Senior Manager, Third Party Risk Management

Prudential

  • Hong Kong
  • Permanent
  • Full-time
  • 1 month ago
Prudential’s purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.The purpose of this role is for the Senior Manager/Senior Group Manager, Third Party Risk Management (“TPRM”) to support the Director, TPRM and the Head of Group Procurement & TPRM in providing operational oversight and assurance of Prudential’s Group Third Party Supply and Outsourcing (“GTPSO”) policy and third party risk governance framework.This role is in response to Prudential’s efforts to enhance the Group’s TPRM framework, which includes, but is not limited to enhancement of first line risk assessment methodologies and activities, supporting second line oversight capabilities, increasing risk awareness across the Group and overall strengthening of TPRM monitoring and remediation processes. Furthermore, this role is also critical to support compliance to the HKIA’s Group-wide supervisory framework (GL32) that regulates Insurance Group’s headquartered in Hong Kong, and specifically to this role, the HKIA’s Outsourcing guidelines (Module I).Key responsibilities of this role will include:
  • Supporting the Director, TPRM and Head of Group Procurement & TPRM in activities that enhance the Group’s Third Party Risk Framework and increase the effectiveness of key third party risk management controls
  • Support the operationalisation of Prudential’s TPRM lifecycle, in particular monitoring and reporting of elevated risks against third parties, and ensuring that relevant action plans to remediate risk are closed on a timely basis by accountable parties
  • Conduct quality assurance activities that assess the effectiveness of how well business departments and business units across Asia and Africa are complying to mandatory requirements and adopting best practice TPRM activities (across third party risk assessment and due diligence, supplier performance management, policy assurance and reporting and MI)
  • Perform activities with business units and stakeholders to improve the third party risk awareness risk culture across the Group
  • Manage the update and completion of the material contracts register of critical suppliers across all BUs for the formal submission to the HKIA
  • Support in developing reporting and MI across all aspects of Prudential’s Third Party Risk framework for various risk committees
  • Support operational activities associated with performing reviews of Outsourcing, Materiality and risk assessments in the Group’s Third Party Risk Management platform (Coupa Risk Assess)
This role will require a good understand of the third party risk and outsourcing regulatory landscape in Asia and operational experience and knowledge of best practices with regards to the TPRM lifecycle. Furthermore, the role will also be responsible for supporting the Group’s and supply chain ESG risk activities, including the review of assessments, addressing red flags, facilitating audits on third parties, and training and awareness activities of TPRM and ESG in the supply chain.This role will also require strong stakeholder management and communication skills given the need to interact with senior procurement, risk and compliance professionals across Prudential’s Asia and Africa markets, as well as government regulators when necessary, to ensure that the Group’s third party and outsourcing governance processes are working effectively.Organization Context: Brief description of how the role fits into the big picture (e.g., how it relates to activities in other divisions, other countries, regional office, etc.) and/or special characteristics of the business environment that help in understanding the role’s contribution to the organisation.The need for a dedicated Third Party Risk, Outsourcing and Responsible Supplier capability at Prudential’s COE is necessary because:Third Party Risk ManagementAs the Group becomes increasingly reliant on third parties to delivery strategic outcomes (e.g. Pulse), perform core activities (e.g. claims management), or outsources operationally critical activities (e,g, IT infrastructure outsourcing) the Group’s third party risk landscape has evolved significantly as risks relating to cyber security, privacy, business resiliency and continuity have come into sharper focus. The consequences of third party incidents damaging Prudential’s brand, reputation and obligations to policyholders and shareholders are becoming higher as greater compliance, risk and regulatory focus is applied to assessment and management of third-party risks.HKIA GWS Outsourcing RegulationsHKIA mandated Outsourcing regulations enforced through the GTPSO Policy requires Group-wide governance, oversight and assurance. This includes performing materiality and outsourcing assessments on potential regulatory impacting engagement, maintaining a best practice framework for third party performance management, ensuring monitoring processes over the Group’s material outsourcing material third party supply arrangements and BU material arrangements are operating effectively, as well engagement and consultation with the HKIA as required.Responsible Supplier and ESGAdministration of the Group’s Responsible Supplier guidelines and supply chain ESG strategy – including review of assessments, addressing red flags, conducting audits and training/awareness across the Group; and shaping the Group’s Supply Chain ESG strategy.Job Responsibilities
  • Supporting the Director, TPRM and Head of Group Procurement & TPRM in activities that enhance the Group’s Third Party Risk Framework and increase the effectiveness of key third party risk management controls
  • Support the operationalisation of Prudential’s TPRM risk management lifecycle, in particular monitoring and reporting of elevated risks against third parties, and ensuring that relevant action plans to remediate risk are closed on a timely basis by accountable parties
  • Conduct quality assurance activities that assess the effectiveness of how well business departments and business units across Asia and Africa are complying to mandatory requirements and adopting best practice TPRM activities (across third party risk assessment and due diligence, supplier performance management, policy assurance and reporting and MI)
  • Perform activities with business units and stakeholders to improve the third party risk awareness risk culture across the Group
  • Support in developing reporting and MI across all aspects of Prudential’s Third Party Risk framework for Prudential’s Third Party Risk Committee and other associated risk committees.
  • Support operational activities associated with performing reviews of Outsourcing, Materiality and risk assessments in the Group’s TPRM platform (Coupa Risk Assess)
  • Supporting the Director, TPRM in operationalising of best practices (including tools, templates and training) across the Group with regards to Prudential’s third party risk governance framework, including, but not limited to, third party due diligence processes, vendor management and oversight activities, policy assurance activities, reporting and MI (for BU’s and risk committees)
  • Supporting the Director, TPRM in administering the Group’s Material Contracts Register of critical suppliers across all BU’s for formal submission to the HKIA, along with support in addressing HKIA consultation requests and information requests as required by the GWS Outsourcing regulations
  • Supporting the Director, TPRM for administering and continually developing the Group’s Responsible Supplier guidelines and supply chain ESG activities, including the review of assessments, addressing red flags, facilitating audits on third parties, and training and awareness activities of third party risk management and ESG in the supply chain.
  • Supporting in identifying and implementing TPRM framework improvements to reduce manual working methods, identify common ways of working and optimise the use of Coupa Risk Assess to effectively manage third party risks, generate suitable MI and demonstrate compliance to the HKIA’s GWS Outsourcing regulations (and support BU’s where possible with local regulatory compliance)
  • Supporting the Director, TPRM for administrative responsibilities for various TPRM related working groups and committees.
  • Supporting the Director, TPRM for Projects such as CRA system enhancements, process enhancements and annual Attestations.
Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.

Prudential