Establishes and oversees the application of operational risk policies, technology and tools, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks.
independently asses risks and drive actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices.
Governance and oversight may include (not limited to) technology operational risk, cyber risk for example.
Serves as an oversight function working with the In-Business OR and Independent Risk Teams
Drives – Operation Risk Anticipation, Mitigation and Loss Recovery (and respective Recovery Plans)
Ensures Operation Risk Policy implementation and exception approvals
Informs Operational Risk Council on Sub-Segment Level OR related matters
Attends In Business Risk Committees
Leads- oversees the annual Key Risk Indicator (KRI) reviews
Monitors KRCIs triggers and thresholds and the analysis by the Business
Liaises with Business ORM on breaches and action steps to correct breaches
Communicates and Escalates breaches in KRCIs at the Segment Level
Works on T-10 (deep dive – root cause analysis) with support of In-Business ORM and drive corrective actions
Exports best practices and common risk, controls and corrective actions through Framework Papers
Ensures that Citi wide KORs and KRCIs are communicated and understood by Businesses
Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.
Qualifications:
10+ years relevant experience
Significant experience in Operational Risk is a must. Other risk and control disciplines would be a plus – credit, and market.
Experience in Internal Audit or Financial Control would be desirable.
Expertise in the following would be beneficial: Fraud Awareness and Risk Management Operations and Systems (Information Security Standards, Vendor/Outsourcing Management and MCA Legal and Regulatory Compliance Management of a global operations and a complex environment that includes global teams.