Senior Analyst, Operational Risk and Control (Financial Crime Risk and Control Assessment Lead) - Military Veterans


Depew, New York

At HSBC, the health and well-being of our employees remains of utmost importance. Many of our roles are permitted to work from home (in states in which HSBC is licensed to operate) until further notice. Upon resumption of normal operations, this role may be performed at our Depew, New York office.

The First Line Risk and Control Manager is responsible for assisting with the effective governance and management of non-financial risks in the First Line of Defense. This job provides specialist risk and control advice and/or support, challenges and insights, promoting risk and control monitoring and decision-making.

Impact on the Business
  • The First Line Risk and Control Manager is responsible for supporting the Senior Manager, SVP CCO (where applicable) and country Chief Control Officer with directing and managing the integration of Core Operational Risk Management activities and providing feedback on the embedding of the Operational Risk Management Framework activities within and throughout their respective area within the business. The First Line Risk and Control Manager may also be accountable for Core Operational Risk Management activities with respect to specific operational risk categories including Financial Crime, Regulatory Compliance, Information Technology and Cyber Security, Legal, Fraud, SOX, Operations Resilience, Product Due Diligence and Third Party Risk Management (Vendor) as required.

Business Specific Responsibilities

This role will support the First Line Risk and Control Senior Manager with the coordination of the following areas:

Policy and Governance:
  • Provide feedback on proposed operational risk policy for the business and likely impacts.
  • Provide advice to Risk Owners and Control Owners regarding operational risk policy dispensations. Provide guidance to Risk Owners and Control Owners in adhering to the ORMF (Operational Risk Management Framework) and operational risk policies.
  • Provide feedback on the embedding and use of the ORMF and the operational risk policies to Operational Risk and to the Risk Stewards.
  • Ensure and participate in appropriate and effective operational risk governance within the business.
Core Operational Risk Management:
  • Validate the design and operating effectiveness of the key controls through inspection, inquiry, observation and recommendation.
  • Review of risks and key controls through end-to-end process walkthroughs, events or thematic reviews, data-driven reviews or issue read across, and evidence reviews.
  • Carry out activities to help ensure control assessments are accurate, effective, comply with procedures, and meet quality control requirements.
  • Assist with the promotion of accountable risk and control decision-making based on quality data and commercial analysis.
  • Assist with the provision of specialist risk and control knowledge and insights.
  • Assisting with efforts to continuously improve the control environment and monitoring of risk, including behaviours.
  • Identify trends to anticipate future developments in the risk and control environment.
  • Actively challenge poor, inefficient or excessive controls, related tasks and behaviours.
  • Participate the development and implementation of future-fit risk management frameworks.
  • Assist with Influencing and shaping the development of regulatory frameworks in collaboration with internal parties.
  • Identify trends to anticipate future developments in the risk and control environment.
  • Promote desired behaviours and a positive risk culture across the remit area.
Oversight, Use and Embeddedness:
  • Co-operate as required with oversight reviews relating to risks and controls, for example with respect to tracking remediation activities.
  • Produce business operational risk reporting and insight based on RCA results for used for Risk Owners, Control Owners and wider stakeholders or governance. Escalate top and emerging operational risks working with Risk Owners.

Customers / Stakeholders
  • Support the business as per the activities outlined in the areas of focus for this role including Policy and Governance, Risk Appetite, Core Operational Risk Management, Oversight, Use and Embeddedness, and Reporting.

Leadership & Teamwork
  • Support an effective team through communication, performance management and a positive/constructive team dynamic.
  • Promote an environment that supports diversity and reflects the HSBC brand.

Operational Effectiveness & Control
  • Ensuring that all roles and responsibilities of the CCO as defined in the Global Risk FIM and as outlined in the RBWM Operating Procedures. Responsibilities are applied to specific operational risk categories, including Financial Crime, Regulatory Compliance, Information Technology and Cyber Security, Legal, Fraud, SOX, Operations Resilience, Product Due Diligence and Third Party Risk Management (Vendor) as required.
  • Complete other responsibilities, as assigned.

Role Context
  • Accountability and Decision-Making Responsibilities.
  • Supports the business in its management of operational risk appetite, ensuring business operates in compliance, with operational risk framework and standards.
  • Build relationships and interact with 'first line of defense' Business Partners, US Operational Risk team and other 'second line of defense' Risk Steward teams, Global CCO, and others for operational risk and internal control matters.
  • Daily discretion with assigned authority. Decisions beyond assigned authority are referred to higher levels of management for approval.

Management of Risk
  • Financial Crime (FC) and Legal Risk
  • The First Line Risk and Control Manager activities are to advise the Risk Owners and Control Owners in the risk assessment process, to advise on the mitigation process, to support control owner continuous monitoring of control effectiveness in order to validate the control assessment. As with other Risks and the associated controls, these activities pertain to specific Financial Crime and Legal risks and controls. The RBWM CCO supports monitoring the timely resolution of issues and actions pertaining to FC and Legal.
  • For FCC and Legal training-- the RBWM CCO tests the compliance of the first line of defense in the timely completion of mandatory training. The jobholder will remain current with all FC specific required training.
  • The job holder will be aware of and will pro-actively apply their knowledge of the Global Anti-Money Laundering (AML), Sanctions and Anti-Bribery and Corruption (ABC) Policies, Legal Policies, supporting US Guidance, and Line of Business Procedures in line with the core activities of the RBWM CCO. The jobholder will make informed decisions in accordance with the core principles of HSBC's Financial Crime Risk Appetite and Policies, and pro-actively escalate appropriately instances of deviation, whether evidenced through ongoing testing or control monitoring.

Observation of Internal Controls
  • All staff are responsible for ensuring the effectiveness of the controls that are in place to manage the risks in the processes and activities that they undertake in their day to day role.


Employment eligibility to work with HSBC in the U.S. is required as the company will not pursue visa sponsorship for these positions
  • Minimum of a Bachelor's degree with 5 - 7 years' equivalent experience. Background in Banking, risk management and / or internal audit; Audit, Risk or Compliance professional designation preferred
  • Analytical and review skills with the ability to draw the correct conclusions from reviews
  • Time management and organization skills with the ability to prioritize and multi-task
  • Understand and ensure compliance with all relevant internal and external rules, regulations and procedures that apply to the conduct of the business
  • Ability to work professionally with various levels of staff and management; strong teamwork
  • Excellent written and oral communication and presentation skills including the ability to deliver clear and accurate messages to management
  • Developed expertise in some area of risk and control activities
  • Complex problem resolution
  • Sound judgment, keen sense of urgency and initiative, and high level of professional and personal integrity

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Depew, New York

HSBC is one of the world’s largest banking and financial services organisations. Our global businesses serve more than 40 million customers worldwide through a network that covers 64 countries and territories.


Whether you are looking for a first job or taking the next step in your career, we offer many ways for you to realise your ambitions. Come and work with us and you'll have opportunities to make connections all over the world and help build the bank for the future.


If you would like to notify the Diversity Recruitment team of your application or if you are simply interested in learning about opportunities at HSBC, please email


Join our Talent Community today!