Specialist, External Audit - Kuala Lumpur, Malaysia - Standard Chartered Bank

    Standard Chartered Bank
    Standard Chartered Bank Kuala Lumpur, Malaysia

    1 week ago

    Standard Chartered Bank background
    Full time
    Description

    Role Responsibilities

    Job Role

    The Transformation, Technology and Operations (TTO) division is responsible for the build and run of the Banks' technology platforms in addition to providing an operations capability to the business.

    Within TTO, TTO Risk Management has a risk and control team that centrally support the TTO Domains on external audits and country regulatory engagements. This role will coordinate and support TTO Domains with external audit engagements, regulatory engagements, third party (Bank's clients), and vendor questionnaires impacting the function / domain.

    The "Specialist (SA)" will closely work with the TTO Domain risk management team and with key stakeholders of the Domain. The SA shall advice and support the TTO Domains in execution of controls or potential gaps related to country regulatory needs, driving effective compliance with the prescribed technology requirements. The SA is responsible for creating, maintaining and reporting on a comprehensive requirements and issue register for TTO Domains. The SA shall establish and communicate Issue and Action plan quality standards to ensure that when issues are agreed and documented that they are factual, accurate and complete.

    Key Responsibilities

  • Support audit requests coming from Regulators, External auditors, Third party clients with appropriate acknowledgement and responses in a timely manner.
  • Coordinate responses to regulatory engagements with TTO, CIO, CISO, and ICS domains, in orderly and efficient manner.
  • Interface with all service providers including but not limited to Transformation Technology and Operations ("TTO"), Resilience, CIO domains to accurately and efficiently complete reports.
  • Ensure there are no escalations from the stakeholders.
  • Create RFIs in the RFI portal on a timely manner and assigned the RFIs to the respective domain ORMs.
  • Regular follow ups with the respective domain ORMs and escalate overdue requests or if the responses were not provided as per standard TAT, to facilitate timely submission.
  • Establish the findings are factually correct through appropriate information gathering and obtaining corresponding domain head's approval before the findings are published in the final reports.
  • Maintain current status of regulatory requirements tracker with necessary updates and knowledgebase and also manage the central tracker of audit engagements.
  • Coordinate with domains to ensure external audit issues are closed before target dates.
  • Ensure remedial actions are prioritized into requirements.
  • Maintain an inventory of regulatory responses from the first line to expedite future responses.
  • Perform gap analysis between regulatory requirements and current SC control standards.
  • Agree SLAs with stakeholders and regularly report status, escalate slippages accordingly.
  • Work along with other team members on the engagement requirements, share workload to ensure the regulatory submissions are completed in timely manner
  • Provide timely inputs for reporting related to all working engagements.
  • Strategy

    TTO Risk Management has a risk and control team that centrally support the domains on external audits and country regulatory engagements.

  • Ensure proper management of external audits and regulatory engagements, track action plans and timely resolution of issues - related to regulatory and external audit requirements, by engaging with the domains and the ORMs.
  • Processes

  • Engaging with various TTO domains.
  • People and Talent

  • Provide self-oriented and self-motivating individual, and work with limited direction.
  • Lead through example and build the appropriate culture and values.
  • Set appropriate tone and expectations, and work in collaboration with Risk and Control partners.
  • Build the right mix of subject-matter expertise, and Risk and Control skills.
  • Risk Management

  • Work with Risk Managers, TTO Domain team to ensure accurate information gathering as part of engagement requirement.
  • Keep up with date knowledge related to the Bank's Standards, Policies and procedures, to ensure accurate interpretation of requirements.
  • Manage and drive continuous improvement of the TTO Risk Control environment through factual, insightful, analysis of the current environment and validating the same against regulatory and external engagement requirements.
  • Governance

  • Provide timely and accurate reporting to the appropriate stakeholders.
  • Regulatory and Business Conduct

  • Display exemplary conduct and live by the Group's Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including Regulatory and Business conduct, across Standard Chartered Bank.
  • Lead the Controls team to achieve the outcomes set out in the Bank's Conduct Principles: The Right Environment.
  • Effectively and collaboratively identify, escalate, and resolve Conduct and Compliance matters.
  • Provide timely and accurate Risk and Control information as scheduled / as required.
  • Key Stakeholders

  • TTO domains
  • CIO / Application teams
  • ICS teams
  • CISRO teams
  • Our Ideal Candidate

  • Experience in technology risk management, information security, Internal or External or other related technology compliance roles.
  • Preferred experience in Financial Services or other heavily regulated industries ( Healthcare, Government, etc).
  • Self-starter, capable of managing discussions with stakeholders and engagement expectations.
  • Team player and able to coordinate with internal stakeholders.
  • Strong working knowledge of MS Office suite.
  • Strong communication skills.
  • Process management.
  • Role Specific Technical Competencies

  • Technology Risk Management
  • Quality Assurance and Testing
  • IT Standards, Procedures and Policies
  • Agile Development
  • Operational Risk
  • Software Quality Assurance
  • ­