Expert in Governance, Risk and Compliance; Risk Management, Operational Risk
Expert ID: 737060 Spain
Demonstrates the ability to make things happen while working with global and culturally diverse teams, providing thought-provoking concepts, mentoring managers and staff to develop resilient capabilities and trust in using the outputs of governance, risk, and compliance frameworks for incorporation into decision support.
(1) Strengthening business viability by building data to support decision making capability based on process, not outcomes or cognitive ability.
• Organise risk & governance functions to create respected, authoritative, and innovative teams that assume a critical role in major business initiatives
• Make visible the art of the possible in ownership of qualitative risk and control to mitigate detriments.
• Maximize arising opportunity, demonstrating positive ROI whilst working with culturally diverse teams and locations.
(2) Marshalling enterprise risk and innovation to bring fresh perspectives, new ideas and intuition to spot growth opportunities arising from governance and risk, and influence business direction to drive value.
• Shape, lead, implement and train people to develop and operate enterprise risk management frameworks.
• Embed policies, controls, KRI and KPI’s with objectives to ensure resilience and reliability in mitigating uncertainty.
• Create cultures of intelligent risk governance and heightened awareness and use of advanced risk management practices.
(3) Cultivate data streams for resilient decision outcomes by applying creativity, analytical rigour, pragmatism and leadership to build value and maintain competitive in the face of regulatory protocols and requirements.
• Through reporting and metrics, made visible to risk owners different perspectives of the risks they are responsible for.
• Categorisation of risk, as well as mapping and relationship of risk that does not always fit into neat hierarchies.
• Prepare rating agency submissions on GRC framework effectiveness for enhanced rating assessment.
|Year: 1971||Degree: BSc||Subject: Mechanical Engineering||Institution: University of Liverpool|
|Years: 2017 to Present||Employer: Undisclosed||Title: Chief Risk Officer||Department: Advisory|
Responsibilities:Reporting into the CEO of a niche Governance, Risk & Compliance (GRC) strategy consultancy with a £50m turnover, as a Chief Risk Officer / Board Advisor with business activities in the space of Nordic region Fintech and Insurtech start-ups, developing MENA, Asian and Chinese markets.
a) Practice Chief Risk Officer: Orchestrated development of value propositions for increasing growth opportunities in the practice by introducing supporting business models, strategy, product design, and development of governance, risk, and related assurance functions, to increase the effectiveness of frameworks and evidencing such. Interacted with and influenced senior Clients and their stakeholders.
b) Client Advisory: Oversee the provision of advisory services for optimizing the effectiveness of governance, risk & compliance functions, creating added value by the provision of assurance to decision-makers that they were aware of the right risks and opportunities. Leverage enterprise data to convert risk-centric to objective-centric approaches, reducing the cost of operation by 5%-10% and covering the spectrum of enterprise risk, governance, and assurance functions directly and through a partnership with regulatory bodies and internal /external consultants.
Achievements in Client portfolio:-
• Omani bank: Following nomination as a domestic systemically important bank, conduct an analysis of the effectiveness of risk and oversight frameworks, with special consideration given to the systemic dimension. Produce detailed reports, roadmaps, and suggestions for moving to a higher state of maturity and orchestrate development of value propositions for the Banks 2nd line capability, reducing the template by 30%.
• Argentinian Insurtech: following an acquisition by UK Insurtech, assess and oversee the integration of two disparate risk and governance frameworks, utilizing “best in class” components from each framework to design and implement a Group Risk function with a reduced (15 to 11 FTE’s) template offering effective performance. Provide assurances that the combined enterprise functions supported control of governance, culture, policies, risk, and harmonization of UK/LatAm compliance differentials.
