Director, Operational Risk Management

The Director, Operational Risk Management (ORM) leads the Bank’s financial risk management (operational risk, information security, data protection and non-financial statement controls). 

Key to this role is promoting sound risk management practices in these areas across the organisation. This includes extensive liaison and challenge to Senior Management (MD level and above) across the Bank to ensure their operational risks are identified, monitored and managed.  Overall the role requires extensive liaison and influence Bank-wide with senior leaders, including effective challenge in this second line of defence role to ensure appropriate mitigation is put in place or risks are accepted.  This entails setting, implementing, and continually assessing a framework for minimizing the impact of non-financial risk events to the Bank and cost-effectively improving the control environment or ensuring Senior Management understand risks that are accepted. 

Accountabilities & Responsibilities:

• Drives the development and maintenance of a risk-aware culture, engaging ExCom and the Board to set the tone and ensuring MDs and their Directors take responsibility for end-to-end process management and controls.
• Responsible for leading the development, ongoing review and maintenance of the Operational Risk, Information Security, Data Protection and non-Financial Risk Appetite Frameworks.
• Drives engagement with RiskCom on governance related to these non-financial risks, including presenting the material changes to the frameworks annually and reporting on their development.
• Delivering and maintaining an effective Operational Risk, Information Security, data protection and Internal Control infrastructure, governance and risk systems that support the business in identifying and managing risks.
• Setting clear responsibilities for the management of those risks to the business areas and providing independent challenges making suitable recommendations that improve the Bank’s control environment and management of those risks.
• Challenge the risk owners (department heads at the MD level) who should be adequately identifying, monitoring and developing appropriate mitigation for their residual risks to reduce the risks to acceptable levels.
• Develop, maintain and monitor a granular risk appetite statement for the Bank’s top-level non-financial risks challenging appetite owners in their assessment and ensuring related key performance indicators are designed, monitored and acted upon.
• Develop and foster operational risk and information security risk skills across the Bank by identifying necessary training requirements, supervising the development of training programmes and ensuring completion through appropriate consequences.
• Support Senior Management decision-making by communicating material risks, incidents, and trends to ensure they are aware of risks they are facing, facilitated by developing risk and control tools which enhance the Bank’s risk management (non-credit/market), taking into account cost / benefit.
• Being part of the Corporate Leadership Group (CLG) of the Bank, maintain a constructive dialogue with departments across the Bank, and maintain close co-operation with other Risk Management teams in order to understand upcoming issues and touchpoints where risk mitigation may be required.
• Identify relevant risk activity, issues and incident information to include in the risk management framework and Operational Risk challenge.
• Ensuring emerging and material risks are promptly identified and acted upon, with clear accountability across the business and escalate material operational risk incidents and issues to MD Risk Management, CRO and ExCom colleagues in accordance with escalation procedures.
• Ensure lessons learned and root cause analysis are completed for material events and associated actions are monitored and completed.
• Chairs OPCWG (Director level representation) which assesses whether new products or significant variations to existing products will introduce significant change (i.e. to systems, resource requirements, accounting, legal) requiring additional resource/time to implement, advising Chair of RiskCom accordingly, as part of the overarching decision whether/ how to proceed with the change. Co-ordinate RM inputs into such discussions by reviewing conclusions from the RM leadership team
• Leading Information Security and Data Protection activities to ensure the Bank is protected from leakage of sensitive data and other financial consequences by delivering appropriate mitigation around users and user behaviour, third-party assessments of data help and extensive liaison with IT security to ensure technical controls complement the controls around people (the remit of Info Sec),
• Develop and deliver the process to ensure the Bank’s internal assessment process of controls over Financial Reporting can be annually attested to and can support CFO signing off on the Financial Statements, by ensuring all MDs involved in key processes have adequate design and test the effectiveness of said controls.
• Liaison with external auditors over the Financial Reporting control assertion and consultants appointed to carry out audits of the EBRD on behalf of donors (i.e. the EU) to ensure the activities in this role are appropriately assessed (i.e. EU pillar assessment over data protection)
• Maintain external network to ensure that market practice is understood including liaison with other functional counterparts at IFI / MDB organisations. Represent the Bank in appropriate forums covering the role’s activities and Risk Management as required.

 People Leadership and Management:

• Directly accountable for the engagement and effective overall management of staff in the function including recruitment, talent and performance management, coaching and development.
• Monitors and ensures the team provides timely and effective support and advice, proactively manages the pipeline of activity
• Provides leadership and vision to the team and is responsible for all aspects of managing, supporting and developing the team to deliver the team strategy and objectives.
• Builds a culture of continuous improvement and ‘thinking outside the box’ to deliver performance in line with strategic objectives and consistent with the EBRD’s values.
• Champions and role models the Bank’s Behavioural Competencies and Corporate Behaviours, ensuring adherence within the team(s) so that the highest standards of integrity and ethical conduct are exhibited at all times.

Knowledge, Skills, Experience and Qualifications:

• Relevant degree or equivalent experience.
• A significant number of years of relevant and broad experience in a financial services organisation.
• Extensive knowledge of risk management principles.
• Strong Knowledge of Banking products and services, the operation of a Bank and interaction / inter-dependencies of departments therein.
• Strong knowledge of operational risk, internal controls design and effectiveness.
• Understanding of relevant regulation as a benchmark.
• Extensive “client management” skills demonstrating the ability to work highly effectively across the organisation at different levels building strong and effective working relationships.
• Strong experience in process and organisational design. Knowledge of Sarbanes Oxley, Basel II/III, ISO27001 would be helpful.
• Demonstrated ability to manage a team of technical experts operating in different spheres and the ability to indirectly manage larger teams of employees to create a cohesive larger team.
• Strong partnership skills to enable positive engagement with teams throughout the Bank and contribute to the cohesiveness of the Bank’s senior management.
• Strong leadership, management and communication skills combined with an ability to motivate professionals to deliver business objectives effectively in a multi-cultural, results-oriented organisation.
• Judgement and analytical ability – shows sound judgement and common sense, analyses issues correctly and produces appropriate solutions.
• Proven experience leading a multi-disciplinary team exposed to challenging geographical environments.
• Proven strong coaching skills, particularly related to the development of team members.
• Significant people management skills, including workforce and resource planning.

Source: https://jobs.ebrd.com/job/London-Director,-Operational-Risk-Management/1153066401/