Ngành nghề
Nơi làm việc
Huỳnh Thanh Nhân Si
Thông tin nghề nghiệp
7
Trên đại học
Trưởng phòng/ Quản lý cấp trung
Tp Hồ Chí Minh
Kinh nghiệm làm việc
Từ 2014 đến 2017: Nhân viên/ Có kinh nghiệm tại Vietnam Joint Stock Commercial Bank for Export and Import (Eximbank)
- Supervise, review and report the compliance with prudential ratios within Credit Institution pursuant to SBV's regulation.
- Prepare and reports liquidity risk, asset - liability management, compliance with SBV's regulations to ALCO and Risk Management Committee.
- Manage and report liquidity risk, market risk probability regarding inter-bank trading practices, foreign exchange, gold trading and financial/investment practices.
- Assist for Basel II's project manager and project coordinator regarding assessing current risk management at Eximbank.
- Construct and compute Internal Credit rating system for domestic Credit Institutions. Periodically report/ad-hoc report credit rankings for domestic Credit Institutions.
- Prepare drafts on market risk management, capital adequacy requirement in accordance with Basel II's principles and Circular 41.
- Construct policies and internal processes regarding limits and prudential ratios within Credit Institutions.
- Prepare and reports liquidity risk, asset - liability management, compliance with SBV's regulations to ALCO and Risk Management Committee.
- Manage and report liquidity risk, market risk probability regarding inter-bank trading practices, foreign exchange, gold trading and financial/investment practices.
- Assist for Basel II's project manager and project coordinator regarding assessing current risk management at Eximbank.
- Construct and compute Internal Credit rating system for domestic Credit Institutions. Periodically report/ad-hoc report credit rankings for domestic Credit Institutions.
- Prepare drafts on market risk management, capital adequacy requirement in accordance with Basel II's principles and Circular 41.
- Construct policies and internal processes regarding limits and prudential ratios within Credit Institutions.
Từ 2017 đến hiện nay: Trưởng phòng/ Quản lý cấp trung tại Shinhan Vietnam Finance Company (Previous Name: Prudential Vietnam Finance Company)
I. COMPLIANCE
1. Regulatory Compliance
- Monitor, control and assure the internal regulations are informed and applied in the
Company in compliance with the local laws and regulations (establishment and
operating licenses, lending operations, operations of credit institutions and non-bank
credit institutions, credit card, domestic and international borrowings, life insurance,
debt classification and allowance for risk provisions, etc.,) and Group’s requirements;
- Perform Gap Analysis on the new laws and regulations released by the local
authorized organizations (the State Bank of Vietnam, Ministry of Finance, etc.) to
identify the impacts on operations; then communicate and cooperate with related
stakeholders in order to full-fill the gap(s) and be complied with the new laws and
regulations.
- Prepare reporting contents to local authorized bodies particularly the State Bank of
Vietnam and/or coordinate with related stakeholders to suggest/co-prepare and
submit reports as required/prescribed by SBV.
2 of 6
- Manage and review the regulatory change database which consists of relevant laws
and regulations impact on Company’s operations.
2. General Compliance and Financial Crimes including AML/CTF
Compliance
- Review the corporate governance structures of the Company, such as internal
regulations of Members’ Council, Board of Management, Supervisory (Control)
Committee, Internal Audit, functional Committees (Risk Management Committee,
ALCO, Credit Risk Management Committee, etc.,);
- Design, establish based on Group’s Codes and deliver Code of Conducts, Ethics of
to all staff in the Company and be responsible to monitor, supervise and ready to
clarify inquiries from related stakeholders;
- Review and suggest/recommend on internal stakeholder’s policies/ processes; and
research, develop new policies/ processes/ etc. as requested;
- Give advices/ perform risk assessment/ suggest for product features for new
product campaigns that arisen from related stakeholders;
- Manage and perform Due Diligence requirements regarding Anti- Money Laundering
and Anti-Bribery & Corruption for entity(s) which shall enter into the
services/commodities agreements with the Company;
- Manage, monitor and perform Anti-money Laundering screening tasks for all staff,
customers and vendors through the internal AML screening system with another
supporting screening tool – Dow Jones Factiva;
- Manage and monitor the AML screening system; periodically and/or on ad-hoc basis
updated watch-list, sanctions list, terrorist list, etc. required by State Bank of
Vietnam, Ministry of Public Security and/or Group;
- Handle/ give suggestions/opinions on internal, external incidents and unexpected
cases arisen from related stakeholders;
- Research, analyze and localize Group’s requirements into Company’s internal
regulations which shall be applicable and doable in accordance with Company’s
current circumstances; ensure these internal regulations are implemented in
adherence with Regional requirements and are complied with local laws and
regulations.
