Third Party Risk Officer - HR, GSC’s
Internship Hyderabad (Medak)
Job description
GCB 5
Some Careers grow faster than others.
If you're looking for further opportunities to develop your career, take the next step in fulfilling your potential right here at HSBC.
Global Service Centres
Our Global Service Centres are an integral part of Global Operations. Employees based there manage day-to-day customer transactions and processes for the global businesses. This may include transactions for our retail bank such as processing loans, credit cards, insurance and mortgage applications, opening new accounts, and managing customer enquiries through contact centres and digital platforms.
Employees in the Global Service Centres also run and manage operations for commercial bank customers. This includes processing credit applications, facilitating payments and managing the import and export transactions that enable customers to protect and grow their businesses through international trade.
Role Purpose (overall high level summary of the role)
[TPRO – HR] – Act as a primary point of contact for third party risk issues related to HR suppliers and Third Parties. The overall purpose of this role is to act as a gate keeper and provide regular oversight and support for HR Third party risk management activities. As a TPRO, work with Third Party Engagement Managers, Procurement TPM, GTPU & Buyers, Senior Stake holders, other TPROs, Risk Stewards and Risk Owners. In line with integrating TPRM with the bank's Operational Risk Management Framework (ORMF), as a TPRO have a continuous engagement with the Chief Control Office.
Regularly engage with the HR Region/Function assigned to and be accountable for all risk management activities relevant to the assigned area. Oversee all third party risk management activities, embed best practices and regularly report progress/updates to HR CEMM/ HR TPM forums. Collaborate with other regional TPROs to implement and share best practices across all regions.
As 2nd Line of Defence, accountable for setting standards and own the TPR Policy and Framework for HR.
(CCO) to ensure overall risk for third parties for your GB / GF is well presented and managed.
We are currently seeking an ambitious individual to join this team in the “Third Party Risk Officer - HR, GSC's”. In this role, you will:
Principal Accountabilities: Key activities and decision making areas
Typical Targets and Measures
Value Creation - Understanding Third Party Risks and role
· Understand the importance of Third Party Risk, and your role in ensuring all risk activities (including performance tasks and metrics) are undertaken accurately and on time with any deficiencies escalated as appropriate for HR This includes:
· Understand the risks associated with the portfolio of engagements in HR.
· Understand the TPRO role and responsibilities, and keep your knowledge up to date. (See TPRO Role Guide on the TPM Training Hub for details).
· Seek help where required through the support channels available.
Target
· Understand the types of goods or services that HR is looking to buy across the portfolio of engagements and how these services benefit your business / customers. Understand and communicate HR risk appetite to key stakeholders and TPEMs.
· Complete any required attestations to confirm role understanding. Complete any training required or recommended to ensure knowledge is up to date (including but not limited to training modules on My Learning, the TPM Training Hub materials and any role specific support materials / training available).
· Challenge the outputs of the risk assessment if it doesn't make sense for engagements that HR TPEMs manage, with relevant stakeholders. Ensure timely escalation and seek support where required.
Customers / Stakeholders - Embedding TPR and building capability
· Be an agent for change to ensure that TPR is effectively embedded in BAU practices. This includes:
· Create the strategy for and coordinate the implementation of the Group Third Party Risk (TPR) Policy and Framework within HR to achieve compliance, supporting TPM BAU and change activities as required.
· Influence stakeholders (e.g. Risk Owners, Accountable Executives and Third Party Engagement Managers) to create an environment of robust, pro-active and risk aware business operation.
· Ensure skills / knowledge gaps are identified for HR and that training is completed.
Target
· Clear plan and strategy in place for HR on how TPR policy will be applied for your engagements. Understand and explain the purpose of the risk questions to ensure 100% accuracy of risk assessments (IRQ and RRQ).
· Understanding who the HR key stakeholders are to ensure effective communication of priorities and execution of risk / performance related activities.
· Demonstrated ability to effectively support continuous improvement activity in relation to Third Party Risk Management, training and support provided to Third Party risk roles to up skill and improve performance and knowledge of Third Party Risk. (Target: Support and training undertaken).
Effective management and oversight of Third Party Risks
· Manage and oversee Third Party engagements effectively to ensure risk activities (including performance tasks and metrics) are undertaken accurately and on time with any deficiencies escalated as appropriate for your Business / Function, to ensure compliance with the Third Party Risk Policy and Framework. This includes:
· Be the Primary point of contact / escalation for all Third Party Risk related matters on behalf of your Global Business or Global Function; providing Risk Management support, subject matter expertise, leadership and direction for Third Party Risk related matters to all Third Party governance roles.
