As any BNP Paribas Function or Operational Entity, RISK is responsible for the management, in compliance with BNP Paribas risks tolerance and the supporting policies and procedures, of the operational and regulatory risks caused by, or related to, its activity. A permanent control framework, relying on three lines of defense guaranties the proper exercise of such responsibility.
RISK first line of defense (1LoD) relies mostly on a network of identified Operational Permanent Control (OPC) coordinators spread across the different streams of the RISK function.
Each RISK department organizes itself to implement the Operational Risk Management Framework (ORMF) and to manage operational risks deriving from its activity. The RISK Iberian (Lisbon and Madrid) hub comprise teams with heterogeneous deployment of ORMF and steering of their operational risks. Therefore RISK Iberian hub need a Global OPC to continue reinforcing the consistency of the management of operational risks across RISK Iberian hub, to complete the implementation of the ORMF within the different teams and to refine the assessment of the global risk profile of RISK Iberian hub.
The RISK Iberian hub OPC will:
- assess overall ORMF (including data protection, TPRM, Fraud, technology risks) thoughout RISK Iberian hub,
- ensure the consistency of the ORMF implementation cross RISK Iberian hub teams (RCSA, Control Plan, Procedures, recommendations monitoring),
- coordinate the preparation and documentation of the Internal Control Committee of RISK,
- articulate his/her actions with RISK CCCO campaign,
- contribute to the RISK OPCs community animated by RISK CCCO,
- assist if needed teams in their OPC tasks.
The RISK Iberian hub OPC will report to the head of RISK CCCO (Chief Controls and Conduct Officer) Office.
The RISK IBERIAN HUB OPC has the responsibility, together with OPCs of RISK Iberian hub teams, to identify and assess non-financial risks, to ensure the enforcement and efficiency of the control framework.
This includes the following key responsibilities:
Ensure the proper identification & assessment of operational risks (RCSA) including Potential Incidents
- Ensure the material risks and their risk mitigants are assessed according to RISK CCCO guidelines.
- Ensure the consistency of the assessment across RISK IBERIAN HUB teams.
- Assist when required a team in its identification and assessment.
- Ensure the effective implementation of the RCSA within 360 RiskOp and its continuous update.
- Contribute to the definition and follow-up of self-identified action plans elaborated by the first line of defence, when residual risk is rated “3” or “4”.
- Lead and/or coordinate the creation, assessment, quantification and update, within timeframe, of potential incidents, by the first line of defense, in liaison with the relevant control functions.
Monitor controls and controls plans
- Participate to the definition and update of Central Control Libraries (CCL), of the Local Control Plans (LCP).
- Ensure the effective implementation of controls plan within 360 RiskOp and its continuous update.
- Ensure the execution of the controls and the input of their results within 360 RiskOp.
- Ensure the definition and implementation of self-identified action plans elaborated by the first line of defense related to failing controls.
Monitor historical incidents (HI)
- Ensure that management and control functions are alerted in case of major incidents.
- Ensure the incidents are collected within 360 RiskOp, analyzed in a timely manner with corrective measure identified.
- Watch over external incidents to take them into account, if appropriate,
Act as the procedure referent for RISK IBERIAN HUB
- Ensure that Group procedures are implemented locally, transposed if need be according to local specificities (regulations, organizations, …).
- Ensure that the procedures validated and published by RISK IBERIAN HUB are identified, updated, properly stored and communicated to the relevant stakeholders within the operational entity.
Monitor findings, recommendations, permanent control actions closure
- Upon notification/receipt of reports, organize the follow-up of the findings and recommendations,
Contribute to the identification, creation and follow-up of self-identified action plans elaborated by the LoD1
Prepare and coordinate the Internal Control Committee for RISK Iberian hub
KEY KNOWLEDGE AND SKILLS
- Mastering of BNP Paribas Operational Risk Framework
- Good knowledge of RISK scope and organisation is a plus
- Risk management
- Project management with the ability to understand the change, to explain it and to lead it
- Influence & Communication
- Active listening