- Enforcing robust risk governance and ensuring all stakeholders have visibility of key risks and remediation activity.
- Setting, communicating and monitoring risk appetite in line with business requirements.
- Conducting high quality and efficient reviews of our control performance.
- Facilitating controls remediation where required.
- Raising awareness and understanding of risks, controls and risk management.
- Continuously improving the control and monitoring of risk, including behaviors
- Control Assurance
- Reporting, Automation and Governance
- Risk Culture
- The creation of Utility will provide a central pool of skilled resources, enable economies of scale and embed common practices.
- The purpose of this role is to deliver control assurance as part of the GCOO Assurance Utility. Prior experience of performing assurance activities are essential as this role supports the execution of the CCO Assurance Methodology.
- Responsible for the timely delivery of control assurance in line with the quarterly and annual assurance plans and being transparent and accurate in the completion of testing deliverables, as will be reported to Senior Management
- Applying judgment in relation to the identification and publication of control assurance findings through identifying the key risks and issues
- Working as part of a team of control testers to effectively and efficiently complete assurance for CCO within the Assurance Utility
- Supporting the completion of targeted assurance reviews covering risks and working collaboratively with other Assurance Utility team members
Customers / Stakeholders
- Establishing effective working relationship within the Global and Regional testing teams covering multiple time-zone
- Supporting the Control Manager in maintaining 'trusted advisor' relationships with internal stakeholders and partnering with 2nd and 3rd Lines of Defence (LOD) including Operational Risk, ISR, Internal Audit etc. on coverage of control testing
- Being resilient in the face of, sometimes acute, pressure to redact control testing findings and recommendations by focusing on the facts of testing outcomes
Leadership & Teamwork
- Supporting the delivery of the CCO vision of the Assurance Utility team and maintaining the alignment to HSBC's vision, values and goals
- Delivery of control assurance for CCO through timely completion of the annual testing plan and targeted reviews
- Inspires and engages with people to create an inclusive and high performing assurance team
- Supporting regional teamwork and taking action to address any activities and behaviors that are not consistent with HSBC's diversity policy and/or the best interests of the business and its customers
Operational Effectiveness & Control
- Supporting the enhancement of assurance processes to deliver the quarterly/ annual control assurance plans and targeted reviews
- Embedding quality into their assurance deliverables and ensuring compliance with the Assurance Methodology
- Ensure compliance with HSBC policy and procedures, together with early identification and escalation of control issues as they arise
- Providing management with visibility of delivery issues, especially on the completion of critical reviews that impact on operational risk
- Risk management focus continues to be heightened due to breaks in controls regularly appearing in the press
- Balancing the different control assurance requirements of Thematic and Targeted control reviews or testing of key effective controls that mitigate the very high and high operational risks
- Driving a positive internal control culture across HOST and the wider organization
- Timely delivery of assurance assignments
HOST Functions (Operations, HSBC Technology, Global Procurement and Corporate Real Estate) are accountable and responsible for their day to day activities and processes, including mitigating operational risks through the operation of key controls. Certain Business Division processes and activities may be outsourced, externally to third party providers or internally to one of the HOST Functions. Outsourcing does not, however, diminish management responsibility for comprehensive risk management.
This GCL explains these responsibilities as they apply to all of the HOST Businesses and Regions:
- Support the delivery of the global control assurance strategy within the CCO Function; specifically supporting targeted control reviews of high risk areas
- Raising awareness and understanding of risks, controls and risk management
- Leading teams to deliver control assurance across functions and targeted control reviews for the CCO Function
- Ensure control assurance activities are focused on the highest priority areas and performed to a high quality
- Support the development and recruitment of resources within the COE Assurance Team
- Supporting the Heads of SOX Testing Delivery, Management and Targeted Review Delivery in the timely delivery of quality control assurance that underpins the Operational Risk Framework
Management of Risk
This will be achieved by consistently displaying the behaviors that form part of the HSBC values and culture and adhering to HSBC risk policies and procedures, including notification and escalation of any concerns and taking required action in relation to points raised by audit and/or external regulators. Specifically:
- Assessing operational risks based on the timely completion of control assurance, thematic and targeted assurance reviews, taking into account the findings identified from assurance activities
- Assessing and testing effective controls that mitigate very high and high operational risks and understanding their role in risk management and internal control referred to as the ‘Three Lines of Defence’
- Responsible for control assurance to ensure that Operational Risks are managed in accordance with the Group Standards Manual, Risk FIM, & relevant guidelines & standards
- Fair treatment of our customers is at the heart of everything we do, both personally and as an organization.
Observation of Internal Controls
- Maintains HSBC internal control standards, including timely retesting of controls that have been remediated through the completion of internal and external audit points together with any issues raised by external regulators.
- Understands, follows and demonstrates compliance with all relevant internal and external rules, regulations and procedures that apply to the conduct of the business in which the jobholder is involved, specifically Internal Controls and any supporting policies and procedures.
- Demonstrating adherence to internal control through the assessment of all relevant procedures as part of control assurance, keeping appropriate records of assurance working papers and supporting evidence
- The job holder is required to work independently and explore opportunities that support Global Businesses / Global Functions / HOST Functions and Geography CCO teams as a whole in the capacity of Testing Team Member – Testing CoE
- Graduate in anydiscipline with strong academic background
- Demonstrable knowledge in operational control assurance and risk management, internal control, or internal audit preferably within a financial / banking services operations environment
- Process assessment experience
- Excellent communication skills, both written and verbal, Good project management and planning skills with ability to execute efficiently and effectively
- Attention to details combined with strong delivery focus and ability to meet aggressive timeframes with quality results
- Sound knowledge of Microsoft Office application
- Risk Management
- Minimum 3 - 5 years of relevant experience in Control Assurance / Testing in FinancialService industry
- Delivery at Pace / Sense of urgency
- Impactful Communication
- Leading Self
- Tracking, Reporting and Governance skills
- Planning and Plan Management
- Stakeholder Management
- Problem Solving and Critical Thinking