Operational and Permanent Control Analyst - RISK CIB
BNP Paribas
- Lisboa
- Permanente
- Horário completo
- The OPC Analyst operates the Control framework relating to all operational risks, including Fraud, Third Party, Conduct, Compliance, Regulatory, Information & Communication Technology risks, and others risks types. OPC is responsible for the deployment of internal policies and procedures issued by specialize independent control functions part of Risk teams (2nd Line of Defence), and for the compliance with external regulatory and supervisory requirements
- Identify and assess risks and controls (Risk and Control Self-Assessment) by ensuring that key operational units and processes, material risks and risk mitigants are identified. Perform/drive the risk identification and assessment in liaison with independent control Functions when needed, ensuring validation by the relevant management level and consistency with the defined risk tolerance. Contribute to the definition and follow-up of remediation plan if needed
- Manage Procedures by ensuring that Group procedures requirements are implemented locally, complemented with local specificities (regulations, tools, organizations). Ensure that the procedures designed by the businesses and functions are identified, updated, properly stored and communicated to the relevant stakeholders within the Operating Entity. Identify and propose calibration of procedures according to the outcome of the risk assessment and other risk events (HI, control results, external events, Audit missions)
- Implement Controls and action plans: by defining and regularly updating the control plans according to the outcome of the risk assessment, regulations, other risk events (Historical Incidents, control results, external events, Audits). Perform and/or coordinate controls according to this control plan. Ensure that control results are reviewed and analysed by the Management and when relevant by operational teams / relevant stakeholders and that remediation action plans are defined if and when needed. Input in Group tools the control results and major action plans. Follow-up the implementation of remediation actions
- Document findings, recommendations and permanent control actions: Upon notification/receipt of reports, organise the follow-up of the findings and recommendations, either issued internally (e.g. IG supervision) or externally (external auditors, supervisors) and ensure that they are closed within due date
- Manage historical incidents by alerting the management and the independent control functions if needed on key incidents. Collect incidents (including impacts measurement), report and update in the incidents database, including suspected and attempted fraud cases. Analyse incidents in a timely manner and define, jointly with the relevant stakeholders, the correctives measures be implemented to mitigate risks. Follow[1]up and /or initiate the implementation of remediation actions and the unfolding of long term incidents. Perform controls on the incident collection process, in particular the cross-check with other databases (accounting or other when existing) and the half-yearly attestation by the local management
- Provide Management support and governance by active contribution (or organization) to any committee on Operational risks and Permanent Control committees. Alert and escalate to the relevant level of management any operational risk incident and/or any recurring weakness. Perform periodic and ad-hoc reporting to the appropriate level of management as well as to independent control functions. Ensure an appropriate training on Operational risks and Permanent Control framework is provided to employees, Classification : Internal notably newcomers. Show ability to take ownership of specific OPC activity streams/topics, and be able to deliver the full and exhaustive actions taken on the assigned process(es) to the management
- Bachelor Degree in Business Management / Economics / Finance or Accounting
- Up to 2 years of experience in Risk and Controls / Compliance and/or Project Management and Consulting
- Advanced level of English, both written and oral
- Knowledge in MS Office Pack (Excel, PowerPoint)
- Adaptability
- Ability to manage/facilitate a meeting / seminar / committee / training
- Analytical ability
- Organisational skills
- Ability to collaborate / teamwork
- Please note that only applications submitted in English will be considered.
- In case you are selected for this role, further documentation will be requested to support your hiring process.