Operational Risk Lead

The Operational Risk Head will play a critical role in strengthening the organization’s risk management framework by proactively identifying, assessing, and mitigating operational risks across all business functions. Reporting directly to the Chief Risk Officer (CRO), the role will oversee the end-to-end operational risk lifecycle, including risk identification, control design, loss event management, risk reporting, and regulatory compliance. The incumbent will be responsible for embedding a strong risk culture, ensuring alignment with regulatory expectations, and enabling the business to grow safely and sustainably. By partnering closely with senior management and key stakeholders, the Operational Risk Lead will help safeguard the organization’s resilience, operational integrity, and long-term value creation.

1. Operational Risk Framework & Strategy

● Define and maintain the enterprise-wide operational risk management framework in line with

regulatory expectations and the organization’s risk appetite.

● Translate the CRO’s risk strategy into actionable operational risk policies, standards, and

methodologies.

● Ensure operational risk considerations are embedded into business strategy, new initiatives, and

change programs.

1. Risk Identification, Assessment & Lifecycle Management

● Lead Risk and Control Self-Assessments (RCSAs) across all business units and support functions.

● Oversee identification, assessment, monitoring, and mitigation of operational risks, including

process, people, systems, and external events.

● Maintain and continuously enhance the operational risk taxonomy and risk registers.

1. Process & Control Effectiveness Optimization

● Evaluate the design and effectiveness of key controls and recommend enhancements to reduce risk

exposure.

● Partner with business units to improve process resilience, reduce control gaps, and strengthen

preventive and detective controls.

● Support automation and standardization initiatives to improve risk and control efficiency.

1. Data, Analytics, & Risk Reporting

● Develop and maintain Key Risk Indicators (KRIs), dashboards, and management reporting for senior

leadership, Risk Committees, and the Board.

● Analyze loss events, near misses, and emerging risk trends to provide actionable insights.

● Ensure timely, accurate, and meaningful risk reporting aligned with internal and regulatory

requirements.

1. Regulatory Compliance & Operational Resilience

● Ensure compliance with applicable regulatory requirements, supervisory expectations, and internal

policies related to operational risk.

● Support regulatory exams, audits, and risk reviews, including issue remediation and tracking.

Oversee operational resilience initiatives, including business continuity, third-party risk, and

outsourcing risk oversight (where applicable).

1. Cross-Functional Leadership & Advisory

● Act as a trusted risk advisor to business and functional leaders on operational risk matters.

● Collaborate with Compliance, Internal Audit, Technology, Operations, and Product teams to ensure

consistent risk management practices.

● Review and challenge risk assessments for new products, process changes, and technology

initiatives.

1. Secondary Responsibilities

● Contribute to enterprise risk management (ERM) initiatives and special risk projects as assigned by

the CRO.

● Support crisis management and incident response activities when required.

● Stay abreast of emerging operational risk trends, regulatory developments, and industry best

practices to continuously enhance the risk framework.

• Bachelor’s degree in Finance, Accounting, Economics, Risk Management, Business Administration, or a related discipline.
• 6–8 years of experience in Traditional or Digital Banking or Fintech, as a Operational Risk Management or Enterprise Risk.
• Proven experience designing, implementing, and maintaining operational risk frameworks, including RCSAs, KRIs, loss event management, and issue tracking.
• Hands-on experience working with senior management and risk committees, with direct exposure to regulatory reviews and audits.
• Prior experience in a second line of defense role and reporting to senior risk leadership (CRO or equivalent) strongly preferred.
• Experience in supporting new products, digital initiatives, outsourcing arrangements, or major change programs from an operational risk perspective is an advantage.