- Perform and prepare Management Information report(s); such as Compliance
reports submitted to CEO and Group’s Compliance offices;
- Communicate with Group’s offices on specific matters regarding the findings
resulted from the operating incidents, compliance review(s), any breaches of local
laws and regulations arises during the reporting period; current Company’s
Compliance operations, etc.,
3 of 6
3. Compliance Quality Assurance
- Perform Quality Assurance review(s) on periodically and or ad-hoc basis which
focuses on operations (sales, credit underwriting, safety ratios, collections,
customers services, anti-money laundering, etc.,) of Company’s stakeholders to
ensure there are no non-compliance issues arise, specifically:
(i) Preparing Term of Reference which consists of QA review’s scope,
objectives, methodology, report distributions;
(ii) Conduct Desktop review, Fieldwork including policy review, interview,
quantity sampling check, etc.
(iii) Draft and finalize report: communicate with stakeholders to finalize the
findings and propose/recommend corrective actions.
(iv) Follow-up corrective actions in order to assure compliance with internal
policies and local regulations.
- Submit and report to Head of Legal & Compliance, Chief Executive Officer and the
Group.
- Co-ordinate with Internal Audit regarding conducting the reviews.
4. Compliance Training
- Prepare, design Compliance training contents and provide Compliance training
courses for all staff including new hires and existing ones;
- Cooperate with the Training Vendor to design training contents, provide Compliance
online training courses as well as manage the Compliance online training courses
through internal system.
II. OPERATIONAL RISK MANAGEMENT
- Construct, manage, implement and monitor operational risk management policy,
processes, procedures and risk management framework to assure any risk exposure
retained within company’s risk appetite.
- Develop, implement, monitor and manage the Risk & Control Self-Assessment
(RCA) within the company including Key Risk Indicators (KI) / Key Risk Register
(KRR)/ Departmental Risk Register (DRR)/ Key Risk Profile based on risk matrix
framework
+ Closely work with internal stakeholders to identify new DRR with suitable risk
threshold (non-financial/ financial measures) via KIs; discuss the probability,
frequency, underlying implications, etc., to define the inherent risk level; then come
up with recommendations, such as controls, policies, procedures to determine the
residual risk level.
+ Frequently update the KIs of DRR, KRR based on current threshold or to
amend, supplement threshold on quarterly basis. Cooperate with stakeholders
(especially risk coordinator) to monitor and indicate the DRR that exceeded the
defined upper threshold in order to escalate to Risk Management Committee as KRR.
4 of 6
+ Develop the risk matrix framework with measurements such as financial
impact (quantitatively) and frequency level to provide and timely update the Key Risk
Profile to related stakeholders and Risk Management Committee.
+ Follow-up actions and controls testing that conducted via Compliance Quality
Assurance review and/or Internal Audit reviews.
+ Preparing RCA Report on quarterly basis and submitted to Risk Management
Committee.
- Develop, manage and implement the Business Continuity Program (BCP):
+ Ensure the business resilience in the event of disruption, outage, pandemic
disease, typhoon, floods, etc. pertaining to company’s processes, business functions
and critical systems.
+ Discuss with company’s key stakeholders to indicate and determine their
primary or critical systems, processes and functions and their desired recoverable time
or restored time during the unexpected events occurs.
+ Closely cooperate with company’s stakeholders to build up contingent plans,
including recommending processing steps and actions regarding emerging responses,
working facilities, working sites, key contacts, etc.,
- Develop, manage and implement the Business Impact Analysis:
+ Predict and simulate the consequences or the financial impacts if the outage,
disruption, pandemic disease, typhoon, floods, etc. happen and pertain to company’s
operations.
