The Role Responsibilities:
Strategy:
- Establish and implement governance and oversight processes.
- Embed local regulatory requirements into the TPRM framework in the Country.
- Establish and implement methods for assessing standards of outsourcing provider performance.
Business:
- Coordinate and supervise the risk assessment activity by Outsourcing Owners in the business.
- Review new proposed outsourcing arrangements and completed risk assessment and risk mitigation activities performed by 1LOD.
- Facilitate approval by or notification to relevant governance bodies of new proposed and materially changed outsourcing arrangements.
- Provide second line of defense oversight of third party risks, validating and/or escalating, as appropriate, third party risks in alignment with the TPRM framework and the Board-approved risk appetite.
- Ensure the respective contract owners are monitoring, reviewing, and mitigating risks associated with third parties in accordance with the TPRM framework.
Processes:
- Ensure that all third-party relationships are captured in a centralized inventory in a timely manner.
- Ensure and assess compliance to TPRM framework and adherence to related policies.
- Support the development and implementation of local TPRM Policies and Procedures in alignment with regulatory requirements.
- In partnership with Compliance, monitor regulatory changes impacting outsourcing risk and ensure TPRM framework and related policies are aligned to regulatory requirements
Risk Management:
- Escalate any issues to local and Group risk committees as necessary
- Develop, publish and present reports of third-party risk oversight activities to key stakeholders and relevant risk committees.
- Support internal/external audit and associated regulatory audit as directed.
- In an advisory capacity, support business stakeholders in the identification of issues and root causes including oversight/facilitations of third party risk mitigation actions.
Governance:
The Central Outsourcing Manager is responsible for supporting the activities related to outsourcing oversight and governance for Germany, with the purpose of:
- Perform 2LOD monitoring, control, and supervision of 1LOD outsourced activities, including those performed by intra-group (affiliate) service providers.
- Review new proposed outsourcing arrangements and completed risk assessment and risk mitigation activities performed by 1LOD.
Regulatory & Business Conduct:
- Display exemplary conduct and live by the Group's Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines, and the Group's Code of Conduct.
- Achieve the outcomes set out in the Bank's Conduct Principles
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct, and compliance matters.
- Exercise authorities delegated by the Management Board and act in accordance with Articles of Association (or equivalent).
QUALIFICATIONS:
- Proven professional experience in the banking sector with close relation to Third Party Risk Management / Central Outsourcing Management
- Sound knowledge of relevant regulatory requirements (including KWG, MaRisk, FISG) as well as their operational implementation.
- Strong communication and conflict management skills.
- Fluency in English and German.
- Structured way of working as well as strong analytical and conceptual skills.