Stanbic IBTC Bank is a leading African banking group focused on emerging markets globally. It has been a mainstay of South Africa’s financial system for 150 years, and now spans 16 countries across the African continent.
Standard Bank is a firm believer in technical innovation, to help us guarantee exceptional client service and leading edge financial solutions. Our growing global success reflects our commitment to the latest solutions, the best people, and a uniquely flexible and vibrant working culture. To help us drive our success into the future, we are looking for resourceful individuals to join our dedicated team at our offices.
We are recruiting to fill the positions below:
Job Title: Manager, Operational Risk
Job ID: 35800
Location: Lagos Island
Job Sector: Governance
Job Details
- Risk Management: understanding all risks – from the economic to the political – that could affect our global business, and offering guidance to all parts of the bank
Job Purpose
- To enable Business management in discharging their responsibility for managing Governance Standards, Risks and Operational Controls.
Key Responsibilities/Accountabilities
Manage Governance and Control across the Business:
- Ensure the overall operational risk management, governance and control across the business in conjunction with wider Risk Management teams.
- Ensure that the Business is supported by a robust framework of policies and standards with appropriate approval authorities.
- Facilitate the development of standards and ensure the documentation, implementation and assessment on a regular basis thereof.
- Facilitate the development of a common process across Business for self-attestation of compliance to control Policies and Business operational standards.
- Provide assurance to management that all policy requirements are addressed including Procurement, HR, BCM/DR, Health and Safety measures, Access Management, General Controls, Material Outsourcing etc. plus any other Regulatory / Management requirements.
- Provide information in an appropriate way for different audiences, e.g. business leadership so they understand the most significant risks, to governance committees (i.e. Mancos, Operational Risk and Compliance Committee (ORCC), Risk Oversight Committee (ROC) etc. to ensure they are aware of risks relevant to their parts of the business, and to relevant individuals within Business and to understand their accountability for individual risks.
- Provide education and training of staff to build risk capability/ raise policy awareness within the organization.
- Implement relevant as aspects of BCM programme of work as well as relevant oversight across business units
- Provide risk input with regard to assessments for change initiatives /process reviews and ensure material operational risks are duly mitigated
- Promote track and report on continuous improvement Initiatives to ensure Business compliance with relevant regulatory, risk as well as control standards.
- Support Group Risk Management response to the Bank’s Digital Strategy
Monitor Risk and Compliance for the Business:
- Ensure controls are in place for accurate and realistic information provided to the ORCC, ROC e.t.c.
- Provide quality oversight for Business self-assessments with regular audits of conformance including reviews of evidence provided, liaison with internal and external auditors.
- Ensure that all records in business unit risk registers, classified as High Risk are assigned action plan immediately. (Note: Items classified as Medium and Low “should” also have action plans defined).
- Ensure controls are in place to manage the of open Audit findings
- Ensure that all audit findings are closed before the due date and do not go into overdue status.
- Provide oversight and support the implementation of country’s programme of work to BCM / DR / Contingency planning, Access Management, Policies e.g. ensure processes such as purchasing insurance, implementing health and safety measures and making business continuity plans to limit risks and prepare for if things go wrong.
- Ensure that all mandatory compliance training is done across by direct reports in the operational risk team
- Ensure that information risk management process is robust and appropriate governance process is in place.
- Provide oversight for the management of all entries as well as data related to RCSA, KRIs, Incidents and losses uploaded on the Accelus Risk Manager (ARM05).
- Implementation, validation and monitoring of operational risk management processes within the business
- Continuously improve the operational risk processes with the intention of adding value to business whilst introducing practices that are fit for purpose in line with leading global practices
- Ensure that the business management are fully appraised of the operational risk status
- Provide operational risk tools training support to the business
- Validate reported operational incidents and exceptions, perform root cause analyses, identify potential opportunities for improvements to upstream processes/systems. Provide adequate operational risk review and evaluation of new product releases, and emerging risks due to changes to products and service offerings within the business
- Collaborate with head office and in-country business and other stakeholders (e.g. Operations, Legal, Compliance, FCC, PBB ,GRES, Physical Security and other risk type functions, and IT)
- Ensure that in-country and head office operational risk deliverables and strategies are met
- Perform sample-based back-testing analysis on specific operationally vulnerable areas to pre-empt the development of standards, procedures and process maps where operational gaps exist across businesses
- Facilitate RCSA’s , KRI’s, Scenario Analysis workshops with business; and monthly collation and validation of Key Risk Indicators, and other relevant risk metrics
- Assist in development of a cross departmental communications program on cross cutting operational risk issues, including those relating to shared enablement functions such as Finance, Operations, IT, HR and Risk divisions
- Pro-actively identify control deficiencies from Internal Audit, Internal Control assessments, Forensic investigations, BCM, incident management and external assessments (those outside of immediate environment) and through gap analysis to ensure ‘fit for purpose remediation by business of any risk exposures.
- To pro-actively manage business continuity risks/threats to the business.
