Non-Financial Risk Lead

Posted 6 Days Ago
Be an Early Applicant
Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur, MYS
In-Office
Expert/Leader
Fintech • Software • Financial Services
The Role
Lead and strengthen the bank's operational and non-financial risk practice: design and enhance risk frameworks (RCSA, KRI), oversee third-party, technology/cyber and data risk, support new products and business initiatives, drive risk systems and automation, ensure BNM regulatory compliance, produce senior management and regulator reporting, and build risk culture and stakeholder engagement.
Summary Generated by Built In

Position Summary  

We are a pioneering, licensed Malaysian digital bank entering our second year of commercial operations. Having successfully launched our initial wave of financial products, we are rapidly scaling our digital ecosystem to serve Malaysia's retail and non-retail segments.  

Operating in a fast-paced environment where agility and automation are paramount, we are seeking a highly adaptable and versatile Non-Financial Risk Lead who is responsible for leading and strengthening the Bank’s Operational and Non-Financial Risk Management practice across the organization.  

This role will drive the design, implementation, and continuous enhancement of risk frameworks, governance, methodologies, and reporting capabilities to ensure the Bank maintains a strong and resilient control environment in line with regulatory expectations. 

The role acts as a trusted advisor to business and support functions on operational and non-financial risk matters, while enabling innovation, digital transformation, and sustainable growth through proactive risk management.

 

Key Responsibilities 

1. Operational & Non-Financial Risk Leadership 

  • Lead the Bank’s Operational Risk function and drive enterprise-wide non-financial risk initiatives, including emerging risks. 

  • Develop, maintain, and continuously enhance forward-looking risk frameworks aligned with Bank Negara Malaysia (BNM) regulatory expectations and industry best practices. 

  • Evolve methodologies and practices to address the changing risk landscape, including digital, technology, and operational risks. 

  • Provide advisory and guidance to all business and support functions on Operational and Non-Financial Risk matters. 

  • Produce high-quality Operational Risk reporting for Senior Management, Board Committees, and Bank Negara Malaysia (BNM). 

  • Deliver forward-looking insights on risk trends, control weaknesses, and emerging threats impacting the Bank. 

2. Risk Frameworks, Policies & Governance 

  • Maintain and enhance Operational Risk policies, frameworks, procedures, and governance processes, including: 

a) Risk & Control Self-Assessment (RCSA) 

b) Key Risk Indicators (KRI) 

c) Operational Risk Event Management 

d) Outsourcing & Third-Party Risk Management 

  • Ensure strict alignment with applicable BNM regulatory requirements, including Risk Governance, Outsourcing, and related guidelines. 

  • Oversee governance and maintenance of Bank-wide policies, procedures, and documentation standards. 

  • Drive consistency, effectiveness, and accountability in risk management practices across the organization. 

3. New Products & Business Initiatives 

  • Establish and operationalize robust risk assessment frameworks for: 

a) New product approvals and product variations 

b) New business initiatives 

c) System implementations and process changes 

  • Ensure risks are proactively identified, assessed, mitigated, and appropriately controlled prior to implementation. 

  • Partner closely with business, product, technology, compliance, and operations teams to support safe and sustainable innovation. 

4. Third-Party Risk Management (TPRM) 

  • Lead end-to-end Third-Party Risk Management practices across the Bank. 

  • Ensure compliance with applicable regulatory requirements while implementing effective methodologies to identify, assess, monitor, and manage third-party risk exposure. 

  • Oversee key TPRM pillars: 

a) Vendor due diligence and onboarding 

b) Risk assessments and control reviews 

c) Ongoing monitoring and performance oversight 

d) Periodic testing and reviews of TPRM effectiveness 

  • Support business stakeholders in strengthening vendor governance and risk management practices. 

5. Technology, Cyber & Data Risk 

  • Integrate technology, cyber, and data risk considerations into the Bank’s Operational Risk framework in alignment with BNM RMiT (Risk Management in Technology) requirements. 

  • Collaborate closely with Technology Risk, Information Security, and Technology teams to strengthen the overall control environment. 

  • Support oversight of technology-related operational risks arising from digital banking operations, cloud services, outsourcing, and emerging technologies. 

6. Business Continuity & Resilience 

  • Support operationalization of the Bank’s risk incident management framework by ensuring relevant functions effectively manage: 

  • Risk event identification and reporting 

  • Incident registration and tracking 

  • Root cause analysis 

  • Corrective and preventive remediation actions 

  • Work with and Support Business Continuity & Crisis Management (BCCM) team’s efforts to enhance organizational resilience and regulatory compliance. Areas include: Business Continuity Management (BCM), Disaster Recovery (DR), and Crisis Management design and activities 

  • Ensure effective ORM oversight, monitoring, and reporting of resilience-related risks and incidents. 

7. ESG & Emerging Risks 

  • Incorporate ESG-related risk considerations into the Bank’s Non-Financial Risk framework where applicable. 

  • Monitor, assess, and provide insights on emerging risks impacting the banking and digital ecosystem. 

  • Develop and enhance risk management approaches to address evolving regulatory, operational, and strategic risks. 

 8. Risk Systems, Transformation & AI Enablement 

  • Drive implementation and enhancement of Operational Risk systems, tools, and data capabilities. 

  • Lead risk transformation initiatives to improve efficiency, scalability, and effectiveness of risk management processes. 

