Create the future with Affin! ​​You too can make a difference.

We continuously innovate to transform our financial services landscape - making banking better and easier. Join us at AFFIN, where the open minds meet and be inspired by a shared commitment to great work. You too can make a difference.

JOB RESPONSIBILITIES:

• Collect information and review documentation to ensure that risk scenarios are identified and evaluated. Identify legal, regulatory and contractual requirements and organizational policies and standards related to information systems to determine their potential impact on the business objectives.
• Perform monthly/quarterly submissions and annual review on Bank/BNM Key Risk Indicators (KRI), Risk Control Self Assessments (RCSA), Compliance Self-Assessment Review (SSAR), Compliance Matrix (CMAX), Cyber Resilience Maturity Assessment (CRMA) and Management of Customer Information and Permitted Disclosures (MCIPD).
• Coordinate submissions on Technology Risk Dashboard on monthly basis to Technology Risk Management team and send all Risk & Compliance communications to Technology Staff on ad hoc basis.
• Collect and validate data that measure key risk indicators (KRIs) to monitor and communicate their status to relevant stakeholders in their decision-making process.
• Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively.
• Review all the Department's documentations related to Risk and Compliance prior to submission to BRCM (for e.g. Master Service Agreement/ renewal Agreement/ Letter to BNM/ Guidelines and Procedures/ Due Diligence Checklist/ Cloud Risk Assessment/ Material Risk Assessments etc.) and provide advisories to IT Project Managers.
• Timely reporting/escalation of any compliance issue/breaches to respective BRCM and submission of Lost Event Report via GCM System for IT related Priority 1 & 2 incidents.
• Close monitoring of submission of Compliance documents reviews, surveys for BNM and PayNet queries/updates and BNM Reviews to ensure that they are done within agreed timeline.
• Any special assignment to undertake special/ad-hoc assignments as and when directed by Head, Governance Risk & Compliance (GRC).