- Support and Assist business entities in defining suitable and cost effective recovery strategies/plans in accordance with policies, standards and framework best suited to their environment and aligned to the culture, complexity and risk appetite.
- Works with Business Continuity stakeholders/ representatives in business to conduct, document and signed Business Impact Analysis in-line with business resilience standards
- Assist the business with Business Continuity readiness by conducting Desktop Work- through Exercise, simulation exercises, call trees etc. with them
- Coordinate the establishment and implementation of work area recovery site plan, document, maintain, rehearse and conduct recovery strategies exercises at WAR sites.
- Ensure third party recovery plans are validated in accordance to our recovery priority agreement.
- Manage and conduct business resilience exercises designed to ensure that all business functions and crisis teams are regularly tested in accordance to their criticality, capabilities and risk profile.
- Ensure BCM and IT DR are aligned with business risk appetite and recovery priorities, documented, tested and reported to create business awareness.
- Manage, train and administers the appropriate BCM tools ensuring they are up to date, functional and fit for purpose
- Provide monthly dashboard and POW update report
- Create staff education and awareness training to promote BCM awareness and culture using mechanism such as intranet, E-Learning, Emails, Presentations, periodic workshops and Email communications.
- Ensuring that the following business documents are up to date and ready for execution to recover their, people, business process, technology and facilities in the event of an emergency, crisis or disaster:
- Ensure wardens, Evac chairs training is conducted.
- Schedule and conduct call tree exercise in accordance with BCM standards
- Attend BCM related training workshops and provide thought manager-ship on BCM related matters.
- Monitors, Promote and maintains an understanding of current/future business continuity trends and threattest.
Assess and Monitor the Business:
- Collaborate with other members of the Risk Community to ensure that actions on the Business Top Risks are accurately and appropriately defined and tracked to ensure successful remediation and mitigation of high risk issues.
- Ensure that all Logical Access Management (LAM) procedures are in place, and attested to in terms of systems and staff role-based access requirements. This includes the appropriate monthly reporting and validation.
- Monitor the IT “vulnerability” landscape and ensure that all defined actions are implemented timeously and that the risks are satisfactorily reduced. This includes all mandatory patch management requirements and timelines.
- Facilitate the BCM process and testing of requirements across the Business landscape in accordance with the Group BCM policy. This includes all Crises Management Team (CMT) documentation and Alternate Recovery Site (ARS) plans.
- Coordinate, advise and report on actions required to resolve non-compliance issues
Manage People Development:
- Support the development of analysts in the team through interventions in areas relating to technical knowledge, report writing , hands-on supervisory support in managing key operational risk management tools, systems e.t.c
- Provide support for analysts around change in processes, projects and take responsibility for implementation.
- Ensure continuous improvement in the quality of assessment report, adhoc tasks e.t.c.
- Ensure that turnaround times and deliverables are met
- Manage Governance and Control across the Business
Preferred Qualification and Experience
Qualifications:
- B.Sc Economics
- M.Sc or MBA
- Professional Qualification in Risk Management
Experience:
- 7-8 years experience in Risk and Technology in a large global corporate environment.
- Good understanding of all aspects of Operational Risk Management.
- High degree of understanding of all aspects of risk within a technology environment
- Good understanding of the Operations function and business processes relating to Wholesale and Retail banking transactions. This includes Branch and Head Office operations management.
Knowledge/Technical Skills/Expertise
Technical Competencies:
- Written Communication
- Evaluation of Internal Controls
- Remedial Action Development
- Risk Acceptance Risk Response Strategy
- Evaluating Risk Management Effectiveness
- Technology Orientation
- Risk Awareness
- Risk Management
How to Apply
Interested and qualified candidates should:
Click here to apply or this Position
Job Title: Head, Investigation & Fraud Risk
Job ID: 35776
Location: Lagos Island
Job Sector: Banking
Job Details
- Risk Management: understanding all risks – from the economic to the political – that could affect our global business, and offering guidance to all parts of the bank
Job Purpose
- To provide oversight and leadership in ensuring that all Financial Crime Control functions are carried out according to the Group Financial Crime Control (GFCC) mandate and that standards and methodologies are designed and aligned to add value to the Stanbic IBTC PLC, Nigeria business.
Key Responsibilities
- Manage, lead, provide guidance, facilitate and pursue financial crime that is committed against Stanbic IBTC Bank PLC and its Customers.
Strategic Leadership:
- Operate within the Code of Ethics and Values of the Bank.
- Assist with the development of strategy towards financial crime combating initiatives within Stanbic IBTC Bank Business portfolio and to align this to the GFCC strategy.
- Execute GFCC Mandate and Strategy across the three lines of business i.e. PBB, CIB and Corporate Functions and thereby reduce financial crime losses and incidents.
- Adopt a pro-active approach to financial crime control.
- Comment on the adequacy and effectiveness of group processes and financial crime controls.
- Provide input to and assist to coordinate investigative and Prevention/Detection processes.
Prevention:
- Provide input and assist where required with the design of country specific fraud and Security policies; standards and methodologies.
- Develop fit for purpose fraud prevention and awareness programs leveraging available delivery mechanism like social media, digital channels, email, SMS and face to face channels.
