Insurance – Regional Operational Risk Officer (ORO)

May 22, 2024

Insurance – Regional Operational Risk Officer (ORO)


  • Permanent
  • HK-Hong Kong
  • RISK
Apply for this job
BNP Paribas Cardif is a world leader in bancassurance partnerships, providing its more than 80 million customers with products and services that let them realize their goals while protecting themselves from unforeseen events. BNP Paribas Cardif is committed to having a positive impact on society and to making insurance more accessible. A subsidiary of BNP Paribas, the insurer has a unique business model anchored in partnerships. It creates solutions for more than 500 partner distributors in a variety of sectors – including banks and financial institutions, automotive sector companies, retailers, telecommunications companies and energy companies – as well as for financial advisors and brokers who market the products to their customers. With a presence in 30 countries and strong positions in Europe, Asia and Latin America, BNP Paribas Cardif is a global specialist in personal insurance, the world leader in creditor insurance* and a major contributor to financing for the real economy. *Source – Finaccord 2023
We are hiring a new role with main responsibilities and job requirements below:
RISK ORM, as second line of defence, oversees the identification, measurement and management of operational risks and its permanent control framework.
RISK Cardif Asia ensures and controls the existence, efficiency and consistency of operational risk management and its permanent control frameworks in the entities of the Region when relevant.
Responsibilities: This position comes with several types of responsibilities: independent testing, check & challenge, monitoring, duty of alert, and transversal activities.
Independent testing and second look
– To perform independent controls (control testing, oversight …) in entities over the proper implementation of norms and standards, having thus a second and independent look at the quality of the management of operational risks and permanent control implemented by the first line of defence (LoD1).
– To define and update the Generic Control Plans in collaboration with the first line.
– To “check & challenge” operational risks, risk assessments, and remediation plans on activities in the region on a regular basis. This includes incident reporting, the Risk and Control Self Assessment (RCSA), the Operational Risk and Control Report (OR&C), and any controls performed by the LoD1. The “check & challenge” consists of an independent analysis and assessment of the risk, a review of the assessment of the first line, and suggestions for improvement.
– To “check & challenge” the adaptations of risk taxonomy, processes and organisation cartographies. Approve and follow up on potential exceptions to processes and procedures.
Oversight of permanent control
– To advise the permanent controllers (local OPC) in the countries of the Region in the deployment of the operational risk management and its permanent control framework, including the prevention, detection and management of internal and external fraud, and compliance with guidelines.
– To ensure that (potential) incidents are declared timely and correctly in the Group tool, and to ensure that the local OPC correctly deploy the methodology and tools.
– To have knowledge on the procedural corpus of the perimeter and ensure the “cascading process” of procedures issued by control functions.
– To disseminate operational risk culture within the regional community, contribute to trainings on operational risk and permanent control, and develop a strong partnership with LoD1 stakeholders.
Management, transversal missions and reporting
– To contribute forming the RISK ORM opinion in the process of validation of new activities, new products, outsourcing projects, etc.
– To control the overall framework by coordinating actions and participation in committees.
– To consolidate information and useful reporting for management.
– To contribute to Corporate and Regional Internal Control Committees (ICC) & Operational Risks Committees.
– To monitor and ensure the implementation of recommendations (IG, oversight…) made and of the action plans requested to the entities.
Information to management and warning duty
– To inform the management on the identification, measurement and management of operational risks and its permanent control.
– To propose, if necessary, actions to mitigate risks or to improve the framework.
– To alert the Regional Chief Risk Officer, the head of RISK ORM, the Regional CEO, and BNP Paribas Cardif management in particular situations, in the context of the operational risk management in case of inefficient or inexistent control framework or deficiencies or significant incidents identified.
Competencies (Technical / Behavioural)

– Knowledge of Bank and Insurance environment by international standards (incl. French)
– Experience in Operational Risk Management and/or Audit
– Strong organizational, analytical & time management skills, very good attention to details
– Strong interpersonal skills (communication, negotiation, influencing skills)
– Flexible, resilient, under pressure and decisive with a proven track record of delivering results to a high standard within tight deadlines
– Demonstrate the ability to work positively in a small team
– Demonstrate the ability to work effectively in a cross-cultural environment
– Experience with ICT and/or model risk is a plus
– Business oriented, solution driven and skillful in articulation
Specific Qualifications Required

– University degree
– 6-8 years of relevant experience
– Prior experience in the Insurance business
– Fluency in English and Mandarin; French and Japanese are a plus
Offers you may be interested in