+ Cooperate with IT stakeholders to define the ATO/ RTO, APO/ RPO and MAD
when the unexpected events happens
+ Discuss with business stakeholders including front-line and back-office to
understand the operations and define the restore priorities level amongst systems,
functions, business and their dependencies.
- Manage and monitor monthly internal/ external incidents or ad-hoc incidents
reported including recommended actions provided to related stakeholders per request.
- Enhance the operational risk awareness and culture within the company via
training and periodical newsletters.
III. INFORMATION RISK MANAGEMENT
- Manage, update and implement IRM and Data Privacy policies, process,
procedures in the company as required by laws and regulations.
- Update the regulatory change and conduct gap analysis assessment including
recommended, remedial actions to full-fill the gaps in cooperate with IT stakeholders.
- Monitor, control and/ or authorize the IRM & Data matters regarding SIT, emails
sent out, users’ service requests, contracts with suppliers, services providers, parties that having data transfer.
- Provide training and enhance IRM & Data Privacy awareness within the Company
1. Regulatory Compliance
- Monitor, control and assure the internal regulations are informed and applied in the
Company in compliance with the local laws and regulations (establishment and
operating licenses, lending operations, operations of credit institutions and non-bank
credit institutions, credit card, domestic and international borrowings, life insurance,
debt classification and allowance for risk provisions, etc.,) and Group’s requirements;
- Perform Gap Analysis on the new laws and regulations released by the local
authorized organizations (the State Bank of Vietnam, Ministry of Finance, etc.) to
identify the impacts on operations; then communicate and cooperate with related
stakeholders in order to full-fill the gap(s) and be complied with the new laws and
regulations.
- Prepare reporting contents to local authorized bodies particularly the State Bank of
Vietnam and/or coordinate with related stakeholders to suggest/co-prepare and
submit reports as required/prescribed by SBV.
2 of 6
- Manage and review the regulatory change database which consists of relevant laws
and regulations impact on Company’s operations.
2. General Compliance and Financial Crimes including AML/CTF
Compliance
- Review the corporate governance structures of the Company, such as internal
regulations of Members’ Council, Board of Management, Supervisory (Control)
Committee, Internal Audit, functional Committees (Risk Management Committee,
ALCO, Credit Risk Management Committee, etc.,);
- Design, establish based on Group’s Codes and deliver Code of Conducts, Ethics of
to all staff in the Company and be responsible to monitor, supervise and ready to
clarify inquiries from related stakeholders;
- Review and suggest/recommend on internal stakeholder’s policies/ processes; and
research, develop new policies/ processes/ etc. as requested;
- Give advices/ perform risk assessment/ suggest for product features for new
product campaigns that arisen from related stakeholders;
- Manage and perform Due Diligence requirements regarding Anti- Money Laundering
and Anti-Bribery & Corruption for entity(s) which shall enter into the
services/commodities agreements with the Company;
- Manage, monitor and perform Anti-money Laundering screening tasks for all staff,
customers and vendors through the internal AML screening system with another
supporting screening tool – Dow Jones Factiva;
- Manage and monitor the AML screening system; periodically and/or on ad-hoc basis
updated watch-list, sanctions list, terrorist list, etc. required by State Bank of
Vietnam, Ministry of Public Security and/or Group;
- Handle/ give suggestions/opinions on internal, external incidents and unexpected
cases arisen from related stakeholders;
- Research, analyze and localize Group’s requirements into Company’s internal
regulations which shall be applicable and doable in accordance with Company’s
current circumstances; ensure these internal regulations are implemented in
adherence with Regional requirements and are complied with local laws and
regulations.
- Perform and prepare Management Information report(s); such as Compliance
reports submitted to CEO and Group’s Compliance offices;
- Communicate with Group’s offices on specific matters regarding the findings
resulted from the operating incidents, compliance review(s), any breaches of local
laws and regulations arises during the reporting period; current Company’s
Compliance operations, etc.,
3 of 6
3. Compliance Quality Assurance
- Perform Quality Assurance review(s) on periodically and or ad-hoc basis which
focuses on operations (sales, credit underwriting, safety ratios, collections,
customers services, anti-money laundering, etc.,) of Company’s stakeholders to
ensure there are no non-compliance issues arise, specifically:
(i) Preparing Term of Reference which consists of QA review’s scope,
objectives, methodology, report distributions;
(ii) Conduct Desktop review, Fieldwork including policy review, interview,
quantity sampling check, etc.
