Senior Manager, Chief Control Office

Hsbc New York , NY 10007

Posted 2 months ago

Chief Control Office (CCO) serves as a subject matter expert within the First Line of Defense supporting the Businesses, Functions and HOST. The areas of focus for this role are Policy and Governance, Risk Appetite, Core Operational Risk Management, Oversight, Use and Embeddedness, and Reporting, as detailed further in this document.

Impact on the Business

The Senior Manger CCO is responsible for supporting the Chief Control Officer with directing and managing the integration of Core Operational Risk Management activities and providing feedback on the embedding of the Operational Risk Management Framework activities within and throughout their respective area within business, function or HSBC Operations Services and Technology (HOST). The Senior Manager CCO may also be accountable Core Operational Risk Management activities with respect to specific operational risk categories, including FCC, Compliance, Business Continuity, Information Security, Privacy, Fiduciary, Fraud, SOX, Product Due Diligence and Third Party Risk Management (Vendor) as required.

Business/Function/HOST Specific Responsibilities

The responsibilities under this role for each of the areas of focus are as follows.

Policy and Governance:

  • Provide feedback on proposed operational risk policy for the business/function/HOST and likely impacts.

  • Provide advice to Risk owners and Control Owners regarding operational risk policy dispensations. Provide guidance to Risk Owners and Control Owners in adhering to the ORMF (Operational Risk Management Framework) and operational risk policies.

  • Provide feedback on the embedding and use of the ORMF and the operational risk policies to Operational Risk and to the Risk Stewards.

  • Ensure and participate in appropriate and effective operational risk governance within the business/function/HOST.

Risk Appetite:

  • Provide advice to the Risk Owners to support them in setting risk appetite.

Core Operational Risk Management:

  • Engage with relevant Risk Stewards to contribute to a standard Risk and Control Library for the business/function/HOST, as requested by a Risk Owner/Control Owner.

  • Co-ordinate the RCA process on behalf of Risk Owners and Control Owners as requested, examples prompting co-ordination may include trigger event monitoring, stakeholder engagement, meeting organization and outputs.

  • Risk Stewards will be engaged as required.

  • Provide expert advice to the Risk Owners and the Control Owners in the completion of risk and control assessments, including identifying material operational risks and controls.

  • Develop and execute control monitoring plans as requested by Control Owners, work with Risk Owner to identify and oversee completion of remediation actions.

  • Provide expert advise to Risk Owners in the completion of scenario assessments.

  • Use key indicators set by Risk Owners and Control Owners to facilitate control monitoring.

  • Contribute to the effective identification, assessment and root cause analysis of material internal risk events, advising and constructively challenging Risk Owners and Control Owners on resolution.

  • Perform analysis of material external risk events, as requested, advising and constructively challenging Risk Owners and Control owners on impact and mitigation.

  • Track and provide advice on the completion of management response actions, ensure timely and accurate recording in the operational risk management system, ORION.

  • Promote operational risk awareness, including training and communications for the Business/Function/HOST.

  • Ensure adequate CCO resources with appropriate capabilities are in place to provide required support.

  • Review and take actions to improve the quality of inputs in the Group's operational risk management system.

Oversight, Use and Embeddedness:

  • Co-operate as required with oversight reviews relating to risks and controls, for example with respect to tracking remediation activities.

Reporting:

  • Produce business/function/HOST operational risk reporting and insight based on RCA results for used for Risk Owners, Control Owners and wider stakeholders or governance. Escalate top and emerging operational risks working with Risk Owners.

Customers / Stakeholders

Support the respective business/function/HOST as per the activities outlined in the areas of focus for this role including Policy and Governance, Risk Appetite, Core Operational Risk Management, Oversight, Use and Embeddedness, and Reporting.

Leadership & Teamwork

  • Lead and develop an effective team through communication, performance management, development plans and reward/recognition practices.

  • Promote an environment that supports diversity and reflects the HSBC brand.

Operational Effectiveness & Control

Ensuring that all roles and responsibilities of the CCO as defined in the Global Risk FIM and as outlined in the Business/Function/HOST Specific Responsibilities are applied to FCC, Compliance, Fiduciary, Product Due Diligence, Vendor SOX, Security, Privacy Business continuity and Fraud.

  • Ensure CCO team is properly trained in fraud risk awareness and facilitate reporting of confirmed/suspected fraud.

  • Complete other responsibilities, as assigned.

Role Context

  • Supports the business/function/HOST in its management of operational risk appetite, ensuring business/function/HOST operates in compliance, with operational risk framework and standards

  • Build relationships and interact with US Operational Risk team and other 'second line of defense' teams, Global CCO, and others for operational risk and internal control matters.

  • Daily discretion with assigned authority. Decisions beyond assigned authority are referred to higher levels of management for approval.

  • Officer in Charge (OIC) for Chief Control Officer in small functions, as required by virtue of delegation.

Management of Risk

  • The physical demands/work environment described above are representative of those that must be met by an employee to successfully perform the essential duties of the job. Reasonable accommodations may be made to enable individuals with disabilities to perform essential duties.

  • Physical Demands/Work Environment: Very good working conditions. Little or no physical demands. Minimal handling of light materials. The physical demands/work environment described above are representative of those that must be met by an employee to successfully perform the essential duties of the job. Reasonable accommodations may be made to enable individuals with disabilities to perform essential duties.

