Third Party / Vendor Risk Management Specialist

We are seeking a detail-oriented and proactive Third-Party Risk Management (TPRM) Specialist to oversee and manage the organization's third‑party risk framework and outsourcing arrangements in the region.

This role involves assessing and monitoring third‑party relationships to ensure regulatory compliance, mitigate risks, and safeguard the organization's interests.

The TPRM Specialist will implement and manage a regional TPRM program aligned with the global framework, standardizing risk governance across APAC regions, with a focus on Singapore, Japan, and China. Additionally, the specialist will maintain an up-to-date outsourcing register, ensure compliance with local outsourcing and technology risk regulations, and collaborate with various stakeholders to manage outsourcing and third‑party engagements effectively.

Providing subject‑matter expertise on regulatory requirements, including knowledge of DORA as an advantage, is key to success in this role.

• Oversee outsourcing and vendor risk management across APAC, with a primary focus on Singapore, Japan, and China.
• Implement and manage a regional third‑party risk management (TPRM) program in alignment with the global framework to effectively manage risks in external third-party relationships.
• Collaborate with the TPRM department at Head Office to ensure global requirements are implemented while also ensuring compliance with regional regulatory needs.
• Undertake the role of the Local Outsourcing Coordinator by overseeing the updates to the outsourcing register and acting as the primary liaison for the business retained functions.
• Provide training and guidance on TPRM or Outsourcing matters as needed.
• Manage and monitor the TPRM framework to ensure effective governance of vendor risks, enabling standardized third-party risk management across regional branches.
• Oversight & reporting of vendor performance and incident escalation into the local committee as required.
• Offer expert advice on regulatory compliance requirements surrounding outsourcing (e.g. MAS Notice 658) and third‑party risks.
• Prepare periodic third‑party compliance reports for senior management and assist in internal and external audits, as well as regulatory inspections.
• Regularly review and enhance third‑party risk processes to improve efficiency, effectiveness, and alignment with industry best practices and emerging regulatory requirements.

• University or college degree or comparable.
• Suitable experience in similar roles, preferable within the Financial Services industry.

• Experience in vendor / third‑party risk, outsourcing governance, IT/operational risk (financial services) in the Banking and Financial Services industry.
• Excellent project management, organizational, and communication skills.
• Strong knowledge of MAS outsourcing/technology risk regulations (experience with FSA/JFSA and NFRA/CAC is considered an advantage).
• Experience in vendor risk assessments, contract risk reviews, and regulatory engagement.
• Knowledge of DORA beneficial.
• Strong stakeholder and regulator engagement skills.
• Fluency in English required; Mandarin is desirable.