Senior Manager, Risk Governance and Reporting,

Country Tier III J o b D e s c r i p t i o n

JOB INFORMATION Job Description Name: Senior Manager, Risk Governance and Reporting, Country Tier III Recommended Position Title: Senior Manager, Risk Governance and Reporting, Country Tier III Country / BU Applicability: Job Code: 60056264 Job Family: Risk & Corporate Affairs Sub-function: Country Risk

JOB PURPOSE Lead the development, implementation, and maintenance of an integrated risk governance framework covering all key risk areas within a Tier III Africa Region, aligned with the Financial Conglomerate's standards. Serve as a key partner across the Risk Function, including the delivery and integration of the the Combined Assurance model. Oversee aggregated risk reporting, including liquidity risk, to key stakeholders, leveraging conglomerate resources and adhering to established practices.

JOB FUNCTIONS

Essential Functions

Develop, implement, and maintain a comprehensive risk governance framework, incorporating policies, procedures, and standards aligned with the Financial Conglomerate's requirements, while adhering to local regulatory expectations and international best practices. Integrate the Combined Assurance model and ensure alignment with the Financial Conglomerate's frameworks. Communicate and embed the risk governance framework effectively across all business units and functions within the Tier III Africa Region country, ensuring alignment with regulatory expectations, the Financial Conglomerate's "ways of work", and localised policies. Lead the production of high-quality, aggregated risk reports that provide strategic insights to the CRO, senior leadership, country Exco, and regulatory bodies, enabling proactive risk management and informed decision-making. Partner with Risk Type Heads at a group level to leverage available services offered as part of being a Financial Conglomerate. Lead periodic evaluations of the risk governance framework to assess its ongoing effectiveness, alignment with evolving regulatory requirements, relevance to the bank’s strategic objectives, adherence to the Financial Conglomerate's guidelines, and the successful localisation of group policies. Lead the development and maintenance of key risk indicators (KRIs) and risk dashboards to provide real-time monitoring of risk exposures, trends, and potential vulnerabilities across the various business units and corporate functions within the Tier III Africa Region country, ensuring alignment with Group-level KRIs. Proactively identify and analyse emerging risks and systemic threats, leveraging advanced analytical techniques and industry intelligence, and partnering with Group risk governance counterparts to provide strategic early warning indicators to senior management and the country Exco, enabling proactive mitigation actions. Lead the risk assessment process, ensuring rigorous identification, assessment, and prioritisation of all significant risks, with a focus on developing and implementing robust mitigation strategies aligned with the bank's/country's risk appetite, the Financial Conglomerate’s standards, and local regulatory requirements. Design and oversee the execution of comprehensive risk monitoring programs, utilising data analytics and advanced modelling techniques to track risk exposures, assess the effectiveness of controls, and identify areas for continuous improvement, while aligning with Group-level monitoring standards. Drive the execution of stress testing and scenario analysis exercises, assessing the bank's/country's resilience to a wide range of adverse economic and market conditions, and providing insights to inform strategic decision-making, in line with the Financial Conglomerate's methodologies and local regulatory requirements. Maintain a deep understanding of evolving regulatory landscapes and proactively translate regulatory requirements into actionable risk management practices, ensuring the bank's ongoing compliance with all applicable laws and regulations, while also adhering to Financial Conglomerate's standards.

