The main purpose of this role is responsible as LOMC coordinator, BCM Manager /Coordinator including Crisis Management, OPC Manager of the entity and cover the transversal services for the company, including the handling of Account Payable, and the assistance of any subjects related to Corporate Governance & Office Management under COO Office. This role reports to the COO of BNPP Securities Taiwan.
Local Outsourcing Coordinator – The outsourcing coordinator, officially appointed by Territory (or APAC) Outsourcing Committee, is a role with below responsibilities.
Ensures the proper deployment of his/her Entity’s outsourcing strategy;
Identifies a network of contributing experts necessary for the proper implementation of his/her Entity’s outsourcing projects;
Is responsible for implementing the governance of the outsourcing risk management framework for his/her Entity. As such, he/she defines the organization and processes necessary to ensure its operational implementation;
Is the Entity’s preferred point of contact on all matters relating to outsourcing and participates in appropriate level governance bodies to which he/she is invited, including, where appropriate, the constitution of dedicated reporting.
Local BCM Coordinator is involved in all or part of the Business Continuity (BC) process for his or her scope within his or her Entity, in particular:
the deployment of the BC's formal and enforceable frame of reference.
carrying out the risk analyses necessary to anticipate threats to business continuity.
participation in the definition and review of the Entity's business continuity strategy.
raising awareness and mobilizing employees to respond to situations where the Business Continuity Plan (BCP) is triggered.
The crisis manager is active throughout the crisis management process, at all stages or at specific moments; the missions are in particular:
- Crisis management governance
- Preparation of the crisis management system
- Activation of the system and deployment of employees to respond to a crisis situation
- Learning from experience and training of employees
The crisis manager has a mandate from the Entity’s board and rolls out crisis management policy and requirements within the bounds of his or her responsibility, in order to cover all the risks that may be generated in crisis situations.
Local OPC role – it is a role assigned with the below responsibilities
Ensure to perform the regional required periodical controls and checking within Operations and provide the relevant justifications(if any)
Tasks split this OPC role between Taipei branch and Secs TW. For local OPC related topics, it is more focused on the Ops control for Secs TW business related. For Taipei branch OPC, it will cover more on the regional and group required transversal controls
Deploys the Local Outsourcing framework primarily following Group/CIB/APAC TPRM guidelines/workflows covering all appropriate business lines/métiers of the Territory / Entity and making reasonable inclusion of local regulatory requirements;
Local policy/Procedure development by mainly following the APAC Policy and making adaption in the local Policy in accordance to the local regulatory requirements and operational needs;
Contributes to the control of TPRM (e.g. TPRM GCL, 2LOD independent testing) and compliance to the Territory’s specific local regulatory requirements in relation to Outsourcing.
2. Outsourcing project facilitation and stakeholders engagement
Facilitates all LOMC stakeholders in the insourcing or outsourcing governance process, ensuring standardized documents distributed and participation of appropriate representatives;
Maintains a network of contributing experts necessary for the proper implementation of outsourcing projects and ensures that they have a good understanding of their roles and responsibilities;
Has a comprehensive view of the outsourcing projects in progress and communicates them to the network of experts and the RISK-ORM.
3. 360 Arrangement management and data quality control
Contributes to the 360 ORM registering management including new Arrangement creation, data update via regular or ad hoc review, data quality maintenance and the coordination of the annual 360 Arrangements certification.
4. Regular monitoring & reporting
Coordinates the regular monitoring exercise (eg, ARQ) and reports the results to committee. Ensure the actions completed by related process owners when any deficiency identified.
5. Others
Where appropriate, depending on the organization in place, is responsible or ensures that the content of the notifications to the supervisor (eg, IMAS procedure) is formalized and transmitted via the appropriate channel;
Ensures the formalization of exit strategies for critical or notable essential by nature arrangements, in relation to the beneficiary;
Any other outsourcing coordinator tasks stated in Group 0417 Policy.
