It Risk & Control Manager

Role Responsibilities

Risk and Control Manager is responsible to ensure that Technology and Innovation (“T&I”) team operate in full compliance with all Country and Group policies as well as local regulatory requirements.

Strategy

• Ensuring the execution of T&I functions are fully compliant with statutory regulations, laws, guidelines and industry practices for Technology Risk Management, Information & Cyber Security covering T&I Security Technology Services (“STS”) and Technology Governance
• Support the T&I team in the overall effective and proactive management of all T&I risks, governance and controls
• Ensuring business strategies, standards and roadmap abide by T&I operating principles, policies and procedures of Country and Group and the Enterprise Risk Management Framework (“ERMF”)

Business

Audit/Regulatory Support

• Provide timely response and Act as Liaison Officer for Internal and external IT related Audits/Internal Review/Peer Review
• Respond to Country compliance requests for submission to regulators
• Draft management response for regulatory findings or queries
• Provide IT Data when requested by Regulators

Processes

System Stability

• Review and provide oversight on effective contingency and resilience of Technology Service Delivery
• Provide oversight on the performance of the T&I service providers
• Oversee the ongoing treatment of obsolescence risk
• Review and provide oversight on the root cause analysis and follow-up on the closure of remediation plans
• Support the Cluster CIO to formulate the strategic plan in enhancing the system stability from a risk point of view

Information Security

• Ensure applicable controls are identified, assessed and implemented by the business owners
• Collaborate with Group Security Technology Services on local governance, where needed
• Ensure T&I relevant ICS policy is well circulated amongst Bank’s businesses, functions, geographies and subsidiaries

People & Talent

• Provide industry guidance and support acting as SCBT go to “expert” and speaking opportunities
• Provide broader awareness internally to proactively manage current and emerging risks

Risk Management

• Support the Cluster CIO as the 1st line Risk Framework Owner for Technology, and work closely with the other relevant risk types such as Information and Cyber Security (“ICS”) Risk, Compliance Risk, Conduct Risk and Reputational Risk, in accordance with the ERMF
• Drive proactive risk management culture in T&I
• Oversee regular residual risk assessment and risk acceptance for T&I processes
• Responsible for the preparation, communication, implementation, delivery and expansion of T&I risk management plans and represent T&I to liaise with regulators on technology risk governance
• Provide support for the End User Computing implementation
• Oversee the implementation of Group T&I Policies and Standards in country and/or Cluster
• Provide timely and accurate management reporting to the CIO and relevant senior stakeholders for proper manage of technology and ICS risks
• Oversee internal and external/ regulatory audit exercises and the progress of remediation plans for the identified gaps, and ensure relevant risk incurred is properly managed through ERMF
• Oversee effective risk management practice implementation in T&I including Risk Identification, Assessments, Measurements, Acceptance and Monitoring

Governance

• Drive effective risk discussions within the Cluster T&I Risk Forum and oversee timely remediation of identified risks
• Represent T&I in various risk forums and committees (e.g. Business Forums, Third-Party Risk Management Sub-Committee, ID Data Governance Committee).
• Represent T&I Risk & Control (“R&C”) in other committees/ forums whenever necessary such as Project Steering Committee, and assist regulatory approvals for e-Banking and technology outsourcing initiatives whenever necessary, IT Non Financial Risk Forum

Regulatory & Business Conduct

• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters
• Display exemplary conduct and live by the Group’s Values and Code of Conduct
• Adhere to Country Regulatory Requirement on Conduct as well as Operation Conduct Plans
• Lead Indonesia to achieve the outcomes set out in the Bank’s Conduct Principles: Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct

Key stakeholders

• 2nd Line of Defence (All Risk Owners and SME across Enterprise Risk Type)
• Business and Function Heads
• Group Internal Audit (GIA)
• 1st line of Defence (Business and Functional Teams)
• Industry partners/vendors, Banking Associations, etc.
• Country Management Team (CMT)
• Regulators

Qualifications:

• Result driven with strategic qualities
• Knowledge of quality tools, procurement, and logistics planning
• Ability to work within a multi-function, multi-discipline team environment with strong influencing and stakeholder management skills
• Excellent communication and good command of written English
• Strong project management skill with demonstrable track record in a dynamic environment
• Compliance, audit, and operational risk background
• High degree of independence, responsibility and integrity
• Min. bachelor's degree in Technology/Finance, Business Administration or related disciplines

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 160 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion. Together we:

Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do

Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well

Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefit

available in some locations

Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with with minimum global standards for annual and public holiday

Flexible working options based around home and office locations, with flexible working patterns

Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits

A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning

Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Visit our careers website www.sc.com/careers

Job: Technology
Primary Location: Asia-Indonesia-Jakarta
Schedule: Full-time
Employee Status: Permanent
Posting Date: 24/Aug/2023, 9:31:14 AM
Unposting Date: Ongoing