The Business Risk and Control Officer is a strategic professional who stays abreast of developments within own field and contributes to directional strategy by considering their application in own job and the business. Recognized technical authority for an area within the business. Requires basic commercial awareness. There are typically multiple people within the business that provide the same level of subject matter expertise. Developed communication and diplomacy skills are required in order to guide, influence and convince others, in particular colleagues in other areas and occasional external customers. Significant impact on the area through complex deliverables. Provides advice and counsel related to the technology or operations of the business. Work impacts an entire area, which eventually affects the overall performance and effectiveness of the sub-function/job family.
The Business Risk and Control Officer will be a key member of the Legal Risk & Control Team supporting both the Legal Department and the Regulatory Strategy and Policy (RSP) team with focus on the Global Assessment Unit coordination role as well as supporting the implementation and execution of new BAU transformation processes to ensure appropriate adherence to firm-wide initiatives and requirements, including operational and compliance risk management programs.
Responsibilities:
Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
- Help contribute to governance and the facilitation of the execution of the Manager Control Assessment (MCA, i.e. Risk & Control Self-Assessment) as required by the MCA Standard including the assessment and appropriate approval of risk associated with business changes.
- Support teams in the quality, completeness, and accuracy of the implementation of the Control Framework, including Risk Control Policy, Control Standard, Issue Management Policy, Lesson Learned Policy and Control Inventory.
- Assist in performing a detailed analysis on the identification of issue root cause, partnering with control and process owners to recommendations holistic corrective actions and improvements, provide check and challenge to ensure appropriate escalation in according with Issue Management and Escalation Policies.
- Help contribute to the Lessons Learned Policy, including monitoring of control breaches and dissemination and learnings across other business units for process improvement to limit the occurrence of similar future events and where similar risk exposure might exist.
- Support the review and challenge process, within the FLUs, on the effective design and management of controls to mitigate risks as required by the Control Standards, including implementation and operation, conducting the control monitoring, handling deficiencies, and escalating issues for resolution.
- Help contribute to the timeliness, accuracy and completeness of the MCA through controls prior to the execution of a process (QC).
- Assist in the monitoring of the adherence to the MCA Standard through controls after the execution of a process (QA).
- Support in dealing with Operational and Compliance Risk in accordance with established Policy requirements.
- Assist in performing a detailed analysis to identify, assess, escalate, and manage risk exposures across Risk Categories (Operational Compliance, Strategic, Reputational, etc.), including material, emerging and concentration risks in accordance with enterprise Policies and the establishment of Key Indicators to monitor risk exposures.
- Assist in supporting Risk Appetite and monitor / assess exposures against this in accordance with enterprise requirements (if applicable).
- Be part of the process to identify, assess, record and response to Operational and Compliance Risk events, ensuring these are captured accurately, timely and in accordance with requirements.
- Help ensure that adequate governance and training are in place to support management of Risk profiles.
- Contribute to the risks associated with New Activities and changes to the Business, ensuring these are well understood and adequately controlled (if applicable).
- Support operational risk scenario analysis and stress testing for Operational Risk Capital requirements.
- Support with risk and control assessments or coordination for programs within various risk stripes and ensure sufficient subject matter expertise exists to enable management of these risks within the Business (e.g. third party, fraud, sanctions etc.) (if applicable).
- Coordinate risk and control responsibilities and ensure accountabilities are embedded within FLUs, including providing training and leading by example.
- Support with standards and procedures that conform to enterprise requirements and support sound operational and compliance risk management.
- Apply knowledge of the business, products or services to identify and implement control points and processes throughout the business.
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
- Help contribute to governance and the facilitation of the execution of the Manager Control Assessment (MCA, i.e.. Risk & Control Self-Assessment) as required by the MCA Standard including the assessment and appropriate approval of risk associated with business changes.
- Support the Global Assessment Unit Owner/Risk Owner to ensure the adherence to the MCA Standard and all requirements of the MCA Lifecycle are executed as is required.
- Support teams in the quality, completeness, and accuracy of the implementation of the Control Framework, including Risk Control Policy, Control Standard, Issue Management Policy, Lesson Learned Policy and Control Inventory.
