Summary
Overview
Work History
Skills
Accomplishments
Affiliations
Additional Information
Certification
Education
Work Availability
Work Preference
Quote
Software
Languages
Interests
Websites
Timeline
Hi, I’m

EMILIA MOHD EMLA

HEAD, RISK AND COMPLIANCE (VENTURE CRO)
KAJANG
EMILIA MOHD EMLA

Summary

SUMMARY OF KEY RESULT AREA (KRA) GOVERNANCE AND METHODOLOGY Thematic Review and Gap Analysis report across regional entities Trainings and briefings on risk management, business process management/improvement, process excellence and business continuity management Term of Reference (TOR) for multiple committees at Board and/or Senior Management levels Integrated Risk Management Framework with three line of defences approach Operational Risk Management Framework e.g introduction of new OR tools/ building blocks i.e scenario analysis, risk profiling register and heat map. enhancement of OR processes specifically for monitoring and reporting, incorporation of shariah non-compliance and IT/ cyber risk to be in line with Basel, BNM latest Operational Risk policy document gap analysis and Operational Risk Integrated Online Network (ORION) requirements. Appetite Statement 2020 by focusing on SNC, secrecy breach and technology risk related incident/event and escalation process at Board and Management Level Top 20 Group KRI and escalation process at Board and Management Level Operational Risk Management Policy Risk Control-Self Assessment/Risk Register Procedure Incident Management & Data Collections/Loss Event Procedure Key Risk Indicator Operational Procedure Scenario Analysis Operational Procedure Fraud Management Policy & Framework Third-Party Risk Management Framework Outsourcing Risk Policy Shariah Risk Management Framework Shariah Risk Management Policy & Procedure Risk Event Type category for Shariah based on Basel II Crisis Communication Policy Technology Risk Management Framework Cyber Resilience Framework Cyber Response Plan Information Security Policy Revision of Operational Resilience & BCM process and design Business Continuity Management Framework & Policy Business Continuity Plan BCM – Risk Assessment BCM – Business Impact Analysis Emergency Response Plan Pandemic Plan Crisis Management Plan Disaster Recovery Plan Call Tree Plan Reputational Risk Policy Business Process Management Policy Process Documentation Policy Adoption and Implementation of PPPWI Policy Revision of Wind-Down Policy Revision of Incident Reporting on IT and non-IT incident management Other relevant manuals, templates, checklists etc

Overview

23
years of professional experience
6
Certifications
14
years of post-secondary education

Work History

SOLV SDN BHD, STANDARD CHARTERED VENTURE GROUP, Kuala Lumpur

Head of Risk & Compliance (Venture CRO)
2023.01 - Current (1 year & 8 months)

Job overview

  • Venture CRO/BCM – Report to: CEO/Venture Lead
  • • Led the development and execution of an Enterprise Risk Management Framework (ERM), focusing on areas such as operational and technology resilience, risk register management, and internal controls enhancement.
    • Spearheaded the establishment of continuity and resilience plans (BCM), bolstering the company's readiness for unforeseen events, including pre-go live and go live facilitation and approval processes.
    • Directed the refinement of Operational Risk processes, with a keen focus on ensuring compliance with evolving regulatory standards and industry best practices, including financial crime, ABC (anti-bribery and corruption), and COI (conflicts of interest) and fraud mitigation.
    • Pioneer in deployment of new system on third party risk management and establishment of bespoke assessment templates and checklists.

KAF DIGITAL BANK BERHAD, Kuala Lumpur

Head of Risk Management (Digital Bank CRO)
2022.12 - 2022.12

Job overview

  • Digital Bank CRO/BCM– Report to: CEO
  • • Engineered a robust Enterprise Risk Management (ERM) framework, with a particular focus on Business Continuity Management (BCM) to ensure operational resilience during disruptions.
    • Developed and implemented a Risk Control-Self Assessment (RCSA) procedure to proactively identify and mitigate risks, aligning with regulatory compliance standards, due diligence requirements and incorporating cyber response plans and information security protocols to mitigate cyber threats and vulnerabilities effectively.
    • Conducted targeted training sessions on Risk Management and Business Continuity to enhance employee awareness and adherence to regulatory guidelines, including COC (Code of Conduct) principles.
    • Facilitated the development of a Risk Management Roadmap and Operational Readiness Requirements, ensuring alignment with regulatory standards and obtaining necessary approvals from regulators.