Financial Crime Compliance (FCC) and Regulatory Compliance (RC)

The CCO activities are to advise the Risk Owners and Control Owners in the risk assessment process, to advise on the mitigation process, to perform risk-based monitoring of control effectiveness in order to validate the control assessment. As with other Risks and the associated controls, these CCO activities pertain to specific FCC and RC risks and controls. The CCO monitors timely resolution of issues and actions pertaining to FCC and RC.

In addition to the Risk and Control Assessment process (RCA), the Regulatory Compliance function outlines the CDSA (Compliance Detailed Self-Assessment). The CCO works with the business/function/HOST to determine that the controls which are in place and mitigate the risk of the pre-determined RC obligation.

For FCC and RC training-- the CCO tests the compliance of the first line of defense in the timely completion of mandatory training. The jobholder will remain current with all FCC and RC specific required training.

The job holder will be aware of and will pro-actively apply their knowledge of the Global Anti-Money Laundering (AML), Sanctions and Anti-Bribery and Corruption (ABC) Policies, Regulatory Compliance Policies, supporting US Guidance, and Line of Business Procedures in line with the core activities of the CCO. The jobholder will make informed decisions in accordance with the core principles of HSBC's Financial Crime Risk Appetite and Policies, and pro-actively escalate appropriately instances of deviation, whether evidenced through ongoing testing or control monitoring.

  • Minimum of a Bachelor's degree with 10 years equivalent experience. Substantial experience in Banking, risk management and / or internal audit; Audit, Risk, Compliance or Finance professional designation preferred

  • Sound verbal and written communication skills that promote and enable openness with staff, management, internal partners, and external parties

  • Uphold compliance with all relevant internal and external rules, regulations and procedures; engage others to act responsibly and minimize operational risk and internal control issues

  • Demonstrate a sound holistic and technical understanding of pertinent business areas and Group requirements as detailed in Group Standards Manuals, Functional Instruction Manuals (FIM), and local standards

  • Sound judgment, keen sense of urgency, and high level of professional and personal integrity

EEO/AA/Minorities/Women/Disability/Veterans


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Data Domain Lead Chief Data Office

Societe Generale

Posted 5 days ago

VIEW JOBS 11/14/2018 12:00:00 AM 2019-02-12T00:00 Environment The Global Business Services & Chief Operating Office [COOU] is a key partner for GBIS business lines development and performance. This global team gathers the following support functions : Market Analysts & Certification Community (MACC), Operations (OPER), Information Technology (ITEC) and Regulatory, Oversight & Cyber Security(ROCS). Our role is to provide the most competitive operating model on the market to GBIS business lines while delivering a high quality level of service and innovative solutions in a risk-controlled environment. The COOU group's Regional Data Management Office (RDMO) is looking to hire a Data Domain Lead [DDL] to work along with business partners as part of the BCBS 239 Roadmap. The DDL will liaise with Data Domain Owners and Data Stewards [DDO/DS] to escalate priority Data Quality Issues. They will educate the DDO/DS in new roles and responsibilities involving: assessing and identifying CDEs, documenting accurate business metadata, assessing data quality, data lineage and controls, remediation efforts, participate in business data modeling and implementing reporting best practices. The individual will interface with the Data Governance & Standards Officer for updates to standards, policy and procedures. The following skills are required to support the Data Domains: Manage collaboration with technology, operations, and other cross-organizational control functions. On-board the Data Domain on the data management tool stack and track the progress, form and contribute to a global data domain working group to implement the data management program. Additional requirements for this position include domain knowledge and prior experience in areas of Risk Management [including Credit Risk], Finance [including Liquidity], and Capital Markets Middle Office. In-depth knowledge and experience in investment banking Risk Management [including Credit Risk], Finance [including Liquidity], and Capital Markets Middle Office within each functional area and the interaction with data, both from a producer and consumers perspective. The DDL for these functional areas will interact with the America's CRO and CFO to ensure priorities are aligned, Data Management Strategy implemented and progress per plan is communicated. Additionally there is a strong link to the technology partners that support these functional areas which requires collaboration. Mission Day to Day Responsibilities: * RDMO POC for Risk and Finance functional areas * Liaise with Data Domain Owners and Data Stewards [DDO/DS] to escalate priority Data Quality Issues * Educate the DDO/DS in new roles and responsibilities involving * Assessing and identifying CDEs * Documenting accurate business metadata * Assessing data quality * Documenting data lineage and controls * Participate in business data modeling and implementing reporting best practices * Ensuring accurate documentation of Business Metadata in KEA'R * Lead the data consumers in the documentation of Data Quality * Lead the data consumers in the documentation of Data Lineage * Lead remediation efforts with specific Business Lines * Interface with the Data Governance & Standards Officer for updates to standards, policy and procedures * Collaboration with technology partners to implement Data Strategy and remediation Profile Description of the skills/knowledge/expertise required: * Domain knowledge and prior experience in areas of Risk Management [including Credit Risk], Finance [Liquidity], and Capital Markets Middle Office * Data management expertise in defining Metadata, Quality and Lineage for critical data elements * Partner with business and technology to identify data flows and golden sources * Identify gaps in data flow of manual processes and controls * Manage collaboration with technology, operations, and other cross-organizational control functions * Partner with technology to implement improved lineage of critical data elements Societe Generale New York NY

Senior Manager, Chief Control Office

Hsbc