Essential Functions

Develop and maintain strong relationships with key regulatory authorities, serving as a primary point of contact for inquiries, examinations, and reporting requirements, and advocating for the bank's interests when appropriate, while ensuring alignment with the Financial Conglomerate's overall regulatory strategy. Provide oversight for the implementation of regulatory changes impacting risk management, ensuring timely and effective adoption of new requirements across all business units and corporate functions within the Tier III Africa Region country, aligning with both local regulations and the Financial Conglomerate’s policies. Drive the development and implementation of a comprehensive risk culture program, leveraging communication, training, and leadership engagement to instil a strong sense of risk awareness and accountability across all levels of the bank within the specific country, in alignment with the Financial Conglomerate's risk culture framework. Serve as a subject matter expert and mentor, providing guidance, coaching, and training to risk officers and other staff on advanced risk management principles, methodologies, and best practices, building a high-performing risk management team, and fostering knowledge sharing with Group-level counterparts. Lead, mentor, and develop a team of highly skilled risk professionals, fostering a collaborative, innovative, and results-oriented environment that attracts, retains, and motivates top talent, while also promoting collaboration with Group-level teams. Empower team members to excel, providing guidance, coaching, and development opportunities to enhance their technical expertise, leadership capabilities, and strategic thinking, aligning with the Financial Conglomerate's talent development programmes. Create a high-performing team environment characterised by open communication, knowledge sharing, and continuous improvement, ensuring the team is well-equipped to meet the evolving challenges of the risk landscape within the specific country, and facilitating collaboration with Group-level teams. Cultivate and maintain strategic relationships with key stakeholders, including senior management, business unit heads, internal audit, and regulatory authorities, acting as a trusted advisor and partner in promoting sound risk management practices, ensuring alignment with the Financial Conglomerate's overall strategy and fostering collaboration with Group-level counterparts. Provide strategic guidance to the Country Executive, Exco and various governance committees on risk management requirements and approaches, safeguarding the Country's operational license, while ensuring alignment with the Financial Conglomerate's strategic objectives and risk management framework.

Additional Responsibilities Localise Financial Conglomerate's risk management policies and frameworks to ensure relevance and applicability within the Tier III Africa Regions country, while maintaining alignment with group standards and regulatory requirements. Collaborate with Group Risk and Financial Conglomerate counterparts to ensure consistent application of risk management principles and frameworks across the Standard Bank organisation. Facilitate knowledge sharing and best practice exchange between the Tier III Africa Regions country and the broader Financial Conglomerate network, contributing to the overall enhancement of risk management capabilities. Provide support and guidance to business units and functions within the Tier III Africa Regions country on the effective implementation of the Financial Conglomerate's risk management frameworks and policies. Develop and deliver training programmes to enhance risk awareness and understanding of the Financial Conglomerate's risk management frameworks among staff within the Tier III Africa Regions country.

QUALIFICATIONS

Education

Type of Qualification Field of Study Required/ Preferred And/Or

First Degree Business Commerce, Risk Management Required and Post Graduate Degree Risk Management Preferred

Work Experience

Experience Experience Details Required/ Preferred

More than 10 years Minimum of 10 years of progressive experience in risk management within the financial services industry, with a focus on non-financial risk. Significant experience in developing, implementing, and maintaining risk governance frameworks, policies, and procedures aligned with regulatory requirements, international best practices

Required and

Work Experience

Experience Experience Details Required/ Preferred

(e.g., Basel III, King IV), and group-level standards. Demonstrated experience in localising group policies and frameworks to meet specific country requirements.

More than 10 years

Proven experience in preparing and delivering comprehensive risk reporting to senior management, board committees, and regulatory bodies. Strong understanding of the Combined Assurance model and its practical application. Experience in partnering with group-level risk functions and collaborating across organisational boundaries. Proven leadership experience, including managing and developing a team of risk professionals. Experience in driving risk culture initiatives and promoting risk awareness

Required

Total number of years' experience 12 years

Knowledge, Skills and Abilities

KSAs Proficiency

Deep understanding of risk management principles, methodologies, and frameworks. High Comprehensive knowledge of risk identification, assessment, measurement, mitigation, and monitoring techniques. High Strong understanding of the three lines of defense model. High Extensive knowledge of the financial services industry, particularly banking, and related regulatory requirements. High Understanding of key banking products, services, and operations. High Proficiency in data analysis techniques and tools (e.g., SQL, Excel, Tableau, Power BI). High Knowledge of risk reporting requirements and best practices. High Strong understanding of corporate governance principles and practices. High Excellent written and verbal communication skills. High Ability to identify and analyse problems, develop creative solutions, and make sound judgments. High

Behavioural Competencies - Essential

Behavioural Competency Description

Exploring Possibilities Is conceptual when developing ideas; applies theories to problem solving; prefers to learn by thinking and identifying underlying principles

Developing Strategies is focused on developing strategies; thinks in the longer term and anticipates trends; envisages the future and adopts a visionary approach

Providing Insights Is focused on continuously improving things; provides insights by identifying key issues; makes intuitive judgements

Developing Expertise Is open to taking up learning opportunities; is quick in acquiring knowledge and skills; develops expertise by updating specialist knowledge.