TRANGLO SDN BHD, Kuala Lumpur

Head/VP of Risk (Acting CRO)
2021.10 - 2022.11 (1 year & 1 month)

Job overview

  • Management & Process Excellence & BCM/Acting CRO – Report to: CSO
  • • Established a comprehensive Enterprise Risk Management (ERM) framework, emphasizing Operational Resilience and incorporating in enterprise risk registers to systematically identify, assess, mitigate risks through enhancement risk RCSA assessment, business process management approach in achieving process excellence.
    • Spearheaded the development and implementation of a Fraud Management Policy and Framework, aligning with compliance standards and enhancing the organization's defense against financial crime and fraudulent activities.
    • Implemented a robust Third-Party Risk Management Framework, ensuring due diligence in vendor selection and fortifying the organization's resilience against external risks.
    • Led efforts to achieve ISO Certification for 27100 and 27200, demonstrating adherence to international standards for Information Security Management Systems (ISMS) and bolstering the organization's cybersecurity posture.
    • Implemented cyber hygiene practices and technology risk assessments to strengthen the organization's defenses against cyber threats, aligning with regulatory requirements and industry best practices.

SME BANK BERHAD, Kuala Lumpur

Head/VP of Operational
2019.10 - 2021.10 (2 years)

Job overview

  • Risks Management (ORM, SRM, BCM, TRM) – Report to: Group CRO
  • • Orchestrated the revision of Operational Resilience and Business Continuity Management (BCM) processes, aligning them with Integrated Risk Management framework incorporating technology, cyber and infosec related aspects to enhance the organization's ability to withstand operational disruptions.
    • Crafted and implemented a comprehensive Shariah Risk Management Framework/Policy together with establishment of shariah working group committee.
    • Led the establishment of a robust Business Continuity Plan (BCP) for critical operations, ensuring seamless business continuity during disruptive events such as Major Change Outages (MCO) and crisis situations.
    • Collaborated with stakeholders to develop Key Risk Indicators (KRIs) and conduct Risk Control-Self Assessment (RCSA) procedures, fostering a proactive risk management culture and ensuring compliance with regulatory requirements.
    • Initiated Risk Culture Programs and appointed Risk Champions to promote risk, compliance, BCM and ABC awareness and facilitate related initiatives across the organization including branches, driving the implementation of Risk Management Roadmap objectives.

AFFIN BANK GROUP BERHAD, Kuala Lumpur

Head/VP of Operational Risk Management
2017.03 - 2019.10 (2 years & 7 months)

Job overview

  • Report to: Group CRO
  • • Implemented a comprehensive Operational Risk Management Policy, instilling risk-awareness throughout the organization and ensuring alignment with Enterprise Risk Management objectives.
    • Established a robust Incident Management & Data Collection procedure, facilitating the timely response and resolution of operational incidents to minimize impact on business operations.
    • Conducted interactive Scenario Analysis and Risk Review workshops to identify and assess potential risks, enhancing risk identification and management capabilities across the organization.
    • Led the development and maintenance of the Risk Register and business line mapping, capturing and evaluating risks to inform strategic decision-making and prioritize risk mitigation efforts.
    • Collaborated with stakeholders to conduct Risk Control-Self Assessment (RCSA) procedures and Incident Management & Data Collection (IMDC) exercises, enhancing risk monitoring and control mechanisms.

AMINVEST, AMBANK BERHAD, Kuala Lumpur

Senior Manager
2014.07 - 2017.03 (2 years & 8 months)

Job overview

  • Process Review (PM, ORM, BCM, Strategic Mgmt, Org Realignment) – Report to: CEO/COO
  • • Conducted comprehensive Operational Risk thematic review programs, meticulously assessing operational processes and procedures to identify gaps and recommend enhancements.
    • Facilitated the design and review of Operational Risk tools and building blocks, optimizing risk assessment and mitigation processes for increased efficiency and effectiveness.
    • Developed and implemented an Enterprise Risk Management transition plan, orchestrating the alignment of risk management practices with organizational objectives and priorities.
    • Led the development and maintenance of the Enterprise Risk Register, capturing and evaluating key risks to inform strategic decision-making and risk mitigation strategies.
    • Collaborated with stakeholders to establish a Program Management Office and Corporate Admin structure, centralizing administrative functions to streamline operations and improve organizational efficiency.

