The bank for a changing world

We are looking for

Manager - Operational Risk & Control

Job type Permanent
Schedule Full time
Job Function Risk
Brand BNP Paribas
Level of experience 6 to 10 years
Apply REF: RIS001011

(ORC: Operational Risk and Control)


About BNP Paribas Securities Services (BP2S) 

BNP Paribas Securities Services is among the world leaders in the securities services industry. BP2S is ranked 5th in the world in terms of assets under custody and is ranked the first non-American securities services provider. We have an A rating by Standard and Poor's.
Our mission is to ensure smooth and secure financial transactions for our clients (banks, brokers, institutional investors and corporates) and to protect their assets across all markets. Our clients are: fund managers (including alternative funds), insurance companies, sovereign-wealth funds, superannuation funds, brokers and investment banks, commercial banks, major companies and issuers. We help our clients to focus on their key activities and become more efficient by taking charge of their middle and back office services (especially for brokers, investment banks and asset managers in Europe, USA and Asia Pacific).
We operate in all classes - equities, bonds, mutual funds, investment funds, listed derivatives, OTC derivatives and alternative funds and structured products. We are present in over 100 markets worldwide with Assets under Custody of USD9,070 billion and process 85 million transactions each year.


Located within the RISK Function of BNP Paribas, the role of the Manager, RISK ORC BP2S Chennai, is to ensure that the components of the operational risk management framework are implemented and operating effectively in BP2S Chennai. To achieve this objective, the 2nd line of defense role works closely with BP2S RISK ORC central teams with regional RISK ORC managers, and with BP2S Chennai managers. 

Positioning and Reporting lines

The RISK ORC BP2S mandate is to independently challenge and supervise the operational risk management framework of BP2S activities as described in the level 2 procedure – Organizational Framework and Governance for Operational Risk Management and Permanent Control Framework.
The Manager, RISK ORC BP2S Chennai reports hierarchically and functionally to the Head of RISK ORC BP2S Chennai.  The RISK ORC perimeter includes all operational risks for business processes, which are performed in Chennai.

General Responsibilities

As the 2nd line of defense, the Manager, RISK ORC BP2s Chennai, has the following general responsibilities for the operational risk processes and themes within the scope of RISK ORC including fraud, third-party, and Information and Communication Technology (ICT) risk management.
  • Define and consistently apply the BP2S RISK ORC methodologies and procedures (normative framework), and adapt locally as required
  • Independently challenge the identification and assessment of the operational risk profile (actual, potential and emerging) and the risk mitigation framework implemented in the operating entities, through opinions, and sign offs where required 
  • Ensuring effective implementation of the risk mitigation strategies, framework and actions with the 1st line of defense, through follow up of action plans and independent challenge of controls, either through execution of 2nd level controls, or where applicable, through other kinds of controls
  • Independently assess and potentially alert key stakeholders on the level of risk and on the risk mitigation framework status
  • Contribute to operational risk awareness and training on the risk mitigation framework
     RISK ORC GSO assists its peers, working in other independent 2nd line of defense roles, including compliance, legal, finance, and tax risk management, whenever expertise on its themes or processes is required or requested. 

Main Accountabilities of the Role

  • Identification and assessment of risks and controls
  • Roll out and assist the 1st line of defense in the Risk Identification and  Assessment Framework (RCSA)
  • Ensure risk assessments are consistent with the BP2S risk appetite, independently challenge and sign-off on the RCSA produced by local entities or by exception, independent assessment
  • Participate in the decision making process, such as voting on operational risk management matters in the new activity/product/large project/outsourcing validation process
  • Assist in the review  of the local risk profile
  • Assist and advise the operating entities on the extension of the operational risk management framework, and ensure its compliance with Group and BP2S guidelines
  • Verification and controls assurance

  • Challenge 1st line of defense mainly by executing level 2 controls, independently challenge and provide an opinion on the effectiveness of the  control framework
  • Report results of level 2 controls testing and status of action plans
  • Significant incidents(Historical Incidents HIs))
  • Produce reports and dashboards on significant incidents at the  local level and share them with the operating entities (with focus on data collection exhaustiveness)
  • Perform the quality review of significant incidents entered in FORECAST
  • Independently challenge significant incidents description and remediation plans
  • Independently challenge lookback analysis on any significant incidents
  • Perform level 2 controls on the reconciliation between incident management and accounting systems
  • Audit Recommendations
  • Produce reports and dashboards on recommendation status.
  • Independently challenge implementation of 1st line of defence remediations on outstanding recommendations
  • Manage the escalation process on past due items
  • Governance and reporting  
  • Ensure the correct implementation and application of Group and BP2S governance (e.g. in terms of Internal Control Committee (ICC) and operational risk management related committees, etc.…)
  • Manage and coordinate:
  1. ICCs in collaboration with other 2nd level control functions
  2. Dedicated committees on Fraud, Third-Party and ICT risks, where  such committees are implemented
  • Independently challenge and consolidate data, and produce reporting at local level
  • Awareness and training

  • Promote awareness of operational risk management across BP2S teams
  • Assist in training the 1st line of defense (with specific focus on newcomers) on RISK ORC methodology and RISK ORC Tools
  • Keep informed of the operating entities’ organization and strategy
  • Team Management

  • Management skills to effectively coach develop and bring in the best of individual with in the team.
  • Provide constructive feedback as appropriate.
  • Percolate information downstream, encourage participation, initiatives and Thematic drives
  • Conduct Team meetings, appraisal, document and provide fair opportunities across team members.

Knowledge and Experience

Tertiary-level qualification essential with CA/CPA qualifications desirable
  • Knowledge and experience in financial services, including end-to-end process flows and associated risks and controls 
  • Knowledge and experience in an external/internal audit or risk management role


  • Leadership
  • Influencing
  • Initiative
  • Teamwork
  • Developing others
  • Decision making
  • Analysis/Problem assessment
  • Communication skills (verbal and written)
  • Planning and organising
  • Project management 
  • Stakeholder management
  • Integrity

Educational qualification          : Qualified Chartered Accountant – C.A or
Post Graduate or equivalent
Primary Location: IN-TN-ChennaiJob Type: Standard / PermanentJob: RISKSEducation Level: Master Degree or equivalent (> 4 years)Experience Level: At least 7 yearsSchedule: Full-time Behavioural competency: Decision MakingTransversal competency: Analytical Ability