Sponsored Links
 

Get Latest Jobs Via Email

Jobs In Standard Chartered Bank – Governance & Control Manager

Job Description: To ensure the Technology and Operations (“T&O”) teams in the Country and/or Region operate in full compliance with all Country and Group policies as well as local regulatory requirements, through

Sponsored Links

a. Ensuring business strategies, standards and roadmap abide by T&O operating principles, policies and procedures of Country and Group Risk Management Framework (“RMF”)
b. Ensuring that the execution of T&O functions are fully compliant with statutory regulations, laws, guidelines and industry practises as a Corporate body (met and satisfied) for Operations, Technology, Vendor Management, Data Management (including Security and Protection)
c. Support Head G&C in the overall effective and proactive management of all T&O risks, governance and controls

Key Roles & Responsibilities

Strategy
* Responsible for the preparation, communication, implementation, delivery and expansion of T&O governance plans, working in close cooperation with country (CIO, Legal & Compliance, local/regional Management Groups/Committees) and global (GSSC, Group T&O Governance & Controls, and Group Operational Risk).
* Support the country CIO as the Risk Control Owner (“RCO”) of Technology, Information Security, Vendor Management, Outsourcing and Data Protection & Data Security policies in accordance with the Risk Management Framework.
* Support GTO G&C to Identify, communicate and expedite changes to comply with any new and amended regulations across T&O.

Pro-active Risk Management
* Process Risk Analysis & Risk Register preparation. Identify potential events and agree on gross risk.
*Peer Reviews/Risk Assurance – schedule periodic peer reviews with a view to be ‘ever audit ready’. Leverage Group Subject Matter Experts where necessary.
*Conduct ‘Process Risk Analysis’, explore the possibilities of automation of workflow and change management on the ground.
*Review of BOLD matrix and feedback
*Regular review of Bold matrix to improve efficiency and control design towards automation and preventive management.

iGear (where introduced)
* Provide reasonable assurance on completeness of the service catalogues owned by the GTO units.
* Identify key hotspot processes for workflow automation through iGEAR.
* Review defined workflows and ensure required controls are embedded.

Risk Control

Risk Identification, Assessments, Measurements, Acceptance and Monitoring
* Control Testing – determine effectiveness/ineffectiveness of defined key controls and KCIs.
* Risk Acceptance/Treatment Plan/Escalation – for all cases where residual risk is medium, high or very high, assist the dept’s prepare a RAT along with treatment plan. Monitor progress towards target residual risk.
* Feedback into engineering Group – regular review of controls to improve design towards automation and preventive management.
Risk Management through Standardised MI
* KRI Review, Analysis & Action Plans – highlighting key trends of concern.
* Phoenix Review/Cleanup – logging a risk and ensure information on Phoenix is kept up-to-date. Review weekly reports circulated by central team in Chennai and take appropriate action.
* Risk Register/Heatmap Review – review heatmap and risk registers and arrive at action plans for reducing residual risk.
* Review of Audit failure/issues/action plans – identify cross border issues, track and resolve.
* Feedback into engineering Group – regular review of controls to improve design towards automation and preventive management.
Risk Validation
* Review open regulatory risks and assess/agree treatment plans.
* Feedback into engineering Group – Regular review of plans to improve control design towards automation and preventive management.

Day to Day Operating Controls
* Review/define COPMAN Controls – checklist of day to day summary controls performed by unit heads and their staff – embedded these within the processes.
* Monitor/review COPMAN Controls through spot checks – management of exceptions and feedback to line managers.
Incident Management

Root Cause Analysis
* Drive the root cause analysis discipline and validate the content before submission.
* Update Risk Register/Agree Treatment Plan and follow-up for closure.
* Feedback into engineering Group – Regular review of plans to improve control design towards automation and preventive management.
Operational Loss Management/Near Miss
* Ensure GTO units have approved losses in line with delegated authorities granted.
* Reconciliation of Ops loss to GL – have a 2nd line view and oversight on dept’s reconciliation of the GL account against Phoenix records.

Risk Governance

Audits
* Audit Co-ordination (Group + Regulatory) – whilst the primary responsibility for every audit will still remain with the Unit Head, G&C will be expected to play a critical role going forward. Every ROF and quality of its management response will have to be vetted by G&C to ensure that the findings are factually correct and the agreed action plans, along with target dates, are reasonable and achievable. G&C will take joint responsibility for audit outcomes.
* Audit Issue Tracking & Closure – track aging of findings and ensure periodic follow-up. Keep audit informed of progress and ensure any delays in resolution are appropriately approved before due date.
Risk Governance Representation and Preparation of Risk Packs
* Represent GTO in country FORF, BORFs – where necessary.
* Support/lead as applicable – key thematic risk reviews/mitigation projects i.e. data quality/confidentiality, outsourcing, EUC, user access, MAR, reconciliations, Stability, Change Quality, Frauds, FCR, Regulatory ect. within applicable units.
Fair Accountability
* Support Fair Accountability Process – based on incident RCA lead and support fair accountability at the appropriate unit level closely working with HR where needed. Appropriate inputs to the senior managers on the performance ratings closely working with HR where needed.
Data Management Committee
* Run and support the G&C head and CIOs to run and embed the country DMC process, action plans and support any data remediation efforts.
Project Management
* Assess whether project status has any impact on residual risk rating of the underlying process and escalate as applicable
* Seek risk acceptance from the authorised risk committee in case of increase in residual risk rating

