant experience of a risk/audit/compliance/legal related role and/or working within the relevant business/function in financial industry
• Excellent communication skills both, verbal and written.
• An understanding of risk drivers and ability to articulate risk to non-risk personnel.
• Good working knowledge of Operational/Compliance risk framework and various Operations Process within the banking business.
• Able to work autonomously and with a problem-solving and ownership of issues mindset
• Leads through setting high standards of work practices
• Demonstrated managerial, leadership skills with proven record of good teamwork, and collaboration and strong stakeholder management skills
• Good presentation and facilitation skills that encourages open and honest dialogue among the teams
• Ability to manage relationships across different entities (e.g. divisions, departments, etc.)
• Build strong culture of service excellence and growth opportunities for the organisational unit to attract and retain top talents.
• Foster an environment that values, supports and rewards collaborative efforts and provide high-level support as required (e.g. recognition, resources).