Convincing People Is comfortable having to persuade others; shapes opinions by being outspoken; seeks to negotiate with others

Challenging Ideas Prepared to disagree and question assumptions; challenges ideas and established views; comfortable arguing own perspective

Making Decisions Is determined and decides on actions; willingly assumes responsibility; is definitive and stands by own decisions

Directing People Is comfortable leading people; coordinates and directs groups; seeks to control things

Empowering Individuals Motivates individuals by empowering them; seeks to inspire people and groups; gives encouragement to others

Embracing Change Copes with change and variety; tolerates uncertainty and ambiguity; adapts to new challenges

Behavioural Competencies - Essential

Behavioural Competency Description

Valuing Individuals Shows consideration towards others; tolerates the differences in people; values and trusts people

Adopting Practical Approaches Applies practical skills when investigating issues; prefers to learn by doing; is practically minded and applies common sense.

TECHNICAL COMPETENCIES Competency Group Governance - Risk - Compliance

Competency Level Competency Description

Evaluating Risk Management Effectiveness

5. Expert The ability to determine if risk management and control measures are achieving the desired results and mitigating risks at the expected level.

Risk Awareness 5. Expert General awareness of risk management practices in a financial services organisation.

Risk Identification 5. Expert The examination of the essential elements of risk such as; assets, threats, vulnerabilities, safeguards, consequences and the likelihood of the threats materialising.

Risk Management 5. Expert Demonstrates knowledge and understanding of risk management methodologies, tools, governance structures and regulatory requirements for good management of risk.

Risk Measurement 5. Expert The ability to define and analyse risk identification information in a quantitative and/ or qualitative way.

Risk Reporting 5. Expert The ability to prepare quantitative and qualitative analysis on the risk landscape in the business including interpretation and analysis for use by business users.

Risk Response Strategy 5. Expert The ability to facilitate the creation and adoption of an appropriate risk response strategy and to assign ownership for the risk response.

Risk/ Reward Thinking 5. Expert The ability to provide due consideration to risks, rewards and the cost of control measures in evaluating business opportunities, process and system changes.

TECHNICAL COMPETENCIES Competency Group Financial

Competency Level Competency Description

Financial Acumen 4. Advanced Knowledge and understanding of costing, budgeting and finance concepts and the understanding and application of related processes and procedures.

Financial Management (Financial)

4. Advanced Skills and knowledge to advise managers and decision makers on financial processes, control measures, budgets and financial performance.

TECHNICAL COMPETENCIES Competency Group Information Technology

Competency Level Competency Description

Emerging Technology Monitoring

4. Advanced The identification of new and emerging hardware, software and communication technologies, products, methods and techniques and the assessment of their relevance and potential value to the organization. The promotion of emerging technology awareness among staff and business management.

Competency Level Competency Description

Automation 4. Advanced In software engineering, automation involves the use of technology to perform tasks with reduced human intervention. It can include automated testing, continuous integration, and deployment, as well as other software development processes.

TECHNICAL COMPETENCIES Competency Group Data

Competency Level Competency Description

Data Quality 4. Advanced The ability to implement operational techniques and activities that are used to fulfil requirements for data quality including: improvement, control, management or assurance of data quality.

TECHNICAL COMPETENCIES Competency Group Quality Management

Competency Level Competency Description

Root Cause Analysis 4. Advanced Knowledge and application of techniques that can be applied to determine the cause of process or control failures.