MAYBANK ISLAMIC BERHAD, Kuala Lumpur

AVP
2013.05 - 2014.07 (1 year & 2 months)

Job overview

  • ORM, BCM, ERM, Regional Desk – Report to: Regional CRO
  • • Spearheaded the implementation of an integrated Risk Management framework, orchestrating the adoption of standardized processes for risk identification and mitigation across the organization.
    • Established a robust Business Continuity Management framework, ensuring the resilience of critical operations against various potential disruptions.
    • Conducted comprehensive risk assessments and audits for regional operations, meticulously evaluating adherence to regulatory requirements and internal policies to mitigate operational risks effectively.
    • Collaborated with stakeholders to develop and maintain the Risk Register, capturing and analyzing key risks to inform strategic decision-making and risk mitigation strategies.
    • Led the establishment of a Centre of Excellence for Islamic Finance covering all Islamic entities across Maybank Group and house of Maybank pillars, providing specialized expertise and support in Islamic finance risk management practices and strategies.

BANK SIMPANAN NASIONAL BERHAD, Kuala Lumpur

VP of Enterprise Risk
2012.01 - 2013.04 (1 year & 3 months)

Job overview

  • Operational Risk, Policy & Governance – Report to: Head, ORM, SRM and BCM
  • • Developed and implemented an Operational Risk Management Policy, articulating clear guidelines for the identification, assessment, and mitigation of operational risks within the organization.
    • Established a comprehensive Enterprise Risk Management Policy inclusive relevant risk tools and metrics, systematically addressing risks associated with third party engagements to safeguard organizational interests.
    • Conducted tailored training sessions on Operational Risk Management for staff, enhancing their awareness of risk factors and fostering a culture of accountability and proactive risk management.
    • Orchestrated Branch Business Continuity Planning (BCP) exercises and pandemic preparedness plans, ensuring operational resilience and continuity in the face of potential crises for head office and branches.
    • Spearheaded initiatives for digitalization and digitization, leveraging technology to enhance risk management processes and streamline operations in alignment with organizational objectives.

SCOPE INTERNATIONAL (M) SDN BHD, Kuala Lumpur

Unit Operational Risk Manager
2010.03 - 2012.01 (1 year & 10 months)

Job overview

  • Global Shared Services Hub for STANDARD CHARTERED BANK, to: Business Operational Risk Manager (BORM)/ Global Head of GCC
  • • Implemented a robust Operational Risk Management framework, proactively identifying and mitigating operational risks to ensure the organization's resilience and continuity.
    • Conducted rigorous risk assessments and audits across various operational units, pinpointing control weaknesses and recommending enhancements to strengthen risk management practices.
    • Developed and implemented an Incident Management & Data Collection (IMDC) procedure, facilitating timely response and resolution of operational incidents to minimize their impact on business operations.
    • Spearheaded the establishment of an Incident Command Centre and facilitated Board Operational Risk Committee (BORC) and Forum Operational Risk Committee (FORC) meetings, ensuring effective oversight and governance of operational risk management processes.

TURNER & TOWNSEND SDN BHD, Kuala Lumpur

Assistant Project Manager
2006.05 - 2010.03 (3 years & 10 months)

Job overview

• Project and Contract Management, Administration and Expat Services, Talent Acquisition, BD - Report to: Regional COO

•SPOC on centralised repository across the company of multiple projects in managing high level project timelines, budgets, and quality standards as well as involvement in preliminary project risk assessments
• Led the review of construction and oil & gas incumbents in preparation of their profiles and interview arrangements (junior to middle management) for placement for short projects within clients’ head offices or subsidiaries. Progressive engagements with clients to facilitate preliminary or ad hoc requirements.
• Orchestrated project teams and facilitated seamless communication especially with stakeholders, ensuring alignment with project objectives and requirements throughout the project lifecycle.