Technology Risks
* For risks identified specifically for the country, ensure these are assessed and accepted by the appropriate authorities in the Group.
* Maintain a close oversight on the issues, progress in resolution and regular assessment of the declared risk rating.

Information Security
* Ensure policy is well circulated amongst Bank’s businesses, functions, geographies and subsidiaries.
* Ensure staff have attended mandatory training.
* Ensure applicable controls are identified, assessed and implemented by the business owners.
* Dispensations, if any, are documented, approved by appropriate authority and remain valid.

Global Sourcing & Vendor Management
* Ensure Group policy is well circulated amongst owners.
* Provide an oversight over the central repository of all contracts (GOI) and ensure it is kept up-to-date.
* Undertake periodic reviews of the contracts/arrangements to ensure these comply with the policy. Alert the CIO of any adverse or material developments in the arrangements.
*Provide an oversight over any dispensations obtained/granted and ensure these are kept up-to-date.

EUC Management
* Ensure Group policy is well circulated.
* Provide an oversight over the central repository of EUC register and ensure it is kept up-to-date.
* Support the country CIO in assessing any dispensation requests.
* Provide an oversight over any dispensations obtained/granted and ensure these are kept up-to-date.

Other Critical GTO Governance Processes
* Incident Management and root cause analysis and closure – assessment of Mission Control/high severity technology incidents, raising of route cause and follow-up on closure of action plans for the responsible units in coordination with T&O units.
* Regulatory Policy – Communication, Acceptance, Implementation Assurance and dispensation management – Support the central governance team in the policy life cycle management using the eCIO policy and service acceptance module.
* Group Product Policy – Communication, Acceptance, Implementation Assurance and dispensation management – Support the central governance team in the policy life cycle management using the eCIO policy and service acceptance module.
* RMF – Technology (including GIS) & GS Policies – design, implementation and governance – own the design, communication, acceptance, implementation, assurance and dispensation management.
* Implement and align to eCIO Governance framework – review the completed governance checklist and summarise the key issues/concerns.
* Assessment of eCIO Governance Framework
* Designing & Rollout Governance Training Plan – Develop a standard training pack and rollout to all units.

People and Talent
* Support Head G&C to develop and embed a high performance culture and organisational mindset to effectively embed and communicate T&O policies and procedures in-country/region
* Support to develop ongoing training, communications and development programs for Technology and Operations personnel to ensure minimum standards in OR awareness and embedment of OR responsibilities in respective areas of work and adherence with the highest standards of ethics, and compliance with relevant policies, processes and regulations among employees form part of the culture
* Ensure that direct reports (if applicable) are suitably skilled and qualified for their roles ensuring that they have effective supervision in place to mitigate any risks

Qualifications & Skills

Minimum Bachelors Degree
Good communication skills
In depth understanding of Operational Risk
Relevant experience, preferably Banking

How To Apply

You can search and view current opportunities across our organisation and apply immediately by visiting www.standardchartered.com and selecting Careers. To help speed up your application, please note the following:

– You will need to log in (or register if you are visiting our careers site for the first time) before you can apply for a specific role

– Some roles may require you to undertake an online talent assessment in addition to completing the application form (to facilitate this process it is preferable that you provide us with an email address as part of your contact information)
– We will ask you about your education, career history and skills and experience, it may be helpful to have this information at hand when completing your application

It usually takes 15 – 20 minutes to complete the application form; you can save your application at any time and return to complete it at your convenience.

Closing Dates

The closing date for applications is 02/12/2014. Please note all closing dates are given in Hong Kong time (GMT + 8 hours). We aim to respond to successful applicants within four weeks and will keep a record or your application in our database so that we can contact you when suitable vacancies arise in future.

Diversity & Inclusion

Standard Chartered is committed to diversity and inclusion. We believe that a work environment which embraces diversity will enable us to get the best out of the broadest spectrum of people to sustain strong business performance and competitive advantage. By building an inclusive culture, each employee can develop a sense of belonging, and have the opportunity to maximise their personal potential.

Share This Job !
Share On Facebook
Share On Twitter
Share On Google Plus
Share On Linkedin
Share On Pinterest
Share On Reddit
Share On Stumbleupon
Contact us


Get Latest Jobs Via Email

Submit Your Cv
submitCv

Close