Quality Management 4. Advanced Knowledge of, and ability to implement all quality management policies and procedures.

TECHNICAL COMPETENCIES Competency Group Legal

Competency Level Competency Description

Financial Industry Regulatory Framework

4. Advanced Insight into and understanding of the various laws and regulations regulating the financial services industry.

Legal Compliance 4. Advanced The ability to comply with relevant legislation, regulatory and professional standards.

SCOPE

People Management:

# Direct Resources Managed # Indirect Resources Managed

This position manages/supervises people 1-3 1-10

Managerial Archetype

Budget Responsibility

Amount Notes

R5 million - R25 million Directly accountable

Contact with Others

Represents the organization as the primary contact. Interacts with management and senior value-chain partners on matters requiring coordination across organizational lines. Achievement of objectives requires ability to influence others both internally and potentially externally.

Contacts Description CRO and Exco, Credit Risk Management / NFR Management, Country Risk Management, E&S Risk Management, Market Risk Management, Internal Audit, Group Risk Function, Business Unit Heads, Regulators, External Audit, External Consultants/Advisors.

Head, Non-Financial Risk J o b D e s c r i p t i o n

JOB INFORMATION

Job Description Name: Manager II, Non-Financial Risk

Position Title: Head, Non-Financial Risk Jersey

Country / BU Applicability: Jersey

Job Code: 60051266

Job Family: Risk & Corporate Affairs

Sub-function: Non-Financial Risk Management

JOB PURPOSE

To provide pro-active management and operational support enabling the implementation of the Non-Financial Risk (NFR) management strategy across the Business and Commercia Banking Clients (BCB), Personal and Private Banking (PPB), and Asset Management (AM) business units considering the relevant 17 risk types, and risk management processes to identify and mitigate NFRs.

JOB FUNCTIONS

Essential Functions

Act as an interface for NFR in driving fraud risk management and liaising with NFR teams on information risk threats and controls in business strategy for all business units across all segments and channels.

Act as the trusted risk management business partner by equipping business with the tools to mitigate financial, reputational, and regulatory impact of NFR incidents.

Build and maintain credible relationships with internal and external stakeholders, including management, internal and external audit, non-executives, regulator as well as peers in local and international banks where applicable.

Challenge and oversee the RCC process by ensuring effective risk focus and dialogue, reports and escalations that are based on factual data relating to framework and actions that drive clear accountability and ownership.

Collaborate with direct and indirect reports to achieve desired business results through continuous improvement and mentoring activities.

Complete the Risk and Control Self-Assessment (RCSA) for applicable business areas by considering all 16 risk types and capture onto the NFR management system.

Conduct analysis of business impact and contribute to the formal process of driving risk acceptance for residual risk for items where the residual risk is too high, prepare recommendations to decline the requested change, and escalate to senior management for consideration.

Conduct effective risk scenario planning by gathering and analysing information in preparation for and during scenario iteration.

Contribute to succession planning initiatives by identifying strategically critical roles, flight-risk employees, and skill shortages in collaboration with Human Capital and participate in follow-up actions or interventions to ensure resource sustainability.

Contribute to the development and instilment of a risk and control culture, within the functional areas, through participating in knowledge sharing initiatives and awareness campaigns on the importance of risk management.

Deliver value-adding risk assessments and advice to strategic/other change projects and new products to ensure changes to the business risk profile are properly quantified and mitigated/managed within agreed risk appetite.

Determine high risk and/or high impact projects/programs/initiatives /cloud deployments within the line of business by using the applicable risk assessment tool.

Drive a high-performance culture through leading by example in applying the performance management process rigorously to direct reports.

Drive the execution of the NFR strategy and framework, which are aligned with business specific requirements, by considering the risk appetite and by implementing group policies, processes and guidelines via the NFR teams across the various segments and products, where applicable.

Essential Functions

Drive the relevance of the NFR framework by critically evaluating the effectiveness thereof and recommending amendments in line with emerging risks and threats.

