HSBC Group

Role purpose 

Global Enterprise Risk Management (ERM) is a sub function of Group Risk and Compliance. Its purpose is to make sure HSBC is equipped with a coherent Risk Management Framework, Risk Taxonomy and the tools to enable it to understand and operate within its Global Risk Appetite and effectively manage its overall risk position. It seeks to strengthen the risk culture across the organisation through driving consistent risk management practices across our businesses and functions at global, regional and market level. ERM achieves this through robust oversight and stewardship of the end-to-end processes, risks, and controls ensuring it complies with risk, business and regulatory priorities. Enabling the bank to grow safely, be forward looking, and meet its strategic objectives. 

The role holder will be accountable for Active Risk Management across ERM based on the Group’s defined approach to proactively identifying, assessing, measuring, reporting on, mitigating and controlling risk exposures associated with HSBC’s businesses and operations at all levels of the organisation. The role holder will ensure the effective and appropriate monitoring, reporting and management of Risk which impacts on the ability to operate. The role holder will steward, direct and control HSBC Group management of Enterprise Risk. The role holder will be the primary point of accountability for the management of Enterprise risk associated with HSBC’s activities and be the key accountable executive to our board, shareholders and regulators globally.

Governance and Committee Memberships:

• R&C ExCo
• Group ERM Executive Committee
• Group ERM Operating Committee

Accountabilities for Business, Customers and Stakeholders

• Setting out clear Risk Appetite Framework to support LoB, Regions and Markets operate safely and within the Groups Appetite
• Leading the Risk Management Framework delivery to help the Group aggregate and manage risk across multiple lens and ensure Risk Policy is clear and appropriate to help manage risk within our framework.
• Responsible for the bank’s Risk Policy framework.
• Act as the Risk Steward for Resilience Risks, including Data risk, and Business and Strategic Transformation risk teams.
• Act as the Risk Steward for Transverse Risks including Climate Risk, Reputational & Sustainability Risk and Model Risk.
• Ensuring the organisation is protected against emerging Enterprise risks and resilience risks in the most effective and cost-efficient manner possible.
• Advising and challenging the Group on the identification and management of material internal and external events including Data, Geopolitical Risk, Operational and Resilience, Strategic Transformation & Capital Frameworks.
• Completing analytical assessments of and opine on the control environment of the first line of defense across the Group.
• Risk Stewardship and oversight of the Enterprise-wide transformation and ensuring that the Group continues to operate safely and within appetite.
• Ensuring the Group incorporates an Enterprise risk view when designing and executing upon strategic change and overseeing the implementation of the required mitigating actions.
• Functional Management of the Geopolitical Risk team (co-run with Group Public Affairs).
• Risk coverage over the ServCo group and its entities.

Leadership & Teamwork  

• Represent ERM to Global Business, Regional and Functional Executive Management and Board members.
• Provide a forward-looking agenda, including horizon scanning, for emerging risks and challenges that ERM and the Bank may face.
• Provide oversight to the First-line’s adoption of Standards, Processes and Procedures required to implement the Policy objectives across the Group and support the embedding of the Risk Framework by working with the Risk Control owners in their area.
• Provide robust oversight, formal input, challenge, and guidance to first-line risk and control owners across entities and countries within the Group enabling business growth and innovation while maintaining risk within appetite.
• Communicate across technical, business, and strategic levels to ensure that stakeholders understand how their delivery is aligned with the Bank and ERMs strategic goals.
• Lead global teams, including the day-to-day management of your direct and indirect team members, driving positive Risk culture behaviours including, supporting, guiding and mentoring all colleagues working as part of global virtual teams.
• Support the recruitment and retention of colleagues, including succession planning, talent management and performance management, ensuring continuously driving improvement in employee engagement, diversity and inclusion.
• Build effective relationships with local Regulators to keep abreast of trends in the management of risk, supporting efforts to drive HSBC’s position in this context and ensure HSBC’s views are considered in consultations and other rule-making processes.
• Lead on the relevant Transformation Programmes within the Group by proactively engaging and assisting in the identification and mitigation of risk. This includes early intervention in new designs to ensure Risk is considered from the beginning.
• Partner with other oversight functions and Internal / External Audit to ensure a holistic view of risk profile. Including leading on the delivery and closure of Audit points and Management Self-Identified Issues.
• Own the alignment and embedding of relevant services delivered by the service catalogue ensuring consistent implementation across entities, countries and markets, as appropriate.
• Effectively communicate with large number of internal (first line, senior management, audit) and external (external auditors, regulators) stakeholders on risk identification, governance, and management.
• Improve efficiencies through standardisation under the global framework, including maintaining cost and headcount discipline

