Vendor Risk Officer (French Speaker) | IT CIO Office

The CIO Office is a transversal department, working for the IT of the group. This aim of this area is foster a consolidated view of IT, that is split in various business units, enabling enhanced management and communication for the scope.

The CIO Office operates in close connection with the support functions, to promote more efficient channels of communication for management control.

The main areas of scope of the CIO Office are: Project based management, associated with resources, activities and planning control. In addition, it includes control activities associated with KPI implementation and monitoring, financial and Budget control. As well, the CIO Office aims to harmonize the practices and rules, to facilitate a cross-cutting understanding of the challenges and the needs.

Main tasks and Goals:

We are seeking a meticulous and proactive VRM Control & Data Quality Specialist (LOD1) to join our team and ensure the compliance and data quality of the EBA (European Banking Authority) outsourcing register. In an ever-evolving regulatory landscape, this role is crucial for guaranteeing the reliability of our information and effective risk management related to outsourcing.

The Vendor Risk Management team covers following missions on Natixis scope:

• Globally manages supplier risks framework
• Animates the Natixis VRM Committee and local procurement teams
• Accompanies contractualization steps
• Monitors risks linked to vendors
• Follows up vendors incidents
• Performs controls or ensures controls are executed

At first, the you’ll be in charge of VRM LOD1 (Line of Defense 1) controls on EBA outsourcing register: ·

- Perform Line of Defense 1.2 (LOD1.2) controls on the EBA register, meticulously checking for missing, incorrect, or inconsistent fields.

• Manage the register corrections and update process by coordinating actions with the BPCE Achats & Services Shared Services Center and international platforms.
• Collaborate with stakeholders to clearly communicate regulatory requirements and data entry rules, ensuring full understanding and correct application of procedures.
• Monitor and validate the accurate and timely completion of all corrections within the register.
• Contribute to the update and improvement of the EBA register procedure, incorporating regulatory changes and lessons learned.
• Document and formalize the results of control activities within the Priscop tool, ensuring traceability and compliance of records. ·

- Develop and produce KPIs (Key Performance Indicators) related to register quality and communicate these KPIs to all relevant stakeholders to inform decision-making and foster a culture of continuous improvement. ·

- Identify areas for improvement, focusing on data quality within the Grasp tool and exploring opportunities for automation of controls and processes.

Over time, you’ll be then entrusted with other tasks such as participating to team projects and other important topic for VRM.