Responsibilities:

1. Risk Governance and Framework Oversight on Southeast Asian (SEA)entities:

1.1 Operational risk:

• Oversee and provide guidance on the implementation of operational risk frameworks across SEA entities, including operational resilience (HKMA OR-2), risk control self-assessments (RACAs), key risk indicators (KRIs), loss event databases, business continuity planning (BCP), third-party / outsourcing risk management, and product due diligence processes.
• Identify emerging operational risk and ensure mitigation strategies across SEA entities align with regional requirements, Parent Bank’s policies, Basel III standards, and regulatory expectations.

1.2 Legal, Compliance and reputation risk:

• Oversee and refine the SEA entities’ framework for adherence to local laws and regulations, provide guidance to and review SEA entities’ compliance programs.
• Monitor regulatory developments, assess impacts on operations, and supervise corrective measures to address gaps.
• Provide advice regarding business compliance and/ or related risk management on SEA business. Conduct thematic and onsite reviews on relevant risk matters.
• Escalate critical issues promptly to ensure timely resolution and transparency.

2.  Group Standards Alignment and Risk Reporting

• Drive adoption of group risk policies (legal, regulatory compliance, operational, reputation risk) across SEA entities, ensure alignment of local practices with regional and Parent Bank’s standards.
• Evaluate and provide advice on SEA entities’ relevant risk reporting, remediation and work plan to ensure accuracy and accountability.
• Consolidate and analyze regional risk data into executive-level reports for the regional executive team and Parent Bank, highlighting compliance gaps, emerging risks and vulnerability, progress on remediation and alignment with group standards.

3.  Stakeholder management

• Lead a regional team and be responsible for the team’s staffing and development.
• Mentor country-level compliance / relevant risk heads across SEA entities, fostering a culture of risk ownership for continuous improvement.
• Collaborate with cross-functional teams to embed risk awareness into strategic initiatives and business operations.
• Oversee responses to high-impact audits, regulatory inquiries and inspections, ensuring root-cause analysis, sustainable remediation and head office visibility. Participate in communication with regulators in SEA countries.
• Chair regional meetings and lead various projects to address cross-border challenges in relevant risks areas.

Requirements:

• Bachelor degree holder or above, preferably with risk management or regulatory compliance background
• Minimum of 10 years of working experience in financial institutions, of which 5 years shall be in the management of operational risk and/ or regulatory compliance, with regional exposures a plus
• Has experience in managing risk management/ compliance teams
• Has good experience in implementing operational risk frameworks
• Has sound understanding of the various lines of business in a commercial bank
• Willingness to travel regionally
• Proficiency in both English and Chinese with good communication skills