Risk Director (Stablecoin)

Job Summary
As the Risk Director for the new Stablecoin Joint-Venture (JV), reporting to the CRO (Chief Risk Officer), you will be responsible for upholding the integrity of risk management by ensuring that operational risks are properly assessed. You will ensure that risk/return and cost/benefit decisions are made transparently based on thorough assessments, in accordance with JV's standards and Risk Appetite.

The role requires providing practical guidance on Risk, including Operational Risk Policy & Standard, consistently. You will identify, assess, monitor, and mitigate risks in the JV's daily operations. Working with the first line of defence, you will ensure key control concerns and risk events are understood and escalated quickly. You will drive thorough root cause analysis of risk events and challenge remedial plans by first line of defence (1LOD) Risk/Control Owners. You will ensure changes in products, services, and processes comply with relevant policies and oversee risk ratings per the RCSA Framework by first line of defence.

Key Responsibilities

• Risk Integrity: Ensure operational risks are properly assessed, and risk/return and cost/benefit decisions are made transparently based on thorough assessments, in line with the JV’s standards and Risk Appetite.
• Guidance on Risk Implementation: Provide practical implementation guidance on Risk, including Operational Risk (OR) Policy & Standard, in an effective and consistent manner.
• Risk Management: Identify, assess, monitor, and mitigate risks related to the daily operations of the JV.
• Collaboration with 1LOD: Work with the first line of defence (1LOD) to ensure concerns on key controls, operational risk events, and their impacts are understood and escalated promptly.
• Root Cause Analysis: Drive comprehensive, high-quality root cause analysis of operational risk events and provide robust challenges on remedial action plans proposed by 1LOD Risk/Control Owners.
• Policy Compliance: Ensure new and material changes in products/services/processes conform with the Transaction Processing Policy, Change Management Policy, and Product Governance Policy.
• Risk Control Monitoring: Oversee and monitor the execution of inherent and residual risk ratings as per the Risk Control Self-Assessment (RCSA) Framework by 1LOD.
• Regulatory Compliance: Ensure local regulatory requirements are met pertaining to risk, including operational risk management, prudential standards, and governance and operational standards.

Key stakeholders

Engage relevant stakeholders to raise awareness of Operational, Technology and Cyber Risks and how these are managed in the JV.

Internal

• Members of JV Management Team
• Peak Chief Risk Officer
• Group Operational, Technology and Cyber Risk Team
• Group Internal Audit

External

• Regulators in Hong Kong 
• External Auditors

Skills and Experience

• Local regulatory requirements (e.g. HKMA ECF ORM Certification)
• Strong experience in Operational risk management
• Clear understanding of Banking operational risk approaches or similar exposure
• Sound judgement and courage for control roles and relationships
• Strong analytical skills and judgement in changing environments
• Effective verbal and written communication
• Ability to explain complex risks to senior and non-technical stakeholders
• Excellent interpersonal skills, multicultural awareness
• Proactive risk management
• Mandatory and developmental role-specific training
• Other mandatory training as required by the JV, updated periodically