Senior Operational Risk and Controls Manager

ROLE PROFILE

JOB PURPOSE

Design and implement processes.

• To support the on-going development and management of an Enterprise Risk Management framework across CMAL* where required.  In particular, to lead the Operational Risk & Control assessment process at CMAL (in the identification, recording, assessment and reporting of risks and key controls across CMAL.

To promote the risk culture across the organization:

• To promote the value of first-line risk management and assist the business in adopting a risk culture of owing risks and controls management processes.

To be a team player:

• To collaborate closely with the risk team and obtain and review existing information / aim to minimize duplication of work or information requests by the risk team.
• To help in the development of the team’s more junior team member(s) analyst.
• To collaborate closely with the risk team and assist with various risk management framework elements and processes.

CMAL* = CMAL and wider corporate Structure where required.

 

KEY RESPONSIBILITIES

• To support the business in the identification, recording and mapping of key risks and controls across the business.
• To assist in the development of key risk indicators associated with risks and controls.
• To identify risk mitigation actions or where controls should be improved / enhanced or modified.
• To track progress against actions by the business on gaps identified in the control’s environment, risk event process and risk assessments.
• To contribute towards the reporting of risk and control assessments engaging with Control Owners, Risk Managers, and Risk Owners (e.g. Functional Heads). Design and produce risk reporting to key forums and Committees, including the compilation of Risk Dashboards.
• To contribute towards the reporting of actions.
• To design and implement a robust self-assessment process for controls and risks. To Lead the control assessment and testing to ensure consistency and quality/ reliability for self-assessments by the business is maintained where possible.
• To design and implement an appropriate method of presenting risk and controls assessment for regular socialization to and challenge by the executive committee.
• To design and roll out control testing and risk and/ or control deep-dive testing processes. And maintain strong audit trails of testing conducted by Risk.
• To focus on the analysis of management information and the provision of accurate risk management reports to management and Committees.
• To roll out control owner training. and deliver other risk training as required.
• To review all info from loss and near miss event capture and reporting and feed this in the controls and risk assessment processes/ deep dives.
• Lead the migration of risks and controls to a suitable risk system.
• To manage the Operational Risk & Control Analyst in the identification, recording and assessment of risks and key controls across CMAL.
• To support / train the Operational Risk & Control Analyst to develop reporting dashboards (or similar) to Committees over risk and/ or control performance.

 

Risk system (to be determined)

• To ensure that the data held within the XYZ system is a correct and accurate reflection of the key risks facing CMAL and that any self-assessment of the control environment by the first line of defence is validated.

Deep dive assessment:

• To assist the CRO by developing a risk-based Deep dive risk and control assessments.
• To work with a range of professionals across CMAL to understand the key risks they are facing and the mitigating controls and processes to ensure that risks are being managed to within appetite.

Loss Reporting

• To collate loss events and identify control deficiencies and their remediation and control enhancements. To collate loss event reporting.

Risk Management Information collation, analysis, and reporting

• To schedule, plan and track the timetable of risk management reporting

 

BEHAVIOURS:

To behave in a manner compliant with any applicable UK or International statutory or regulatory obligation as required by the role.

This includes but not limited to obligations arising from:

✓      The prudent management of the business.

✓      Placing due regard on the interests of customers.

✓      Observing rules on Sanctions and financial crime.

✓      Regulatory requirements and local licensing restrictions.

 

TECHNICAL SKILLS REQUIRED

• Experience in coordinating and contributing towards Risk reporting (risk and capital committee papers, internal audit, or control deep dive reports and ORSAs.
• Able to demonstrate a strong understanding of the entire ORSA report of an organisation.
• Report writing and ability to communicate technical information in a way that is easy to understand.
• Presentation skills
• Data & business analysis - ability to gather, interpret and simplify data and articulate in a simple picture. Data will at times be quantitative, but more often will be qualitative data with issues cutting across several topics, functions, and interdependencies that need to be broken down to simple issues and presented to management.
• Be a problem solver- not a problem highlighter!
• Ability to arrange and carry out risk assessments, and carry out fact finding investigations on operational issues, loss events etc. Approach in a structured and methodical manner: Preparation (by reviewing audits, committee packs, risk registers and near misses), targeted and relevant/ current questions, documentation of meetings, escalation, and reporting of key issues, tracking actions agreed.
• Strong organisation skills- ability to manage own calendar, internal and external regulatory requirements.
• Ability to maintain organised folders/documentation and audit trail of key discussions.
• Ability to bring together general business knowledge and actuarial knowledge desirable
• Previous experience of implementing and using risk systems.
• Strong Excel skills.
• Strong PowerPoint skills.
• Ability to work under strict timelines/ manage own workload and meeting schedule.
• Attention to detail in reporting. Validate figures, format, and spellcheck and be able to evidence all statements and opinions.

 

SKILLS / KNOWLEDGE / ABILITY

• Ability to work with a variety of disciplines outside of the department and delivery presentations to key stakeholders.
• Strong planning and organisation skills.

• The ability to work well under pressure in a deadline driven environment.

• Ability to prioritise and co-ordinate tasks efficiently ensuring all deadlines are met.

• Maintains a positive attitude towards routine tasks.

• Accurate and exceptional attention to detail.

• Pro-active and enjoys working autonomously and as a part of a wider team.

• Confident and assertive where required.

• Flexible approach to work.

• Understands and appreciates the importance of using discretion.

• Team player who deals effectively with colleagues and clients.

 

QUALIFICATIONS:

Critical:

•    Minimum of a BSc or BA, master’s degree or equivalent.

•    ACA (part of fully) qualified or CII qualified.

•    Internal audit experience in Insurance.

Desirable:

•    Professional risk management qualification (CIRM or equivalent)