Head of Operational Risk

• Actively engage in the identification and assessment of operational risks across all business lines, integrating risk considerations into daily BAU activities. This includes conducting regular walkthroughs of processes, reviewing transaction flows, and collaborating with all departments to identify potential operational risk exposures.
• Lead and facilitate Risk and Control Self-Assessments (RCSAs) by working closely with process owners to evaluate existing controls, identify control gaps, and develop action plans to address identified weaknesses. Ensure that RCSAs are updated periodically and reflect current operational realities.
• Conduct scenario analyses and stress testing exercises to evaluate the potential impact of severe operational risk events, such as system failures, fraud incidents etc. Utilise these analyses to inform the development of mitigation strategies and contingency plans.
• Maintain and update the Bank's risk register and loss event database, ensuring that material operational risk events are accurately recorded, categorised, and analysed. Provide regular reports and insights to the Head of Risk Department, highlighting trends, emerging risks, and areas requiring management attention.
• Collaborate with each business line across the Bank and provide independent review to ensure timely reporting and escalation of operational risk incidents to Operational risk team, senior management, Exco, RC/RCC, and Head Office, facilitating root cause analysis and the implementation of corrective actions to prevent recurrence.
• Develop and monitor Key Risk Indicators (KRIs) relevant to operational risk, establishing thresholds and triggers that prompt management action when exceeded. Use KRIs to proactively identify areas of increasing risk and to support decision-making processes.
• Ensure that operational risk identification and assessment processes are embedded within the Bank's governance framework, aligning with regulatory requirements and industry best practices to promote a robust risk culture.

• Manage risks associated with third-party relationships and outsourcing arrangements, ensuring compliance with PRA SS2/21 and other relevant regulations.
• Develop and maintain a comprehensive third-party risk management framework, including risk assessments, due diligence, and ongoing monitoring.
• Lead initiatives to identify key risk indicators (KRIs) and develop risk heat maps for outsourced activities.

• Evaluate and enhance internal control systems to mitigate identified operational risks.
• Collaborate with business units to develop and implement effective control measures and action plans.
• Monitor the effectiveness of controls and recommend improvements as necessary

• Ensure compliance with applicable regulatory requirements, including those set by the PRA, FCA, and Head Office.
• Prepare and present regular reports on operational risk metrics, issues, and trends to senior management, Risk and Compliance Committee and Head Office.
• Coordinate the preparation of the annual Operational Resilience Self-assessment report and present it to senior management, Risk and Compliance Committee and Head Office.
• Act as the primary point of contact for operational risk matters with senior management, regulators, Head Office and external stakeholders.

• Proven experience (10+ years) in operational risk management within the banking sector, preferably in a UK wholesale banking environment.
• Strong knowledge of PRA and FCA regulations around operational risk management, operational resilience, outsourcing and third party risk management.
• Excellent report writing, problem-solving, communication and decision-making skills.
• Strong leadership, collaborative and interpersonal skills, with the ability to influence stakeholders at all levels.

We are happy to provide application and/or accessibility support, please contact your Marks Sattin or Grafton consultant directly to discuss your needs. We're committed to protecting the privacy of all our candidates and clients, please visit