Aparna Gupta

• Appointed as the first Group Enterprise Risk Head to implement risk management framework from the scratch.
• Developed enterprise risk management framework, a detailed training and implementation plan, along with presentation to the Risk Committee for its approval and adoption. Implementation underway.
• Built and implemented a risk appetite methodology and approval of risk appetite at group level and developing Key risk indicators for monitoring.
• Built Corporate Governance Framework for risk committees.
• Lead Second Line of Defence (2LoD) control testing framework for various key functions, including treasury, credit, operations, and IT.
• Established Vendor risk management process, Incident management and risk based insurance processes for Aspire.

• Appointed as the first Chief Risk Officer for Wise Asia, with coverage across 11 markets including Singapore, Hong Kong, Malaysia, India, Japan.
• End to end ownership of risk management including implementation of Enterprise Risk Management Framework, across all 11 markets in Asia.
• Developed corporate governance model for licenced market including setting up of Audit risk committee and risk presentation to Board.
• Lead control development process for 1 LoD teams (operations, IT, cyber, financial risk) to create better controls to mitigate existing or potential risks.
• Lead strategic project to develop mitigating actions to key regulations such as preparing wind down plans for Asia entities, with key focus on capital requirements and practical end to end implementation and scenario testing.
• Created an effective risk culture, with focus on risk based decisions and 1st Line ownership of risks and controls, risk training rollout across organization.
• Partnered with other 2 LoD and Internal audit to develop focus areas for control improvements in compliance, operational risk including technology.

• Lead Operational resilience project (contract) - Transformed bank's processes to meet the regulatory (FCA) requirements on Operational resilience.
• Represented operational risk function in the cross bank project and prepared project plans including roles and responsibilities, collaborated with other teams, including technology, business teams on the project and implementing the book of work.
• Review and challenge Operational risk processes, policies, metrics, risk and control self-assessment.
• Lead Operational risk for Policy and Governance (contract)- Built strategy and managed Global training for entire Operational risk to meet learning requirements of 1LOD and 2LOD.
• Successful launch of bank wide training for new Operational risk toolset and completion of external IRM trainings.

• Provide direction to business on remediation of risks and audit findings.
• Developed the methodology for 1st line risk management and engagement with audit and CISO teams.
• Guided tech teams on risk management and completing tasks based on the methodology.
• Set up governance model for 1st line teams and ran monthly risk management forums for closure of regulatory audit and other reviews.
• Risk identification and control management of technology related processes and projects.

Manage Internal Audit assignments for Asia pacific region across businesses.

● Partnership in regional audit strategy by creating an audit structure to manage stakeholders, delivering value added audits,

● Develop and execute end to end audits including planning, execution and reporting of the audits using risk based approach, for all regional functions focusing on regulatory requirements for Anti Money Laundering (AML/CFT), risk, Technology, etc.

● Benchmarking current controls with Industry standards, and actively challenging management on control topics

● Represent audit in regional risk forums and managing team, and

● Providing guidance and coaching to other staff members.

Key Achievements: a) Value added audit observations that lead to key control enhancements within the functions and minimizing impact of regulatory inspections

Lead the development and implementation of Operational Risk Framework across the bank as per Basel Committee on Banking Supervisory (BCBS) and Prudential Regulatory Authority (PRA) requirements.

● End to end management and implementation of key policies and procedures for Operational risk (including communications),

● Educating key businesses support functions through Risk workshops and collaborating with function and country management,

● Partner with Project team on Risk system changes to support implementation of the risk framework,

● Subject matter expertise to business on implementation of the risk frameworks, and

● Plan and perform assurance testing to monitor compliance by management of the policies and reporting to Senior Stakeholders.

Key Achievements:

● Standardization and simplification of the Incident management procedures for the Group,

● Seamless and real time communication of policies to all stakeholders, and

Assurance results were used to ensure accurate reporting to PRA.

As First Line of Defence (FLOD), the role involved risk and control management for Operations & Technology and Finance:

● Governance to Senior management by driving risk management committees including ToR management, Secretarial duties, etc.

● Implement second line of defense policies and procedures such as Risk and Control Self assessment, managing Incident breaches as per Operational risk processes and ensuring timely escalation to Senior management and key risk indicators,

● End to end audit (External and Internal) support to business including remediation of audit issues,

● Value added risk and control guidance on the key processes and projects to stakeholders,

● Create awareness of the risk and controls through training and newsletter.

Key achievements: a) Better understanding of audit issues (including vendor risks) and ensure proper accountability and successful closure, b) Standardized and streamlined remediation processes and controls within country technology teams to minimize risks, c) Successful completion of Risk and control self-assessments for finance teams for 2012/ 2013, d) Overall reduction in risk incidents due to proper control enhancement Project

Manage project on Internal Counterparty Accounts (ICA) for Reference Data

● Manage counterparties project across bank, including deadline management, reporting on the project and drive process improvement initiative for future process,

● Data analytics to categorize and control counterparty information, provide and implement recommendations, and

● Provide risk and control related support for the project.

Review risk and control self assessment (RCSA's) and Operational Risk events across the function based on process maps,

● Perform control testing, formulating recommendations and presenting to management, and

● Develop and present key performance indicators for Senior Management.

Lead end to end process based audits for the business globally.

● Development of control self assessment framework, including risk and control assessments.

● Perform special audits for product life cycle to assess the risks and identify control gaps.

Lead SOX and internal audits for industries including Capital market dealers.

● Perform Business Process Evaluation, business re-engineering and providing value added review.

● Develop a risk framework across various clients.