SIEMENS MALAYSIA SDN BHD, Petaling Jaya

Project Administrator
2001.05 - 2006.05 (5 years)

Job overview

Administration, Procurement, HR Services, Contract Management, Document Controller - Report to: SVP of Communications and Mobile
• Offered proficient administrative, procurement and hr operations services support to project teams, ensuring streamlined project operations and effective communication channels at regional capacity.
• Maintained meticulous project documentation and records, facilitating accurate project tracking, comprehensive reporting and appointed Document Controller across the Group during ISO 9001:2001 certification activities.
• Assisted in project planning and scheduling activities, contributing to the timely and successful execution of project deliverables as well as site visits to project sites, clients sites, base station sites and bonded warehouses.

Skills

RISK MANAGEMENT

undefined

Accomplishments

Accomplishments
  • Facilitate and review affected stakeholders project risk and controls documentations for any new or enhancement projects especially connecting to third party dependencies
  • Ensure that the respective PMO team members (both business and IT) to log, document and update respective potential risk and issue resolutions
  • Third-party Risk/Outsourcing risk (IT and non-IT)
  • Group Risk Management representative for outsourcing policy gap analysis task force
  • Drive the outsourcing risk initiative and establishing the outsourcing risk framework, outsourcing risk appetite, outsourcing material risk assessment and relevant templates
  • Anti-Bribery, Corruption risk (ABC) and ABMS certification
  • SPOC for Risk Management with Institut Integriti Malaysia (IIM) and representative during workshop sessions
  • Involved in gap analysis and establishment of ABC procedures and implementation plan
  • Develop Bribery and Corruption risk assessment templates
  • Alternate Chairman for Anti-Bribery and Corruption Risk (ABMS) committee
  • PROJECTS
  • Driving Strengthen Risk Culture via Corporate Culture and Strategic Intent programmes
  • Establishment of Mission Critical Position (MCP) and Technical Critical Position (TCP)
  • Annual Report – specifically for SORMIC (Statement of Risk Management and Internal Controls)
  • Data Leakage Prevention (Data Leakage)
  • Branch re-alignment
  • Project Tazkiyah (towards Full Fledge Islamic Bank – FFIB)
  • PSC and permanent members for multiple committees (product, customer service, operations and corporate development, technology, business continuity, shariah functions working committee
  • Establishment of embedded function within 1st Line of Defence i.e Compliance and Risk Liaison Officer (CRLO) – SPOC for compliance, operational risk and business continuity
  • Develop training and briefing deck for Shariah Roadshow, Fostering Credit Culture, Compliance and Risk Liaison Officer (RILO), Group Human Capital Management conferences etc)
  • Call Centre Transformation
  • Enterprise Content Management and Digital Imaging System
  • Document and record management system
  • Digital Branch
  • Website enhancement and analytics
  • BNM PMO progress reporting on critical projects
  • Real time Retail Payments (RPP) - PAYNET requirements
  • Payment Card Industry (PCI) Data Security Standard (DSS) related requirements
  • Mobile Device Management (MDM/BYOD) guidelines
  • Hire Purchase rationalisation project
  • Organisational realignment – entity wide
  • Vendor Performance Management inclusive of on-boarding and annual due diligence
  • Revision of Risk & Control Self Assessments (RCSA), Key Risk Indicators (KRI) and Incident Management & Data Collection (IMDC) policies and procedures
  • Regionalisation and Regional Helpdesk for COE
  • Risk Centre of Excellence (COE) – Shariah and Islamic Banking
  • Risk Talent Blueprint
  • Automation of Business Continuity Management (Level of Disruption, Risk Assessment, Business Impact Analysis and Business Continuity Plan)
  • Institutionalise Shariah Compliance e.g Islamic Guru Series, Shariah Risk Masterclass etc
  • Enterprise Risk Management transition from COSO to ISO 31000
  • Contact Centre Project
  • Data Management Framework (Data Security)
  • IT Operating Blueprint
  • JKK & MBJKK (Wakil Majikan) and HIRARC Commitee – Health & Safety
  • Tender Evaluation Committee for all outsourcing & IT projects
  • Data Governance Framework (Data Steward)
  • Enterprise business continuity and disaster recovery simulations with third party vendors
  • Train-the-trainer departmental continuity coordinator workshop
  • ISO 9001 Certification for Turner & Townsend Malaysia Berhad
  • Fit-out project for Bandaraya Development Berhad (BRDB) at Bangsar Shopping Centre
  • Conversion project for ABN-AMRO to RBS Bank Berhad at KLCC
  • Conversion of Makro Hypermarket to TESCO Extra Hypermarket
  • Construction project of Legoland with Iskandar Investment in Johor
  • ISO 9001 Certification for Siemens Malaysia Berhad
  • Document Controller – record management across Siemens group
  • Tender exercises, Request for Proposal (RFP), Request for Quotation (RFQ) or Request for Information (RFI) for telco service providers (Maxis, Digi, Telekom, Nokia) – multiple projects e.g base station
  • CONFIDENTIAL Page 5 of 6