Embed the NFR framework throughout the business areas by regularly engaging with all levels of leadership and management to help them understand the benefits of looking at their worlds through a risk management lens incorporating the 16 risk types.

Facilitate awareness and oversight of the LAM policy and address significant information risk and management.

Facilitate the documenting of root cause analysis of any major/significant information risk related incidents, in alignment with the integrated operational risk to initiate prevention.

Facilitate the scenario discussion between business partners, risk owners and operational risk by challenging assumptions of business partners to ensure that the business unit/s risk profile is truly reflected in its scenarios and obtain sign-off from the individual risk owners, business unit heads and relevant committees.

Give guidance and provide insight to process, product and policy owners on improvements required prior to the implementation of control measures by seeking input from Group Financial Crime Control and the Group Information Risk Office as subject matter experts.

Implement and support the transition and adoption of the Advanced Measurement Approach (AMA) principles in business through training and support initiatives to ensure full ownership and understanding of capital calculation, scenario analysis and expected loss calculations.

Implement data-led Non-Financial Risk (NFR) decisions and interventions in the lines of business.

Implement proactive actions around the management of prevailing, emerging and top Non-Financial Risk (NFR) exposures with urgency.

Manage NFRs by identifying inadequacy of, or failure in internal processes, people and/or systems or from external events across complex operating structures with significant overlaps of the 16 risk types under the umbrella of Operational Risk.

Manage talent effectively by continuously analysing and identifying leadership and technical development needs and upskill through facilitating appropriate training and development initiatives.

Management of own cost centre budget, if owner of a cost centre, within scope.

Measure and entrench the desired Non-Financial Risk (NFR) culture across the 3 lines of defence through proper metrics and incentives.

Monitor the actual losses vs. the risk appetite and include the necessary interventions to minimize financial impact.

Optimise the Risk Market Place (RMP) functionality to unleash the full value-adding capability of Risk as a Service (RaaS) to the Group.

Own the implementation of the NFR framework to enable the proactive identification, assessment, measurement, management, monitoring and reporting of model risk.

Participate and provide input into all material planned changes - strategy changes, product changes, segment changes, system changes and process changes - and provide a proactive view of the potential risks that the changes may bring into the organisation.

Participate in recruitment and selection initiates in collaboration with Human Capital and direct reports for business efficiency and effectiveness.

Participate in the review workforce and headcount plans for the team by including requests for headcount changes and approving and declining headcount requests within overall mandate.

Participate, review, and monitor key people metrics - attrition, vacancy rates, reasons for leaving, absence rates, grievances, leave, disciplinaries etc. and define strategies/interventions to improve the working environment if the indicators show adverse trends.

Partner with business leadership through active participation in Business Risk Control Committees (BRCCs) and other strategic forums to translate NFR into business specific resilience capabilities.

Provide guidance and oversight on the implementation of the defined Information risk strategy by advising on the information risk policy, identifying information risks in projects and business initiatives and by reporting on the information risk posture at relevant committees.

Provide guidance and support to business stakeholders by training on and embedding risk policies so that they can perform information risk related activities or functions and implement policy requirements effectively.

Provide guidance to business in regards with Information risk by identifying key information assets, risk events, causes and assist with the risk treatment to ensure that all significant information risk and control weaknesses are mitigated and if material reported.

Provide oversight and guidance to the business stakeholders during the third-party life cycle by challenging the mitigation in place if not aligned to the risk appetite, assessing the adequacy of control measures in managing the level of risks associated with third party engagements and by monitoring the overall third-party process to make sure it complies with the Third-Party Risk Management (TPRM) Framework.

Report critical, material third-party engagements, challenges, or trends to the TPRM team as well as relevant risk governance forums such as Risk Control Committees (RCC) and determine the level of assurance required related to the third-party engagement by consulting with risk type owners, where required.

Represent NFR and articulate risks effectively at relevant business unit committees by critically reviewing 1) all business cases for product and process changes, 2) control measures that have been designed for these changes.

