The Operational Risk Grp Manager is accountable for management of complex/critical/large professional disciplinary areas. Leads and directs a team of professionals. Requires a comprehensive understanding of multiple areas within a function and how they interact in order to achieve the objectives of the function. Applies in-depth understanding of the business impact of technical contributions. Strong commercial awareness is a necessity. Generally accountable for delivery of a full range of services to one or more businesses/ geographic regions. Excellent communication skills required in order to negotiate internally, often at a senior level. Some external communication may be necessary. Accountable for the end results of an area. Exercises control over resources, policy formulation and planning. Primarily affects a sub-function. Involved in short- to medium-term planning of actions and resources for own area. Full management responsibility of a team or multiple teams, including management of people, budget and planning, to include performance evaluation, compensation, hiring, disciplinary actions and terminations and budget approval.
Establishes and oversees the application of operational risk policies, technology and tools, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks.
independently asses risks and drive actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices.
Governance and oversight may include (not limited to) technology operational risk, cyber risk for example.
Serves as an oversight function working with the In-Business OR and Independent Risk Teams
Drives â€" Operation Risk Anticipation, Mitigation and Loss Recovery (and respective Recovery Plans)
Ensures Operation Risk Policy implementation and exception approvals
Informs Operational Risk Council on Sub-Segment Level OR related matters
Attends In Business Risk Committees
Leads- oversees the annual Key Risk Indicator (KRI) reviews
Monitors KRCIs triggers and thresholds and the analysis by the Business
Liaises with Business ORM on breaches and action steps to correct breaches
Communicates and Escalates breaches in KRCIs at the Segment Level
Works on T-10 (deep dive â€" root cause analysis) with support of In-Business ORM and drive corrective actions
Exports best practices and common risk, controls and corrective actions through Framework Papers
Ensures that Citi wide KORs and KRCIs are communicated and understood by Businesses
Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.
10+ years relevant experience
Significant experience in Operational Risk is a must. Other risk and control disciplines would be a plus â€" credit, and market.
Experience in Internal Audit or Financial Control would be desirable.
Expertise in the following would be beneficial: Fraud Awareness and Risk Management Operations and Systems (Information Security Standards, Vendor/Outsourcing Management and MCA Legal and Regulatory Compliance Management of a global operations and a complex environment that includes global teams.
Excellent communication skills â€" verbal & written
Drive the implementation of Global and APAC Risk and Control programs to ensure adherence to corporate policy, legal, and regulatory requirements.
Ensure compliance with Citi Information Technology Management Policies (CITMP), and Citigroup Information Security Standards (CISS).
Lead proactive risk assessment programs and review activities to maintain acceptable audit ratings for APAC technology units.
Independently assess the effectiveness of controls and determine the potential impact of any control failures and corrective actions required.
Assist the regional and in-country Technology units to identify IS Risk and Control gaps/weaknesses and provide practical recommendations to improve the quality and effectiveness of the control environment.
Monitor corrective actions and communicate to staff and management about status, dates and changes.
Co-ordinate periodic reporting; analyze self-assessment and audit results; and assist in formulating effective remedial solutions.
Manage internal and external audits and regulatory examinations/inspections by acting as audit liaison / interface, as required.
Provide counsel and advice on the interpretation of methodologies, policies and standards.
------------------------------------------------- Grade :All Job Level - All Job FunctionsAll Job Level - All Job Functions - SG ------------------------------------------------------ Time Type : ------------------------------------------------------ Citi is an equal opportunity and affirmative action employer. Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity. Citigroup Inc. and its subsidiaries ("Citiâ€) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity CLICK HERE . To view the "EEO is the Law" poster CLICK HERE . To view the EEO is the Law Supplement CLICK HERE . To view the EEO Policy Statement CLICK HERE . To view the Pay Transparency Posting CLICK HERE .