(iii) Draft and finalize report: communicate with stakeholders to finalize the
findings and propose/recommend corrective actions.
(iv) Follow-up corrective actions in order to assure compliance with internal
policies and local regulations.
- Submit and report to Head of Legal & Compliance, Chief Executive Officer and the
Group.
- Co-ordinate with Internal Audit regarding conducting the reviews.
4. Compliance Training
- Prepare, design Compliance training contents and provide Compliance training
courses for all staff including new hires and existing ones;
- Cooperate with the Training Vendor to design training contents, provide Compliance
online training courses as well as manage the Compliance online training courses
through internal system.
II. OPERATIONAL RISK MANAGEMENT
- Construct, manage, implement and monitor operational risk management policy,
processes, procedures and risk management framework to assure any risk exposure
retained within company’s risk appetite.
- Develop, implement, monitor and manage the Risk & Control Self-Assessment
(RCA) within the company including Key Risk Indicators (KI) / Key Risk Register
(KRR)/ Departmental Risk Register (DRR)/ Key Risk Profile based on risk matrix
framework
+ Closely work with internal stakeholders to identify new DRR with suitable risk
threshold (non-financial/ financial measures) via KIs; discuss the probability,
frequency, underlying implications, etc., to define the inherent risk level; then come
up with recommendations, such as controls, policies, procedures to determine the
residual risk level.
+ Frequently update the KIs of DRR, KRR based on current threshold or to
amend, supplement threshold on quarterly basis. Cooperate with stakeholders
(especially risk coordinator) to monitor and indicate the DRR that exceeded the
defined upper threshold in order to escalate to Risk Management Committee as KRR.
4 of 6
+ Develop the risk matrix framework with measurements such as financial
impact (quantitatively) and frequency level to provide and timely update the Key Risk
Profile to related stakeholders and Risk Management Committee.
+ Follow-up actions and controls testing that conducted via Compliance Quality
Assurance review and/or Internal Audit reviews.
+ Preparing RCA Report on quarterly basis and submitted to Risk Management
Committee.
- Develop, manage and implement the Business Continuity Program (BCP):
+ Ensure the business resilience in the event of disruption, outage, pandemic
disease, typhoon, floods, etc. pertaining to company’s processes, business functions
and critical systems.
+ Discuss with company’s key stakeholders to indicate and determine their
primary or critical systems, processes and functions and their desired recoverable time
or restored time during the unexpected events occurs.
+ Closely cooperate with company’s stakeholders to build up contingent plans,
including recommending processing steps and actions regarding emerging responses,
working facilities, working sites, key contacts, etc.,
- Develop, manage and implement the Business Impact Analysis:
+ Predict and simulate the consequences or the financial impacts if the outage,
disruption, pandemic disease, typhoon, floods, etc. happen and pertain to company’s
operations.
+ Cooperate with IT stakeholders to define the ATO/ RTO, APO/ RPO and MAD
when the unexpected events happens
+ Discuss with business stakeholders including front-line and back-office to
understand the operations and define the restore priorities level amongst systems,
functions, business and their dependencies.
- Manage and monitor monthly internal/ external incidents or ad-hoc incidents
reported including recommended actions provided to related stakeholders per request.
- Enhance the operational risk awareness and culture within the company via
training and periodical newsletters.
III. INFORMATION RISK MANAGEMENT
- Manage, update and implement IRM and Data Privacy policies, process,
procedures in the company as required by laws and regulations.
- Update the regulatory change and conduct gap analysis assessment including
recommended, remedial actions to full-fill the gaps in cooperate with IT stakeholders.
- Monitor, control and/ or authorize the IRM & Data matters regarding SIT, emails
sent out, users’ service requests, contracts with suppliers, services providers, parties that having data transfer.
- Provide training and enhance IRM & Data Privacy awareness within the Company
Kỹ năng
Chưa cập nhật
Ngoại ngữ
- Tiếng Anh (Trung cấp)
Học vấn bằng cấp
Chưa cập nhật
Mục tiêu nghề nghiệp
Chưa cập nhật