Nous recherchons un

Operational Risk Manager (permanent)

Métier Risques
Niveau d'expérience 3 à 5 ans
Niveau d'études Niveau BAC+2/3
Postuler REF: RIS001451

Position purpose

The Operational Permanent Control (OPC) team provides specialised services and expertise on technical areas such as Operational Risk Management, Operational Change Management and Permanent/Operational Control.   The Operational Risk Manager purpose is to support the Senior Manager OPC/team in the communication and support for the application and adaption of the operational risk management framework by the business.

The Operational Risk Manager contributes to a close working relationship with the AU OPC/ORC teams to provide a consistent approach in the support of the business for the following:-

  • Identification and assessment of all operational risks in line with the Risk & Control Self-Assessment (RCSA) group approach;
  • Collection and analysis of Historical incidents;
  • Definition of a risk appetite and application of  the corresponding risk monitoring and mitigation framework (including segregation of duties, controls and incidents management);
  • Ensuring the continuous implementation and adaption of this framework and improvement actions (identified by internal or external audit recommendations, supervisors (if applicable), second line of defense, first-line operational management, controls ……) as required;
  • Ensuring and fostering awareness of risks and providing training on the risk framework if required;
  • Assessment of the quality and execution of the Permanent Control Framework
  • Ensuring regulatory requirements are adhered to via control plans where applicable
  • Application of the proper risk monitoring tools; and,
  • Ensuring transparent monitoring information to their reporting lines, hierarchical or functional, internal or external, the independent control functions, the governing bodies and the supervisors.

The Operational Risk Manager is required to communicate regularly with and build good relationships with a wide range of people/positions including operational teams, Relationship Managers and hub locations to assist with the resolution of any problems/errors as and when they are identified.


The Operational Risk Manager supports and contributes to  the day-to-day administration of the OPC team to ensure support of the business for the following:

Identification and assessment of risks and controls

Support the business in:

  • Completing the Risk Control Self-Assessment (RCSA) –specifically, in the performance of risk identification, evaluation and validation of the Risk profile assessment and in defining action plans for extreme and serious risks.
  • The identification and assessment of 3rd party risk and in defining and operating a risk mitigation and monitoring framework based on Group guidelines.
  • Follow up on remediation plans and conditions when necessary.
  • Support operating entities in the application and adaption of the operational risk management framework, and ensure its compliance with Group and BP2S guidelines

Verification and controls assurance

Support the business in:

  • Defining and deploying the generic control plan where necessary and implementing controls consistently with the local risk assessment.
  • Challenge first level controls.
  • Perform risk based Business Control s Assurance(BCA) including regular review and follow-up of previous exceptions remedial actions
  • Follow up unsatisfactory and marginally satisfactory results.
  • Support the Permanent Control framework to ensure all components are implemented and effective

Significant incidents (Historical Incidents HIs))

  • Ensure significant incidents are identified, alerted to management, analysed and entered to FORECAST.
  • Perform first level controls on the collection of HI’s such as reconciliations between incidents management and accounting tools.
  • Assist in providing management reporting on key incidents.
  • Maintain a log of open actions generated by preventative measures detailed in FORECAST

Incident Management

Support the business in:

  • Analysis of new incidents for validation of materiality level
  • Following the relevant escalation guidelines/policy and use of the correct templates for material incidents when required
  • Perform a quality review of all incidents raised in the incident management system (BIRDIE)
  • Provide administration and training to the business when required
  • Contribute to weekly regulatory breach meetings (delegated)
  • Produce adhoc reports for team or the business to analysis incident trends when required

Audit (Internal/External)

Support the business in:

  • Liaising with auditors where required
  • Assisting auditees throughout the assignment phase
  • Challenging the main features of the recommendations when applicable
  • Implementing audit recommendations and permanent control actions.
  • Follow up with those responsible for implementing recommendations.
  • Produce reports and escalate upcoming and overdue recommendations when required.

Governance and reporting

Support the business in:

  •  Ensuring the Group and relevant governance and reporting framework is implemented.
  • Contribute actively to local committees when required.
  • Contribute to the Internal Control Committee (ICC) and Territory Internal Control Committee (TICC) reporting managed by RISK ORC where applicable.
  • Contribute to the Permanent Control Report (PCR) managed by RISK ORC where applicable

Awareness and training

  • Continually promote an appropriate culture of risk awareness across the business.
  • Provide training to both new and existing staff on the operational risk and permanent control framework when required.


