Assist the Head of Operational Risk in integrating operational risk management in the management processes in order to contribute to an acceptable operational risk/reward profile for business. It includes ensuring that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework, Operational Risk Framework, Internal Policies and Standards.
Operational Risk Framework (20%)
Operational Risk Manager imperative role is to provide independent oversight and assessment on compliance to all the policies and standards as well as ensure implementation of the ERMF through;
- Management of the end to end process for risk events reporting through review and challenge, data quality management, timely escalation of events in line with RICM, provide expert advice during root cause analysis and lessons learnt assessment to ensure corrective actions that mitigate the risks are put in place.
- Embed operational risk management ownership across defined business units through providing expert advice, sharing best-practice and risk mitigation techniques with management to enable them to pro-actively manage the operational risks within their areas/sections.
- Maintain a diary of all open issues from the various sources and Evidence clear management till closure and ensure timely escalations to the relevant committees to report any lapses.
- Maintain an annual training plan to raise awareness on all policies and standards that supports implementation of the Operational risk Management framework.
- Perform conformance reviews to test compliance in accordance with the annual plan.
- Conduct conformance reviews on internal controls for actions identified during lessons learnt assessment to test embedment of processes.
- Support selected business units to identify and ensure possible risks are identified and mitigated as appropriate.
Business support, advice and guidance (55%)
- Provide guidance and support to the Business in raising awareness and understanding of operational risk and governance. This may involve making presentations/training sessions to staff, as well as coaching and informal training as required.
- Review changes to policy, procedures and regulations for appropriate changes to monitoring processes and implement appropriate amendments.
- Provide Operational Risk Advisory services to the Governance Managers with the main objective to educate business line-management in the use of the various Operational Risk tools available to the Business.
- Provide Training for the Subject Matter Experts (SME’s) in each business function, and guidance for the SME’s for training of end users in the use of Operational Risk Management Systems (ORMS).
- Assist in analysis of information and reports to establish trends and consider initiatives to reduce risk.
- Identify major risks affecting the business and take necessary steps to measure, monitor and control the exposure accordingly.
- Review and evaluate internal controls and submit appropriate recommendations for any changes and or enhancements.
- Identify major risks affecting the business units and branches and take necessary steps to measure, monitor and control these risks.
- Provide the necessary guidance and training to ensure compliance with the operational risk framework and methodologies.
- Assist management in the analysis of information and reports to establish trends and consider initiatives to reduce risk.
- To ensure compliance to any applicable regulatory operational risk requirements.
- Ensure an effective internal control environment.
- Ensure effective management of external risks, through proactive identification, assessment and mitigation of risks beyond the Bank’s scope.
- Ensure insurance cover as last resort control is effective in management of operational risks.
- Ensure the Bank’s outsourcing risks are adequately managed.
- Timely escalation or notification to appropriate stakeholders of operational risk issues.
- Independently assess’ risks and drive actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices.
- Serves as a subject matter expert for Issues Management (KPI/KRI/Corrective Action Plans)
Internal Client Liaison and Relationship Management / Stakeholder Management (20%)
- Act as a point of contact for enquiries from the Business regarding all aspects of risk and governance.
- Provide review and challenge to the Business Owners in respect of control weaknesses and risk exposures.
- Develop & maintain an effective relationship at the appropriate level with the Business with a view to embedding effective risk management processes.
Operational Risk Reporting (5%)
- Produce timely and accurate monthly, quarterly and ad hoc reports; provide MI including trends and analyses for monthly and quarterly forums such as the Country Executive Risk Committee, Combined Assurance Forum, Monthly Risk Review etc.
- Ensure prompt and accurate reporting and escalation of risk events by business as per the Risk Event Standard and provide post-incident support to analyze root causes and ensure learning points are identified and addressed; contribute to the monthly risk event reconciliation process as required.
- Support business in the identification, design and implementation of Key Indicators (KIs) and other metrics to assist in risk monitoring and remediation.
- Monitor and report control environment elements, gaps and initiatives such as Control Issues, Risk and Control Inventories (RACIs), Risk and Control Self Assessments (RCSAs), Critical Process Assessments (CPAs), Key Indicators (KIs), Management Control Approach (MCA), audit / Management Assurance findings, Road to Satisfactory/Green and Dispensations, Waivers and Breaches (DWBs).
Validate results of control testing performed by 1LOD as required.
Higher Diplomas: Business, Commerce and Management Studies (Required)
- Salary Offer 0 ~ Ush50000000 UGX 0-ush50000000 Month
- Address Kampala, Kampala, Uganda