Senior Analyst Chief Control Officer for Futures and Collateral|
Business Risk and Control Management (BRCM) serves as a subject matter expert within the 1LOD supporting the Businesses, Functions and HOST. The areas of focus for this role are Policy and Governance, Risk Appetite, Core Operational Risk Management, Oversight, Use and Embeddedness, and Reporting, as detailed further in this document.
Impact on the Business
The Senior Analyst BRCM is responsible for supporting the Manager, Senior Manager and Head of BRCM with directing and managing the integration of Core Operational Risk Management activities and providing feedback on the embedding of the Operational Risk Management Framework activities within and throughout their respective area within business, function or HSBC Operations Services and Technology (HOST). The Senior Analyst BRCM may also be accountable Core Operational Risk Management activities with respect to specific operational risk categories, including FCC, Compliance, Business Continuity, Information Security, Privacy, Fiduciary, Fraud, SOX, Product Due Diligence and Third Party Risk Management (Vendor) as required.
Business/Function/HOST Specific Responsibilities
This role will support the Head of BRCM with the coordination of the following areas:
Policy and Governance:
Provide feedback on proposed operational risk policy for the
business/function/HOST and likely impacts.
Provide advice to Risk owners and Control Owners regarding operational risk policy dispensations. Provide guidance to Risk Owners and Control Owners in adhering to the ORMF (Operational Risk Management
Framework) and operational risk policies.
Provide feedback on the embedding and use of the ORMF and the operational risk policies to Operational Risk and to the Risk Stewards.
Ensure and participate in appropriate and effective operational risk governance within the business/function/HOST.
Core Operational Risk Management:
Engage with relevant Risk Stewards to contribute to a standard Risk and Control Library for the business/function/HOST, as requested by a Risk Owner/Control Owner.
Co-ordinate the RCA process on behalf of Risk Owners and Control
Owners as requested, examples prompting co-ordination may include trigger event monitoring, stakeholder engagement, meeting organization and outputs.
Risk Stewards will be engaged as required.
Provide expert advice to the Risk Owners and the Control Owners in the completion of risk and control assessments, including identifying material operational risks and controls.
Develop and execute control monitoring plans as requested by Control Owners, work with Risk Owner to identify and oversee completion of remediation actions.
Provide expert advise to Risk Owners in the completion of scenario assessments.
Use key indicators set by Risk Owners and Control Owners to facilitate control monitoring.
Contribute to the effective identification, assessment and root cause analysis of material internal risk events, advising and constructively challenging Risk Owners and Control Owners on resolution.
Perform analysis of material external risk events, as requested, advising and constructively challenging Risk Owners and Control owners on impact and mitigation.
Track and provide advice on the completion of management response actions, ensure timely and accurate recording in the operational risk management system, ORION.
Promote operational risk awareness, including training and
communications for the Business/Function/HOST.
Ensure adequate BRCM resources with appropriate capabilities are in place to provide required support.
Review and take actions to improve the quality of inputs in the Group's operational risk management system.
Oversight, Use and Embeddedness:
Customers / Stakeholders
Support the respective business/function/HOST as per the activities outlined in the areas of focus for this role including Policy and Governance, Risk Appetite, Core Operational Risk Management, Oversight, Use and Embeddedness, and Reporting.
Leadership & Teamwork
Operational Effectiveness & Control
Ensuring that all roles and responsibilities of the BRCM as defined in the Global Risk FIM and as outlined in the Business/Function/HOST Specific Responsibilities are applied to specific operational risk categories, including FCC, Compliance, Business Continuity, Information Security, Privacy,
Fiduciary, Fraud, SOX, Product Due Diligence and Third Party Risk Management (Vendor) as required.
Ensure BRCM team is properly trained in fraud risk awareness and facilitate reporting of confirmed/suspected fraud.
Complete other responsibilities, as assigned.
Accountability and Decision-Making Responsibilities.
Supports the business/function/HOST in its management of operational risk appetite, ensuring business/function/HOST operates in compliance, with operational risk framework and standards
Build relationships and interact with US Operational Risk team and other 'second line of defense' teams, Global BRCM, and others for operational risk and internal control matters.
Daily discretion with assigned authority. Decisions beyond assigned authority are referred to higher levels of management for approval.
Management of Risk
The physical demands/work environment described above are representative of those that must be met by an employee to successfully perform the essential duties of the job. Reasonable accommodations may be made to enable individuals with disabilities to perform essential duties.
Physical Demands/Work Environment: Very good working conditions. Little or no physical demands. Minimal handling of light materials. The physical demands/work environment described above are representative of those that must be met by an employee to successfully perform the essential duties of the job. Reasonable accommodations may be made to enable individuals with disabilities to perform essential duties.
Financial Crime Compliance (FCC) and Regulatory Compliance (RC)
The BRCM activities are to advise the Risk Owners and Control Owners in the risk assessment process, to advise on the mitigation process, to perform risk-based monitoring of control effectiveness in order to validate the control assessment. As with other Risks and the associated controls, these BRCM activities pertain to specific
FCC and RC risks and controls. The BRCM monitors timely resolution of issues and actions pertaining to FCC
In addition to the Risk and Control Assessment process (RCA), the Regulatory Compliance function outlines the CDSA (Compliance Detailed Self-Assessment). The BRCM works with the business/function/HOST to determine that the controls which are in place and mitigate the risk of the pre-determined RC obligation.
For FCC and RC training-- the BRCM tests the compliance of the first line of defense in the timely completion of mandatory training. The jobholder will remain current with all FCC and RC specific required training.
The job holder will be aware of and will pro-actively apply their knowledge of the Global Anti-Money Laundering (AML), Sanctions and Anti-Bribery and Corruption (ABC) Policies, Regulatory Compliance Policies, supporting US Guidance, and Line of Business Procedures in line with the core activities of the BRCM. The jobholder will make informed decisions in accordance with the core principles of HSBC's Financial Crime Risk Appetite and Policies, and pro-actively escalate appropriately instances of deviation, whether evidenced through ongoing testing or control monitoring.
HSBC is blazing the trail for African-American colleagues, check it out:
As you complete your online application, please use source code: Historically Black Colleges
and Universities. If you would like to notify HSBC's Diversity Recruiting team of your application, please e-mail
Qualifications & Requirements
- Minimum of a Bachelor's degree with 5 years equivalent experience. Background in Banking, risk
management and / or internal audit; Audit, Risk or Compliance professional designation preferred
- Analytical and review skills with the ability to draw the correct conclusions from reviews
- Time management and organization skills with the ability to prioritize and multi-task
- Understand and ensure compliance with all relevant internal and external rules, regulations and procedures
that apply to the conduct of the business/function/HOST
- Ability to work professionally with various levels of staff and management; strong teamwork
- Excellent written and oral communication and presentation skills including the ability to deliver clear and
accurate messages to management
- Complex problem resolution
- Sound judgment, keen sense of urgency and initiative, and high level of professional and personal integrity