Support the business in:

  • The identification and assessment of internal and external fraud risks, and in the definition and performance of an anti-fraud control framework in compliance with Group guidelines, regulations and the risk environment.

Assurance Reporting (ISAE3402)

Support the business in:

  • The preparation of the ISAE3402 assurance report.
  • Follow-up and escalation of any exceptions raised and any recommendations issued by external auditors.
  • Collation and distribution of management comments for any exceptions raised.
  • Follow up on the relevancy of controls included in the assurance reports.
  • Support the implementation and follow-up of remedial action plans in the business.
  • Ensure all regulatory requirements are included in the relevant assurance reports where applicable.
  • Archive and centralise the final report in a dedicated directory if required.


Support the business in:

  • The timely operational implementation of procedures & policies
  • Monitoring the timely review of all existing procedures as per the required frequency
  • Produce management reporting for completion rates (KRI’s) when required

Technical and behavioural competencies required

  • Good working knowledge of NZ investment and custody industry plus legal and regulatory requirements.
  • Excellent communication skills and be able to work closely with the relevant parties to resolve problems. 
  • Some level of knowledge and familiarity with key investment / custody systems (eg. Hiportfolio)
  • Operate independently applying good judgement and knowledge
  • Strong decision making skills
  • Good understanding of Risk Management practices, methodologies and terminology

Technical and behavioural competencies required

  • Good working knowledge of NZ investment and custody industry plus legal and regulatory requirements.
  • Excellent communication skills and be able to work closely with the relevant parties to resolve problems. 
  • Some level of knowledge and familiarity with key investment / custody systems (eg. Hiportfolio)
  • Operate independently applying good judgement and knowledge
  • Strong decision making skills
  • Good understanding of Risk Management practices, methodologies and terminology

Behavioural Competencies:

  • Ability to Summarise – Identifies and presents key information. Gives his/her point of view by structuring and summing up all useful elements
  • Ability to Report – Keeps his/her superiors informed about his/her activities and the progress of his/her files in an effective way.  Draws attention to useful information, risks and sensitive points
  • Accuracy – Is constantly attentive to the precision and thoroughness of the information sent and to the quality of the work; ensures that errors are minimised
  • Analytical Skills – Identifies all aspects of a subject and examines them in a critical way to construct a broad point of view.  Is driven by the desire to know more about things, people or events
  • Client Focus – Does everything possible to achieve internal or external customer satisfaction by identifying the customers’ needs and providing them with the appropriate solution taking into account the company’s ethics and interests
  • Communication Skills – Expresses his/her messages, both orally and in writing, in an effective, organised way, which is appropriate to the audience being addressed
  • Decision Making Skills – Makes clear choices at the right time, communicates them, and accepts the consequences, taking his/her environment into account
  • Impact – Voluntarily exerts an influence on others, this allows directing and mobilising them towards the pursued objective
  • Integrity – Acts ethically, in compliance with what is said and while respecting the company’s values and rules
  • Organisational Skills – Sets priorities, plans actions and methodically monitors their progress by coordinating activities and resources in the best way possible
  • Risk Management – Detects, analyses and measures risks relating to people, entities, and activities in the organisation and marketplace; is able to see the consequences including in a long-term setting; is also able to reduce them
  • Self Control – Reacts calmly and confidently in difficult situations so as to continue to give the best service.  Controls his/her reactions and acts with lucidity
  • Taking Initiative – Works proactively and independently, implementing work processes, ideas and solutions, including in situations where information is missing or wholly unusual
  • Taking Responsibilities – Is involved in his/her scope for action, while appreciating the limits.  Meets his/her commitments and accepts the consequences
  • Teamwork – Knows how to work in an team and/or across teams, acts bearing common interests and respect for fellow team members in mind

Experience and qualification

  • 5 years+ experience in financial services (preferably in custody and fund administration).
  • Degree qualified in business, accounting or related discipline or relevant work experience in a similar role.
  • In-depth understanding of custody and fund administration functions / operational processes and outsourced service environment desirable.
  • Knowledge of operational risk and compliance requirements in the industry.
Primary Location: NZ-WGN-WellingtonJob Type: Standard / PermanentJob: RISKSEducation Level: Bachelor Degree or equivalent (>= 3 years)Experience Level: At least 3 years Reference: RIS001451