JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at www.jpmorganchase.com.
The Corporate Third Party Oversight (CTPO) team is responsible for developing, deploying, overseeing and ongoing reporting of a program that drives the effective use of third parties to accomplish JPMorgan Chase's strategic goals. This includes building awareness of the program at the firm and ensuring consistency globally across both the Lines of Business (LOBs) and corporate groups. It also includes understanding and dissemination of regulatory requirements and reporting to regulators on the program and status. The major focus of the program is to ensure our vendors are performing to the same high standards that JPMorgan Chase holds itself accountable to including client service, quality, control, regulatory compliance, business resiliency and protection of information.
Supplier Assurance Services (SAS) The team provides IT and Operational risk management oversight for third party service providers in accordance with JPMorgan Chase (JPMC) Third Party Oversight (TPO) Standards. The SAS Shared Service team supports a number of Lines of Businesses (LOBs), including GTI (Global Technology Infrastructure), Asset Management (AM), Consumer & Business Banking (CBB) and Corporate and Investment Banking (CIB).
The SAS team is a centralized group that manages supplier operational and technical risk assessments for all LOBs. A subset of this team provides Operational Risk assessments only. The operational risk assessment group provides consistent administration of all third party engagement activity in order to ensure compliance across all LOBs. This position will be responsible for conducting onsite and/or remote Operational Risk Assessments identified by the book of work.
- Evaluate the control environment of the Third Party Providers, focusing on the operational risk outlined in the comprehensive risk assessment process
- Actively partner with internal and external stakeholders
- Evaluate the adequacy of the operational controls based on risk factors learned while partnering with internal stakeholders
- Document the inherent and residual risks found during an operational assessment.
- Obtain evidence and document results found during an assessment
- Ensure all internal and external escalation procedures are in place and properly functioning
- Identify risks at the Third Party Provider that do not have adequate controls in place.
- Responsible for proper evidentiary closing of opened remediation plans as a result of the assessment process
- Identify and recommend areas of process improvement to enhance Third Party Provider operational efficiencies
- Communicate with key stakeholders, including but not limited to Information Risk Management, IT Risk Management and Delivery Management partners
- Monitor and measure identified gaps as a result of assessments and ensure all internal and external partners are held accountable for their process improvement action plan(s)
- Lead or complete work associated with other special projects, as assigned