Citi SVP, Consumer ORM - NA Operational Risk and Control Assessment (ORCA) in Irving, Texas

  • Primary Location: United States,Texas,Irving

  • Education: Bachelor's Degree

  • Job Function: Risk Management

  • Schedule: Full-time

  • Shift: Day Job

  • Employee Status: Regular

  • Travel Time: Yes, 10 % of the Time

  • Job ID: 17057050


About Citi

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.

Citi’s Mission and Value Proposition at explains what we do and Citi Leadership Standards at explain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients’ and the public’s trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.

Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop are widely available to all.


Provide segment and product specific expertise in order to execute effective oversight of the Business’ risk identification, assessment, monitoring and mitigation process. “Business” in this context includes NA Consumer Front Office, Operations and Technology functions and vendors supporting or used by the P&L owners who own the Risk. The Senior Operational Risk Manager performs the role through proactive engagement with the Business management, and through effective challenge - in formal governance forums and in day to day management processes. The objective is to ensure compliance with Citi’s Operational Risk Framework and policies as well as to meet “Heightened Standards” from Regulators for the 2nd Line of Defense. Business Operational Risk Managers also assist with the development and enhancement of the Operational Risk Framework.

Reporting to the Risk and Control Assessment Lead Op Risk Group Manager, this position works closely with Consumer ORM NA Business and Function coverage, Framework & Policy, Product and Business Strategy Oversight as well as Independent Risk and other control functions (Compliance, Legal, HR) in carrying out job responsibilities. A key success factor is also having an effective working relationship with relevant Business, Product and Function Managers CBORC and in-Business staff responsible for controls.


The primary focus of this role is oversight for the NA Consumer businesses risk and control assessment framework, including the Managers Control Assessment (MCA). The role involves oversight of risks and controls associated with all aspects of NA Consumer businesses including but not limited to product origination, servicing, collections and default, pricing, marketing, and capital markets.

Prime interfaces for ORM Risk and Control Assessment Ops Risk Managers include:

• Consumer ORM Business Coverage Teams for North America to ensure knowledge of significant emerging and residual risks within each NA Consumer business and to ensure complete coverage of Business processes and risks.

• Risk Specialists from Independent Risk and other 2nd Lind of Defense functions including Fraud, Compliance, Finance and Legal to leverage expertise and solicit their participation in risk reviews.

• NA Consumer 1st Line of Defense risk and control governance management (CBORC).

• Global ORM MCA Team for expertise in framework requirements, policies and procedures and to provide proactive input into evolution of the same.

• Franchise Risk Architecture Reporting Team to support business risk profiling, MIS and reporting.

• Consumer ORM Framework and Policy function.


Governance & Oversight

• Lead, coordinate and execute annual risk assessments for all NA Consumer MCA entities and align with current Key Operational Risk and Key Risk Indicator inventories to ensure all key elements of framework are incorporated into MCA ARA outputs.

• Lead, coordinate and execute challenges of NA Quarterly MCA entity ratings in accordance with Risk Policy ensuring that MCA entity ratings are representative of the MCA Entity’s risk exposure.

• Provide assistance to Businesses in anticipating and mitigating operational risks.

• Develop strong working relationship with the 1st line of defense within scope to be a valued and respected partner.

• In collaboration with ORM Business coverage, establish appropriate engagement process with the Business to enable meaningful challenge and oversight and participate in risk management focused forums.

• Partner with ORM Business Coverage leads / present relevant material as necessary at senior level governance forums such as Business Risk Reviews and Business Risk Compliance and Control Committees as well as for meetings with important stakeholders like the Regulators, 3rd Line of Defense and senior management.

• Ensure business adherence to operational risk policies with particular focus on Appendix A (Managers Control Assessment Framework). Ensure timely corrective action in case of non-compliance.

• Serve as the NA Consumer ORM Risk and Control Subject Matter Experts (SMEs) and provide feedback to ORM Business Coverage Teams on unmitigated significant risks.

• Execute responsibilities articulated in the ORM Policy for independent operational risk managers including MCA entity rating challenges and cycled ARA challenges.

