1. Report to the board & senior management with regards to the design, implementation, review and approval of a bank-wide risk governance framework that is aligned with strategy and includes the bank’s risk culture, risk appetite and risk limits.
2. Responsible to work closely with all the stakeholders across the business (branch & Branchless banking) & other front office functions to achieve a well- controlled organization which can achieve growth targets safely.
3. Setting the vision and strategy for the risk function working in conjunction with all other senior leadership across the Bank. Manage the Risks in the domain of Credits, Market, Liquidity, Operations & strategy in accordance with the vision set by the Board of Directors
4. Manage Information Security exposure in line with SBP frameworks & Bank’s policies aligning the policies, processes & systems according to the risk limits & Information Security posture of the bank both in branch & branchless/ADC banking
5. Implement & Manage the Information Security of the bank via enhancing the Information Security architecture of the bank on continuous basis. Propose and implement the solutions to effectively manage and secure the bank’s information assets
6. Integrate risk management priorities into the company’s overall strategic planning, Policies, processes & systems to establish and implement methodology for timely identification & assessment, on an Ongoing basis, of material risks.
7. Responsible to formulate and articulate a coherent risk appetite and establish ISRM (Information Security Risk Management) functions with appropriate risk management approach.
8. Prepare, develop, manage and refine qualitative and quantitative risk reporting which meets the needs of the Board & Management, in order to support effective decision making.
9. Provide ongoing monitoring of aggregate risk-taking activities and risk exposures to ensure they are in line with the approved bank-wide risk governance framework, corresponding capital, liquidity needs and regulatory requirement.
10. Develop “Key Risk Indicators “(KRIs), risk register, contingency and business continuity plans, update and review policies (in line with legislative and regulatory requirements) for operational risks to ensure the escalation of significant risk issues to appropriate management levels.
11. Embedding a positive culture of confident and informed risk-taking through training, communication and promotion of the agreed risk framework.
12. Partnering effectively with third parties, regulatory bodies and others, as appropriate and serving as a role model for high personal and corporate ethical values and standards of integrity.