Roles and responsibilities:
Support the India Head of Risk ORC in :
Oversight of the OPC framework and of the operational risk set-up in India (in-scope entities) and of their efficiency (covering all processes and controls operated within the territory under the Bank’s purview, and also company and GSO). This includes oversight of their compliance with the Group and business applicable norms and standards, with regulatory obligations, instructions from General Management and the best practices of the market.
Adaptation to the local environment (regulatory, business.) of the Risk ORC organization, the interaction with OPC, the Risk ORC methodologies, standards and procedures set-up (from group or CIB level), the Risk ORC tools and the Risk ORC reporting.
Promotion of a common culture, knowledge and methodology across India on Operational Permanent Control and Operational Risk matters. Assessment of the level of resources necessary in India to fulfil the Risk ORC missions, in close co-ordination with Risk ORC management.
Support the India Head of Risk ORC in the following key Activities:
1. Adapt the undernoted items to meet INDIA requirements (regulatory, business):
• The Risk ORC organization in terms of Business and Countries coverage
• Oversight of the operational risk set up and OPC functions to ensure that all the activity domains are covered
• Regular interactions of Risk ORC and OPC
• The operational permanent control and operational risk procedure framework
2. Deploy and apply policies and projects led by Risk ORC across India (in-scope entities)
3. Promote a common culture, knowledge and methodology on Operational Permanent Control and Operational Risk across India, in particular through awareness-raising actions, such as: Training / awareness-raising sessions for employees, teams, the local management and operational teams, from a Front to End approach (Business Lines and Functions)
4. Co-ordinate the Operational Control set-up in India by organizing Committees, holding meetings of all Heads of business and functions as per frequency stipulated by the group. This includes, but is not limited, to key participation in the entity ICCs.
5. Ensure that the teams in charge of Operational Permanent Control and Operational Risk (OPC and ORPC teams) in India at Business Lines, Functions and Countries level are clearly identified and that responsibilities are clearly defined.
6. Alert territory/entity management and the regional/group Risk ORC Management in case of any perceived deficiencies in the Operational Permanent Control and Operational Risk set-up in India.
7. Be the point of contact for all the other Risk ORC teams within the group, especially the ones whose entities are serviced by company or GSO and contribute to have the requirements of these entities with respect to OR set up, taken into account.
8. Identification and quantification of risks
• Review / Challenge the Risk and control assessments produced by the OPC in India (Country, Business Lines and Functions) to ensure that operational risks are properly identified, assessed and regularly updated
• Ensure consistency of analysis across Business Lines functions and shared processing entities in India.
• Follow up the stock of Potential Incidents relating to the India to ensure that they are kept current and that they continue to be an accurate reflection of risks to be used in the calculation of the bank’s operational risk capital.
• Ensure deployment of tools such as Mercator, Forecast etc and their correct usage.
9. Historical Incidents
• Ensure that Historical Incidents are properly recorded (in particular supervise the cross check between accounting, other registers and Forecast).
• Review and produce regular analysis of Historical Incidents focusing on causes and trends.
• Ensure that the implementation of all corrective action plans put in place in the Métiers and Functions in India are properly monitored by the various OPC teams
10. Organization & Procedures
• Ensure that OPC follows up the completion and updation of procedures.
• Manage the cascade down of procedures received through Group Risk ORC
11. Risk ORC methodology & Tools
• Contribute to Operational Permanent Control and Operational Risks methodology, standards and procedures and adapts & completes them in order to ensure they meet local regulatory requirements
• Contribute to and co-ordinate India requirements for tools for operational permanent control and operational risk.
• Contribute to the implementation of Risk ORC methodology and tools in India
12. Permanent Control Plans
• Ensure that controls under the first line of defense responsibility are defined, performed and documented by the various control and process owners operating and supporting the Métiers and Functions in the India scope. Check completion rate of 1st line of defence controls
• Perform regular checks to monitor the execution and evidence of controls performed in the INDIA (at Country, Business Line or Function levels), with a particular focus on operational areas showing weaknesses (Historical Incidents, insufficient Risk cartographies)
• Test design and effectiveness of 1st line of defence Generic Control Plans, and challenge evolution between intrinsic and residual risks through the control of mitigants
13. Detecting and anticipating risks
• Implement 2nd line of defence controls on some major risks,
• Perform independent reviews on selected topics or processes, to detect and anticipate unidentified risks
14. Inspection Générale/Internal Audit and Regulators findings and recommendations
• Verify that IG/IA and Regulators recommendations in India are properly followed up by the OPC teams
• Produce regular analysis of Recommendations by topic, business units responsible for implementation.
15. Reporting : Organize, supervise, co-ordinate and produce regulatory and internal reports relative to operational risk in India (contribution to the Permanent Control Reporting, etc..) and of the bi-annual certification by Management related to Operational Risk
• Work on a robust coverage plan for the territory entities and review with entity managers and territory head
• In cooperation with India Governance organize the Territory Internal Control Committees (ICCs) as defined in the Head of Territory Charter
• Act as secretary for territory/entity Risk ORC Committee
• Participate in ICCs and Control Committees for (in-scope entities) operating in India.
17. New Business
• Contribute as a second look on operational risk to NAC where the OR dimension is significant
• Ensure that TACs and NACs governance and process are in place and that approvals subject to conditions are followed up by OPC
• Ensure that the follow-up of the conditions decided in TACs and NACs Committees in India is properly performed by the OPCs teams involved
18. Co-ordinate the anti-fraud actions in the INDIA by:
• setting up an anti-fraud desk within Risk ORC
• Develop preventive actions, handle alert management when relevant, ensure anti fraud dimension is taken into account in the control framework and it properly operates.
• organizing and monitoring the anti-fraud awareness in the INDIA.
19. Fraud and Incident declaration
Responsibilities especially with regards to the risk of fraud and can participate to ad-hoc projects or reviews upon HO management request:
a.) Periodic reports to RBI.
b.) Alert duty towards the Regional or Global Management and Risk ORC Management:
• of any fraud incident s/he could be aware of
c.) in case of any deficiency in the Operational Permanent Control framework and Operational Risk set-up
d.) Co-ordination of the anti-fraud actions in the Region in coordination with the Regional anti-fraud desk if set up:
• contribute when necessary to the periodic Anti-fraud Committees
• organize and monitor the anti-fraud awareness in the Region
• Deployment and application across the Region of the policies and projects lead by Group/Regional Risk ORC