Affiliations

Affiliations
  • DRI @ Disaster Recovery International
  • PMI @ Project Management Institute
  • ISACA @ Information Systems Audit & Control Association
  • IOR @ The Institute of Operational Risk
  • PRMIA @ The Professional Risk Managers’ International Association
  • AICB @ Asian Institute of Chartered Bankers
  • SIRIM @ Standards and Industrial Research Institute of Malaysia
  • CIDB @ Construction Industry Development Board

Additional Information

Additional Information
  • BUSINESS-AS-USUAL (BAU) Multiple engagements with senior management and affected stakeholders on operational risk scenario analysis awareness, development and implementation. Design and lead operational risk thematic review programme inclusive of briefings, focus group discussions and cross-functional workshops. Post deliverable of scenario analysis submission to BNM via ORION. Conduct in-depth review for existing OR tools and building blocks (RCSA, KRI and LER) across SME Bank Group as integrated risk approach across enterprise-wide. Identify current and emerging risk vulnerabilities of the Bank and the level of preparedness through the current operational risk management framework and tools in place for emerging risk e.g cyber threats and third-party risk. Risk Management Drive and promote awareness of the risk management framework via risk identification, assessment, mitigation & control, monitoring, and reporting process to provide ongoing risk culture and governance across Group and subsidiaries. Engage with Business Units and process owners to review existing processes and controls, drive a strong, embedded risk and controlled practices culture that optimises risk/ reward and overall uplift the quality of risk and control activities to achieve strategic and/or business objectives. Work with internal stakeholders in identifying root cause analysis (causal) on control failures and mitigating operational and prudential risks. Highlight significant risk (event or incident) relating to control problems. Then evaluate via observation and prioritise recommendation or advice to respective Heads or Leads for onward escalation to Senior Management and/or Board. Identify weak processes or controls through process review and control effectiveness as part of assurance activities. Use insights from the risk and assurance activities to facilitate the design (new or revise), proper process documentation, and test the effectiveness of controls through periodic assessment or monitoring via risk management tools. Update and review the entity’s risk register on periodic basis. Liaise with internal and external auditors as part of assurance activities i.e ensure proper closure of assurance findings in a timely manner with relevant action owners via effective action plans. Safeguarding the business by facilitating them in carrying out effective risk practices and to continuously improve them especially on operational risk matters relating to change, process improvement and implementation enhancement initiatives across the functions Process Excellence/Business Process Management Share best practices to assist internal stakeholders. Identify risk, provide suggestion and recommendation for action plan. Test existing and/new policies, processes, procedures and work instruction if they are in placed according to the documented policies, procedures, laws and regulations, guidelines, checklists, work programs etc Assist or suggest internal stakeholders to develop new process and procedures where necessary. Provide internal control assurance report and action plans to DIC/TL on areas requires improvement Provide assistance, guidance and support to ensure corrective action plans are effectively implemented. Be custodian of all approved TGOC policies, processes, procedures and work instructions. Process Risk & Control Implement holistic business process management for design, risk assessment and improvements. Facilitate and review affected stakeholders risk and controls documentations for any new or revised processes from ‘As-Is’ to ‘To-Be’. Oversee that the internal control process ensures all staff and operations is working towards the Bank’s objectives with efficiency and integrity.

