Operational and Resilience Risk Senior Risk Steward Global Markets, Equities

Last updated 8 hours ago
Location:Greater London


Role Title: Operational and Resilience Risk Senior Risk Steward Global Markets, Equities

Business: Risk
New or Existing Role- New
Role Purpose
  • Global Operational and Resilience Risk (ORR) is a sub function of Group Risk. Its purpose is to make sure HSBC understands, and is in control of its non-financial risk position. In addition, the function provides resilience risk stewardship to the Global Business and Functions and the entities we operate in. This is achieved through:
  • Completing analytical assessments and opining on the control environment of the First Line of Defence (1LOD) within Businesses and Regions
  • Constructive challenge to Equities on their control environment and assessment of risk
  • Oversight of emerging risks, strategic business initiatives and local change activity and new/materially changed products
  • Analysis of risk exposure across all bank operations and territories to inform capital management and stress testing requirements
  • Completing thematic reviews and aggregated reporting of the Non-Financial Risk profile of the bank
  • Responsibility for the implementation of a Risk Management Framework (RMF) that sets out governance, policies and practices to proactively identify, assess, measure and report on, mitigate and control operational risk exposures associated with HSBC’s businesses and operations at all levels of the organisation.
  • The role holder is responsible for supporting the Global Head of ORR Global Markets establish and adhere to standards for the management of operational risk as set out in the Group’s framework for Enterprise Risk and Operational Risk Management, and resilience risks are managed within appetite.
  • The role holder will have global responsibility to provide Equities ORR oversight:
  • Ensure the integrity and timely completeness of risk and control identification, assessment and information within the Group’s Risk and Control system of record (Helios) as well as directing documented remediation plans for residual risks
  • Conducts thematic reviews within Equities to ensure that risk and control environment is commensurate with the scale and nature of operations
  • Supports Equities on their ORR management and acts as a key contact and escalation for senior stakeholder engagement throughout Equities, making sure delivery is consistent and of high quality.
  • Supports with embedding the Risk Management Framework (RMF) and provides advice, guidance and challenge
  • in relation to ORR oversight and internal control effectiveness within Equities
  • Provides 2LOD oversight of top and emerging risks, ensuring Equities can mitigate these timely and cost effectively
  • Assesses compliance with Group policies and risk appetite
  • Attends Equities control meetings and non-financial risk governance forums, providing both Operational Risk oversight and robust and timely Risk Steward challenge of the First Line of Defence (1LOD) view of the resilience risk profile as required
  • Develops and promotes an increasingly insightful process based view of ORR risks
  • Supports the implementation and embedding of the ORR functional strategy
  • Ensures the integrity and timely completeness of risk and control identification, assessment and information within the Group’s Risk and Control system of record (Helios) as well as directing documented remediation plans for residual risks
  • Apply risk stewardship review and challenge over Resilience Risk RCAs and control environment
  • Works closely with Strategic Change Oversight to risk assess and oversight material change programmes from planning through to execution, particularly in relation to embedding appropriate operational resilience at the outset
  • Bridges the gap between 1LoD Equities Business Digital teams and 2LoD resilience risk specialists, to understand, translate and challenge the design and delivery of digital solutions and infrastructure.
Key Accountabilities
Impact on the Business:
  • Contributes to the design of the Operational Risk and Resilience Risk taxonomy’s and the operational framework
  • Supports implementation of the Operational Risk and Resilience Risk frameworks globally, this includes Risk Strategy, Risk Appetite, Risk Taxonomy and Risk Control Library strategy and policy frameworks
  • Supports business 2LOD reporting on the status of resilience risks, and active contribution into cross-RR reporting globally
  • Provides oversight globally across Equities 1LOD’s adoption of standards, processes and procedures required to implement the policy objectives
  • Provides robust challenge and actionable and contextual guidance across all NFR risks within Equities both enabling business growth whilst maintaining related risks within appetite
  • Implements and provides effective oversight of RMF including policies, tools and methodologies for use by line management within Equities
  • Monitors internal and external risk trends and ensures that mitigating strategies and policies are developed
  • Supports Equities regulatory requirements and economic capital calculations in respect of Operational Risk can be supported.
Customers / Stakeholders
  • Influence senior stakeholders within Equities to fulfil roles and responsibilities and manage non-financial risk and resilience risk according to the Group’s frameworks and within stated appetite
  • Build and maintain relationships with external partners, Regulators, industry bodies and others to keep up to date with developments
  • Deliver fair outcomes for our customers and ensure own conduct maintains the orderly and transparent operation of financial markets
  • Interface with 2LoD resilience risk specialists to ensure effective oversight and understanding of risks relating to digital businesses, channels or initiatives e.g. build out of digital channel functionality, execution of digital change programmes, applications, services, software and devices.
Leadership & Teamwork
  • Lead and role model for non-financial risk aligning with the Bank’s strategy, behaviours and values
  • Challenge and influence to ensure how we manage and quantify our risk exposure and fully embed a strong risk management culture and behaviours is effective
  • Work effectively with the wider Operational Risk and Resilience Risk team
Operational Effectiveness & Control
  • Partner with business leads across 1LoD in the region to identify, measure, mitigate, monitor and report resilience risks
  • Ensure key non-financial risk reports adhere to requirements of Enterprise Risk Framework and escalation routes operate for top and emerging non-financial risks to reach appropriate Risk Management Meetings
  • Support ad-hoc project work and investigations to provide further analysis into process control failings as required
  • Keep abreast of industry and regulatory developments in non-financial risk management and continually assess the impact these might have on the firm.

