Head of Risk Management Cigna

To lead the risk management activities in the Saudi Arabia Branch. The Head of Risk will be reporting to KSA CEO and functionally will be reporting to the regional CRO to provide adequate assurance and ensure alignment with regional risk management activities. The role will cover both retained and outsourced activities.
The role entails implementing a comprehensive system of risk management that includes operational risk management, business resilience and internal controls. This will require working with key stakeholders, all relevant business units, to assist them in developing their risk management ecosystems, including policies and procedures, training, risk identification and reporting, etc., as well as empowering them to manage their own risks within preagreed parameters.
The role requires promoting a positive risk management environment, understanding of all relevant regulatory requirements, especially the IA and all other applicable regulators, entails being the key risk management point of contact for KSA across the Cigna Group and independent of other control functions (Compliance, Actuarial and Internal Audit).

Responsibilities:

• Facilitate risk identification through
  
  • (i) regular risk forums with participation by all relevant business units and
  • (ii) Establish and maintain risk registers for KSA as required.
• Undertake ad hoc risk reports as and when required by the business. This includes identifying and recommending to the business the need for risk reports as and when the need arises.
• Monitor key risk exposures, thresholds and limits, escalating to the appropriate level within Cigna as required.
• Risk Data Collection & Analysis: Gather, validate, and analyse risk-related data for reporting and decision-making.
• Policy Development & Implementation: Support policy-related tasks and assist in the rollout of risk policies and procedures.
• Risk Reporting: Ensure adherence to regulatory and regional requirements by preparing accurate and timely reports.
• Solutions & Gap Analysis: Perform risk assessments and required and, assess compliance with established standards, identify gaps, and recommend improvements.
• Internal Communication: Effectively use internal platforms to access, consolidate, and share risk-related information.

General:

• Act in accordance with all applicable regulatory requirements.
• Ongoing compliance with all fitness and propriety obligations as well as applicable certification regimes.
• Ensure areas for which this role has responsibility are adequately monitored and controlled.
• Ensure that where responsibilities are delegated, the following safeguards are in place:
  
  • Delegates are capable of taking on delegated activities;
  • Delegates are informed of the extent and limits of delegated responsibilities, ensuring this has been appropriately documented;
  • Supervise and monitor delegates, maintaining a suitable level of understanding of the activity delegated.
• Be open and transparent with all relevant governance committees, ensuring they are adequately apprised of all significant matters about which they should be made aware.
• Accountable for the management of risks inherent in the functional area of responsibility and for implementing risk management systems and controls that provide a suitable operational environment to support the delivery of strategic objectives.
• To ensure the principle of Treating Customers Fairly and related customer outcomes are embedded within the business and adhered to by those in their own functional area of responsibility.

Business Continuity Management and Resilience

• In coordination with the international BCM function and regional CRO, develop and implement a BCM strategy and implement an effective BCM system for KSA.
• Support and assist with Business Continuity Plans and Disaster Recovery Plans as required by the business.
• Contribute to the crisis management efforts if an unexpected event significantly affects operations or financial results.

Fraud Risk Management

• In coordination with the Regional Compliance Function. Implement fraud risk indicators and monitor suspicious activities.

• Identify, advise and report fraud risks across operations and evaluate external fraud threats.