As a second line of defense, Head of Risk and Fraud is responsible to identify, assess, mitigate, report and monitor operational risk (including fraud risk), reputational risk, compliance / regulatory risk, strategic risk, funding liquidity risk, information & cyber security across TrueMoney in accordance with regional risk and fraud policies and procedures. More specifically, he/she will also analyze fraud pattern & trend, develop fraud strategies and implement fraud tools to address current as well as evolving fraud threats and will continuously improve fraud prevention, detection and recovery abilities of TrueMoney. The role holder is also accountable for communicating all regional risk and fraud policies and procedures as well as designing, developing and implementing Risk and Control Self Assessment (RCSA), Key Risk Indicator (KRI), Key Control Indicator (KCI) together with relevant stakeholders. The responsibility also includes coordinating with compliance / internal & external audit to address all concerns on regulatory requirement & regulatory findings / audit findings.
- Act as a second line of defense to proactively manage the risk and loss. The risk comprises operational risk, reputational risk, compliance / regulatory risk, strategic risk, funding liquidity risk, information & cyber security risk.
- Provide training on new risk framework, policy and procedures (e.g. regional risk & loss register procedure, regional key risk indicator procedure and regional risk & control self assessment procedure) to the first line of defence.
- Communicate changes in risk framework, policy and procedures to the first line of defence and ensure that they are understood by all stakeholders.
- Provide constructive feedback to Regional Risk & Fraud team on improvement to risk framework, policy and procedures.
- Work closely with stakeholders to design and develop Risk and Control Self Assessment (RCSA) as well as to set Key Risk Indicator (KRI), Key Control Indicator (KCI) and its tolerance level.
- Revisit RCSA and KRI & KCI when there is a new emerging risk / audit or regulatory finding and also perform RCSA and KRI refreshment on yearly basis.
- Ensure periodic RCSA testing as well as KRI & KCI collection and retaining evidence thereof within timeliness to assess the proper functioning and adequacy of existing controls.
- Review new products or services launch and assure that material risks are appropriately identified and mitigated by input action plans.
- Engage with stakeholder to identify risk / loss and determine if they are unique to their area or have wider upstream or downstream implications.
- Provide guidance to stakeholders who assesses the identified risk / loss to ensure risk rating agree with definitions in the regional risk assessment matrix.
- Ensure that action plans are directed at the root cause of the identified risk/loss / exception on RCSA testing / KRI & KCI trigger and appropriate, prioritized and sustainable to mitigate residual risks. Also, assure that the owner of each action is clearly assigned and realistic target date of each action is set in order to protect the overdue issue.
- Accurately, completely and timely record operational errors that result in financial losses, gains and near miss, exception on CET and KRI & KCI trigger in risk system.
- Report significant risk / loss to Regional Head of Risk & Fraud, Country Managing Director and Country Risk Management Committee.
- Propose control improvements, enhancements and simplifications where appropriate.
- Coordinate with compliance / internal and external audits to solve regulatory / audit findings, track aging, periodic follow up to ensure that all findings are remediated by committed timeliness and that the actual root cause are being addressed.
- Socialize significant risk & loss events as well as audit & regulatory findings and conduct lessons learned to create awareness.
- Manage the end to end country risk management committee process ensuring high quality risk dashboards are circulated to the committee members and minutes are drafted on a timely basis with all actions clearly documented and proactively followed up.
- Establish and develop fraud policy and procedures in line with business strategy and ensure they are well documented, understood and implemented.
- Conduct fraud related training to employees and partner agents.
- Take active role in fraud assessments of new products, significant changes on the existing processes where fraud risk exposure might be concerned.
- Manage dispute resolutions and ensure disputes being investigated and responded within stipulated time frame.
- Set fraud detection screening mechanism to spot suspicious transaction.
- Ensure ongoing transaction monitoring and suspicious activities identification using the fraud monitoring tools and system to assess the risk of fraud, misuse and abuse and act when fraud is discovered to prevent further loss.
- Consistently monitor and identify fraud patterns and fraud trends by contributing to the development of improved fraud management system, processes, policies and procedures.
- Ensure proper internal / external fraud investigation, review the drafted investigation report submitted by the team members and provide information (if necessary) to the police, legal and other law enforcement agencies in respect of fraud cases.
- Escalate significant fraud issues to Regional Head of Risk and Fraud and Country Managing Director as necessary.
- Provide ongoing / periodic reporting to country risk management committee and other required by the regulation governance in relation with fraud related patterns, loss levels, identified threats / risks and progress made in other key fraud items.
- Ensure fraud performance is within established benchmarks and country level losses.