Head of Operational and Fraud Risk Management

Role : Head of Operational & Fraud Risk Management

Location : Abu Dhabi

Role Purpose:

This is a Senior Management role within Group Risk Management responsible for (a) developing a center of excellence on Operational Risk and Fraud Risk Management and (b) recommending changes to business processes in order to enhance operational efficiency and effectiveness

The role requires a proactive individual with a minimum of 15 years of experience in ORM & FRM, who can communicate and build strong relationships across Business Units (BU), possess the ability to work in a matrix organization and leverage resources and capabilities across BUs.

The holder of this position will be mainly asked to:

• Design, implement and maintain a sound Operational and Fraud Risk Management Framework in line with the ever-changing regulatory landscape.
• Build the foundation for sound Operational and Fraud Risk management and identification of material risk through ongoing collaboration with local Lines of Business.
• Maintain Operational and Fraud Risk within the Board's approved risk appetite and ease the decision-making in light of the underlying operational risks.
• Lead and participate in fraud investigations and examinations based on management request and/or as per the identified fraud risk indicators.
• Plan and execute fraud investigations in line with Fraud Investigation Policy & Procedures.
• Guide leadership within ADIB Group through providing expertise and advice to Senior Management which enhances their ability to anticipate and manage operational risks efficiently and effectively.
• Oversee the adequacy and strength of the internal control System and recommend management actions to ensure the operational risk profile supports the achievement of business objectives.
• Act as a trusted adviser to Senior Management on Operational Risk Management aspects.
• Manage the operational incidents on a timely manner and ensure exhaustive root cause analysis are completed for major or frequent events.
• Track performance around risk management programs to build and ensure effective operationalizing of requirements.

Key Accountabilities of the role

This role includes but is not limited to the following:

Strategy, Policy, Framework and Governance

• Design and implement a sound Operational Risk Management Framework and Fraud Risk Management Framework for ADIB Group across all channels and products.
• Set in place the required infrastructure, tools, policies, standards, and processes necessary for effective execution of the above frameworks.
• Design and maintain the Enterprise Risk Management System (GRC) intended to manage ORM, FRM, Information Security, IT Governance, Compliance and Regulation.
• Set, support and run Committees under ORM's responsibility such as the Control and Compliance Committee (3C), Control and Compliance Committee Working Group (3C-WG), Operational Risk Provisioning Committee (ORPC), Fraud Risk Management Committee (FRMC) and Business Risk & Control Committee (BRCC).
• Represent Risk Management in Information Security Committee (ISC), Information Transformation Steering Committee (IT-SC), BRCC of all ADIB Group Subsidiaries.
• Escalate ADIB's risk profile on a quarterly basis to the Board Committee and Governance & Risk Policy Committee (GRPC).
• Ensure that the above Frameworks and policies satisfy the existing regulatory requirements and best standards.
• Develop Governance structure for appropriate management and oversight of operational and fraud risk.
• Develop and maintain Operational Risk Management capabilities, skills and infrastructure that are in compliance with both internal policies and external regulations and are responsive to fraud attacks.

Process Management

• Risk and Control Self-Assessment

Design and implement the RCSA policy in order to proactively identify and address operational risks and issues.

Support the BUs in implementing a sound RCSA process.

Run cross-functional RCSA workshops for critical processes, Scenarios and/or BUs.

Perform regular independent root-cause analysis by BU, process and/or product on a risk based approach (New trend, Critical risks…)

Ensure exhaustiveness and reliability of RCSAs in collaboration with other risk functions such as IS, Compliance, Sharia Departments.

Ensure Operational Risks are identified, assessed, mitigated and monitored across all processes, projects and outsourced activities.

2. Fraud Risk Self-Assessment (FRSA)

• Set a Fraud Risk Strategy that supports standardization, automation and consolidation through re-engineering and process improvement across ADIB Group for Fraud Risk Management.
• Define the process for FRSA and ensure it is properly implemented.
• Support the implementation of the Fraud Risk Management Framework and monitor the fraud risk metrics to identify potential control weaknesses.
• In collaboration with all BUs, ensure that all critical risks are mitigated within the Board's approved risk appetite.
• Develop and maintain Fraud Risk Management capabilities, skills and infrastructure that are in compliance with both internal policies and external regulations and are responsive to fraud attacks.
• Strong collaboration and concerted efforts with key stakeholders/partners (e.g. Retail Underwriting Risk, Fraud Investigation, Compliance, Information Security, Operations, product/business teams, etc.) by:

Sharing information on fraud trends and identifying emerging fraud threats.

Leveraging on common tools, information and processes.

