Enterprise Risk Management Lead, BHSB - Malaysia, Kuala Lumpur - Boost

Description

Boost is the fintech arm of Axiata that unifies financial services spanning payments, micro-financing, micro-insurance, cross-border content services and merchant solutions. We combine best-in-class software, in-house data and AI to meet the growing and diverse needs of our customers and merchants across the region, with the aim of becoming a full-spectrum fintech player in Southeast Asia. Our businesses are streamlined into five core brands:

• Boost Life - The Boost eWallet & Lifestyle business that focuses on consumer lifestyle offerings such as online and offline retail payments, bill settlement, insurance and transportation & transit use cases with new features constantly introduced.
• Boost Biz - The merchant business that offers a payment platform for enterprises of all sizes, business tools and digitalisation solutions.
• Boost Credit - Formerly Aspirasi, it houses the micro-financing & micro-insurance business and is a pioneering Digital Alternative financier in Malaysia and Indonesia.
• Boost Connect - Formerly Apigate, Boost Connect is a global digital monetization and customer growth payment platform ecosystem provider with innovative products and services.
• Boost Indonesia - Formerly Aspirasi Indonesia, is providing micro-financing business and digital merchant business for various sizes of enterprises (formerly Boost Indonesia) in Indonesia.

The incumbent is to drive Enterprise Risk Management implementation across Boost Holdings Sdn Bhd (BHSB) and Boost's Companies (BoostCos) to ensure it operates within the appropriate risk levels in line with strategic objectives and instill risk-centric culture across Boost

Responsibilities:

• Drive the establishment/maintains an effective risk management strategy and framework and is compliant with the key principles of good governance
• Drive the development, maintenance, and implementation of BHSB ERM Policy and Framework and relevant processes and tolls across BHSB and BoostCos. Assist the Board Risk & Compliance Committee (BRCC) and the Board of Directors (the Board) to develop, implement, track and monitor a set of risk appetite statements, tolerance levels and thresholds
• Drive the development, implementation, and management of risk management activities for BHSB and BoostCos. Deliverables include integrated risk registers including Data Privacy, ABAC, Cyber Security and ESG risks. Review and analyze enterprise risk profiles, including KRIs and assess the status of risk treatment plans on a periodic basis
• Work closely with the Senior Leadership Team and Risk Leads in respective BoostCos to steer and facilitate risk management conversation. Act as an advisor on risk-related matters including risk assessments for major process and system changes and thematic risk review exercises
• Review risk reports for Risk & Compliance Management Committee (RCMC) monthly and Board Risk & Compliance Committee (BRCC) on quarterly basis. Act as the secretariat for BRCC by facilitating the BRCC meeting which includes, but not limited to, circulating the BRCC papers in a timely manner and preparing the notes of discussion for circulation to the Board
• Drive the development, maintenance and implementation of Business Resilience, which includes but not limited to, Incident & Crisis Management, Business Continuity Management, Third-Party Risk Management and Insurance Management to build organizational resilience with the capability for an effective response to handle crisis across BHSB and BoostCos
• Drive the execution of the annual Statement on Risk Management and Internal Control (SORMIC) assessment on BHSB and BoostCos including the tracking and completion of management action plans, preparation of the Management Representation Letter (MRL) and relevant approvals
• Drive risk culture through the provision of risk management risk awareness and ERM and BCM e-learning training programs via stakeholder engagement and provide support in education, briefing and training to enhance the knowledge across BHSB & BoostCos
• Participate in the review of technology, information, cyber risk related regulatory and legal guidelines and provide risk POV
• Keep abreast of new technologies and related risks, regulatory requirements for technology and information security and industry trends
• Participate and contribute to Axiata Group's Collective Brain Project – a platform for OpCo Risk Practitioners to recommend solutions in enhancing risk practices across Axiata
• Manage tracking and reporting of ERM CEO KPI for BHSB and BoostCos, including remediation actions to completion

Requirements:

• At least 10 years' experience in technology, information, enterprise, or operational risk management in Financial Services Industry preferred
• Bachelor's in Business Administration, Finance, Accounting, Banking, IT or related fields
• Knowledge of IT/Information Security Management, ABAC, Data Privacy, Sustainability (ESG) controls, processes and best practices is a high advantage
• Excellent written and verbal communication skills and ability to communicate effectively across all levels of internal and external stakeholders
• Strong analytical and problem-solving mindset, with the ability to offer practical solutions
• Able to make good decisions under pressure and to multi-task
• Basic understanding of digital financial services, banking or insurance industry will be an added advantage