- Effective execution on Fraud Prevention initiatives aligned to strategy.
- Ensure the effective Management of fraud rules on enterprise Fraud Risk management (FRM) systems
Investigations:
- Establish and maintain investigative principles, processes and techniques that lead to loss recovery (civil and criminal) and successful prosecution.
- Ensure utilisation of the Digital Forensics lab and tools in driving effective and efficient investigations.
- Monitor projects / progress on all assignments.
- Conduct and manage investigations/projects within GFCC portfolio on the following:
- Complex matters
- Major financial loss matters
- Senior personnel
- Reputational issues
- Sensitive matters
- Testify in DE’s, criminal and civil court matters
- Ensure proper gathering and safe keeping of evidence on all investigative projects.
- Ensure quality assurance on all investigations and reports
Management Information:
- Analytically review management information to determine current and emerging trends and establish tactical approach.
- Report significant control weaknesses and make recommendations to mitigate the same.
- Report significant issues related to the governance and operational processes including potential improvements to these processes and the provision of information concerning the resolution of such issues.
Stakeholders Engagement:
- Facilitate engagement with GFCC and leverage from centres of excellence to ensure consultation and communication with regards intelligence, analytics, prevention, detective techniques; legal advisory, forensic auditing and investigations.
- Engage on forensics intelligence framework and methodology whereby intelligence can be shared across the SBAR and GFCC intelligence.
- Promote, liaise and engage with country specific fraud forums.
Effectively manage a team:
- Lead, manage and direct the GFCC team.
- Responsible for reviewing the in-country Operating model and structure and to manage the recruitment, development and retention of relevant skills in order to meet the business and GFCC need.
- Responsible for reviewing the in-country Operating model and structure and to manage the recruitment, development and retention of relevant skills in order to meet the business and GFCC need.
- Ensures the effective selection of staff by matching the skills and competencies to the requirements of the job..
- Drives Career Management and succession planning in conjunction with Human Resources.
- Facilitates the views of the team members, resolves issues raised by the team and escalates issues if required and provides feedback to teams on an ongoing basis.
- Ensuring that clear targets are set and that resources are profiled and recruited accordingly.
- Fosters a culture of continuous improvement and performance measurement. Tracking, ranking and managing the performance of the team in line with performance management policies, systems and practices.
- Planning and overseeing the implementation of a skills development plan to address skills gaps.
- Fostering a climate of self-development, learning and personal growth.
Effectively manage risk and loss:
- Accountable for ensuring the recovery of losses through Criminal and Civil action
- Take ownership and overall accountability for allocated cases for Nigeria from the point of allocation until their “formal” conclusion as per the defined processes.
Process and Case Management on Investigations:
- Constantly provide intelligence regarding trends, modus operandi, type of financial crime documents, and standard of fraud application, knowledge of the criminal groups / syndicates regarding the verification process, other processes of SBA that are detected in current investigations on hand. Secure reporting line to relevant Business Heads regarding relevant intelligence gathered through investigations.
- Regularly liaise with Law Enforcement Intelligence Services to gather information regarding the movement of suspects (locally and internationally), new trends, crime threats and modus operandi that are identified.
Customer Service and Portfolio management: Alliances / Liaison & Networking:
- Ensure effective Customer Service Escalation matrix.
- Timeous input to relevant report requirements (Exco, SAC, Risk Committees, Nigerian Central Bank reports) and management reports
Internal Relationships:
- Various Business Units
External Relationships:
- Nigeria Police Services; Economic and Financial Crimes Commission; Directorate of Intelligence Services of Nigeria; Directorate of Public Prosecution of Nigeria; Nigerian Courts; Central Bank of Nigeria (CBN); Nigeria Deposit Insurance Corporation; Financial Institutions Training Centre; Committee of Chief Inspectors of Banks in Nigeria; Inter-banks Risk Forum – Other banks
Preferred Qualification and Experience
Qualification:
- A first degree in Finance and Accounting preferred.
- Relevant professional qualifications will be an added advantage.
Experience:
- Risk Management – Financial Crime Risk Management
- 5-7 Financial crime risk management experience
- 5-7 Years People management experience
- 5-7 Years Significant experience in managing financial crime risk in a large scale financial crime operational area in Nigeria
Knowledge/Technical Skills/Expertise
Risk Management:
- Demonstrates knowledge and understanding of risk management methodologies, tools, governance structures and regulatory requirements for good management of risk.
Risk Identification:
- The examination of the essential elements of risk such as; assets, threats, vulnerabilities, safeguards, consequences and the likelihood of the threats materialising.
Fraud Detection and Management:
- The ability to apply risk management tools, assess process and identify possible fraud within a defined system or core process.
Risk Awareness:
- General awareness of risk management practices in a financial services organisation.
Risk Reporting:
- The ability to prepare quantitative and qualitative analysis on the risk landscape in the business including interpretation and analysis for use by business users.
How to Apply
Interested and qualified candidates should:
Click here to apply for this position
Leave a Reply