Job Description

 

1. Identification and assessment of risks and controls

  • Ensure key assessment units, key operational processes, material operational risks and risk mitigants are identified, inventoried and maintained

  • Maintain the risk, organization and process taxonomies

  • Ensure the effective implementation and maintenance of the RCSA framework within his/her 1st LoD control perimeter

  • Drive the risk identification and assessment, ensuring validation by the relevant management level and consistent with the risk appetite and thresholds

  • Contribute to the remediation plan’s definition when and if needed

2. Manage control plans and related actions

  • Define and regularly update the OE’s control plan according to the outcome of the risk assessment, regulations and other risk events (HI, control results, external events, Audit missions, …)

  • Reinforce the appropriateness,   effectiveness and sustainability of the controls whilst maintaining 1st LoD’s accountability and responsibility

  • Ensure that control results are reviewed and analysed by the Entity Management and when relevant by operational teams / relevant stakeholders / specific control teams and that remediation action plans are defined if and when needed

  • Follow-up the implementation of remediation actions

3. Manage procedures processes

  • Identify procedures needs
  • Ensure that the procedures designed by the businesses and functions within the Operating Entity are identified, updated, properly stored and communicated to relevant stakeholders

  • Identify and propose calibration of OE’s procedures according to the outcome of the risk assessment and other risk events (HI, control results, external events, Audit missions, …)

4. Follow-up closing of recommendations

  • Upon notification/receipt of reports, organise the design and the publication of the follow-up of the findings and recommendations closure, either issued internally (e.g. IG supervision) or externally (external auditors, supervisors)
  • Follow-up actions implementation with the recommendations owners in charge, escalating to the relevant management level when needed to ensure that recommendations are closed within due dates

5. Management of Historical Incident (HI) and near-miss processes

  • Alert the management and liaise with independent control functions if needed on key incidents

  • Collect incidents (including impacts measurement), report and update in the Group database (as well as local databases if needed), including suspected and attempted fraud cases

  • Analyse incidents in a timely manner

  • Follow-up and / or initiate the implementation of remediation actions and the unfolding of long term incidents

  • Perform controls on the incident collection process, in particular the cross-check with other databases (accounting or other when existing) and the half-yearly attestation by the local management

6. Watch over external events and dynamic review
  • Watch over external events so that any major external event is taken into account in operational risk framework

  7. Management of Operational risk organization and governances  
  • Coordinate, support and advice validation process under Business responsibility especially regarding   exceptional transactions, new products/activities/processes (including outsourcing initiatives, TAC/NAC) and follow-up of the implementation (e.g. that the conditions issued by control functions are met)

  • Coordinate all the committees that ensure continuous adherence of the OE to the regulations and notably in charge of reviewing regulatory-related control results and performance indicators, ensuring escalation of potential breaches, following-up of required remediation actions, analysing any impact of change of regulation on Operational Permanent Control set-up

  • Active contribution (or organization) to any committee on Operational risks and Permanent Control committees (e.g. Internal Control Committees)

8. Perform reports and raise alerts  
  • Alert and escalate to the relevant level of management any operational risk incident and/or any recurring weakness

More Jobs at BNP Paribas Follow Company

See all jobs at BNP Paribas