Stay abreast of all regulatory and compliance changes through sufficient engagements and collaborations with key stakeholders (IT Security, Data Governance, Logical Access Management (LAM), Payment Card Industry (PCI) Compliance and Data Privacy.

Essential Functions

Understand and implement the application of Payment Card Industry Data and Security Standards (PCI DSS) by following principles and associated criteria to determine the status of business units to prevent, mitigate or escalate risks where required.

QUALIFICATIONS

Education

Type of Qualification Field of Study Required/ Preferred

And/Or

First Degree Business Commerce Required

First Degree Risk Management Required

Post Graduate Degree Business Commerce Preferred

Post Graduate Degree Risk Management Preferred

Work Experience

Experience Experience Details Required/ Preferred

3-4 years

Practical knowledge and experience under Information Risk which would include an

understanding of the Standard Bank South Africa (SBSA) Information Risk Framework and Data Privacy Standard or Industry exposure to similar standards

such as the Information Security Forum (ISF) Standard of Good Practice and Protection of Personal Information Act (POPIA).

Required

5-7 years

Practical knowledge of risk, control frameworks, assurance & applications in financial services industry. Fully conversant in risk appetite, risk response & process

improvement concepts. Understand both non-financial risk and financial reporting risk characteristics.

Required

Total number of years' experience 7 years

Behavioural Competencies - Essential

Behavioural Competency Description

Articulating Information Is articulate in giving presentations; is eloquent and explains things well; projects social confidence when articulating information

Challenging Ideas Prepared to disagree and question assumptions; challenges ideas and established views; comfortable arguing own perspective

Convincing People Is comfortable having to persuade others; shapes opinions by being outspoken; seeks to negotiate with others

Directing People Is comfortable leading people; coordinates and directs groups; seeks to control things

Embracing Change Copes with change and variety; tolerates uncertainty and ambiguity; adapts to new challenges

Examining Information Analyses and processes information; asks probing questions; strives to find solutions to problems

Exploring Possibilities Is conceptual when developing ideas; applies theories to problem solving; prefers to learn by thinking and identifying underlying principles

Generating Ideas Is creative in producing ideas; assumes an original approach when generating ideas; adopts radical solutions

Making Decisions Is determined and decides on actions; willingly assumes responsibility; is definitive and stands by own decisions

Providing Insights Is focused on continuously improving things; provides insights by identifying key issues; makes intuitive judgements

Behavioural Competencies - Essential

Behavioural Competency Description

Resolving Conflict Is comfortable calming upset people; handles angry individuals well; is focused on resolving conflict and arguments

Upholding Standards Behaves ethically and justly; is discreet and maintains confidentiality; meets commitments by acting with integrity

TECHNICAL COMPETENCIES

Competency Group Governance - Risk - Compliance

Competency Level Competency Description

Analysing Insurable Risk 2. Proficient The ability to facilitate risk assessment to gain an understanding of risk impacts, thus developing the profile of insurable risks.

Economic Capital Management 3. Seasoned Understands the capital implications of the stated risk appetite, individual risk exposures, portfolio risk exposures, and determines capital requirements on a risk adjusted basis.

Evaluating Risk Management Effectiveness

3. Seasoned The ability to determine if risk management and control measures are achieving the desired results and mitigating risks at the expected level.

Risk Identification 4. Advanced The examination of the essential elements of risk such as; assets, threats, vulnerabilities, safeguards, consequences and the likelihood of the threats materialising.

Risk Measurement 4. Advanced The ability to define and analyse risk identification information in a quantitative and/ or qualitative way.

Risk Reporting 4. Advanced The ability to prepare quantitative and qualitative analysis on the risk landscape in the business including interpretation and analysis for use by business users.

Risk Response Strategy 4. Advanced The ability to facilitate the creation and adoption of an appropriate risk response strategy and to assign ownership for the risk response.

Risk/ Reward Thinking 4. Advanced The ability to provide due consideration to risks, rewards and the cost of control measures in evaluating business opportunities, process and system changes.