• Ensure adherence to Consumer Op Risk procedures for independent Ops Risk Managers. Assist in the continuous improvement of these procedures to strengthen 2nd line of defense oversight.

• Ensure Business is linking all tools in place for managing the operational risk management cycle and evidencing the feedback loop across MCA, KOR and KRCI process, Scenario Analysis and Loss Analysis results on a continuous basis.

• Escalate operational risk events within the Business and within ORM as appropriate with relevant context and risk assessment.

• Participate in the annual policy attestation process by providing Business Coverage Product Leads with recommendations on MCA qualifiers and/or exceptions where applicable.

• Independently assess MCA Entity path to “Effective” and evaluate Business progress against the same.

Risk Identification, Analysis & Assessment

The Operational Risk Manager leverages all the core tools that are part of the ORM framework viz., the Key Operational Risk Identification and Key Risk Indicator monitoring process, Scenario Analysis, Manager’s Control Assessment Challenge, Internal and External Loss Analysis to provide effective oversight. Risk identification, analysis and assessment of current and emerging issues also requires working with Specialists in other second lines of defense as relevant for individual risk types associated with the business or product.

• Identify trends, themes, tendencies that indicate emerging operational risks by relying on mining trends in relevant metrics (especially MCA and IA data), loss data and external events. Effectively communicate learnings to ORM Business Coverage Leads in order to drive necessary responses and action.

• Proactively analyze various data sources to form an independent assessment/opinion of op risk in the relevant business or function within the scope of responsibility.

• Continuously monitor Key Operational Risks and related Key Risk Indicators reflected in the relevant MCA entities and escalate to NA Consumer ORM Business Coverage Leads, as appropriate.

• Understand and articulate alignment of Business level KORs and KRIs with SRORs and Risk Indicators of the MCA Entities that constitute / support the Business.

• Participate in and lead Risk and Control Assessment Challenges to proactively identify significant potential gaps in risk mitigation frameworks (e.g. MCA). Identify changes in business strategy or relevant regulations that may lead to an increase in operational risk exposure and ensure that the risks and controls are adequately reflected in the relevant MCA entity or entities.

• Analyze ops risk losses, KOR/KRIs, Independent Audit Exams, Compliance Testing results, Regulatory Exam results, QA results to ensure linkage and coverage in applicable risk and control frameworks (e.g. MCA).

• As required conduct Risk Reviews – independently or jointly with ORM NA Business/Function coverage.

Risk Mitigation

• Develop actions or, as appropriate, projects to apply lessons learned and share across relevant geographies/managed segments.

• Work as an independent partner to mitigate risk and improve processes and controls so as to take action before risks materialize into op losses.

• Evaluate control issues and ensure adequacy of Event Root Cause Analysis. Collaborate with ORM Business/Function in ensuring adequate corrective action plans.

Operational / Infrastructure Responsibilities

• Support the Head of Risk and Control Assessment unit in capacity planning and departmental activities including continuous process improvement to enhance efficiency.


Knowledge /Experience

Knowledge and Experience

• Work experience of 7+ years in the financial services industry in risk and controls assessment.

• In depth knowledge of Consumer NA businesses, products and the banking industry globally including major regulatory themes a plus.

• Leadership positions in Risk Management, Internal Audit, Compliance or related field a plus.

• Well versed in breaking down complex matters into core issues and root causes that can be more readily addressed.

• Experience with Citi Risk and the Managers Control Framework a plus.

• Business or Risk experiences in Credit Card, Retail Banking or Personal Wealth Management a plus.


• Strong analytical and conceptual skills.

• Independent thinker and able to perform a credible challenge of the Business.

• Ability to influence and convince without authority.

• Ability to work collaboratively within and across functions and Lines of Defense.

• Effective team player and contributor in dynamic and shifting teams as well as virtual teams.

• Superior communication and interpersonal skills.


• Proficient in MS Office applications necessary for executing on job responsibilities.

• Excellent data / quantitative analysis skills.

• Superior writing skills to develop high quality policy / procedure documentation.

• Executive presentation skills.


• Bachelor’s Degree / Master’s Degree in Business, Finance, Accountancy, Law, Science, or other relevant fields.

• Training/Certification or experience in database/MIS management tools a plus.