- Assist in performing a detailed analysis on the identification of issue root cause, partnering with control and process owners to recommendations holistic corrective actions and improvements, provide check and challenge to ensure appropriate escalation in according with Issue Management and Escalation Policies.
- Help contribute to the Lessons Learned Policy, including monitoring of control breaches and dissemination and learnings across other business units for process improvement to limit the occurrence of similar future events and where similar risk exposure might exist.
- Support the review and challenge process, within Legal and RSP, on the effective design and management of controls to mitigate risks as required by the Control Standards, including implementation and operation, conducting the control monitoring, handling deficiencies, and escalating issues for resolution.
- Help contribute to the timeliness, accuracy and completeness of the MCA through controls prior to the execution of a process (QC).
- Assist in the monitoring of the adherence to the MCA Standard through controls after the execution of a process (QA).
- Support in dealing with Operational and Compliance Risk in accordance with established Policy requirements.
- Assist in performing a detailed analysis to identify, assess, escalate, and manage risk exposures across Risk Categories (Operational Compliance, Strategic, Reputational, etc.), including material, emerging and concentration risks in accordance with enterprise Policies and the establishment of Key Indicators to monitor risk exposures.
- Assist in supporting Risk Appetite and monitor / assess exposures against this in accordance with enterprise requirements (if applicable).
- Be part of the process to identify, assess, record and response to Operational and Compliance Risk events, ensuring these are captured accurately, timely and in accordance with requirements.
- Help ensure that adequate governance and training are in place to support management of Risk profiles.
- Contribute to the risks associated with New Activities and changes to the Business, ensuring these are well understood and adequately controlled (if applicable).
- Support with risk and control assessments or coordination for programs within various risk stripes and ensure sufficient subject matter expertise exists to enable management of these risks within the Business (e.g. third party, fraud, sanctions etc.) (if applicable).
- Coordinate risk and control responsibilities and ensure accountabilities are embedded within Legal and RSP, including providing training and leading by example.
- Support with standards and procedures that conform to enterprise requirements and support sound operational and compliance risk management.
- Apply knowledge of the function to identify and implement control points and processes throughout Legal and RSP.
- Identify gaps in implementing policy documents and draft appropriate procedures to meet requirements of the Citi Policy governance operating model.
- Ensure timely execution of transformation milestones, deliverables, and activities in both the Global Legal and RSP functions as required.
- Engage in Global Function Partner discussions (ICRM, ORM), to enhance the control environment of both the Legal and RSP functions.
- Identify and follow up on control weaknesses, collaborate with issue owners in the definition of robust action plans, monitor progress, maintain meaningful data in the Integrated Corrective Actions Plan system, and ensure collation/verification of completion evidence.
- Participate in controls-related projects affecting the Legal & RSP organizations, including data-analysis, reporting exercises and policy drafting.
- Help manage and perform reporting for Legal and RSP risk and control programs across several requirements.
Qualifications:
- 6-10 years relevant work experience in Business Risk & Controls
- Oral, verbal, and written comprehension Spanish language skills are highly preferred
- MS Excel, MS Access, SAS, SQL, Visual Basic a plus. 5+ years’ experience in financial services.
- Proficient with the Manager’s Control Assessment module.
- Consistently demonstrates clear and concise written and verbal communication skills.
- Effective organizational influencing skills required.
- Experience with work-flow systems, excellent project management, and organizational skills.
- Demonstrated ability to lead global team efforts.
- Excellent problem-solving skills and self-motivated.
- Ability to see the big pictures with high attention to critical details.
- Demonstrated ability to develop and implement strategy and process improvement initiatives.
Education:
- Bachelor's/University degree, Master's degree preferred.
-------------------------------------------------
Job Family Group:
Risk Management
-------------------------------------------------
Job Family:
Business Risk & Control
------------------------------------------------------
Time Type:
Full time
------------------------------------------------------
Primary Location:
Tampa Florida United States
------------------------------------------------------
Primary Location Salary Range:
$103,920.00 - $155,880.00
------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting