Job purpose:
We are seeking a detail-oriented and proactive Third-Party Risk Management (TPRM) Specialist to oversee and manage the organization's third-party risk framework and outsourcing arrangements in the region.
This role involves assessing and monitoring third-party relationships to ensure regulatory compliance, mitigate risks, and safeguard the organization's interests.
The TPRM Specialist will implement and manage a regional TPRM program aligned with the global framework, standardizing risk governance across APAC regions, with a focus on Singapore, Japan, and China. Additionally, the specialist will maintain an up-to-date outsourcing register, ensure compliance with local outsourcing and technology risk regulations, and collaborate with various stakeholders to manage outsourcing and third-party engagements effectively.
Providing subject matter expertise on regulatory requirements, including knowledge of DORA as an advantage, is key to success in this role.
Key activities:
Key Responsibilities
- Oversee outsourcing and vendor risk management across APAC, with a primary focus on Singapore, Japan, and China.
- Implement and manage a regional third-party risk management (TPRM) program in alignment with the global framework to effectively manage risks in external third-party relationships.
- Collaborate with the TPRM department at Head Office to ensure global requirements are implemented while also ensuring compliance with regional regulatory needs.
- Undertake the role of the Local Outsourcing Coordinator by overseeing the updates to the outsourcing register and acting as the primary liaison for the business retained functions.
- Provide training and guidance on TPRM or Outsourcing matters as needed.
- Manage and monitor the TPRM framework to ensure effective governance of vendor risks, enabling standardized third-party risk management across regional branches.
- Oversight & reporting of vendor performance and incident escalation into the local committee as required
- Offer expert advice on regulatory compliance requirements surrounding outsourcing (e.g MAS Notice 658) and third-party risks,
- Prepare periodic third-party compliance reports for senior management and assist in internal and external audits, as well as regulatory inspections.
- Regularly review and enhance third-party risk processes to improve efficiency, effectiveness, and alignment with industry best practices and emerging regulatory requirements.
Formal education:
- University or college degree or comparable.
- Suitable experience in similar roles, preferable within the Financial Services industry
Specialist knowledge (work experience, further qualification):
- Experience in vendor / third-party risk, outsourcing governance, IT/operational risk (financial services) in the Banking and Financial Services industry
- Excellent project management, organizational, and communication skills.
- Strong knowledge of MAS outsourcing/technology risk regulations (experience with FSA/JFSA and NFRA/CAC is considered an advantage)
- Experience in vendor risk assessments, contract risk reviews, and regulatory engagement.
- Knowledge of DORA beneficial.
- Strong stakeholder and regulator engagement skills.
- Fluency in English required Mandarin is desirable.
