Manager of BRCO Governance - Enterprise Security and Technology

Job Description

Manager, Business Risk and Control Office (BRCO) Governance The Business Risk and Control Officers (BRCOs) play a pivotal role in guiding the business to identify and understand risk exposures and the controls needed which are integral to reducing risk and safeguarding our customers and colleagues. BRCOs are critical to the success of the Risk Management Lifecyle and play a role in Planning, Identifying, Assessing, Mitigating, Monitoring, and Reporting. BRCOs are members of the First Line of Defense (1LOD) who:

• Provide leadership and coaching to the 1LOD to proactively identify and effectively manage risks.
• Translate and educate 1LOD to enable and drive business relevant implementation of Second Line of Defense (2LOD) risk management frameworks, policies, taxonomies, and inventories.
• Review, validate, and test 1LOD activities to ensure adequate control design and effective control operation.
• Provide credible challenge to 1LOD colleagues, ensuring safeguard and risk mitigation measures are upheld in decision making and adherence to 2LOD frameworks and policies prior to 2LOD review.
• Drive two-way collaboration across 1LOD and 2LOD; liaise between 1LOD and 2LOD to drive engagement throughout the risk management lifecycle.
• Collaborate and coordinate across the organization to help navigate and mitigate horizontal risk promoting resilience and ensuring safety and soundness.
• Document, aggregate and report risk in accordance with the risk management lifecycle.

The Manager, Business Risk and Control Office (BRCO) Governance will be responsible for leading a team to collaborate with First Line of Defense (1LOD) on risk management frameworks, tools, regulatory requirements and how to build and maintain internal controls. They will also be responsible for governing and managing the Line of Business framework and programs as well as managing various risk committees. The Manager, BRCO Governance role will also be responsible for helping advise, guide, support and/or own 1LOD additional risk activities, while ensuring alignment to Second Line of Defense (2LOD) frameworks and policies, in topics such as Exams, Compliance, Third-Party Risk, Model Risk, Complaints, Human Capital, and Business Continuity. Position Responsibilities:
Collaborates with 1LOD on risk management frameworks, tools, regulatory requirements and how to build and maintain internal controls

• Provides leadership and coaching to 1LOD to proactively identify and effectively manage risks.
• Translates and educates 1LOD to enable and drive business relevant implementation of Second Line of Defense (2LOD) risk management frameworks, policies, taxonomies and inventories.
• Drives two-way collaboration across 1LOD and 2LOD; liaise between 1LOD and 2LOD to drive engagement throughout the risk management lifecycle.
• Collaborates and coordinates across the organization to help navigate and mitigate horizontal risk promoting resilience and ensuring safety and soundness.
• Drives a strong enterprise risk culture by fostering rigor and discipline focused on risk and compliance awareness, ethical business practices, transparency, and escalation.
• Learns continuously about the line of business to strengthen subject matter expertise and provide more valuable application of risk guidance.
• Collaborates with and supports other BRCO team members to ensure a robust and comprehensive implementation of 2LOD frameworks within 1LOD.

Line of Business Governance and Risk Committees

• Governs and manages the Line of Business (LOB) risk management framework and program.
• Operates, develops, and matures the internal risk forums/meetings.
• Manages risk profiles and risk dashboards for departments within LOB.
• Matures program documentation and procedures.
• Manages risk committees in accordance with the Corporate Governance Framework with the primary focus on risk identification, assessment, and/or mitigation. Creates and maintains charters, captures minutes, prepares meeting packages, and reports on activities to authorizing committee periodically and escalates issues as needed.

Provides credible challenge to 1LOD colleagues, ensuring safeguard and risk mitigation measures are upheld in decision making and adherence to 2LOD frameworks and policies prior to 2LOD review. Advises, guides supports and/or owns additional risk activities required for a well-functioning organization, such as:

• Exam related activities: Owns and serves as the point of contact for the 1LOD relationship for all exam related activities including regulatory, 2LOD, Internal Audit, various internal Risk Pillars, etc. Gathers data, answers questions, reviews materials, responses and validate 1LOD remediation work ( artifacts, action plans, etc).
• Compliance Liaison - Understands and translates how to apply the identified rules, regulations, and laws to assist the business to create proper controls.
• Supplier Management and Third-Party Risk - Provides guidance and works with 1LOD to identify, measure, control, monitor, and report on Third-Party risks in accordance with corporate risk policies.
• Model Risk - Partners with 1LOD to ensure adherence to model risk management policies and procedures. Understands the models owned or used by the line of business. Drives the oversight and governance activities, as required by 2LOD.
• Complaint Oversight: Ensures the logging and management of complaints is aligned to enterprise-wide policies and procedures through regular testing. Assists in root cause analysis, identifies trends and holds 1LOD owners accountable to resolve/fix reoccurring complaints to safeguard our customers and improve their experience.
• Human Capital - Educates and trains business unit on risks that affect them and ensures compliance training requirements are met. Assists with staffing adequacy.
• Business Continuity - May include guiding 1LOD, gathering information, and/or maintaining the Business Continuity plan, as well as participating in the Business Continuity Exercises.

A successful candidate will have the following knowledge and/or skills:

• Demonstrated knowledge of banking industry products, services, and workflows.
• Strong familiarity with critical business processes and controls, as well as overall business needs and objectives, for the Line of Business.
• Strong track record of driving timely and effective issue resolution in a financial services context.
• Deep expertise and ability to educate colleagues on risk management, controls, and compliance concepts, frameworks, and policies.
• Ability to establish authority, influence stakeholders, and productively debate issues (, credible challenge) at all levels including without direct reporting responsibility.
• Ability to build strong relationships and engage constructively in a proactive and transparent approach with cross-functional stakeholders, to challenge status quo and drive buy-in to achieve common goals.
• Ability to clearly and effectively communicate, including ability to summarize and explain complex findings and issues to a wide range of audiences.
• Ability to apply sound judgment and appropriately escalate concerns and issues.
• Ability to demonstrate managerial courage and inspire colleagues across the organization to embrace change.
• Ability to gather, analyze and interpret large datasets from various sources.
• Strong analytical and critical thinking skills with high attention to detail and accuracy.
• Ability to manage multiple tasks and projects, prioritize work, meet deadlines, achieve goals, and work under pressure in a dynamic and complex environment.
• Self-starter, able to work independently, flexible and can navigate a complex organization.