Risk and Compliance Officer at Old Mutual

Old Mutual is a firm believer in the African opportunity and our diverse talent reflects this.

Job Description

This role is individually accountable for assisting the Shared Services Risk Manager in establishing and embedding the Risk and Compliance framework & processes at BU level.
The individual is responsible for implementation of risk frameworks, risk identification, assessment and mitigation strategies. Ensuring these aspects are embedded into the operations of the Business Unit in consultation with the Risk Manager.

1. Independent view on Shared Services’ functions’ identified material operational risks, design and effectiveness of key controls, risk tolerance and adherence to this:

• Oversee the Risk management process in the BU
• Operational risks assessment, risk/return and control cost/benefit decisions are made in line with the Group’s risk appetite.
• Second Line view of inherent risks, associated controls and residual risks of changes to products, services, processes and systems.
• Provide balanced and informed assessment of operational risks arising from acquisitions and major change initiatives or Group projects.
• Recommend changes to the environment control or to business practice where necessary to reduce the level of operational risk exposure to within the Group’s risk appetite.

2. Challenging the relevance and consistency of the operational risk management tools, measurement activities and reporting systems:

• Oversight over the RCSA conducted by Line 1, Challenging completeness of risk identification and control activities, and accuracy of inherent and residual risk ratings. Address any significant gaps identified.
• Ensure meaningful Key Risk Indicators (KRIs) are defined and maintained.
• Oversight over Risk Events management for timely, root causing, remediation, documentation and escalation of Risk Events.
• Support issue management through tracking and visibility of issues through to closure.
• Partner with relevant stakeholders in Scenario Analysis to identify sources of significant operational risk and need for additional risk management controls or mitigation solutions.
• Act as point of expertise for Operational risk, challenging business units and support functions on emerging and key risk trends.
• Maintain oversight and monitoring of the operational risk management system and the quality of the data therein

3. Developing and maintaining operational risk management and measurement policies, standards and procedures:

• Design, maintain and effectively communicate operational risk policies, standards and procedures while balancing regulatory requirements and customer experiences to maintain the Group’s risk profile within the overall risk appetite.
• Ensure the ORMF, operational risk policies, standards and procedures are effectively embedded across the Group.

4. Reviewing and contributing to the monitoring and reporting of the operational risk profile:

• Perform both qualitative and quantitative monitoring and reporting of the Group’s exposure to all types of operational risk, including trend analysis of risk profiles and review of the limits of operational risk regulatory and economic capital. Proactively identify and escalate any operational risks and issues above risk appetite.
• Compile operational risk reports, dashboards and metrics for Executive Management and Board reporting.

5. Designing and providing operational risk training and instilling risk awareness: Promote positive risk culture across the Group by contributing to the development of training materials and delivering training sessions on operational risk for staff. Policy Governance

• Coordinating annual localization of the risk policies and procedures to ensure they are fit for the Business Unit’s objectives.
• Assess compliance with policies and procedures in the departmental units, with emphasis to controls and coordinate the development of management action arising from non-compliance to the policy requirement with policy owners and prepare a summary report.
• Update the policy and process library.

6. New Products and Projects Risk Management

• Evaluate projects for potential risks through a Comprehensive Risk Assessment in partnership with Enterprise risk Management office to ensure that project management decisions are made with ana understanding of the risks involved
• Collaborate with cross-functional teams (e.g. project management, actuarial, legal, IT and quality assurance teams) to ensure that the risk management process is integrated into the project management cycle.

7. AML Compliance - Support the business unit on the implementation of Anti- Money Launder/ counter terrorism Financing and Proliferation financing programs (AML/CTF/CPF), initiatives, processes and measures at business unit level.

8. Data privacy - Support the implementation of privacy compliance controls measures at a business unit level to ensure all gaps are communicated, tracked and closed with the responsible action owners

9. Audit Follow Ups & Closure - Follow up in conjunction with the control Environment team and risk owners on the adequate resolution of Internal Audit Findings, External audit findings and independent review findings.

10. Regulatory Compliance

• Implement Compliance programs that include policies, procedures, conducting monitoring reviews and training to ensure that the Business Unit is following relevant regulations and standards. Monitor and assess the effectiveness of these programs.
• Conduct, prepare and report on key outcomes including compliance breaches and remediation actions from monitoring reviews as per the developed compliance monitoring program to relevant committees

11. Business Continuity - Oversee the business continuity cycle including relevant reviews and tests in shared services including maturity assessments Risk reporting

• Support risk analysis in line with the Risk Framework e.g. thematic reviews, quarterly risk reviews, annual risk register reviews,
• Produce detailed risk reports that provide meaningful information to stakeholders ia all areas mentioned above.
• Communicate risk information effectively to relevant stakeholders.
• Provide timely Risk Management Committee pack and Minutes of Monthly RMC Meetings.
• Support in the management of the Risk and Compliance assessment process for circulation to relevant Committees/ governance bodies
• Other duties assigned from time to time

Skills

Compliance Software, Computer Literacy, Customs Compliance, Data Compilation, Engineering Standards, Evaluating Information, Learning and Development (L&D), Legal Practices, Management Reporting, Oral Communications, Professional Presentation, Regulatory Compliance Management

Competencies

Action Oriented
Communicates Effectively
Decision Quality
Ensures Accountability
Instills Trust
Manages Complexity
Optimizes Work Processes
Organizational Savvy