Vice President, Operational Risk Management

This role as Vice President, Operational Risk Analysis and Reporting will lead and execute operational risk management (ORM) activities in alignment with SMBC Malaysia's ORM framework and regulatory expectations. This role is critical in ensuring robust risk controls and timely reporting across the organization.

• Implement operational risk management procedures using approved ORM tools, in accordance with SMBCMY's ORM Framework, internal guideline and Bank Negara Malaysia's Operational Risk Policy.
• Assess and validate the effectiveness of control measures to ensure they adequately mitigate operational risks, including Third-Party risks and Shariah Non-Compliance (SNC) risks.
• Prepare accurate and timely periodic and ad hoc ORM reports for submission to BNM, Regional Office, Head Office and internal stakeholders.
• Be alert to incidents and trends which may constitute operational, Third-Party and Shariah Non-Compliance (SNC) risks and elevate the risks to Head, ORM or Co-CRO, where appropriate.
• Co‑ordinate with business and functional lines in executing the ORM processes i.e. identify and assess operational and SNC risks, self‑assessment of controls, reporting of loss incidents and Key Risk Indicators (KRI).
• Investigate root cause/driver of loss incidents to ensure appropriate controls are in place.
• Monitor types of losses (actual, potential, near misses) and loss amounts to ensure they are within risk appetites and Management limits.
• Monitor KRI trends for KRI trigger signs, management limits branches and highlight to Head of ORM and CRO.
• Validate, evaluate and constructively challenge business and functional lines on their risk ratings and control effectiveness to ensure high integrity ORM.
• Prepare timely and accurate periodical and ad hoc ORM reporting to BNM, respective risk committees, Regional and Head Office.
• Conduct training and awareness briefings to Heads of Departments and Operational Risk representatives on ORM processes and tools.
• Promote and embed the culture of ORM and conduct risk awareness to all business and functional like in their capabilities as process and risk owners.
• Ensure appropriate disclosure of confidential information to the relevant parties in accordance with regulatory requirements on managing such confidential information.
• Assume control and day to day functions of the department in the absence of the Department head, as authorized by the Head of Department.

• Bachelor's degree in Business, Finance, Risk Management, Accounting or a related field.
• Professional Certifications (e.g. BRM AICB, FRM, PRM, CPA) are often preferred.
• Minimum of 5-10 years of relevant experience in operational risk, ideally within banking, insurance or financial services.
• Proven track record in implementing and enhancing ORM Frameworks.
• Strong understanding of risk assessment methodologies, internal controls and incident management.
• Familiarity with regulatory requirements from BNM and other relevant authorities.
• Experience in conducting Risk and Control Self‑Assessments (RCSA), Key Control Testing (KCT), Scenario Analysis.
• Ability to monitor, investigate and report operational incidents.
• Proficiency in preparing risk reports and presenting to senior management or risk committees.
• Knowledge of third‑party risk management, operational resilience, business continuity planning and crisis management.
• Excellent communication and stakeholder engagement skills.
• Analytical mindset with attention to detail.
• Lead operational risk identification, assessment and mitigation efforts.
• Collaborate with business units to embed risk awareness and controls.
• Support audits and regulatory reviews.
• Promote a strong risk culture through training and awareness programs.