- Local Business Continuity & Crisis Manager
- Country OPC:
Identification and assessment of risks and controls
- Ensure that key operational units and processes, critical IT assets, material risks and risk mitigants are identified inventories and maintained at the appropriate level
- Maintain the risk taxonomy, cartography and risk assessment at the appropriate level
- Ensure the effective implementation and maintenance of the RCSA framework within his/her 1st LOD control perimeter at the appropriate level
- Perform/drive the risk identification and assessment in liaison with independent control functions when needed, ensuring validation by the relevant management level and consistency with the defined risk tolerance
Contribute to the definition and follow up of remediation plan if needed
Procedures
- Ensure that Group procedures requirements are implemented locally, complemented with local specificities
- Ensure that the procedures designed by the business and functions are identified, updated, properly stored and communicated to the relevant stakeholders within the operating entity
- Identify and purpose calibration of OE’s procedures according to the outcome of the risk assessment and other risk events(HI, control results, external events, audit missions, etc)
Controls & Action plan
Define and regularly update the OE’s control plan according to the outcome of the risk assessment, regulations, other risk events (HI, control results, external events, Audit missions,etc)
- Perform and/or coordinate controls according to this control plan
- Ensure that control results are reviewed and analysed by the Entity Management and when relevant by operational teams / relevant stakeholders and that remediation action plans are defined if and when needed
- Input in Group tools the control results and major action plans
- Follow-up the implementation of remediation actions
Findings, recommendations and permanent control actions
- Upon notification/receipt of reports, organise the follow-up of the findings and recommendations, either issued internally (e.g. IG supervision) or externally (external auditors, supervisors) and ensure that they are closed within due date.
Management of potential incidents
- Conduct and/or coordinate the assessment, quantification and update of potential incidents in liaison with the concerned independent control functions
- Provide information on major / emerging risks in order to promote risk awareness within management decision
- Follow-up and/ or Initiate action plans consistent with the entity's risk appetite / tolerance
Management of historical incidents(including near-misses)
- Alert the management and with the independent control functions if needed on key incidents
- Collect incidents (including impacts measurement), report and update in the Group database (as well as local databases if needed), including suspected and attempted fraud cases
- Analyse incidents in a timely manner and define, jointly with relevant stakeholders, the corrective measures to be implemented to mitigate risks
- Follow-up and / or initiate the implementation of remediation actions and the unfolding of long term incidents
- Perform controls on the incident collection process, in particular the cross-check with other databases (accounting or other when existing) and the half-yearly attestation by the local management
Alert and Reporting
- Alert and escalate to the relevant level of management as well as to relevant independent control functions any operational risk incident and/or any recurring weakness
- Perform periodic and ad-hoc reporting to the appropriate level of management as well as to independent control functions
- Contribute to the periodic and ad-hoc reporting assessment managed by 2nd LOD control functions
Transversal Responsibilities -
Local project study, support and roll out
Coordinate/support users on new Regional / Global Project roll‐out
Regulator reporting coordinate with relevant departments
Assist on the full arrangement of Board meeting and the required Corporate Governance arrangement
Handle directly the payment parts of Account Payable process
Support Safety & Security Management(SSM)/People Premises Security(PPS) matters
Carry out special assignment from the COO
Contributing Responsibilities
- Direct contribution to BNP Paribas operational permanent control framework
- Prioritize time/clients according to current strategic criteria
- Listen to the client and collect his/her feedback
- Share relevant information with clients
- Be a solution provider
About BNP PARIBAS
As the leading European Union bank, and one of the world’s largest financial institutions with an uninterrupted presence in the region since 1860, BNP Paribas offers a wide range of financial services for corporate, institutional and private investors spanning corporate and institutional banking, wealth management, asset management and insurance.
We passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued and encourage applicants of all backgrounds, including diversity of origin, age, gender, sexual orientation, gender identity, religion applicants who may be living with a disability. We have a number of internal employee networks in place to empower our staff to act and challenge the status quo.
• BNP Paribas PRIDE is highly active in favour of the LGBTQIA+ community
• BNP Paribas MixCity which fosters better representation of women at all levels of the organization
• Ability, the mutual aid network for employees with a disability or a disabling or chronic illness
• BNP Paribas CulturAll which celebrates diverse backgrounds
BNP is committed to financing a carbon-neutral economy by 2050. The Group is a founding member of the Net-Zero Banking Alliance and has set up its own Low Carbon Transition Group to support its clients through their energy transitions.
Basically, why would you want to join BNP Paribas over any other company?
BECAUSE YOU'RE THE KIND OF PERSON WHO WANTS...
What if we told you that working in our Group isn’t quite what you might think? At BNP Paribas, we do a multitude of different jobs that are constantly evolving to meet the expectations of our clients and society as a whole. Whether through everyday tasks or major projects, doing one of our jobs means making a personal commitment to taking sustainable action.
Feeling good about your job means bringing your whole self to work and being who you are. It’s also about having the resources you need to achieve a healthy work-life balance. Both of these are major commitments at BNP Paribas.
At BNP Paribas, developing your skills is as important to us as it is to you. And the skills you learn with us will help you through the rest of your working life.