Operational, Information Risk Mgt & Internal Controls Director

Job title: Operational, Information Risk Mgt & Internal Controls Director

Company: AXA Hong Kong and Macau


Job description: AXA Hong Kong and Macau is a member of the AXA Group, a leading global insurer with presence in 51 markets and serving 94 million customers worldwide. Our purpose is to act for human progress by protecting what matters.As one of the most diversified insurers in Hong Kong, we offer integrated solutions across Life, Health and General Insurance. We are the largest General Insurance provider and a major Health and Employee Benefits provider. Our aim is to not only be the insurer to provide comprehensive protection to our customers, but also a holistic partner to the individuals, businesses and community we serve. At the core of our service commitment is continuous product & service innovation and customer experience enrichment, which is achieved through actively listening to our customers’ needs and leveraging and investing in technology and digital transformation.We embrace our responsibility to be a driving force against climate change and a force for good to create shared value for our community. We are proud to be the first to address the importance of mental health through different products and services and thought leading iconic research. Our overall Sustainability Strategy, with emphasis on climate strategy and biodiversity commitment, is developed based on TCFD recommendations. We are committed to integrating environmental, social and governance factors across our business and strive to contribute to a sustainable future through 3 distinct roles – as an investor, an insurer and an exemplary company.Our people strategies are designed to enhance employee well-being and professional growth, ultimately empowering them to excel within the company.
Click here to learn more about our Benefits (https://www.axa.com.hk/en/benefits) , Culture (https://www.axa.com.hk/en/culture-and-values), & Career Development (https://www.axa.com.hk/en/career-development).About AXA Hong Kong and MacauAXA Hong Kong and Macau is a member of the AXA Group, a leading global insurer with presence in 51 markets and serving 94 million customers worldwide. Our purpose is to act for human progress by protecting what matters.As one of the most diversified insurers in Hong Kong, we offer integrated solutions across Life, Health and General Insurance. We are the largest General Insurance provider and a major Health and Employee Benefits provider. Our aim is to not only be the insurer to provide comprehensive protection to our customers, but also a holistic partner to the individuals, businesses and community we serve. At the core of our service commitment is continuous product & service innovation and customer experience enrichment, which is achieved through actively listening to our customers’ needs and leveraging and investing in technology and digital transformation.AXA is an equal opportunity employer. We are committed to promoting Diversity and Inclusion (D&I) by creating a work environment where all employees are treated with dignity, respect, and where individual differences are valued. We welcome and treasure diverse profiles to join our big family, and to build an inclusive culture together which allows everyone to maximise their personal potential.Responsibilities:Expertise in operational risk, information and IT risk, risk transformation, internal control framework enhancement, and testing quality will be instrumental in maintaining a robust risk management framework.The key accountabilities and responsibilities of this role are to:

• Lead the development and implementation of comprehensive non-financial risk management strategy aligned with the organization’s overall risk management framework, encompassing operational, information, and IT risks;
• Drive risk transformation initiatives, elevating the maturity and effectiveness of risk management activities and functions, in line with industry best practices and emerging trends;
• Identify, assess, report, and prioritize operational, information, and IT risks across the organization, ensuring appropriate controls, root cause analysis and reporting of operational loss events, mitigation measures, and risk appetite frameworks are in place;

• Ensure AXA Group’s risk management and internal control standards, policies and frameworks are established and compliant with regulatory requirements;

• Conduct thorough risk assessments, including project, external fraud and IT risk assessments, leveraging industry frameworks such as COBIT, Cybersecurity Framework, and ISO 27001, and recommend strategies for risk mitigation and control;
• Collaborate with key stakeholders, including compliance, security teams, internal audit, business lines and senior management, to develop and implement effective IT risk management strategies, controls, and governance frameworks;

• Continuously monitor and evaluate the organization’s risk landscape, staying informed about emerging technologies, regulatory requirements, and industry best practices, and adapting risk management and control frameworks accordingly;

• Lead the Internal Control process in line with the Group methodology and ensure that AXA Group’s Internal Control Standards, Policies and framework are established and followed with appropriate adaption to AXA Hong Kong’s operating condition, if needed;

• Conduct comprehensive internal control assessments, identify control gaps, and develop and implement effective remediation plans;
• Collaborate with process owners and stakeholders to define control objectives, establish control testing methodologies, and monitor control effectiveness
• Ensure high-quality testing of internal controls, employing techniques such as control testing, walkthroughs, and sample testing.
• Enhance the internal control framework within operational processes, designing and implementing robust control frameworks tailored to the organization’s objectives and integrated into day-to-day processes;
• Provide a holistic and synthetic view on the effectiveness of control environment to the Board of Directors and company’s senior management via regular reporting to the Board Risk Committee, Board Audit Committee, Audit Risk and Compliance Committee, and other relevant governing bodies;
• Ensure that critical unresolved Internal Control issues are properly escalated and that actions are deployed at an appropriate level of seniority;

• Provide leadership and guidance to the non-financial risk management team, fostering a culture of risk awareness, accountability, and continuous improvement;
• Foster strong relationships with internal and external stakeholders, including auditors, regulators, and industry peers, to ensure a comprehensive understanding of non-financial risk management practices and to stay abreast of industry developments;
• Oversee the development and maintenance of risk reporting mechanisms, ensuring timely and accurate risk reports to senior management and the Board of Directors;
• Provide guidance and support to the Chief Risk Officer (CRO) in the development and implementation of risk management policies, procedures, and controls.

Qualifications:

• At least 15 years in risk management ideally in the insurance/banking industry
• Experience in control function (audit, operational risk, enterprise risk management…) in insurance or financial environment is preferred
• Professional membership and/or professional qualification will be an advantage (e.g.CPA, CIA, CISA)
• Competencies to exercise effective challenge to ensure that appropriate risks are identified and sustainably remediated with a robust control environment
• Demonstrate effectiveness in building a high performing team, focused on driving results through leadership effectiveness & team member engagement
• Ability to build relationships, influence decisions, work effectively with a diverse set of stakeholders at all levels of the organization
• Meaningful knowledge across the enterprise risk management framework, including risk identification, risk appetite and strategy, risk-related decisions, processes & controls, risk analytics and governance
• Strong analytical skills with detailed understanding of business processes and excellent attention to detail
• Excellent communication skills, with the ability to effectively communicate complex topics & their implications to both technical & non-technical stakeholders

Expected salary:

Location: Hong Kong

Job date: Sun, 19 Jan 2025 08:50:52 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnear.pro) you saw this job posting.Thanks&Good Luck