• UK Pension Fund provider: Conduct an analysis of the maturity of the existing risk management arrangements to transition to an enterprise Governance, Risk and Compliance management framework and develop roadmaps for its implementation and embedding. Combine dimensions of financial and non-financial risk profiles, and create symmetry from multiple sources relative to risk, governance, and compliance. Produce a Target Operating Model incorporating the use of risk and compliance champions as opposed to incremental headcount, creating a lean culture.
|Years: 2012 to 2017||Employer: Advanced Capability Solutions||Title: Chief Risk Officer||Department: Advisory|
Responsibilities:Reporting into the Managing Partner of a niche Strategy consultancy operating within a £200m turnover, as a Chief Risk Officer / Head of Risk Practice with business activities in the space of, finance, insurance, and energy sectors.
a) Practice Chief Risk Officer: Identified business development opportunities that were aligned with Client agendas and created value-driven sales propositions, leading the development of compelling business cases and responses to new business opportunities and requests for proposals. Created and managed new opportunity development campaigns that built upon the consultancy and delivery capabilities of the practice.
b) Client Advisory: Created assets and Communities of Practice to enhance or create specialist teams that met specific Client challenges. Supported the building of risk management departments through recruitment strategies, and added value by creating respected, authoritative, and innovative risk and oversight teams and frameworks, with reduced templates, that assumed a critical role in most Client business initiatives.
Achievements in Client portfolio:-
• Developed effectiveness of risk management arrangements within Client organizations to higher stages of maturity, considering how best to engage and interact with those charged with risk and oversight to enable alignment and achievement of objectives in line with organizational risk appetites.
• Functioned as an objective source of review to provide enhancements and cost efficiencies to reduce the burden of ownership of risk frameworks, provided robust challenge and pragmatic advice to support department heads.
• Provided insights and current thought leadership from related financial industries and segments to C Suite members. Trustees, Board Directors, and Committee members to socialize and challenge developing threats and opportunities.
• Provided robust challenge and pragmatic advice to support the delivery of day-to-day risk management activities. Led teams of 10+ with direct cost budgets of $5m+ delivering benefits and value, providing the spectrum of designing and embedding enterprise governance, risk and compliance functions, and frameworks.
Client portfolio:- Royal Bank of Scotland Group, Fidelity International, Nationwide BS, Abu Dhabi Investment Group, Saudi Stock Exchange, HSBC-Saudi British Bank, Eversheds LLp, Bank of Ireland / PO Financial Services., Kuwait Investment Dar, A.D.Little LLp,.Sun Life FinancialGroup, Phoenix Assurance Group, Arab Bank Jordan.
|Years: 2007 to 2012||Employer: Eurorevision SA||Title: Chief Risk Officer||Department: Advisory|
Responsibilities:Reporting into the European Managing Partner of a member of a £1.5bn franchise network of legal and accounting advisory firms as a Chief Risk Officer, offering professional services related to legal, financial, tax, merger, and acquisition in insurance / financial sectors to Clients with international activities.
a) Practice Chief Risk Officer: Developed trusted senior-level relationships with Clients and internal Partners and Experts, qualifying opportunities and negotiating complex solutions. Representation of practices Risk Management propositions to build an understanding of Clients' businesses and challenges, participating in identifying strategic solutions for their business needs. Functioned as a trusted partner in identifying incremental performance solutions and facilitated stakeholder engagement programs.
b) Client Advisory: Shaped and led the business solution implementation: defined and supervised business architecture, process design, and development activities, driving the development of capabilities and performance metrics. Developed implementation programs and led multidisciplinary teams to execute project deliverables to schedule, budget, and performance goals. Ensured planned business outcomes were achieved and defined client structural and organizational changes needed and oversaw the preparation for deployment. Constructed and implemented programs for overall communication strategy.
Achievements in Client portfolio:-
• Optimised the effectiveness of the current state of risk management practices within Client organizations, evaluated the maturity of, identified gaps, and subsequently implemented enhancements to risk and oversight frameworks, demonstrating the effectiveness and incorporating risk to business objectives.
• Designed and delivered effective, robust, and independent risk infrastructures including policies, strategies, systems and controls, committee structures. Provided subject matter expertise for the qualification of enterprise-related risk assessment and development.
• Developed strategies for savings in the total cost of risk in business activity (circa 8%) based on a holistic risk management platform for managing prudential, regulatory and operational risk functions, based on UK PRA & FCA requirements Ensured that risk and controls frameworks that directly impacted strategic and growth objectives were resilient in appropriately assessing the correct risk.
Client portfolio:- Lloyds Banking Group, Halifax, Royal Sun Alliance, ING España, Sabadell Atlantico, Caja Madrid, National t Westminster GFM and GDM, Liberty Seguros, Caixa Group, Dirección General de Seguro’s, Banco del Republica, Andbanc, Piraeus Bank, Bank of Ceylon. Bank of Cyprus, Banco Urquiko, Banco General Panama, Central Bank Nigeria
|Years: 2006 to 2007||Employer: Rabobank International||Title: Global Risk Manager||Department: Utrecht|
Responsibilities:Contribution snapshot: Headed the optimization of existing risk management arrangements and frameworks for inclusion into an integrated response to Dutch regulators requirements for voluntary compliance with Sarbanes Oxley . Performed gap analysis to support the planning, design and assessment against current best practice of Enterprise Risk & Compliance frameworks, and provided independent advice and validation of RMP components to home and host regulators.
• Delivered an operational risk and compliance portfolio, incorporating an effective governance structure to provide a single, integrated framework for the management of risks, and roll out of supporting software applications, extend to South African acquisition
• Delivered roadmap and entity compliance portfolio incorporating evaluation of the enterprise risk structure as it related to risk, governance and controls management, and align outputs with risk appetite setting.
• Evaluated the control environment to improve risk and the evaluation of capital adequacy, economic capital methodologies to eliminate material weaknesses and strengthen risk measurement and management.
• Delivered Target Operating Model to integrate Polish, Turkish and Irish acquisitions into portfolio compliance.
• Delivered dis-aggregation of accounts and disclosures, process documentation, operational risk analysis and mitigation, transparency of process and effectiveness measure of the control environment.
|Years: 2004 to 2006||Employer: Barclays Bank||Title: European Risk Manager||Department: Madrid|
Responsibilities:Contribution snapshot: Developed a strategy to upgrade risk management framework to meet enhanced risk requirements defined in revised banking rules issued by the European Banking Authority based on the existing enterprise risk framework and advanced risk management techniques. Ensure risk and compliance throughout the business services delivered the right outcomes for the business and customers.
• Developed a robust risk governance framework with linkage to existing roles in the risk and control structure.
• Oversight of key risk and compliance functions in a suite of practical processes
• Assessed key risk (and control) indicators, loss tracking, consolidated dashboard reporting.
• Provided certification and compliance portfolio requirements for risk processes, activities and systems.
• Determined types of events with different levels of risk.
• Channelled information and actions within processes to ensure coherent management of operational risks.
|Years: 2002 to 2004||Employer: Royal Bank of Scotland||Title: Risk Governance Manager||Department: London|
Responsibilities:Determined the target architecture for addressing operational economic capital models and capital adequacy assessment processes in accordance with the BASLE II accord by the Advanced measurement Approach, and integrate with group compliance activities.
• Implemented a framework to calculate minimum capital requirements involving RAROC.
• Minimize change to existing systems, and maximize use of existing output data.
• Address four components of COSO to deliver briefs for compliance preparation for SOX Sec 302, 404,906.
• Management of the key controls relative to the core banking compliance system.
|Years: 1993 to 2002||Employer: QM S (A. Andersen)||Title: Director (Risk Advisory)||Department: Chicago|
Responsibilities:Responsible for designing and the synthesise all existing risk and control activities into one risk framework to provide a single lens through which to view deviation on all significant operational risks facing client organisations, linking the development and maintenance of policies and procedures by support functions and SME expertise. Close regulatory findings, preparing for supervisory visits, helping supervisors and providing regular briefings materials to Boards on key risk matters with major international retail and commercial banks, and develop a standard Target Operating Models
|Years: 1983 to 1992||Employer: Coopers & Lybrand (PWC)||Title: Senior Manager (Risk Advisory)||Department: London|
Responsibilities:Responsible for designing formal process for proactive assessment of operational risks and controls undertaken in Client business and support functions and the establishment of risk indicators to monitor key risks identified. Provide governance over how the risk assessment and monitoring processes work together to provide continual improvements in the control frameworks and manage change for risk functions, dependencies, requirements, policies, to enable seamless integration with information systems and deployments including asset management, pensions, private banking, global merger and acquisition and IT strategy.
