Responsibilities

• Design and operationalize enterprise risk management framework across DATAx to enable continuous improvement
• Engage in regular dialog with regulators on enterprise risk management areas to understand current issues and concerns, and align DATAx’s enterprise risk management framework with regulatory needs
• Ensure overall risk management framework and policies are in line with SCBx policies, serving as the lead and key point of contact in implementing a comprehensive risk management process for DATAx – this could include but is not limited to: compliance risk, operational risk, data security and fraud risk, etc.
• Oversee and monitor compliance with applicable laws and regulations of Thailand, including but not limited to the information technology laws and rules, on behalf of DATAx
• Ensure compliance with regulatory obligations whilst taking a commercial and practical approach to risk-related challenges and offering appropriate solutions for DATAx
• Measure DATAx’s risk tolerance and the level of risk DATAx is willing or able to take on
• Organize and lead discussions and initiatives for enhancements of the risk management framework
• Oversee the conduct of DATAx operating environment to identify and increase awareness of risks affecting the business
• Report to and align with SCBx Risk Oversight Committee on any updates in risk policies to ensure that DATAx risk policies are up-to-date
• Oversee data management and data compliance across DATAx is in accordance with data protection and policy regulations (e.g. BOT Data Governance Policy, PDPA)
• Oversee cyber and data security initiatives, ensuring alignment with DATAx’s cyber and data security vision, strategy, and information security program to ensure assets are adequately protected
• Supervise the conduct of risk assurance and due diligence on behalf of DATAx, if needed (e.g. vetting a new data procurement partner, etc.)

Qualifications

• Bachelor's Degree, MBA/MS preferred; Education includes demonstrated knowledge in information technology, computer science, management information systems, analytics or related field
• Knowledge of financial institution (bank or credit union) rules, regulations, and procedures with previous experience in the areas of enterprise risk management, internal audit and/or compliance preferred.
• Knowledge of risk management including industry trends, industry risks, and common practices.
• Extensive risk management, data management & governance, compliance, legal counsel and information security experience, with experience in a tech-related industry is preferred
• Experience with managing regulatory engagement
• A track record of acting as a trusted advisor to executive teams, with demonstrable experience of managing complex cases and limiting risk
• Broad knowledge of risk management practices and experience in developing an effective risk management system.
• Excellent verbal and written communication skills and have experience in identifying or troubleshooting complex business challenges.

Core Competencies

• Risk Management Expertise - Must be able to demonstrate a broad technical knowledge and expertise covering the conduct of business matters, corporate governance matters and regulatory risk and regulatory change matters
• Analysis – Demonstrate strong analytical and critical thinking skills
• Integrity – Apply strong ethical compass to navigate what are often uncharted territories
• Executive Communication - Strong interpersonal, oral and written communication skills
• Commercial Awareness – demonstrate an understanding of the business while maintaining a focus on managing risk controls to balance the risks managements needs and business requirements

Recruiter

Poranee