Risk Management/Compliance Role - Vendor Governance Team - Corporate Bank

Corporate Bank (CB) - Vendor Governance Team for a leading global bank

- The Corporate Bank Vendor Governance team of a leading global bank is a professional, business focused, proactive risk-based function within CB that operates with openness, transparency, integrity and independence. It assists the business to identify, analyze, monitor and mitigate the key risks for the CB Vendor portfolio and it meets the challenges of a complex and changing regulatory environment.

- The team prides itself in ensuring the highest standard in professional delivery of effective risk management and governance processes. Its key relationships include management of CB businesses, COOs of Products and Regions, GTO, Audit, NFRM, Third Party Management, 2LoDs and Risk functions (e.g. CRM, ORM, Compliance, and Legal).

- The position will be part of the CB & IB Divisional Control Office (DCO) organization.

Key Responsibilities :

Vendor management for CB global portfolio which supports the CB business to :

1. Establish and maintain an Outsourcing strategy for the CB business to meet the commercial objectives

2. Ensure a pro-active management of non-financial risks for the in line with the stated risk appetite

3. Coordinate the execution of the regular risk reviews for all CB vendors.

4. Ensure that 2LoD findings are completed in a timely manner.

5. Manage the CB priority pipeline and support the service relationship owners in the setup of the new VRM/IGO projects.

6. Understand regulatory requirements for outsourcing and pro-actively ensure compliance for all CB transactions.

7. Create a plan and drive implementation for transactions which need to be covered in the vendor management process.

8. Design and maintain the vendor risk dashboard.

9. Define key performance indicators for all top CB vendors and intra-group outsourcings

10. Coordinate on-site risk assessments for top vendors to be executed by the central vendor management team

11. Ensure that vendor governance is fully aligned to the control standards of the bank

12. Maintain a comprehensive management information system for all CB vendor related topics

13. Ensure CB is compliant with all regulatory changes related to vendor risk management

Technical Skills :

Basic understanding of the 2LoD functions mentioned below is added advantage :

- Compliance - Basic Understanding of outsourcing requirements in the hub locations (Germany, UK, USA, Singapore) and other key markets (HK, Japan, China, India etc.), understanding of DB policies relevant to vendors

- Anti-Money Laundering - Basic understanding of AML principals and key requirements

- Operational Risk - Good Understanding of Operational Risk principals (Impact, Likelihood, risk identification, mitigation, acceptance etc.)

- Anti-Financial Crime - Basic understanding of AFC requirements such as AML, Anti-Fraud, Bribery & Corruption, Sanctions & Embargoes etc.

- Business Continuity Management - Good understanding of BCM Policies, plans, disaster recovery, Call tree testing, BCM testing etc.

- Information Security - Good understanding of the Information security related controls such as level of encryption, minimum control requirements, data segregation, Remote Connections, Application Level Security Controls, etc. and also the understanding of the external certifications such ISO, SSAE, ISAE, SOC, PCI etc.

- Group Data Protection - Basic understanding of the legal requirements for data transfer outside EU and General Data Protection Regulation, data transfer requirements for other locations such as Singapore, Luxembourg, HK, Japan, China, Hungary, US etc.)

- Physical Security - Good understanding of the Corporate Security (Physical Security) requirements for the data centers and office locations along with understanding of the external certifications such ISO, SSAE, ISAE, SOC, PCI etc. Experience in coordinating onsite visits to the data centers is considered handy

- Corporate Insurance - Basic understanding of the different types of Insurance certifications along with their applicability

- Living Wills - Basic understanding of the Recovery and Resolution planning for systematic important Financial Institutions

- Group Tax - Basic Understanding of Transfer Pricing agreements, VAT, Withholding Tax, Cost Allocation etc.

- Legal - Good understanding of contractual framework for external and internal service providers, key clauses such as Right to Audit, Subcontractors, KPIs, governance requirements, data protection, indemnity etc.

- Electronic Communication - Understanding of secure and approved channels of communication (apps) to transfer information outside/within the bank

- Service Delivery Management - Good understanding of vendor performance, vendor governance, incident management, TET (Termination, Exit and Transition) planning, contract renewal, service improvements etc.

Experience :

- Minimum 3-5 years of banking experience in Compliance, Risk Management or a 2LoD function

- Experience in global regulatory remediation projects

- Technical experience in a Vendor Management or Compliance role, either in a financial institution or a professional practice environment specializing in banking, finance and risk (key focus in transnational banking)

- Comprehension of outsourcing processes and regulatory requirements

- Understanding of Corporate & Investment Bank products

- Clear and effective communication skills

- Experience with working on Group Audit findings

- Strong analytical skills to areas for improvement in the vendor management process

- Native command to write operating procedures in English

- Strategic, however hands on in the detail (diligent)

- Excellent analytical and communication skills, oral and written

- Independent in judgment, strongly self-motivated with the ability to challenge and be challenged whilst maintaining the highest levels of professionalism

- Team player, strong net worker