Senior Executive, Risk

Job Purpose

To assist the Unit Head, Operational Risk Management, in providing support towards the MIDF Group's strategic initiatives by assuring Operational Risk [OR] (including Shariah Non-Compliance [SNC] Risk and Business Continuity Management [BCM]) exposures are identified, assessed, and managed appropriately through the development and operationalizing of consistent application of frameworks, policies, procedures, tools, and programs; setting appropriate risk appetite in consideration of the MIDF Group's strategy and communicating it to the business for their understanding to operate within it; in addition to providing an Enterprise Risk Management [ERM] oversight role at MIDF Group.

Key Accountabilities

Controls / Risk Management

i) Risk Frameworks, Policies & Procedures

To assist the Unit Head on the following activities:

• The development and refinement of enterprise-wide OR (including SNC Risk), ERM, and BCM frameworks, policies, and procedures in order to effectively manage the MIDF Group's exposure to risks.
• Periodic review and maintenance of frameworks, policies, and procedures, ensuring adequate, effective, and proportionate identification, assessment, mitigation, and reporting of OR (including SNC Risk), ERM, and BCM.
• Monitoring and periodic reporting of Group-wide and Bank-wide Risk Appetite, including periodic OR and ERM appetite.

Internal Process Efficiency

ii) Risk Management Tools

Risk Control Self-Assessment (RCSA)

• To assist the Unit Head in facilitating risk owners in the assessment of OR (including SNC Risk) and ERM, including identification and analysis of inherent risks and materiality impacts to the MIDF Group's environment and activities, evaluation of the adequacy of related internal control design and performance effectiveness, and measurement and ranking of net risk based on the prescribed risk matrix to prioritize risk treatment plans.
• Independently monitor status updates until completion of treatment plans based on the scheduled timeline submitted by risk owners.

To independently perform the following activities with guidance and review from the Unit Head:

iii) Loss Event Data (LED)

• Review completed LED forms to ensure all required fields are completed and supporting documentation is provided (if applicable) by risk owners within the MIDF Group.
• Evaluate and confirm loss event classification (financial and/or non-financial) from submitted LED forms.
• Reconcile monetary loss amounts in submitted LED forms against the MIDF Group's General Ledger.
• Clarify and validate details of loss events through queries to risk owners prior to reporting in Bank Negara Malaysia's Operational Risk Integrated Online Network (ORR) system.
• Input and report validated LED in accordance with reporting requirements and deadlines in the BNM ORR system.
• Update the internal LED database within the MIDF Group.
• Prepare reports for Senior Management and Board-level committees, including:

a. Monthly, bi-monthly, and quarterly LED trend analysis reports; and

b. Detailed LED reports based on internal criteria requirements.

iv) Key Risk Indicator (KRI)

• Review KRI reports submitted by risk owners, ensuring supporting documentation is provided (if applicable).
• Analyze triggered metrics from submitted KRI reports.
• Query risk owners for clarification and validation prior to reporting in the BNM ORR system.
• Input and report validated KRI in accordance with reporting requirements and deadlines in the BNM ORR system.
• Prepare monthly, bi-monthly, and quarterly KRI reports, including supporting details for triggered metrics, for Senior Management and Board-level committees for information and notation.

v) Business Continuity Management

To assist the Unit Head on the following activities:

• Design requirements, structures, methodologies, programmes, and toolkits, and lead the implementation of BCM, Business Continuity Plan (BCP), and Departmental BCP.
• Perform periodic testing of established recovery strategies and plans to ensure relevance, and recommend improvements where appropriate.

vi) Risk Reporting

• Manage OR (including SNC Risk), ERM, and BCM information and data, including data quality. Apply data-driven analysis to interpret and determine causal factors, OR losses, and reporting outputs.
• Prepare accurate and timely periodic risk reports for various stakeholders (Business Units, Senior Management Committees, Board Committees, and regulators) covering OR (including SNC Risk), ERM, and BCM.

vii) Learning & Growth

• Maintain up-to-date knowledge of developments in risk management.
• Attend identified certification or membership programmes to meet targeted competencies.

Qualifications

• Degree or professional qualification in Accounting, Finance, Economics, Mathematics, Statistics, Econometrics, Actuarial Science, or related discipline.

Experience

• 4-6 years of working experience in Operational Risk (including Non-Shariah Compliance Risk), Business Continuity Management, and Enterprise Risk Management, preferably in banking institutions.

Additional Experience / Requirements

• Exposure to the financial industry regulated under the Financial Services Act 2013, Islamic Financial Services Act 2013, Securities Commission, and Bursa Malaysia.
• Proficiency in desktop applications and data analysis tools.
• Familiarity with Bank Negara Malaysia's Operational Risk Reporting (ORR) requirements.
• Ability to keep abreast of developments in the risk management landscape and apply learning to the Bank's risk management practices.