Job Description

:

Job Purpose

• Promote and support Business and Support Management to ensure adherence with applicable banking laws, rules, regulations and internal policies, procedures and processes. Action plans should be developed to address the risk and control issues;
• Enable the effective execution of the operational risk and compliance throughout the Bank/Group, with respect to identifying, quantifying, reviewing, evaluating and measuring risk to ensure that all compliance and risk categories are identified and managed in accordance with regulatory, internal policies and procedures requirements.
• To improve controls standardization with relevant modelling that align with risk exposure across GT. This include execution of the Bank's ORM Framework/Policy with suitable alignment at GT Policies and Procedures.
• To investigate and analyse relevant data points to ensure controls are designed and operating effectively, and compliance requirements are met consistently. The role also provides independent control assurance aligned with risk exposure and compliance program
• To drive an awareness program throughout the division ensuring that staff are aware of and use the ORM framework/policy and tools, and inculcate a risk aware community across GT.

Key Responsibilities

Drive strong Operational Risk Management practices * Responsible to report risks to the Head of Division/Department in a timely manner so that Heads of Division/Department have a clear view of the overall control effectiveness of their unit.

• Execute the operational risk framework of the bank in a robust and disciplined manner so as to achieve sound risk management practices and reporting.
• Proactively validate division/ dept policies, procedures, SOPs for completeness and accuracy & sign-off on all SOPs

Promote and maintain regulatory compliance * Build and execute the compliance risk framework within Group Technology in a robust and discipline manner so as to achieve sound compliance risk management practices and reporting.

• Support and lead the Division/Department in relation to proactive identification and management of compliance risk.
• Proactively identify areas with ineffective controls and work with the relevant stakeholders to enhance overall control environment to mitigate compliance risks.

Champion the Risk Culture * Establish a reverence for strong risk management by applying knowledge and understanding of business products, services and processes

• Facilitate strong partnerships across various stakeholder groups, determine best methods of communication and establish escalation model
• Facilitate all relevant training within the Division/Department and cascade relevant risk information or program updates to DCORO and relevant staff (including control testers)

Process engineering or modeling for risk management and compliance program * Identify and analyse pain points on current process or controls

• Identify options for improvement or process engineering that allow optimal risk that break silos and redundancies across GT
• Always in the lookout for process efficiency and reduce duplication of efforts across GT
• Facilitate accurate and timely submission of GT Governance, Risk & Compliance reporting
• Facilitate internal assessment, evaluation and make recommendations to management regarding the adequacy of controls commensurate to risks posed or alignment to compliance program

Analyse relevant data for risk analytic * Facilitate RCOs in area of focus based on analysis of risk trends and metrices such as KRIs and control testing results

• Integrate possible internal and external data points for identifying relevant perspectives
• Align data to risk profiles and indicators that enable effective profiling of the risks
• Leverage data analytics to track effectiveness of mitigation implementation
• Group events into relevant risk library or control groups to analyse risk area or control gaps
• Perform periodic test of data source to ensure reliability towards data gathering on risk metrices
• Visualise data to provide relevant insight or perception and reporting

Employee Engagement and Development * Provide timely feedback to staff and complete appraisal processes in line with CIMB process

• Comply with HR performance processes and meet internal KPIs
• Attract, develop and retain talent

Any other responsibilities/tasks as assigned by the Management from time to time.

Job Specification

Qualifications

(Basic Degree/Diploma etc.)

• A Bachelor's Degree in Information Technology, Computer Science or equivalent.

Professional Qualification and/or Regulatory, Licensing requirements

• It will be a huge advantage if have professional qualifications: -

• CISA,
• CRISC,
• CISM

Relevant Work Experience

• Extensive experience with large-scale environment including skills and in depth understanding of IT and business applications and system.
• Minimum 5 years work experience with relevant experience of IT risk/audit/compliance related role within the relevant business/function preferred
• Good knowledge and grasp of banking practices and products at a higher level and awareness of the BNM policies/guidelines and other regulatory framework

Required Competencies and Skills

Competencies/Skills

(Essential to succeed in this job)

• Excellent communication skills both, verbal and written.
• An understanding of risk drivers and ability to articulate risk to non-risk personnel.
• Able to work autonomously
• Demonstrated managerial, leadership and facilitation skills
• Understanding of how a bank operates front to back
• Good presentational skills
• Work independently and prioritize multiple tasks and adapt to needed changes