Job Description
Accountability: Operational Risk Management Oversight
Ensure optimal positioning of the Enterprise Risk Management Framework (ERMF) and ORRMF within CRES by creating awareness and understanding of operational risk among senior management;
Ensure effective implementation, representation and adoption of the ERMF, by all CRES functions;
Monitor functional performance against risk appetite;
Check and challenge the end-to-end Operational Risk profile of the function, including emerging risks, to ensure 'no surprises'. Consider all framework elements, strategic planning, business expansions/contractions and other major change programmes / new product approval
Identify all Group related policies and standards and ensure that the processes align to minimum control guidance as set out in policies and standards;
Oversee and facilitate the design of appropriate processes and procedures needed to implement the ERMF in CRES including ensuring sub- functions implement appropriate, standardised and adequate risk and compliance processes and monitoring capability;
Develop, draft and communicate relevant guidance documents to ensure compliance with ORRMF policies and standards;
Be the 'Go To' person and provide guidance to CRES Functional Heads and managers on the interpretation of the ERMF and related policies and standards
Monitor and challenge the effectiveness and adherence to the ERMF and ORRMF;
Assess the level of compliance and risk in CRES and report this to senior management;
Assess the compliance to policies and standards and apply for dispensation and/ or waiver to the relevant RTO where material gaps in policies/standards or sections of policies/standards are identified, or considered irrelevant post the risk appetite setting for the CRES function;
Assist in the design and implementation of the minimum Operational Risk Key Indicators (KI) for CRES as required by the RTO including assessing the relevance and performance against thresholds;
Seek opportunities for continuous improvement in processes for efficiency and effectiveness in execution of risk management activities;
Monitor overdue Internal Audit findings that pertain to CRES and ensure these are addressed timeously through engagement with responsible persons;
Oversee monthly loss event reconciliations and related attestations to ensure that all (above threshold) risk events and losses have been captured on the Operational Risk system;
Provide relevant coaching and guidance to the sub-functions on the implementation and maintenance of the Operational Risk framework components (including RCSAs, KRIs, Events, Strategic Risk Assessments, and Key Risk Scenarios etc.) in consultation with 2LOD;
Remain abreast of the ORRMF, policies, standards, procedures, and relevant legislation/regulations
Accountability: Business Continuity Management (BCM)
Accountability and management of BCM for CRES;
Review of the CRES BCM plans and oversight of the sub-functional plans, on relevant reporting tools and formats, to ensure compliance with BCM Policies and Standards;
Exercise preparedness, recovery capability and competence by BCM test requirements as per the BCM policy;
Where relevant follow up with management to ensure timely remediation of control and process failures;
Ensure appointment of relevant functional representatives per BCM requirements;
Ensure relevant training and guidance documents are available, attended and completed by functional representatives per BCM requirements;
Report to CRES management on BCM readiness;
Attend all BCM related forums and ensure full alignment of CRES BCM plans;
Act as the central point of contact between CRES and the BCM office;
Act as central point of contact in the event of BCM invocation.
Accountability: Data and Records Management and Data Privacy:
Accountability and management of Data and Records Management and Data Privacy for CRES as per Group Policies and Standards;
Maintenance of relevant templates on relevant reporting tools and formats, to ensure compliance with DRM and Data DP Policies and Standards;
Where relevant follow up with management to ensure timely resolution of areas of non-compliance;
Assist with the remediation of control and process failures;
Reporting to CRES management on DRM and DP compliance;
Attend all DRM and Data Privacy related forums and ensure full alignment of DRM and DP processes as required;
Provide feedback to CRES management on DRM and DP related matters;
Act as the central point of contact between CRES and the Data Privacy Office.
Accountability: Risk Reporting
Design and implement regular risk reporting processes which can be used for complete reporting requirements to CRES management, governance forums and committees;
Responsible to collate all relevant information to ensure accurate, timely, complete reporting of Operational risks for CRES;
Report to senior management on the aggregate CRES risk profile;
Validate data and information in relevant reports provided by 1LOD teams in the CRES Function, as appropriate
Provide independent challenge on, and insight, interpretation, and analytics from relevant reports to senior management
Prepare appropriate current and forecast Operational Risk profile reporting for the for the function, as agreed.
Accountability: Leadership and Stakeholder Management
Provide strong leadership, direction and display role model behaviours, inspiring others to work together to achieve the strategic vision.
Establish and maintain effective working relationships with all key stakeholders such as:
Group Risk, Risk Type Owners and Chief Risk Officers;
CRES management;
Functional heads;
Internal Audit and Compliance.
Lead the organisation to improve risk management through digitization, automation, standardisation and simplification.
Drive and participate in forums that positively contribute to functional knowledge improvement
Understand stakeholders' expectations and ensure that stakeholders' expectations are met and exceeded in certain instances;
Foster a strategic relationship with Management Assurance, Group Compliance, Operational Risk and Absa Internal Audit to ensure alignment in terms of current risks and the impact thereof on the risk profile of the function;
Ensure integration of the ERMF into related activities with an objective to ensure a strong control environment and continuous improvement within Functions;
Interact with Functional Risk representatives to facilitate Risk assessments as well as providing guidance to mitigate risks outside the set risk appetite;
Ensure Risk representatives are fully aware of their responsibilities and that they execute accordingly;
Establish and maintain relevant governance forums to proactively manage risk management within CRES.
Preferred Education
B degree or equivalent specialising in Audit / Business Management/ Risk Management or equivalent NQF level 6 qualification or higher.
Honours Degree in Audit or Business Management or equivalent NQF level 7 qualification (preferred)
Preferred Experience
Eight (8) years' experience in risk management and/or relevant business sector.
Sound operational risk and compliance knowledge.
Knowledge of the main operational processes procedures and control frameworks within the Absa businesses.
Understanding of emerging technologies and the risk implications.
Proficient in MS Office (Word, Excel, PowerPoint and Outlook) and the internet.
Awareness of cultural differences and varying legal/regulatory environments.
Experience in implementing risk or compliance frameworks end to end.
Audit experience advantageous
Exposure to Operational Risk Governance and Operational Risk and Control Committees
Experience with Risk Framework elements especially Operational Risk management
Experience in dealing with multiple and diverse stakeholders
No criminal record