Functional Knowledge

Knowledge and Experience:

• Experience in risk management at a Globally Significant Financial Institution (GSFI) at senior executive level.
• Understands the risk landscape of HSBC Group and its commercial context and strategic ambitions and the importance of the maintenance and management of key frameworks.
• Very strong knowledge of the relevant regulatory landscape particularly in the financial services sector and ability to assess the impact of proposed changes in regulatory rules to the bank, especially those that will impact the Risk appetite.
• Strong knowledge of the International Basel Accord and other pieces of banking and consumer legislation.
• Extensive knowledge of a financial institutions business model, products and key risk drivers and a demonstrated ability to effectively balance risk management, regulatory expectations, and commercial pragmatism.
• Strong knowledge and understanding of multiple risk functions such as credit, operational, compliance, climate, model, etc
• A deep understanding and technical expertise of developing, embedding and maintaining risks, including how these risks can be identified, assessed, monitored and controlled and mitigated where relevant.
• Front office / operational experience and exposure to operations and control environments and ideally other functional areas such as compliance.
• Ability to lead and promote a strong risk control culture and develops communication strategies to improve risk awareness.
• Significant experience of establishing and maintaining senior internal and external relationships ideally with regulators.
• Proven ability to develop strong networks with key stakeholders at all points in a matrix structure, creating an ability to execute task at hand with minimum conflict.
• Strong knowledge of running large scale transformation programmes (USD100m plus).
• Leading a multi-locational team of professionals.
• Providing expert advice and robust challenge by delivering risk management policies and managing risks and controls.
• Strong knowledge of operating a large support function including Finance knowledge, control risk process, operating efficiencies, HR knowledge, communication strategies, and overall people management.  

Skills:

• Ability to present complex technical concepts and results to non-technical audiences in a persuasive and compelling manner.
• Team-oriented mentality combined with ability to complete tasks independently to a high-quality standard.
• A change agent who challenges the status quo diplomatically, constructively and positively in order to lead relevant strategies that enable safe growth of HSBC.
• Able to cope with pressure and tight deadlines.

Qualifications:

• Relevant data qualifications/certificates and/or experience.
• A BA or BS University Degree, advanced degrees preferable, (e.g. MBA, MSc, PhD)

Leadership Capabilities:

• Navigating: understand and translate strategy into own Function, aligning directions accordingly.
• Aspiring: be ambitious about providing the highest standards of delivery and embedding the culture in the business.
• Driving: set stretching goals for self and business delivering them with courage and tenacity.
• Mobilising: authentically engage with team, colleagues and business partners to deliver at pace.
• Sustaining: make considered decisions that protect and enhance HSBC values, reputation and business.

Others
The job holder will be required to:

• Support the management of risk across a large complex banking group.
• Manage multiple senior stakeholder relationships across the HSBC matrix.
• Represent HSBC with external parties including Auditors and Regulators.
• Manage risk whilst significant transformational activity is being implemented, both regionally and globally.
• Operate and influence within a changing and rapidly developing regulatory environment.
• Continually support HSBC's approach to conduct and cultivate a positive risk aware culture, which is designed to ensure we deliver fair outcomes for our customers and do not disrupt the orderly and transparent operation of financial markets.
• Maintain awareness of operational risk and minimise the likelihood of it occurring, including its identification, assessment, mitigation and control, loss identification and reporting in accordance with the HSBC risk management.
• Adopt a risk management and internal control structure, referred to as the Three Lines of Defence, to ensure it achieves its commercial aims while meeting regulatory and legal requirements and its responsibilities to stakeholders, customers and staff. All staff must familiarise themselves and adhere at all times with the role and supporting responsibilities they play in the Three Lines of Defence.