全职 Non-Financial Risk Lead 工作, 薪水, Ryt Bank Federal Territory 公司招聘中 - Ricebowl

Position Summary

We are a pioneering, licensed Malaysian digital bank entering our second year of commercial operations. Having successfully launched our initial wave of financial products, we are rapidly scaling our digital ecosystem to serve Malaysia's retail and non-retail segments.

Operating in a fast-paced environment where agility and automation are paramount, we are seeking a highly adaptable and versatile Non-Financial Risk Lead who is responsible for leading and strengthening the Bank’s Operational and Non-Financial Risk Management practice across the organization.

This role will drive the design, implementation, and continuous enhancement of risk frameworks, governance, methodologies, and reporting capabilities to ensure the Bank maintains a strong and resilient control environment in line with regulatory expectations.

The role acts as a trusted advisor to business and support functions on operational and non-financial risk matters, while enabling innovation, digital transformation, and sustainable growth through proactive risk management.

Key Responsibilities

1. Operational & Non-Financial Risk Leadership

• Lead the Bank’s Operational Risk function and drive enterprise-wide non-financial risk initiatives, including emerging risks.
• Develop, maintain, and continuously enhance forward-looking risk frameworks aligned with Bank Negara Malaysia (BNM) regulatory expectations and industry best practices.
• Evolve methodologies and practices to address the changing risk landscape, including digital, technology, and operational risks.
• Provide advisory and guidance to all business and support functions on Operational and Non-Financial Risk matters.
• Produce high-quality Operational Risk reporting for Senior Management, Board Committees, and Bank Negara Malaysia (BNM).
• Deliver forward-looking insights on risk trends, control weaknesses, and emerging threats impacting the Bank.

2. Risk Frameworks, Policies & Governance

• Maintain and enhance Operational Risk policies, frameworks, procedures, and governance processes, including:

a) Risk & Control Self-Assessment (RCSA)

b) Key Risk Indicators (KRI)

c) Operational Risk Event Management

d) Outsourcing & Third-Party Risk Management

• Ensure strict alignment with applicable BNM regulatory requirements, including Risk Governance, Outsourcing, and related guidelines.
• Oversee governance and maintenance of Bank-wide policies, procedures, and documentation standards.
• Drive consistency, effectiveness, and accountability in risk management practices across the organization.

3. New Products & Business Initiatives

• Establish and operationalize robust risk assessment frameworks for:
• New product approvals and product variations
• New business initiatives
• System implementations and process changes
• Ensure risks are proactively identified, assessed, mitigated, and appropriately controlled prior to implementation.
• Partner closely with business, product, technology, compliance, and operations teams to support safe and sustainable innovation.

4. Third-Party Risk Management (TPRM)

• Lead end-to-end Third-Party Risk Management practices across the Bank.
• Ensure compliance with applicable regulatory requirements while implementing effective methodologies to identify, assess, monitor, and manage third-party risk exposure.
• Oversee key TPRM pillars:

a) Vendor due diligence and onboarding

b) Risk assessments and control reviews

c) Ongoing monitoring and performance oversight

d) Periodic testing and reviews of TPRM effectiveness

• Support business stakeholders in strengthening vendor governance and risk management practices.

5. Technology, Cyber & Data Risk

• Integrate technology, cyber, and data risk considerations into the Bank’s Operational Risk framework in alignment with BNM RMiT (Risk Management in Technology) requirements.
• Collaborate closely with Technology Risk, Information Security, and Technology teams to strengthen the overall control environment.
• Support oversight of technology-related operational risks arising from digital banking operations, cloud services, outsourcing, and emerging technologies.

6. Business Continuity & Resilience

• Support operationalization of the Bank’s risk incident management framework by ensuring relevant functions effectively manage:

a) Risk event identification and reporting

b) Incident registration and tracking

c) Root cause analysis

d) Corrective and preventive remediation actions

• Work with and Support Business Continuity & Crisis Management (BCCM) team’s efforts to enhance organizational resilience and regulatory compliance. Areas include: Business Continuity Management (BCM), Disaster Recovery (DR), and Crisis Management design and activities
• Ensure effective ORM oversight, monitoring, and reporting of resilience-related risks and incidents.

7. ESG & Emerging Risks

• Incorporate ESG-related risk considerations into the Bank’s Non-Financial Risk framework where applicable.
• Monitor, assess, and provide insights on emerging risks impacting the banking and digital ecosystem.
• Develop and enhance risk management approaches to address evolving regulatory, operational, and strategic risks.

8. Risk Systems, Transformation & AI Enablement

• Drive implementation and enhancement of Operational Risk systems, tools, and data capabilities.
• Lead risk transformation initiatives to improve efficiency, scalability, and effectiveness of risk management processes.
• Leverage automation, AI enablement, and data analytics to strengthen risk identification, monitoring, reporting, and decision-making capabilities.
• Continuously enhance risk infrastructure and reporting capabilities across the Bank.

9. Stakeholder Engagement & Risk Culture

• Provide advisory, training, and guidance to business and support functions on Operational and Non-Financial Risk matters.
• Develop impactful training materials and presentations to strengthen risk awareness and accountability.
• Collaborate closely with business, compliance, technology, operations, and support teams to embed effective risk management practices.
• Promote and cultivate a strong risk culture across the organization.

Requirements

Education & Experience

• Education: Bachelor’s degree in Finance, Accounting, Risk Management, Business, Information Systems, or related disciplines.
• Experience: 10–15 years of relevant experience in Operational Risk and/or Non-Financial Risk Management within banking or financial services.

Hard Skills & Competencies

• Regulatory Knowledge: Strong knowledge of BNM regulatory requirements, including RMiT, Outsourcing, Risk Governance, and Operational Risk Management.
• Core Competencies: Hands-on experience in RCSA, KRI development/reporting, incident and loss event management, regulatory reporting, and Third-Party Risk Management.
• Preferred Skills: Exposure to ESG risk management, Technology Risk, and digital banking environments.
• Multi-Product Knowledge: Proven ability to understand the risk dynamics of both high-volume digital retail deposits/loans and SME/commercial financing, any other bank product offerings
• Tech Comfort: Familiarity with modern data visualization tools, systems implementation, workflow automation, or AI enablement.

Soft Skills & Culture Fit

• Versatility: Willingness to operate as a "player-coach" - capable of planning high level programmes / strategies while also able to execute the same
• Meticulous & Structured: Strong organizational skills to manage a broad coverage of work.
• Excellent Communicator: Highly collaborative and willing to engage across functions and seniority levels.Strong communication and presentation skills, with the ability to articulate risks, provide recommendations, and share clear points of view to drive practical solutions.
• Positive outlook and inquisitive: Self-driven, analytical, and comfortable operating in a fast-paced, evolving environment.

Success Measures

• Framework Maturity: Strength and maturity of the Bank’s Non-Financial Risk frameworks and governance practices.
• Regulatory Compliance: Positive outcomes and Clean bills of health from internal/external audits and regulatory assessments.
• Reporting Quality: Accuracy, timeliness, and actionable depth of risk reporting and management information.
• Innovation & Efficiency: Successful implementation of risk systems, workflow automation, and efficiency gains.
• Risk Culture: Measurable strengthening of the organizational risk culture and high levels of stakeholder engagement.
• Proactive Mitigation: Improved visibility, management, and reduction of emerging and operational risks across the Bank.

What’s In It For You?

• The opportunity to shape the foundational risk architecture of a live digital bank.
• A high-visibility role across the Bank at all levels
• A vibrant start-up culture that champions intellectual excellence, execution speed and collaboration.
• Be at the forefront of advanced risk technology adoption.