TECHNICAL COMPETENCIES

Competency Level Competency Description

TECHNICAL COMPETENCIES

Competency Level Competency Description

TECHNICAL COMPETENCIES

TECHNICAL COMPETENCIES

TECHNICAL COMPETENCIES

SCOPE

People Management:

# Direct Resources Managed # Indirect Resources Managed

This position manages/supervises people 1-3 1-10

Managerial Archetype

Financial Responsibility

Controllable Expenses (e.g., payroll and other budgeted items

R500 000 - R2,5 million

Budget Responsibility

Amount Notes

R500 000 - R2,5 million Primary Budget Responsibility

Contact with Others

Contacts Description May need to engage with consultants such as auditors when external reviews are undertaken. Provide direction and guidance to the functional areas regarding the ongoing management of NFR and operational risks for example Internal Audit and Compliance.

Specialist, Business Risk Control

J o b D e s c r i p t i o n

JOB INFORMATION Job Description Name: Specialist, Business Risk Control, SBO Recommended Position Title: Specialist, Business Risk Control Country / BU Applicability: Isle of Man; Jersey Job Code: 60054429 Job Family: Offshore Sub-function: Business Risk Management/ Control & Onboarding

JOB PURPOSE To provide first line risk related advice and assurance to stakeholders from all Business Units and corporate functions across Standard Bank Offshore in line with regulatory requirements, internal policies and standards to ensure a culture of quality, control and transparent risk ownership.

JOB FUNCTIONS

Essential Functions

Drive compliance by implementing applicable policies, systems, processes, procedures so that all relevant risk and business control requirements are fulfilled. Advise stakeholders across Standard Bank Offshore on client issues relating to relevant risks and, where required, liaise with stakeholders with regards to these issues to ensure compliance to the regulatory and organisational frameworks. Advise on best practice processes and procedures for business areas to effectively monitor and control for risk as well as to ensure adherence, conformance and compliance to all relevant policies, standards and regulations. Escalate high-risk and control matters, raised by the Business Risk Management team or the business and ensure that the issues raised are resolved efficiently and effectively. Maintain and update all specific risk related procedures and processes in line with governance and regulatory requirements and create an awareness of these policies in the business to promote adherence. Engage with Business Managers in order to ensure that clear communication and accountability is in place for the ownership of control breaches and any remedial actions. Act as the subject matter expert to systemically identify, measure, prioritise and respond to all types of risk in the business, and then manage any exposure accordingly. Contribute to the continuous improvement of business risk control systems, processes, and practices by identifying any control/process gaps and update policies, processes, and procedures accordingly. Build, develop and maintain relationships with the key internal and external stakeholders relevant to Business Risk Management environment across Standard Bank Offshore. Stay abreast of changes and developments in the relevant laws or regulations by identifying the changes and informing the Business Risk Management team of the impact of these changes on the business and where required ensure that business policies, processes and procedures are aligned to these changes to always ensure compliance. Remain proficient and knowledgeable of best practice in the specialist field of Business Risk Management and provide the necessary recommendations for adaptation & improvement. Arrange and deliver training sessions on relevant Regulations to Standard Bank Offshore teams to enable them to operate within the regulatory frameworks. Implement a more consistent approach to risk management and control to speed up the processes for gathering the necessary information, and also improve the quality of what is gathered, helping decisions be made more rapidly and with greater confidence. Participate in oversight committees and forums in the relevant jurisdictions in order to monitor the implementation of the business risk framework.

Essential Functions

Contribute to the provision of input and support to the senior manager to ensure high quality reporting and assurance to the relevant Boards, Executive Management, Audit Committees, the Regulator and other relevant forums. Collect data from numerous sources in order to prepare high quality, accurate and complete analysis and dashboards, as well as Management Information (MI) reporting to be distributed to the defined users of the dashboards within defined timeframes. Identify trends and provide insights from data logged into the relevant systems by analysing the data to recommend and implement corrective action to ensure effective mitigation of risks.

