Third Party Risk Management Lead, Pakistan

Strategy*

• Lead Third Party Risk Management (TPRM) Governance to effectively manage third party risk of external and intra-group outsourcing arrangements and other vendors, in accordance with internal policy and regulatory requirements.

• Understand TPRM trends across the group and proactively ensure that potential weaknesses are addressed.

• Ensure the respective contract owners are monitoring, reviewing, and mitigating risk associated with the third parties in accordance with the TPRM Framework.

• Ensure accuracy and completeness of third party risk reporting to so that business and function stakeholders and risk groups understand gaps in compliance to TPRM Standards. Present this information at relevant TPRM committees and forums.

• Promote and deliver continuous training and awareness to business and functions on third party risk management.

• Contribute to the third-party risk management strategy and overall achievement of functional objectives as a member of the SCM TPRM team working alongside other TPRM team members across the globe

• Escalate any issues to local and Group risk teams and committees as necessary.

Processes*

• Work collaboratively with SCM TPRM Centre of Excellence (COE) to ensure effective and efficient service delivery for the cluster.

• Support Group TPRM transformation projects.

• Continuously look for ways to optimise and streamline local processes ensuring high adherence to requirements, while minimising the burden on contract owners.

• Ensure that local TPRM processes are run in accordance with local country addendum where applicable.

• Ensure appropriate oversight of SCBuy, RADAR and other risk tools to ensure that risk controls are updated accurately and timely.

• Provide data required by OR for outsourcing regulatory returns (where applicable).

People and Talent*

• Lead through example and build the appropriate risk culture and embed it into all third-party relationships. Work in collaboration with risk and control partners.

• Ensure the provision of ongoing training for contract owners such that they are suitably skilled and qualified to perform risk assessments to mitigate any risks.

• Provide SCM leadership for risk mitigation to Stakeholders, SCM team members, Contract Managers, and other interested businesses and functions.

Risk Management*

• Develop, publish, and present reports of third-party risk oversight activities to key stakeholders and relevant risk committees, in partnership with SCM TPRM COE.

• Ensure appropriate SCM representation at applicable Risk committees within the cluster

• Support internal/external audit and associated regulatory audits as required

• Identify issues and root cause analysis including oversight and facilitation of third-party risk mitigation actions.

• Work closely with Operational Risk (OR) to support them in their role as Second Line of Defence for the TPR Integrated Risk Type.


• Lead and advise SCM local teams on the self-identification of issues as required.

Governance*

• Establish and lead governance of Outsourcing and Vendors for the cluster in partnership with OR at the country TPRM Committees with the support of second line risk owners

• Support with the governance of cases of non-compliance with TPRM processes by cluster stakeholders

• Provide counsel and leadership to stakeholders across the businesses and functions on outsourcing and vendor risk management

• Ensure a high standard of governance across the [cluster/country]


• Act as a gatekeeper for potential outsourcing agreements to ensure that global and local requirements are addressed before adding new contracts to the Global Outsourcing Inventory.


• Collaborate with OR and other risk groups to ensure compliance with regulations and compliance reviews related to vendors and outsourcing third parties.


• Ensure completeness and accuracy of TPRM data and be the local single point of contract (SPOC) to support the Global SCM QA (Quality Assurance) Programme.

Regulatory & Business Conduct*

• Display exemplary conduct and live by the Group’s Values and Code of Conduct.


• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.


• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.


• In partnership with Local Compliance and OR, engage with the local regulators on topics related to Outsourcing and TPRM regulation, Procurement and Vendor Management.