Identification and assessment of risks and controls
Support BP2S HK managers in
Completing the Risk Control Self-Assessment (RCSA) – specifically in the performance of risk identification, evaluation and validation of the Risk profile assessment and in defining action plans for extreme and serious risks
The identification and assessment of 3rd party risk and in defining and operation a risk mitigation and monitoring framework base don Group guidelines
The operational risk assessment of new activities, products or large projects
Ensure the RCSA is validated locally and is consistent with the risk appetite
Follow up on remediation plans and conditions when necessary
Support operating entities in the application and adaption of the operational risk management framework and ensure its compliance with group and BP2S guidelines
Verification and control assurance
- Support BP2S HK managers in defining and deploying the generic control plan where necessary and implementing controls consistently with the local risk assessment
- Challenge 1st level controls
- Perform risk based Business Controls Assurance
- Follow up unsatisfactory and marginally satisfactory results
Significant incidents (Historical Incidents HI)
- Ensure significant incidents are identified, alerted to management, analyzed and recorded in FORECAST
- Perform 1st level controls on the collection of HIs, such as reconciliations between incident management and accounting tools
- Assist in providing management reporting on key incidents
Governance and reporting
- Support BP2S HK in ensuring the Group and BP2S governance and reporting framework is implements
- Contribute actively to local committees eg.
- HKTICC (half yearly)
- HK ICC (quarterly)
- IT Management Committee (quarterly)
- Risk Committee (monthly)
- Compliance Meeting (monthly)
- HK Local Outsourcing Management (half yearly)
- HK Transformation (Outsourcing) Committee ( as hoc)
- HK ALCO (half yearly)
- BNP Paribas Trust Services (HK) Limited Board Meeting (quarterly)
Awareness and training
- Promote and ensure awareness of operational risks across BP2S HK
- Provide training to new and existing staff on operational risk and permanent control framework
- Support BP2S HK in the identification and assessment of internal and external fraud risks, and in the definition and performance of an antifraud control framework in compliance with Group guidelines, regulations and risk environments
- Ensure the existence of a fraud prevention and protection correspondent tasked with the implementation and adaption of the framework.
- Overall 10 to 15 years of experience in a management position, with Operational Risk exposures.
- Knowledge of IT Risk, Controls and Audit environments.
- Familiar with the Securities Services activities and operations.
Primary Location: HK-Hong Kong (HK)-Hong KongJob Type: Standard / PermanentJob: COMPLIANCE AND PERMANENT CONTROLEducation Level: Bachelor Degree or equivalent (>= 3 years)Experience Level: At least 10 years
Behavioural competency: Ability to collaborate / Teamwork, Attention to detail / rigor, Ability to synthetize / simplify, Ability to share / pass on knowledge, Organizational skillsTransversal competency: Ability to develop and adapt a process , Ability to develop and leverage networks, Ability to develop others & improve their skills