· Provide holistic oversight of management information and engagements within area of responsibility, with actions taken to remediate any non-compliance. Embedding and overseeing the TP Risk procedures and assuring adherence to policies and processes across engagements and Risk Owners.
Target
· Provide effective management and oversight of 100% of the services in line with applicable Group Outsourcing and Third Party Risk Management policies. Understanding the workflow / lifecycle of TPR from start to end including interlocks with systems / tools / processes including but not limited to Procurement as a key stakeholder. Resolution / query management for TPEMs or other stakeholders. Bridge for senior management - stakeholder management / interface for TPR related matters. (Target: No breach of compliance / no adverse audit findings within area of responsibility).
Target
· Ensure 100% accurate and effective management of Third Party Risk Assessments (IRQ and RRQ), providing support to Third Party governance roles in understanding impact to the business, formulating and implementing comprehensive action plans to remediate any deficiencies and providing guidance on escalation to risk owners. Ensure 100% management of the quality of risk monitoring activities through Archer and other risk management systems (Target: no outstanding tasks, tasks completed within target dates). Identification and oversight of all records to ensure complete, relevant and kept up to date for all engagements. Escalation undertaken to remediate any deficiencies identified. Management Information produced which drives business outcomes with remediation plans put in place to ensure exceptions escalated, tracked, resolved and reported through appropriate governance forums.
· Periodically check with TPMEs to ensure supplier invoices are paid on time (Procurement Payment on Time (PoT) initiative), and engage with TPEMs to support with adherence to Procurement FIM - Purchase Order (PO) process and thereby minimizing non-compliance.
· Participate and support with relevant supplier management information for any internal / external audit reviews.
· Support TPEMs with required context/ facilitate discussions with HSBC Risk domains teams/ Suppliers to understand any mitigation/resolution actions for open Inherent and Residual risks
Major Challenges (The challenges inherent in the role that require a continual test of the role holder's abilities)
·
[Oversight across a multi-discipline and complex profile suppliers across Global HR functions
·
Compile and manage timely, quality MI regarding the HR portfolio to support required management decisions from numerous sources.
·
Constructively challenge and review the performance reviews of 3rd parties.
·
Senior stakeholder management across multiple internal / external departments (including but not limited to; HR Senior Management, Global Businesses, Global Functions and Group).
·
Provision of guidance and support to those unfamiliar with supplier management principles and activities.
·
Lead, participate and contribute to the definition of the Supplier Management Utility (SMU) service offerings.
·
Introducing cultural change will be a major challenge particularly in areas not currently ‘on side' with professional supplier management standards.]
Role Context (The environment and operating conditions of the role including the extent of guidance and authority)
·
[As a TPRO, act as a primary point of contact for third party risk issues related to HR suppliers and Third Parties. The overall purpose of this role is to ensure that the other third party governance roles are coordinated and performed effectively. As a TPRO, work with Third Party Engagement Managers, Procurement TPM, GTPU & Buyers, Senior Stake holders, other TPROs, Risk Stewards and Risk Owners. In line with integrating TPRM with the bank's Operational Risk Management Framework (ORMF), as a TPRO have a continuous engagement with the Chief Control Office.
·
The purpose of this role is to make it simpler and better for the HR GSO leads to fulfil their accountabilities associated with the ongoing use and dependence on third party suppliers.
·
This role is expected to maintain a robust view, understanding and governance across all components of the HR third party supplier's portfolio focusing on management of suppliers and tracking delivery and performance.
Key role purpose will include liaising with the below teams:
·
Third Party Engagement Manager (TPEM): Support TPEMs on any specific questions they may have on TPM applicability. Also need to support TPEMs in ensuring their risk assessment is accurate and control tasks are completed, to enable correct reporting on the risk levels of engagements and have oversight on all TPM risks
·
Third Party Management (TPM Procurement): Engage with this team regarding questions on procedure and collaborate on continuous improvement of TPM
·
Buyer (Procurement): Where needed, interact with Buyers to effectively coordinate the required activities for contract and risk management.
·
Senior Stakeholders (COO, CAOs etc.,): On a periodic basis, update senior stakeholders such as Heads of HR / CAO / COOs on overall TPR matters.
·
Other TPROs: Collaborate with other TPROs for TPM activities and continuous improvement of TPM
·
Global Third Party Utility (Procurement): Liaise for any queries or support needed and also seek help with aggregated reporting and governance services.
·
Risk Steward: Liaise to understand and manage the risks of the aggregate engagements for HR area in relation to the relevant risk domain. Work with Risk Stewards as a channel to feedback improvements on policy requirements.
·
Risk Owner: Where needed, I may interact with a Risk Owner in relation to a supplier relationship that has a High or Very High Risk engagement.
