Overview

Job Family: Risk

Monitors activities to minimize the company’s exposure to risk. Activities may include quantitative analysis, risk identification and remediation. Represents or supports the reputation of the company to minimize compliance and regulatory risk by resolving issues and ensuring adherence to company and legal standards. Responsible for ensuring that all of the company’s activities adhere to the necessary rules and regulations, and that the company complies with legal/regulatory statutes and jurisdictions.

Job Function: Business Control

Ensures transparency of business results, finance and processes. Typically organizes a reporting system and tracks goals accomplishment, collect and process data and provides managers with all necessary company management data and information.

Summary of Responsibilities:

The Associate, Business Control & Risk Management, represents the First Line of Defense and is responsible for partnering with the IT GRC team, IT, Compliance and the business to support process documentation and review, education and training for eGRC repository system of record, reporting and analytics, and developing and maintaining in the system of record appropriate records related to policy, procedures, control self-assessments, risk, etc. The Associate works to identify, assess and action various risks throughout the assigned business line by executing defined risk programs.

Essential Functions:

  • Analyzes documentation for evidence of successful and efficient performance.
  • Applies developing knowledge and supports the design, assessment, and/or administration of quality assurance programs, practices and policies.
  • Assists in the collection and initial analysis of data, preparation of business owner control surveys
  • Conducts quality audits on all routine and complex transactions and correspondence to ensure proper processing according to established quality standards.
  • Develops training on policies and procedures concerning controls and risk management.
  • Independently conduct internal control testing – including on-site observations, interviews with management and staff, analytical procedures and statistical/judgmental analysis and testing of data.
  • Interprets regulations affecting control standards with large degree of independence and suggests methods of updating policies and practices to address any risk concerns.
  • Leads operating process and internal control improvement initiatives.
  • Manages complex projects that involve working with businesses to improve controls to mitigate any deficiencies.
  • Partners with Internal Audit, Compliance, and/or Operations Management to share information and escalate issues as needed.
  • Provides thematic analysis of issues for business to identify emerging trends.
  • Reports audit results and determines corrective action plans, as necessary.
  • Reviews current policies and procedures to identify process gaps and opportunities for improvement.
  • Reviews, monitors and tests internal controls and procedures associated with products, services, customers and operations.
  • Through walkthroughs and testing, identifies possible internal control breakdowns and gaps and report them to management.
  • Works with the business to understand the controls currently in place to minimize risk.

Other Functions:

  • Other duties as assigned.

Requirements:

  • Education –
    • Bachelor’s Degree: Accounting, Business, Statistics, Risk Management, Information Systems, Finance, Economics or equivalent field.
    • or equivalent work experience
    • Master’s Degree: Accounting, Business, Statistics, Risk Management, Information Systems, Finance, Economics or equivalent field.
  • Experience –
    • 5-7 years of experience in business process analysis, project methodology, or systems development life cycle through education or on-the-job experience, required. 
    • At least 2 years of GRC (governance, risk, compliance) experience with methodologies, activities, tools and enablers in a highly regulated industry. 
    • Ability to demonstrate a strong understanding of various compliance and regulatory areas (e. g. SOX, PCI, FFIEC) or the risk register, risk exposure, risk reporting and handling of risk events.
    • Excellent written and verbal communication skills.
  • Skills & Abilities –
    • Demonstrated experience supporting and/or leading risk projects across multiple business lines offering a wide variety of financial services products and services.
    • Knowledge of the financial services sector, particularly with the competitive dynamics and products in retail banking and risk management.
    • Advanced understanding of the regulatory environment and how the risks of the products and services the bank offers are viewed by the Second Line of Defense and regulators.
    • Ability to build credibility with, collaborate with, and influence line of business executives.
    • Excellent analytical and complex problem solving skills.
    • Strong project management skills.
    • Ability to constructively work both independently and in collaborative environments involving all levels of management and employees
    • Ability to collaborate with internal and external service providers to establish resource requirements, scheduling, assignments and service levels.
    • Ability to build internal and external networks of information resources within the risk management ecosystem.
    • Understanding of BSA/AML and OFAC regulations, regulatory expectations and industry leading practices.
  • Licenses & Certifications –
    • Other Risk Certification

Competencies:

  • Collaboration – Relationship Management:
    • Proficient – Applying and Executing
        • Knows who to reach out to inside and outside of one’s team to get work done
        • Takes action to enhance working relationships needed to achieve seamless work flow
  • Collaboration – Teamwork:
    • Proficient – Applying and Executing
        • Creates a good working environment in the team; works towards shared goals contributing ideas and accepting change
        • Provides assistance and coaches less experienced team members
  • Execution – Accountability:
    • Proficient – Applying and Executing
        • Follows through to meet commitments to others
        • Takes responsibility for achieving strong results, despite balancing multiple complex demands
  • Influence – Information Sharing:
    • Proficient – Applying and Executing
        • Uses information and data effectively to support a position and present a rational case
  • Influence – Two-way communication:
    • Proficient – Applying and Executing
        • Communicates in a timely and straightforward manner
        • Probes for additional information, clarifies assumptions and confirms agreed-upon actions
        • Keeps everyone involved informed about progress and issues
  • Risk Business Acumen – Industry Acumen:
    • Proficient – Applying and Executing
        • Stays current with industry and regulatory trends and emerging risk issues
        • Has good understanding of current market and competitive landscape that the organization operates within
  • Risk Management – Knowledge of Risk Management Policies, Regulations, Processes and Procedures:
    • Proficient – Applying and Executing
        • Executes risk management process and procedures without management direction, and demonstrates awareness of expected results
        • Knows the relationship and impact of actions and results
        • Has an understanding of regulations impacting area supported
  • Risk Management – Risk and Compliance Adherence:
    • Proficient – Applying and Executing
        • Communicates the importance and benefits of risk management to counterparts
        • Displays natural skepticism and curiosity to question the status quo and uncover issues
        • Adheres to a good root cause analysis process

Working Conditions:

  • Frequently: Minimal physical effort such as sitting, standing, and walking.
  • Occasional moving and lifting of equipment and furniture is required to support onsite and offsite meeting setup and teardown.
  • Physically capable of lifting up to fifty pounds, able to bend, kneel, climb ladders.

Employer’s Rights:

  • This job description does not list all the duties of the job.  You may be asked by your supervisors or managers to perform other duties.  You will be evaluated in part based upon your performance of the tasks listed in this job description.
  • The employer has the right to revise this job description at any time.  This job description is not a contract for employment, and either you or the employer may terminate employment at any time, for any reason.