  • Leverage automation, AI enablement, and data analytics to strengthen risk identification, monitoring, reporting, and decision-making capabilities. 

  • Continuously enhance risk infrastructure and reporting capabilities across the Bank. 

9. Stakeholder Engagement & Risk Culture 

  • Provide advisory, training, and guidance to business and support functions on Operational and Non-Financial Risk matters. 

  • Develop impactful training materials and presentations to strengthen risk awareness and accountability. 

  • Collaborate closely with business, compliance, technology, operations, and support teams to embed effective risk management practices. 

  • Promote and cultivate a strong risk culture across the organization. 

 

Requirements 

Education & Experience 

  • Education: Bachelor’s degree in Finance, Accounting, Risk Management, Business, Information Systems, or related disciplines. 

  • Experience: 10–15 years of relevant experience in Operational Risk and/or Non-Financial Risk Management within banking or financial services. 

Hard Skills & Competencies 

  • Regulatory Knowledge: Strong knowledge of BNM regulatory requirements, including RMiT, Outsourcing, Risk Governance, and Operational Risk Management. 

  • Core Competencies: Hands-on experience in RCSA, KRI development/reporting, incident and loss event management, regulatory reporting, and Third-Party Risk Management. 

  • Preferred Skills: Exposure to ESG risk management, Technology Risk, and digital banking environments. 

  • Multi-Product Knowledge: Proven ability to understand the risk dynamics of both high-volume digital retail deposits/loans and SME/commercial financing, any other bank product offerings 

  • Tech Comfort: Familiarity with modern data visualization tools, systems implementation, workflow automation, or AI enablement. 

Soft Skills & Culture Fit 

  • Versatility: Willingness to operate as a "player-coach" - capable of planning high level programmes / strategies while also able to execute the same 

  • Meticulous & Structured: Strong organizational skills to manage a broad coverage of work.  

  • Excellent Communicator: Highly collaborative and willing to engage across functions and seniority levels.Strong communication and presentation skills, with the ability to articulate risks, provide recommendations, and share clear points of view  to drive practical solutions. 

  • Positive outlook and inquisitive: Self-driven, analytical, and comfortable operating in a fast-paced, evolving environment. 

 

Success Measures 

  • Framework Maturity: Strength and maturity of the Bank’s Non-Financial Risk frameworks and governance practices. 

  • Regulatory Compliance: Positive outcomes and Clean bills of health from internal/external audits and regulatory assessments. 

  • Reporting Quality: Accuracy, timeliness, and actionable depth of risk reporting and management information. 

  • Innovation & Efficiency: Successful implementation of risk systems, workflow automation, and efficiency gains. 

  • Risk Culture: Measurable strengthening of the organizational risk culture and high levels of stakeholder engagement. 

  • Proactive Mitigation: Improved visibility, management, and reduction of emerging and operational risks across the Bank. 

What’s In It For You? 

  • The opportunity to shape the foundational risk architecture of a live digital bank. 

  • A high-visibility role across the Bank at all levels 

  • A vibrant start-up culture that champions intellectual excellence, execution speed and collaboration.  

  • Be at the forefront of advanced risk technology adoption. 

JR00000598

Skills Required

  • Bachelor's degree in Finance, Accounting, Risk Management, Business, Information Systems, or related discipline
  • 10-15 years relevant experience in Operational Risk and/or Non-Financial Risk Management within banking or financial services
  • Strong knowledge of Bank Negara Malaysia regulatory requirements including RMiT, Outsourcing, Risk Governance, and Operational Risk Management
  • Hands-on experience with RCSA, KRI development and reporting, incident and loss event management, and regulatory reporting
  • Experience leading Third-Party Risk Management including vendor due diligence, risk assessments, ongoing monitoring and testing
  • Proven ability to assess risk dynamics across retail digital banking, SME/commercial financing and other bank products
  • Familiarity with modern data visualization tools, systems implementation, workflow automation, and AI enablement
  • Exposure to ESG risk management, Technology Risk, and digital banking environments
  • Strong communication, stakeholder engagement, training, and ability to operate as a player-coach
  • Meticulous organizational skills, structured approach, analytical and self-driven in fast-paced environments
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Kuala Lumpur
283 Employees

What We Do

We are Ryt Bank, the World’s First AI-Powered Bank, fully licensed by Bank Negara Malaysia and the Ministry of Finance, and a member of PIDM. Backed by YTL Digital Capital Sdn Bhd with Sea Limited as shareholder, we bring together decades of experience and digital innovation to reimagine what banking should be: smarter, simpler, and built entirely around you. The future of banking is here, and it’s done right. 📲 Ryt Bank is now available on the App Store and Google Play.

Similar Jobs

MongoDB Logo MongoDB

Technical Services Engineer

Big Data • Cloud • Software • Database
Easy Apply
Hybrid
Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur, MYS
5550 Employees

MongoDB Logo MongoDB

Technical Services Engineer

Big Data • Cloud • Software • Database
Easy Apply
Hybrid
Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur, MYS
5550 Employees

ServiceNow Logo ServiceNow

Consultant

Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Remote or Hybrid
Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur, MYS
29000 Employees

Pfizer Logo Pfizer

Market Access & Policy Lead - MISP Cluster

Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
Hybrid
Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur, MYS
121990 Employees

Similar Companies Hiring

Hanover Park Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
42 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account