Management of Risk (Operational Risk / FIM requirements)
·
The jobholder will continually reassess the operational risks and likelihood of operational risk occurring through the execution of his/her duties in this role. The jobholder will address any areas of concern in conjunction with his/her line management, GSO Leads, HR Operational risk managers and/or the appropriate department. The jobholder is also expected to adhere to the Business Transformation Framework and programme / portfolio governance standards to minimize the likelihood of operational risk occurring.
Observation of Internal Controls (Compliance Policy / FIM requirements)
·
The jobholder will adopt the Group TPRM Compliance Policy by escalating any identified compliance risk in liaison with, Global Compliance Officer, Area Compliance Officer or Local Compliance Officer. The term ‘compliance' embraces all relevant financial services laws, rules and codes with which the business has to comply.
·
This will be achieved by adhering to all relevant processes/procedures and by liaising with Compliance department about new business initiatives at the earliest opportunity. Also and when applicable, by ensuring adequate resources are in place and training is provided, fostering a compliance culture and optimising relations with regulators.
Role Dimensions (e.g. balance sheet size, lending/expenditure limits, size/volume of transactions, budget)
[The key dimensions of the job are as follows:
·
Broad understanding of Supplier and Risk Management
·
Navigation through, and coordination of, multiple contributing parties
·
Stakeholder engagement across multiple businesses, functions and regions within HSBC
·
Support for the document preparation for all key meetings, Programme Steering Boards, Programme Operating Committees
·
Provision of packs and other MI to HR ExCo regarding the supplier portfolio in scope]
Desired profile
Qualifications :
Knowledge & Experience / Qualifications ( For the role – not the role holder. Minimum requirements of the role .)
Knowledge
·
Good knowledge of risk management processes and toolset is must
·
Knowledge of HR departments and GSO areas, including HR and Procurement core platforms (e.g. Archer) and processes is desirable
·
Strong understanding of HSBC governance, processes and obligations regarding sourcing, engaging and managing 3rd parties is preferred
·
Knowledge of Third party - Supplier Management process from entry to exit is desirable
·
Knowledge of HSBC Oracle Fusion Procurement functionalities is preferred
·
Knowledge of HSBC Archer/Helios Procurement toolset is preferred
·
Strong understanding of Risk management principles and risk management lifecycle is preferred
·
Strong understanding of HSBC Group structures, values, behavior's, processes and objectives
·
Knowledge of key project and programme management risks and considerations
·
Knowledge of the external environment – regulatory, political, competitors etc. is desirable
Experience
·
Proven experience of managing Supplier risks and implementing associated operational controls
·
Proven experience in conducting risk reviews, control testing and management
·
Proven experience in operating in a supplier management across a multi-discipline portfolio
·
Proven experience in analyzing large data sets and ability to draw meaningful inference, good hands on experience with Excel data analysis techniques like Pivots, Charts, trend analysis
·
Good hands on experience with Helios and Aramis tools
·
Experience in using Fusion and Archer tool is desirable
·
Proven experience of positive, challenging interactions with senior stakeholders
·
Proven ability in working across multi-disciplinary and multi-cultural diverse work environments
·
Proven ability in successfully managing and delivering complex global / regional change initiatives at scale
·
Knowledge of the Global businesses and broad understanding of the role of HR in an organization
Capabilities
·
Risk and Issue Management
·
Tracking, Reporting and Governance
·
Strong relationship management and influencing skills
·
Strong interpersonal and communication skills with a proven ability to communicate effectively and confidently at all levels
·
Very strong analytical and facilitation skills to ensure business needs and effective solutions can be quickly and clearly defined and delivered
Qualifications and Accreditations
·
Typical qualifications would include a Bachelor's degree / equivalent experience]
The number of position for this job is 1.
Additional Information
·
All applicants must have successfully completed their probation period.
·
Employees must meet performance and behavioral standards as defined in the policy.
·
All L5 & L6 applicants should have served at least 24 months and should have successfully completed respective learning curve tenure, in their current role as on closing date.
·
Applicant should not be on a corrective action plan/ disciplinary action in the last 6 months or any other performance action as on the date of application.
·
Application form should be submitted along with the current CV.
·
All applicants should inform their respective Line Managers of their application.
·
All the completed applications should be submitted on or before the closing date.
·
Applicant should not be on a corrective action plan/ disciplinary action in the last 6 months or any other performance action as on the date of application.
·
The Company reserves the right to change any terms and conditions related to employment, mentioned in the Offer Letter and the Rules and Regulations governing the conduct of the employee in the Company. Such change would be intimated by the Company through an internal communication to the employees at large.
·
Right to work is required. Local employment rulings and restrictions will apply.
You'll achieve more at HSBC
HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment.
***Issued By HSBC Electronic Data Processing (India) Private LTD***