Third Party Risk Analyst Lead

Job Description Team/Role Overview

Individuals in Operational Risk establish and manage operational risk policies, propose strategies, and governance processes designed to minimize losses from inadequate controls, fraud, and potential bankruptcy. This includes supervision over technology operational risk, cyber risk, and fraud risk. These individuals are also responsible for the development of tools and infrastructure that support fraud monitoring and prevention, using advanced analytical and statistical skills to identify policy gaps and recommend changes to current policies.

This role is crucial to the company as it fortifies against potential operational risks, thereby protecting the company's financial stability and reputation, and contributing towards the overall business resilience and success.

• Represent business leadership to coordinate and facilitate Third-Party Risk Management activities.
• Evaluate current market conditions and provide insight on trends/issues that could impact the business by external third parties.
• Advise the BAO on risk assessment for third parties and reassess as required; identify significant relationship changes to trigger risk assessment updates.
• Verify compliance of third parties with required policies and controls.
• Partner with business operations, technology teams, and internal functions to conduct on-site visits of third parties, as required.
• Maintain and update Citi’s Exit Strategy Plans as required; collaborate with business contacts to establish risk mitigation activities when the exit strategy poses significant risk to Citi.
• Interact with third parties on escalations of non-performance and contractual issues to drive resolution when appropriate.
• Monitor third party performance and Service Level Agreements (SLAs) through Citi Performance Management Assessment (PMA) process.
• Verify proper execution and upload of Third-Party contracts (e.g., Statements of Work) in Citi’s Contract Management System (eSourcing), collaborate with the Enterprise Supply Chain (ESC) organisation if renegotiations are required.
• Review, prioritise, assess, and act on results of Third-Party Risk Management assessments/controls with support from various internal functions, in conjunction with business and operations teams.
• Facilitate remediation of issues or gaps identified as part of ongoing monitoring.
• Define risk mitigation strategies and risk exceptions based on the business’s risk appetite.
• Provide thought leadership to drive supplier optimisation and efficiencies based on third parties' risk profiles, performance, and market trends.
• Standardise SLAs performance monitoring measures for like services, where possible.
• Liaise with the ESC Third Party Utility to review and respond to centrally conducted third-party risk management activities.
• When making business decisions, assess risk, uphold the firm's reputation, and protect Citigroup, its clients, and assets. This involves adhering to laws, rules, and policies, applying ethical judgment, and managing control issues transparently.
• Is an enthusiastic and early adopter of change; takes ownership for helping others see a better future and stay positive during uncertainty.
• Demonstrates and inspires curiosity in seeking new ways to overcome challenges; actively applies learning from failures.
• Challenges self and others to seek out and communicate alternative views even when unpopular; welcomes diverse ideas to improve outcomes.
• Acts as a change catalyst by identifying and helping others see where new ideas could benefit the organisation.
• Proactively seeks to understand and act in alignment with organizational decisions; helps others prioritise team and enterprise success over their own personal agenda
• Focuses on highest-priority work aligned to business goals; helps others effectively manage competing priorities.
• Proactively identifies opportunities to streamline work; creates process improvements that enhance efficiency for self and the team.
• Takes personal accountability for escalating, identifying, and managing potential risk; implements controls that enhance the client experience and operational effectiveness.
• Anticipates problems and…