3. Incidents Management

• Design and implement the Incidents Management Framework and loss recognition policy
• Ensure all incidents are escalated, analyzed and managed decisively to mitigate any risk and/or control Ensure Root Cause Analysis is performed for major incidents and ensure that the identified causes are swiftly addressed.
• Analyze external events and liaise with the businesses to ascertain if similar exposures exist within ADIB Group.
• Ensure coordination of appropriate fraud detection, deterrence and investigation activities through agreed structures to ensure appropriate response to Fraud incidents/events.

4. Fraud Investigations

• Develop and maintain an up-to-date fraud examination policy and procedures.
• Ensure that the investigation team work is performed efficiently and focused on fraud risk.
• Actively engage in committees such as Fraud Risk Management Committee, Operational Provisioning Committee, Disciplinary Committee, etc.
• Prepare and submit executive summaries of key fraud incidents to senior management and GRPC.
• Monitor and follow up on investigation recommendation implementation by management.
• Coordinate closely with Legal Department and Human Resource for the delivery and closure of all internal investigations.

5. Issues Management

• Design and implement a process for identification and management of ADIB issues and actions raised by the 1st, 2nd and 3rd line of defense.
• Design and implement a process for the validation of closure of critical issues to avoid reoccurrence.
• Drive timely implementation of actions and validation of critical issues.
• Communicate and escalate to Senior Management critical gaps and standard dashboards.

6. Key Risk Indicators Management

• Design and implement tools to monitor early warning indicators.
• Ensure regular reporting of breaches to senior management as part of the RCSA process.

7. Risk Acceptance

• Design and implement a process for the identification of Critical risks that cannot be mitigated with 12 months and ensure they are escalated as per the Risk Acceptance Policy.
• Raise Systemic risks to the Board and ensure they are closely monitored.

ORM and FRM Systems

• Maintain the accuracy of fraud risk scenarios in Fraud Guard, VRM and FRM Systems
• Design and implement fraud detection system for other channels of payments.
• Continuously enhance the rules for identifying/preventing suspicious transactions on cards and non-cards.
• Identify and review emerging and current transactional fraud risks to fine tune the rules/parameters to enhance or improve detection rates and false positive rates.
• Design and implement Governance, Risk & Compliance System in coordination with Information Security, IT Governance, Compliance, Vendor Management and PMO Office.
• Ensure that GRC Architecture remains consistent with GORM Framework.

Analysis and Reporting

• Design standard dashboards for senior management and Board members that help monitor ADIB's risk profile.
• Communicate regularly to Senior Management and Board members Key findings, critical issues and major risks.
• Monitor and report operational KRIs/ KPIs/ KCIs of business units.
• Ensure Lessons learnt are shared with all ADIB Group business units/countries on a timely manner.
• Provide appropriate and regular assurance reporting and awareness of new trends in relation to operational risks to Senior Management.
• Set a robust MIS deck that captures the operational trends and tracks all fraud types.

Training and Awareness

• In Coordination with HR Department, provide training and guidance across the Organization to facilitate culture and mindset change.
• Develop ORM and FRM trainings and learning programs to applicable BUs and teams to ensure there is adequate understanding across ADIB on the Operational and Fraud risks relevant to functions / roles / responsibilities which each individual holds.
• Conduct awareness and prevention campaigns internally and externally to improve the control environment and culture change

People and Talent

• Support the identification, engagement and retention of high quality ORM/FRM professionals.
• Set and monitor job descriptions and objectives for direct reports and provide feedback and rewards in line with their performance against those responsibilities and objectives.
• Ensure that holders of all critical roles are suitably skilled and qualified for their roles ensuring that they have effective supervision in place to mitigate any risks
• Lead by example and build the appropriate culture and values within the ORM/FRM team.
• Ensure strong self-assessment discipline within the ORM/FRM teams.

General Management

• Run/Participate in appropriate business meetings, forums and committees.
• Develop a collaborative relationship with regulators, peer banks and industry forums.
• Improve standards and promote innovative thinking/initiatives in relation to Risk management.
• Assess emerging risks, including those related to new products or significant processes/change as part of reviewing policies and procedures of business units.
• Work closely with line and business managers to understand the business, identify risk issues and promote solutions to manage the relevant operational risks.

Specialist Skills / Technical Knowledge Required for this role:

• Exhibit values of trust, team work, and accountability
• Master degree in Banking, Risk Management, Finance, Business or Economics
• Strong risk management experience, including solid knowledge of the financial markets and regulatory environment
• Previous experience in policy development
• Excellent oral and written communication skills in English and Arabic
• Strong research skills and analytical capabilities
• Ability to assimilate and interpret analysis and trends in order to reach conclusions regarding the type and magnitude of risk across all risk types and businesses for strategic decision making purposes
• Strong relationship management skills and team-orientation
• Superior time management skills, with ability to effectively prioritize