Vice President, Operational Risk

Headquartered in Tokyo, Sumitomo Mitsui Banking Corporation (SMBC) is a leading global financial institution and a core member of Sumitomo Mitsui Financial Group (SMBC Group). Built upon our rich Japanese heritage since 1876, we put our customers first and provide seamless access to, from and within the Asia Pacific region. SMBC is one of the largest Japanese banks by assets and maintain strong credit ratings across our global integrated network.  We work closely as one SMBC Group to offer personal, corporate and investment banking services to meet the needs of our customers.

With sustainability embedded within our strategy and operations, we are committed to creating a society in which today’s generation can enjoy economic prosperity and well-being, and pass it on to future generations.

SUMITOMO MITSUI BANKING CORPORATION MALAYSIA BERHAD

Key Responsibilities

• Execute ORM Processes: Implement operational risk management procedures using approved ORM tools, in accordance with SMBCMY’s ORM Framework, internal guidelines, and Bank Negara Malaysia’s Operational Risk Policy.
• Control Validation: Assess and validate the effectiveness of control measures to ensure they adequately mitigate operational risks, including Third-Party risks and Shariah Non-Compliance (SNC) risks.
• Reporting: Prepare accurate and timely periodic and ad hoc ORM reports for submission to BNM, Regional Office, Head Office, and internal stakeholders.

1.  Be alert to incidents and trends which may constitute operational, Third-Party and Shariah Non-Compliance (SNC) risks and escalate the risks to Head, ORM or Co-CRO, where appropriate.
2. Co-ordinate with business and functional lines in executing the ORM processes, i.e. identify and assess operational and SNC risks, self-assessment of controls, reporting of loss incidents and Key Risk Indicators (KRI).
3. Investigate root cause/driver of loss incidents to ensure appropriate controls are out in place.
4. Monitoring types of losses (actual, potential, near misses) and loss amounts to ensure they are within risk appetites and Management limits.
5. Monitor KRI trends for KRI trigger signs, management limits branches and highlight to Head ORM and CRO.
6. Validate, evaluate and constructively challenge business and functional lines on their risk ratings and control effectiveness to ensure high integrity ORM.
7. Prepare timely and accurate periodical and ad hoc ORM reporting to BNM, respective risk committees, Regional and Head Office.
8. Conduct training and awareness briefings to Heads of Departments and Operational Risk representatives on ORM processes and tools.
9. Promote and embed the culture of ORM and conduct risk awareness to all business and functional lines in their capabilities as process and risk owners.
10. Ensure appropriate disclosure of confidential information to the relevant parties in accordance with regulatory requirements on managing such confidential information.
11. In the absence of the Department Head, to assume control and day to day functions of the department, as authorised by the Head of Department.

Job Requirements

Educational Qualifications

• Bachelor’s degree in Business, Finance, Risk Management, Accounting, or a related field.
• Professional certifications (e.g., BRM AICB, FRM, PRM, CPA) are often preferred.

Experience

• Minimum of 5–10 years of relevant experience in operational risk, ideally within banking, insurance, or financial services.
• Proven track record in implementing and enhancing Operational Risk Management Frameworks.

Key Skills & Competencies

• Strong understanding of risk assessment methodologies, internal controls, and incident management.
• Familiarity with regulatory requirements from Bank Negara Malaysia and other relevant authorities.
• Experience in conducting Risk and Control Self-Assessments (RCSA), Key Control Testing (KCT), Scenario Analysis.
• Ability to monitor, investigate, and report operational incidents.
• Proficiency in preparing risk reports and presenting to senior management or risk committees.
• Knowledge of third-party risk management, operational resilience, business continuity planning and crisis management.
• Excellent communication and stakeholder engagement skills.
• Analytical mindset with attention to detail.

Responsibilities

• Lead operational risk identification, assessment, and mitigation efforts.
• Collaborate with business units to embed risk awareness and controls.
• Support audits and regulatory reviews.
• Promote a strong risk culture through training and awareness programs.