Third-party Risk Management

You are acting as the point of contact for our local entities on the implementation of Scor’s Third Party Risk Management Framework.

The TPRM Officer contributes, your area of responsibilities, (i) to the effective and efficient operationalization of applicable regulations, internal standards, and control frameworks, within the Scor Group, and (ii) to a sound governance of Third-Parties from on-boarding to exiting the relationship.

The TPRM Officer shows great ability at complex problem solving and is pragmatic.

The TPRM Officeris a seasoned professional with relevant experience and expertise in the field of governance (incl. effective reporting), operational risk management, and regulatory matters applicable to the management of Third Parties in the Insurance /Reinsurance sector (DORA, SII/Outsourcing, ESG, CSRD etc).

**First Pilar: Third Party Governance and Third Party Risk Management Framework (TPRM) implementation**

As a global organization, Scor receives services from various Third-Parties (management and IT consultants, data and technology providers, BPOs, etc.). The TPRM Officer implements, and continuously improves, Scor’s TPRM framework to:

- Manage and reduce operational risk related to Third-Parties throughout the lifecycle from on-boarding to exiting the relationship.
- Monitor Third-Party performance and controls with a focus on ICT Third-Parties and Outsourcers including in an intra-group context
- Ensure compliance with internal policies and regulation (inc. regulatory reporting and maintenance of third-party inventories)Provide Management with insights on the Third-Party portfolio to support an informed decision making process

The TPRM Officer identifies critical Third Parties and ensures end-to-end monitoring of the relationship. You are acting as a business partner to the contract owner and provides expert advice along the lifecycle.

The TPRM Officer participates in third-party reviews, drives categorization and risk assessments, supports definition of risk mitigation activities, and monitors actions originated by assurance functions or regulators.

The TPRM Officer contributes to a valuable information flow between Group, the local entities and the regions on Third-Parties related matters and TPRM framework implementation.

You are monitoring effectiveness of the TPRM Framework.

**Second activity pilar**:Regulatory and internal standard implementation, incl. reporting

The TPRM Officer assists the Head of Operations Governance in implementing new regulations impacting the supply chain (AI act, ESG related regulations, DORA, Outsourcing regulations).

You are identifing gaps and upgrades required in Scor’s TPRM framework and associated controls, policies, and processes, to enable compliance.

The TPRM Officer supports audits in your area of responsibility, propose mitigation actions to findings and monitor their executions.

**Key duties and responsibilities**
- Implement and enforce Third-Party framework
- Create, enhance, or adapt Policies and guidelines, processes, workflow, reporting and tools to support implementation of Scor’s TPRM framework, existing regulations, and new regulatory requirements impacting the management of Third-Parties
- Adopt and implement relevant governance and control frameworks
- Train and support contract owners in the adoption of TPRM framework and internal control framework in area of responsibility (for example on conducting due diligence, criticality assessment, risk management, etc.)
- Ensure sound governance of critical Third-Parties across the entire lifecycle (categorization, due diligence, contracting, onboarding, monitoring, termination, renewal)
- For critical Third-Parties, support contract owners in developing exit strategies/termination plans
- Engage with assurance functions on any Third-Parties related audit (internal or external) and monitors the implementation of the corresponding actions
- Participate in interactions with critical Third-Parties and regulators
- Take ownership of the Group’s Third-Party regulatory registers (DORA, Outsourcing), ensure data are accurate and maintained
- Support effective and efficient assurance and onboarding of new vendors through completion of the TPRM framework processes
- