Governance and Control Manager

-Job description

**Why join us?**

Some careers have more impact than others.

If you’re looking for a career where you can make a real impression, join HSBC and discover how valued you’ll be. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

**The Opportunity**:
Global Finance is integral to HSBC’s purpose and strategy, playing a valued role in managing costs and deploying capital in the most effective way. Our global team of finance professionals’ partner with the business to provide trusted insights and forward looking analysis; accuracy; efficiency and control to frame and influence business decisions.

We are currently seeking a high calibre professional to join our regional team as a Governance and Control Manager.

**Principal responsibilities**:

- Support the ASP Finance Regional Head of Strategy Execution in identifying, mitigating, and monitoring Non-Financial Risks (NFR), ensuring effective management through an appropriate control environment.
- Oversee risk management and control activities within ASP Finance, including business information risks, employee conduct, conflict of interest, third-party management (internal and external), Cyber Security, Data and other relevant NFRs.
- Lead the implementation of the Risk Control Assessment (RCA) framework, including trigger event monitoring, control assessments, and overseeing control monitoring plan. Develop key risk indicators, risk heat map, and ensure remediation actions are completed in collaboration with risk stewards, Second line of Defense (2LoD), SMEs, and the Operational Risk and Resilience (ORR) teams.
- Monitor data quality issues and Risk and Control Management Meeting (RCMM) MI packs to support effective risk management and informed decision-making.
- Represent Finance in key governance forums related to NFR, Third Party, and Cyber Security, ensuring Finance’s risk and control priorities are effectively addressed.
- Act as BIRO for ASP Finance, manage Cyber Security and technology risks, validate control effectiveness, and ensure remediation plans are in place for any gaps or breaches. Provide risk management advice and guidance, ensure staff awareness and compliance with information security policies. Provide regular reporting on risk activities to senior management and ensure compliance with audit and regulatory requirements.
- Act as TPRO for ASP Finance, oversee vendor and third-party risk processes (both internal and externa), ensuring alignment with vendor risk management and Information and Cyber Security requirements. Serve as the primary contact for third-party risk issues, liaising with the Third-Party management teams. Coordinate governance and oversight of third-party control tasks, ensuring timely completion, closure of findings, and effective risk mitigation.
- Lead efforts to promote awareness of non-financial risks across Finance through targeted training and communication initiatives, continuously improving the control environment while streamlining processes where possible.
- Manage ad hoc projects and digital initiatives (e.g. business intelligence (BI) platform) related to risk and control driven by Finance COO Office, ensuring clear communication with stakeholders on new initiatives and alignment with Finance’s risk control objectives.
Requirements

**Qualifications & Requirements**:

- University degree in a related discipline or other relevant qualifications.
- Minimum 5 years of banking experience, have a strong concept of banking risk control and management to review the appropriateness of Non-Financial Risk Management processes.
- Experience in managing and reviewing Operational Risk and Information Security Risks in the financial services sector; working in the Advisory Services with leading accounting firms will be preferred.
- Attention to detail and familiarity with the local regulatory environment.
- Excellent interpersonal, communication and influencing skills and confidence to deal with senior stakeholders to sell the benefits of operational risk and information risk management.
- Strong sense of ownership, self-motivation and ability to work under pressure.
- Enthusiastic and self-motivated with excellent time management skills.
- Flexible and adaptable in accommodating change of requirement and willing to take new responsibilities when necessary.