Certification

Certified Business Continuity Professional (No. 35147) – CBCP title

Education

Asia E University, Malaysia Petaling Jaya

Master of Arts from Master of Business Administration (MBA)
2023.04 - Current (1 year & 5 months)

University Overview

University of Northumbria Newcastle, UK Kuala Lumpur

Bachelor of Arts from Bachelor of International Business Administration (BAIBA)
2001.04 - 2013.12 (12 years & 8 months)

University Overview

Availability
See my work availability
Not Available
Available
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Work Preference

Work Type

Full TimeContract Work

Work Location

HybridRemoteOn-Site

Important To Me

Company CultureWork-life balanceCareer advancementPaid sick leaveHealthcare benefits401k matchPaid time off4-day work weekWork from home optionFlexible work hoursTeam Building / Company RetreatsStock Options / Equity / Profit SharingPersonal development programs

Quote

A game changer!
Own Quote

Software

MS OFFICE (Words, Excel, PowerPoint, Access, Publisher, Project, Visio), SAP R/3, ACROBAT, PEOPLESOFT, PHONEIX, OPTIAL, HOGAN, C1, CCMS, RLS, APPS, CEMS, CRES, ARIBA, OPERATIONAL RISK SYSTEM (ORMS), BNM ORION etc

Languages

English
Bilingual or Proficient (C2)
Malay
Bilingual or Proficient (C2)

Interests

Exploring new ideas

Websites

Timeline

Asia E University, Malaysia
Master of Arts from Master of Business Administration (MBA)
2023.04 - Current (1 year & 5 months)
Head of Risk & Compliance (Venture CRO)
SOLV SDN BHD, STANDARD CHARTERED VENTURE GROUP
2023.01 - Current (1 year & 8 months)
Head of Risk Management (Digital Bank CRO)
KAF DIGITAL BANK BERHAD
2022.12 - 2022.12

Certified Project Management Professional (No. 3259077) – PMP title

2022-05

Certified Information Systems Auditor (No. 221995417) – CISA title

2022-05
Head/VP of Risk (Acting CRO)
TRANGLO SDN BHD
2021.10 - 2022.11 (1 year & 1 month)
Head/VP of Operational
SME BANK BERHAD
2019.10 - 2021.10 (2 years)
Head/VP of Operational Risk Management
AFFIN BANK GROUP BERHAD
2017.03 - 2019.10 (2 years & 7 months)

Certified Lean Six Sigma – Yellow Belt

2015-05

Certified Information Management System (IMS) – ISO 9001/ ISO 18001/ ISO 14001

2015-05
Senior Manager
AMINVEST, AMBANK BERHAD
2014.07 - 2017.03 (2 years & 8 months)
AVP
MAYBANK ISLAMIC BERHAD
2013.05 - 2014.07 (1 year & 2 months)

Certified Business Continuity Professional (No. 35147) – CBCP title

2012-05
VP of Enterprise Risk
BANK SIMPANAN NASIONAL BERHAD
2012.01 - 2013.04 (1 year & 3 months)
Unit Operational Risk Manager
SCOPE INTERNATIONAL (M) SDN BHD
2010.03 - 2012.01 (1 year & 10 months)
Assistant Project Manager
TURNER & TOWNSEND SDN BHD
2006.05 - 2010.03 (3 years & 10 months)

Certified Fire and First Aider under Malaysian Red Cresent

2003-05
Project Administrator
SIEMENS MALAYSIA SDN BHD
2001.05 - 2006.05 (5 years)
University of Northumbria Newcastle, UK
Bachelor of Arts from Bachelor of International Business Administration (BAIBA)
2001.04 - 2013.12 (12 years & 8 months)

Similar Profiles

  • Wan Nurulhuda Binti Selipol Bahari

    Wan Nurulhuda Binti Selipol Bahari Wan Nurulhuda Binti Selipol Bahari null

    Manager Test Automation at Standard Chartered Global Business Services Sdn. Bhd.Manager Test Automation at Standard Chartered Global Business Services Sdn. Bhd.

    View Profile
  • Azhari Noh

    Azhari NohAzhari Noh

    Specialist FCSO TM & Fraud Procedure at STANDARD CHARTERED GLOBAL BUSINESS SERVICES SDN BHDSpecialist FCSO TM & Fraud Procedure at STANDARD CHARTERED GLOBAL BUSINESS SERVICES SDN BHD

    View Profile
  • Shiva Sakthivel

    Shiva SakthivelShiva Sakthivel

    Senior Project Manager- Java Development at Standard Chartered Global Services Sdn. BhdSenior Project Manager- Java Development at Standard Chartered Global Services Sdn. Bhd

    View Profile
EMILIA MOHD EMLAHEAD, RISK AND COMPLIANCE (VENTURE CRO)