QUALIFICATIONS

Education

Type of Qualification Field of Study Required/ Preferred And/Or

Diploma Risk Management Required

Work Experience

Experience Experience Details Required/ Preferred

5-7 years Significant experience in risk, governance and compliance management in the financial services industry with a thorough understanding of relevant regulatory requirements and operational risk matters.

Required

Total number of years' experience 6 years

Behavioural Competencies - Essential

Behavioural Competency Description

Checking Things Is meticulous in finding errors; ensures accuracy by being thorough and checking details; produces high quality work by being detailed.

Developing Expertise Is open to taking up learning opportunities; is quick in acquiring knowledge and skills; develops expertise by updating specialist knowledge.

Upholding Standards Behaves ethically and justly; is discreet and maintains confidentiality; meets commitments by acting with integrity

Team Working Works participatively with others; is democratic and encourages team contributions; collaboratively involves others in decision- making

Interacting with People Is lively and projects enthusiasm; is talkative in making contact; is focused on interacting and networking with people

Exploring Possibilities Is conceptual when developing ideas; applies theories to problem solving; prefers to learn by thinking and identifying underlying principles

Making Decisions Is determined and decides on actions; willingly assumes responsibility; is definitive and stands by own decisions

Documenting Facts Writes fluently when documenting facts; understands arguments logically; focuses on finding facts

Convincing People Is comfortable having to persuade others; shapes opinions by being outspoken; seeks to negotiate with others

Following Procedures Conforms and adheres to rules; closely follows instructions and procedures; minimises risks by sticking to processes

Managing Tasks Manages tasks by being organised and methodical; plans activities systematically; sets priorities for tasks

Examining Information Analyses and processes information; asks probing questions; strives to find solutions to problems

TECHNICAL COMPETENCIES Competency Group Audit

Competency Level Competency Description

Evaluation of Internal Controls 3. Seasoned The ability to analyse process controls for effectiveness from a design and implementation perspective.

Promote Good Governance, Risk & Control

3. Seasoned The ability to assess governance and control frameworks against the appropriate risk appetite and enhance the risk management culture in line with the organisational objectives.

TECHNICAL COMPETENCIES Competency Group Business Process Modelling

Competency Level Competency Description

Process Governance 3. Seasoned The ability to create mechanisms to ensure that designed processes are implemented correctly and that process changes are made thoughtfully, taking into consideration the impacts on people, other processes and technology.

TECHNICAL COMPETENCIES Competency Group Governance - Risk - Compliance

Competency Level Competency Description

Evaluating Risk Management Effectiveness

3. Seasoned The ability to determine if risk management and control measures are achieving the desired results and mitigating risks at the expected level.

Risk Awareness 3. Seasoned General awareness of risk management practices in a financial services organisation.

Risk Identification 3. Seasoned The examination of the essential elements of risk such as; assets, threats, vulnerabilities, safeguards, consequences and the likelihood of the threats materialising.

Risk Management 3. Seasoned Demonstrates knowledge and understanding of risk management methodologies, tools, governance structures and regulatory requirements for good management of risk.

Risk Reporting 3. Seasoned The ability to prepare quantitative and qualitative analysis on the risk landscape in the business including interpretation and analysis for use by business users.

TECHNICAL COMPETENCIES Competency Group Quality Management

Competency Level Competency Description

Quality Control 3. Seasoned The ability to implement operational techniques and activities that are used to fulfil requirements for quality including: improvement, control, management or assurance of quality.

TECHNICAL COMPETENCIES TECHNICAL COMPETENCIES

SCOPE

People Management:

# Direct Resources Managed # Indirect Resources Managed

Managerial Archetype

Contact with Others

Contacts are frequently inter-organizational and outside customer/vendor interactions. Part of a team who represents the organization. Monitors activities and communicates information across the organization

Contacts Description Develop and Maintain relationships with Business Managers across Standard Bank Offshore as well as the broader business to drive a culture of quality, control and transparent risk ownership.