• Revise, enhance, and execute the enterprise risk management framework and related policies, procedures, SOPs, methodologies and frameworks • Fill critical program gaps within ERM and where applicable, develop and mature existing risk management capabilities and activities • Design ERM programs and processes that, where applicable, provide support to all business functions as they pertain to their specific risk management efforts, including model risk, third party risk, cybersecurity risk, ESG risk initiatives and other risk initiatives that make up the broader ERM portfolio • Develop and implement standardized process, risk and control taxonomies for processes, risks and controls across the enterprise • Establish and oversee control standard programs to ensure consistency and effectiveness • Support facilitation of refreshing AAC’s risk appetite annually to increase quantitative considerations and further refine qualitative statements • Oversee periodic recalibration aligned to capital, liquidity, and growth goals • Champion a strong risk culture across the organization, embedding risk awareness into decision-making and performance management • Produce training and communication materials regarding Enterprise Risk Management programs and requirements to further embed risk awareness into decision-making • Communicate with Senior Leaders, the Executive Team and Board of Directors • Serve as an integral member of the Leadership Group (LG) • Build organizational capacity and future leaders to enable success; works under general direction of Executive Head of ERM • Design and execute the ERM risk reporting strategy and approach, in concert with the Integrated Risk Reporting Team, for management, Executive Team, risk subcommittees, Governance and Risk Committee (GNR) ensuring appropriate connectivity between ERM programs and said reporting and enabling the Association’s ability to understand its enterprise risk posture • Coordinate with leaders and teams across primary risk areas (e.g. credit, technology, etc.) to guide processes to identify, assess, monitor, and report risk in line with ERM framework requirements • Primary role will be defining the vision for how to streamline metrics and reporting to tell a more meaningful story and working with the Integrated Risk Reporting Team (IRRT) to implement changes to existing dashboards • Influence the strategic development and maintenance of management and Board-level risk reporting to support appropriate business and strategic decisions, including an appropriate process for the timely escalation of key risk issues and exceptions to risk appetite • In collaboration with the Integrated Reporting Team, run the Enterprise Risk Assessment (ERA) at least annually, continuously incorporating lessons learned and improvements from prior cycles to mature the assessment approach • Ensure periodic recalibration of KRIs as business models, processes, and risk exposures evolve • Develop appropriate enterprise risk management aggregate reporting capabilities • Work with the Executive Head of ERM to design and conduct comprehensive non-operational risk assessments to ensure that all existing and emerging risks are appropriately identified, evaluated, prioritized, managed and monitored • Establish risk measurement tools and key risk indicators • Apply Second Line of Responsibility expertise to independently monitor, test, challenge, and report on risk-taking activities, ensuring an aligned and coordinated adherence to the Association’s risk appetite and regulatory standards • Support the Association’s Risk Sub-Committees as needed • Work with the Executive Head of ERM to ensure that appropriate policies, procedures, systems and controls are in place to enable risk-based decision making and the measurement and quantification of risks across the Association • Collaborate with Internal Audit, Compliance, and Legal teams as well as the senior and executive leaders of the Association to ensure compliance with FCA and other regulations • Work with the Executive Head of ERM to maintain and evolve the Association’s risk appetite framework, policies, and governance structures, as well as organizational learning and development of those concepts.