|Years: 1994 to 1995||Agency: Saudi Arabian Monetary Agency||Role: Advisor||Description: Provide risk management advisory services to enable the agency to achieve improvements in markets administration and assess risk from a holistic perspective.|
|Years: 2011 to 2012||Agency: Post Office (Financial Services)||Role: Advisor||Description: Following separation from Royal Mail Group, deliver and implement the overarching enterprise risk and compliance strategy and approach to managing risk requirements and relationships with home/host regulators as a 3rd party digital channel.|
|Years: 2014 to 2015||Agency: Tadawul / Capital Markets Authority||Role: Advisor||Description: Prepare the exchange in risk and compliance disciplines for devolution of market regulation from Capital Markets Authority to the Exchange, with a particular emphasis on environment considering;
- Counterparty/Customer Comms
- Trading / Sales
- Strategy and Business Model Design
- Post Trading / Sales Services
- People, Recruitment, Performance, and Reward
- Third-Party Relationships
- Balance Sheet Product Design & Management
- Complaints Handling
Assess and revise the overarching risk & compliance management frameworks, governance, and controls strategy for the exchange, including organizational structure and governance, risk management processes.
|Years: 1984 to 1985||Agency: Bank of Spain||Role: Advisor||Description: Determine the target architecture for assessing enterprise economic capital models and capital adequacy assessment processes for market participants in accordance with the BASLE accord approaches.|
|Years||Country / Region||Summary|
|Years: 1983 to Present||Country / Region: See below||Summary: Europe: UK, Ireland, France, Germany, Austria, Spain, Portugal, Netherlands, Belgium, Greece, Cyprus, Andorra
MENA: Turkey, Jordan, Bahrain, Saudi Arabia, Kuwait, UAE, Oman, Qatar
Far East: Thailand, Singapore, Japan, Indonesia, Australia, Sri Lanka
Americas: USA, Brazil, Argentina, Dominica Republic, Uruguay, Panama
|Associations / Societies|
|M. Inst Risk Management
M. Inst Operational Risk
M. Cultural Management Research Assoc.
Lead Auditor. Registrar Accreditation Board (USA)
|Licenses / Certifications|
|Member. Inst Risk Management
Member. Inst Operational Risk
Member. Cultural Management Research Assoc.
Lead Auditor. Registrar Accreditation Board (USA)
|Training / Seminars|
|Developed and provided training courses (public and private/on house) on various risk topics including:
• Building conduct, regulatory, reputational, and social media risk and compliance management capability via enhanced frameworks, consensus, training, and communication, with a customer-centric focus.
• Developing policy, governance, and supporting assurance activity for conduct risk frameworks
• Engendering ownership of qualitative risk and control management frameworks to mitigate customer detriments.
• Shaped, led, implemented, and trained business people to operate and develop enterprise risk, governance, and control frameworks.
• Developing risk-taking decisions capability based on process, not outcomes or cognitive ability.
|Developed and provided Expressions of Interest, RFI's RFQ's for software packages, and integration selection and development to reduce total cost of risk.
• Developed trusted senior-level relationships with clients, target clients, and internal experts, qualifying opportunities and negotiating complex solutions.
• Built an understanding of clients' business and challenges and participated in identifying strategic solutions for their business needs.
|• Identified business development opportunities that were aligned with client agendas and created value-driven sales propositions for key clients.
• Led the development of compelling business cases and responses to new business opportunities and requests for proposals.
• Created and managed new opportunity development campaigns that build upon management consultancy and delivery capabilities.
• Created "Point of Views" on specific industry hot topics.
• Worked with consulting practices to identify opportunities with clients outside of current Risk Management portfolios.
|Other Relevant Experience|
|- Evidencing effectiveness of risk management arrangements.
- Developing risk frameworks that inform of the major risks.
- Enterprise risk appetite planning and proportionality.
- Target Operating Model design / implementation.
- Risk appetite alignment to the business model, strategy, and execution as appropriate.
- Implementation of regulatory (PRA/FCA/OSFI/SEC) sourcebook requirements appropriate to GRC.
- Regulator liaison.
- RMP and S166 interpretations.
- Production of ISO 30000 and COSO recommended content.
- Demystifying risk abstracts e.g. conduct risk and culture.
- Develop risk governance and supporting assurance/ committee references and guidelines.
- Develop business continuity frameworks.
- Design / implement control self-assessment (RCSA) portfolios.
- Improve regulatory confidence.
- Deep expertise in risk assessment
- Flexible and pragmatic approach to understand complexity.
- Defining re-useable data for M.I.
- Engender recognition that management of risk is essential to the successful execution of the company’s strategy.
- Supply domain knowledge to enable cognitive computing technology to interpret unstructured data