Global Enterprise Risk Management (ERM) is a sub function of Group Risk. Its purpose is to make sure HSBC understands and is in control of its non-financial risk position. In addition, the function provides resilience risk stewardship to the Regional Business and Functions and the entities we operate in.
The role holder will have responsibility to provide operational and resilience risk oversight for Wealth and Private Banking Segments and Products businesses in Singapore, including Insurance and Asset Management:
1.Ensure the integrity and timely completeness of risk and control identification, assessment and information within the Group’s Risk and Control system of record (Helios) as well as directing documented remediation plans for residual risks.
2.Supporting with thematic reviews across Singapore to ensure that risk and control environment is commensurate with the scale and nature of operations.
3.Supports Singapore operational and resilience risk management and acts as a key contact and escalation for senior stakeholder engagement.
4.Supports embedding the Risk Management Framework (RMF) and provides advice, guidance and challenge in relation to ERM oversight and internal control effectiveness within Singapore.
5.Provides 2LOD oversight of top and emerging risks, ensuring Singapore can mitigate these timely and cost effectively.
6.Attends Singapore control meetings and non-financial risk governance forums, providing both Operational Risk oversight and robust and timely Risk Steward challenge of the *** Line of Defence (1LOD) view of the resilience risk profile as required.
7.Supports developing and promoting an increasingly insightful process-based view of ERM risks.
8.Supports the implementation and embedding of the ERM functional strategy.
9.Applies risk stewardship review and challenge over Resilience Risk RCAs and control environment.
1.Strong understanding of processes, risks and controls relating to Retail, Wealth, Private Bank, Asset Management and Insurance Segments and Products.
2.Strong level of risk management knowledge and relevant experience.
3.Comprehensive knowledge of the external environment (risk, regulatory, geopolitical, competitor etc).
4.A BA or BS University Degree preferable in relevant discipline.
5.Professional qualifications (e.g. HKMA Enhanced Competency Framework on Cybersecurity, Information Systems Audit and Control Association certification or equivalent qualification from a recognised professional body) may be advantageous.
6.Previous experience and/or knowledge in Resilience Risk types, especially on Technology (including Cyber) Risk, Data