Head of Operational Risk and Resilience

The Head of Operational Risk and Resilience is a strategic leader responsible for developing and implementing a comprehensive, enterprise-wide operational risk and resilience framework across FCE Bank PLC and its subsidiaries. This role sets the operational risk strategy and risk appetite for the Bank, directly managing the Group-level operational risk function and providing oversight to local entities.

Leveraging deep expertise in operational risk management, industry best practices, and regulatory compliance, the Group Head will lead and mentor the Operational Risk team, championing best-practice risk management principles. This includes contributing to the ongoing evolution and enhancement of the Bank's overall risk management framework.

The position demands strategic thinking, strong leadership skills, and the ability to collaborate effectively with the Board of Directors, senior management, and diverse business units. This role is critical in ensuring the Bank's operational resilience and long-term stability.

Operational Risk Management:

• Define, develop, and maintain the overarching Operational Risk and Non-Financial Risk Framework for the group, aligning it with evolving regulatory requirements and industry best practices.
• Provide strategic leadership and guidance to senior management on operational risk management, influencing decision-making and ensuring the integration of operational risk into enterprise-wide risk management strategies.
• Develop and implement a proactive operational risk management program, including identification, assessment, monitoring, and reporting of operational risks across all business units. This includes oversight of key processes such as risk identification, assessment, monitoring, and reporting of operational risks, including Loss Events and the NFR Taxonomy.
• Lead the development and implementation of a comprehensive operational resilience framework encompassing business continuity planning across the entire Group, including all relevant locations and markets. Key responsibilities include: 
  • Defining the Group's operational resilience strategy
  • Providing Second Line oversight of the UK Bank's operational resilience framework to ensure its effectiveness and compliance. 
  • Providing Group oversight for the implementation and adherence to DORA regulations within the Italian entity.

Operational Resilience (PRA, DORA & EBA Aligned):

• Define and own the Group Operational Resilience strategy and framework, ensuring compliance with PRA Operational Resilience requirements and DORA, and embedding resilience across all entities and critical services.
• Provide Group-level Second Line oversight of ICT Risk, ensuring effective identification, management, testing, incident reporting, and regulatory compliance in line with DORA expectations.
• Oversee the Information Security and Cyber Resilience framework, ensuring robust governance, controls, and independent challenge aligned to regulatory standards and industry best practice.
• Lead oversight of Third-Party and Supplier Risk Management, including critical ICT suppliers, ensuring resilience, concentration risk management, contractual protections, and exit planning meet DORA and PRA outsourcing requirements.
• Ensure effective Business Continuity, Disaster Recovery, and Crisis Management arrangements are in place, tested, and aligned to defined impact tolerances.

Governance and Oversight:

• Chair the Group’s Executive Operational Risk & Resilience Committee, ensuring effective governance and oversight of operational risk and resilience activities. This includes defining Terms of Reference, setting agendas, and ensuring the quality and timeliness of information provided (e.g., dashboard reporting).
• Strategic Board & Committee Engagement: Act as the key point of contact for operational risk and resilience matters, providing strategic guidance and updates to the Board, Board Risk Committee, and Executive Committee.
• Oversee the development and maintenance of relevant group policies, procedures, and standards relating to operational risk, resilience, and information security.
   

Team Leadership and Development:

• Lead, mentor, and develop a high-performing team of operational risk, resilience, assurance and information security specialists. This includes providing coaching, performance management, and career development opportunities.
• Foster a strong culture of operational risk awareness and accountability across the organisation through training programs, communication initiatives, and collaborative engagement.
    

Collaboration and Stakeholder Management:

• Collaborate effectively with operational risk functions across different business units and geographical locations to ensure consistent application of the framework and best practices.
• Engage with external stakeholders, including regulators and industry experts, to stay abreast of emerging trends and best practices in operational risk and resilience management.
• Provide recommendations to Executive Management on emerging trends in operational risk management, both internally and externally.
   

Regulatory Compliance:

• Ensure ongoing compliance with all relevant regulations and industry standards related to operational risk, resilience, and information security. 
   

The minimum requirements we seek:

• Strategic Leader with proven experience influencing at Board level and shaping enterprise-wide risk strategies.
• Operational Risk Expert with deep knowledge of frameworks, regulatory requirements (PRA Rulebook, Basel, DORA), and resilience best practices.
• Governance & Assurance Specialist with experience chairing committees and providing independent oversight.
• Collaborative Influencer who can engage stakeholders across geographies and functions, and represent FCE with regulators and industry bodies.

Additional Information:

The Company is committed to diversity and equality of opportunity for all and is opposed to any form of less favourable treatment or harassment on the grounds of race, religion or belief, sex, marriage and civil partnership, pregnancy and maternity, age, sexual orientation, gender reassignment or disability

This position is based in Dunton, and it is expected the successful candidate will be able to attend the Dunton office for typically 4 days a week and remain flexible on the days they are required to attend the office according to business requirements.

As part of our pre-employment checks process, successful candidates will be required to undergo a criminal record check. This will be conducted in line with the Rehabilitation of Offenders Act 1974 and applied only to unspent convictions.

#LI-SN2 #FordCredit