Major Challenges

  • Operating with influence and gravitas across all Lines of Defences, Global Businesses and Legal Entities within the Region, in relation to the management and oversight of non-financial risk
  • Providing clear delineation between accountable activities under Operational Risk and Resilience Risk
  • Providing effective leadership to influence and embed culture change across all levels of seniority and all businesses and functions across the region
  • Maintaining a commercial understanding without compromising standards of internal control and organisational risk appetite in a growing and successful business
  • Adapting quickly to changing situations and influence strategies with practical, effective commercial solutions through a comprehensive assessment if the non-financial risks are perceived to exceed appetite and also aid in the mitigation of risk exposure by using a wide knowledge learned from different competitive environments, industries and experience
  • Maintaining independence of thought and lateral thinking to assist in optimising the level of business control and maximising efficiency.

Role Context

  • Close working relationship with senior stakeholders across the C-suite population of Equities globally
  • The jobholder is required to contribute to maintain an excellent relationship with regulators and industry bodies in respect of non-financial risk and policy developments for resilience risks.
  • HSBC serves the needs of retail, corporate and institutional clients delivering innovative and integrated financial solutions. The Risk function discharges oversight on the management and monitoring of financial and non-financial risk by the businesses and their support functions.
  • The importance of non-financial risk and control has increased in recent years and is now the most influential subject for senior management, boards, and regulators. An organisation’s ability for effective identification, measurement and mitigation of non-financial risk will have a significant impact on the achievement of strategic objectives.
  • The role has direct line management but also has influence over a wider group of stakeholders and employees across the organisation.

Role Dimensions

  • You will be required to
  • Manage multiple senior stakeholder relationships, spread across Equities globally
  • Enhance risk understanding and control across HSBC’s products and services globally
  • Work closely with C-suite population on reporting of progress against appetite and the adequacy of policy and the control environment
  • The responsibility for non-financial risk spans global business operations globally for Equities. You may also be responsible for local entity management for other team members outside of your direct reports, according to HSBC local entity management requirements.
Management Risk
  • Responsible for ensuring awareness of the operational risk impact associated with the role and must act in a manner that takes account of operational risk considerations.

Observation of Internal Controls

  • You will adhere to and be able to demonstrate adherence to HSBC internal control standards. This will be achieved by adherence to all relevant procedures, keeping appropriate records and, where appropriate, by the timely implementation of internal and external audit points, including issues raised by external regulators.