Non-financial Risk Management Officer

Non-financial Risk Management Officer

DKV Belgium

Brussels, Belgium

Do you have a good view on how an insurance company works? Are you able to maintain a helicopter view on the different activities, processes, risks and controls of the company? And are you not afraid to deep dive and challenge and propose improvements to the different departments to ensure the risks in their processes are well understood and managed? Then this job is the right fit for you.

You will be part of the Non-Financial/Operational risk management team at DKV Belgium. You will work on improving and further developing the risk management framework & reporting in line with requirements of the company and external regulation (amongst others the Solvency 2 Framework and DORA).

In this, you will closely work together with other colleagues in risk management, other departments (IT, facilities, HR, customer and support services, other second lines of defense, etc.) and at ERGO Insurance N.V. as well as ERGO group level.

What the Key Tasks Look Like

Risk Identification, Assessment & Reporting:

• Coordinate the end-to-end risk identification and assessment process across the company (including Risk Inventory, Quarterly Risk Dashboard, Loss event Management, Key Risk Indicators);
• Continuously improve and enhance methodologies, templates, reporting and governance processes to support these risk exercises;
• Support and monitor the standardization and embedding of the risk reporting framework (e.g., Risk Opinions, Risk Assessments, follow-up of recommendations);
• Support effective use of Key Risk Indicators across business lines.

IT Risk Management: Contribute to the elaboration and implementation of a sound IT Risk framework (including among others):

• Ensure sufficiently robust operational DORA compliance and maturity of ICT oversight structures and processes;
• Fulfil risk management role as second opinion next to ISO view;
• Contribute to the review and challenge the development of overall IT Risk Indicators;
• Follow up on the IT/Information Security (IS) Risk Register and challenge risk assessments for identified risks and effectiveness of proposed measures;
• Follow-up on implementation of IT control catalogue.

1LoD Maturity and Risk Culture:

• Drive maturity improvements of the 1LoD (1st line of defense) from a 2LoD (2nd line of defense) perspective and coordinate roll-out of improvement initiatives;
• Support the development and delivery of training plans for 1LoD stakeholders (e.g., BROs (Business Risk Officers), Process Owners) to build risk capability and ownership;
• Coordinate monitoring and reporting to assess the quality and timeliness of 1LoD deliverables across domains;
• Enhance risk culture and awareness through stakeholder engagement and targeted communication initiatives;
• Support the alignment of 2LoD activity planning to facilitate effective execution of 1LoD responsibilities, considering timing and risk-based priorities.

Some of the following tasks could also form part of your package of assignments and duties – depending on your expertise and the task distribution within the team:

• Assist the team to implement, optimize and monitor the Risk Management Framework required by the internal policy framework and applicable regulations; and ensure reporting to senior management;
• Conduct ad-hoc risk analysis/investigation when required;
• Contribute to the 1st line of defense maturity improvement. Ensure sufficient awareness towards relevant stakeholders to help increase risk culture and maturity within the company;
• Monitor and support adherence to the PRG (Project Risk Governance) framework;
• Contribute to the regulatory reporting tasks as ORSA, RSR, SFCR, on domains of your expertise;
• Contribute to regular exercises linked to your expertise (e.g. Operational Risk and Control System, norms review, process/risks/controls review, timely closure of audit findings);
• Coordinate the Operational Risk Scenario Analysis process across the organization.

Under supervision from the Head of the Non-Financial Risk Management Department and/or other experts within the team, your work will require field collaboration with other staff within control functions such as Risk Management, Actuarial Function, Internal Audit and Compliance Function. You will also have contacts with first line business departments (e.g. ISO (Information Security Office), TPMF (Third Party Management Function), PMO (Project Management Office), IT, etc.), other support functions and other companies of the ERGO Group (mostly ERGO Insurance N.V.).

Depending on your seniority, you will have the support you need to accomplish your assigned tasks. The complexity of your assignments will vary and will allow you to grow your expertise and competencies.

Contribution to Operating Results:

As Non-Financial Risk Manager you help safeguard the controls put in place to ensure the company is not exposed to sudden unacceptable losses or negative impact on our reputation. You do so by monitoring risk evolutions in our process and the sector as well as advising on the most efficient control framework to ensure the risks we are exposed to remain within our appetite. You help the team to continuously improve the Risk Management Framework. Your main focus will be risk reporting, risk appetite and inventory, Project Risk Governance, IT Risk, KRIs.

Required Skills and Competences

• A master’s degree or equivalent through experience;
• You are fluent in English (both spoken and written), knowledge of the local languages (French and/or Dutch) is an asset;
• Prior work experience in a control environment or similar (Risk Management, Audit, Compliance), preferably in the Insurance (or more general Financial Services) Industry, is a strong asset;
• Communication skills: producing written reports and establishing clear and concise communication with work colleagues, other departments and management;
• Knowledge and experiences with Risk Management framework, risk identification, risk reporting, IT risks, project risk governance is a big asset;
• Knowledge of the key processes and operational procedures (incl. key risks and controls) in a health and life insurance company, is a big asset;
• The ability to look beyond figures alone / insight into the company/to see the way various factors connect;
• Team-player, but also able to work independently to complete a task successfully;
• Ability to learn quickly, take initiative and drive for results;
• Good time management skills;
• Great eye for detail;
• Good knowledge of MS office and Power BI.