About BNP Paribas India Solutions:
Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.
About BNP Paribas Group:
BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability
Commitment to Diversity and Inclusion
At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.
About Business line/Function:
RISK Operational Risk Management (ORM) Corporate and Institutional Bank (CIB) belongs to the second line of defence of BNP Paribas CIB. It belongs to the Risk Function (RISK) of BNP Paribas and is placed under the responsibility of the Chief Operational Risk Officer for CIB.
The department has responsibility for independently challenging and supervising the Operational Risk management of CIB activities (Corporate Banking, Global Markets, Securities Services, IT, Operations, Functions) on a worldwide scope. This is achieved through: framing operational risk methodology for CIB and disseminating of risk management culture across CIB; assessing the adequacy of the CIB operational risk management set-up; controlling effectiveness of CIB control environment; contributing to the detection, anticipation and response to risks; alerting CIB and RISK stakeholders on any significant risk issue; providing a consolidated view on CIB operational risks profile.
As the second line of defence for Third Party Risk Management (TPRM), RISK ORM has responsibility for identification of key third-party risks to the Bank and influencing business, functions and technology partners to take sound risk management decisions.
Job Title:
Manager/AVP
Date:
13-June-25
Department:
Risk ORM
Location:
Mumbai
Business Line / Function:
ORM
Reports to:
(Direct)
HOD
Grade:
(if applicable)
(Functional)
Number of Direct Reports:
IC role
Directorship / Registration:
NA
Position Purpose
The candidate for the Third Party Risk Management role within the BNP Paribas Operational risk team is responsible for providing independent oversight and strategic 2LOD guidance on the Third Party Risk Management domains across both direct and indirect areas of responsibility for the CIB APAC operating entities.
Responsibilities
Direct Responsibilities
- Be responsible for supporting the development and implementation of a CIB wide Third Party risk management program including ICT and non-ICT third parties. Successful candidate will have exposure to developing and implementing risk management programs in global organizations, with robust knowledge of technology, risks, architectures and related tools. Prior third party risk experience (IT, Cyber, Vendor management etc.) and exposure to the Financial Services industry is a must. Experience with GRC tools and other risk management information systems is preferred.
- Effectively challenge all aspects of the Risk and Control Self-Assessment (RCSA) of the business units under our remit, provide recommendations and follow up on their implementation
- Analyze risk data from various sources (e.g. external events, control deficiencies, risk register) to identify and measure levels of risk, concentration, trends and patterns and use it to assess the current control environment and recommend improvements where applicable
- Perform check and challenge of 1LOD mitigation plans, risk acceptances, permanent control action and audit recommendations, produce and communicate risk opinions and maintain working papers to substantiate and ensure objective basis for the risk opinions
- Collaborate with other 2LOD functions and teams across the Americas and Group on common priorities/projects
- Contribute to the successful execution of independent testing missions that are designed to evaluate TPRM risk identification and effective and sustainable mitigation.
• Perform independent testing controls and support the wider RISK ORM community globally in defining better maturity models for independent testing. The individual will lead this effort from an independent risk assessment of these projects and will support vendor assessment and reporting the findings. Excellent presentation skills are necessary. Experience interacting with regulatory agencies is a plus.
• Implement the wider Enterprise Risk Management framework (HI, PI, RCSA, Recommendations and action plan follow-up) on the third party risks area.
Contributing Responsibilities
Technical & Behavioral Competencies
Essential
- 5+ experience specifically in third party assessments.
- Bachelor degree in Business or Risk Management (or equivalent professional qualification).
- Team player – focus on the success of the whole team. Working well both with others, as well as individually.
- Excellent stakeholder management skills.
- Experience in a Vendor risk management, Outsourcing risk management, Technology Risk, Information Security or an IT Audit role.
- Good listening and analytical skills – being able to come to a thoughtful and business focused conclusion quickly.
- Ability to co-operate and work well with others adopting an approachable style – Important as we work closely with a large and diverse set of suppliers and customers.
- Ability to see the customer perspective, i.e. from a business point of view, the most secure solution is not always workable or realistic considering costs and benefits.
- Demonstrating a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate.
- Adapting personal approach to suit situations, individuals, groups and cultures. Is flexible in relation to getting the job done.
- Taking accountability for their actions and be open and honest when things have gone wrong, and celebrating successes when things have gone well.
- Being rigorous and thorough – especially when logging and tracking issues through to conclusion.
- Ability to manage their workload as to meet the realistic targets and priorities set in conjunction with management.
- Demonstrating a high-level of commitment and self-motivation, combined with enthusiasm and a genuine interest in the role of Risk Assessment in business.
- Ability to express views clearly and fluently, both orally and in writing. Considers the audience, avoiding technical jargon wherever necessary and appropriate.
Competencies
- Good knowledge of Information Security, Business Continuity, and IT Audit methodology and concepts.
- Understanding of the banking industry's regulatory requirements for managing of third parties
- Ability to articulate risk management concepts in business language.
- Excellent written and verbal communication skills.
- Proficient with Microsoft Office Suite.
- Prior experience documenting tool requirements to support risk management.
- Proven ability to manage issues through to resolution; skilled at making judgment calls.
- Ability to successfully multitask and complete difficult assignments within deadlines which may have short lead times.
- Works iteratively, delivering quickly and frequently to produce high quality documents and outputs which require little to no rework.
- Knowledge of the English is required
- Knowledge of data analysis and visualization tools such as Tableau, Power BI, VBA is a plus
Conduct
- Be a role model, supporting and fostering a culture of good conduct.
- Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks.
- Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure.
Specific Qualifications (if required)
Skills Referential
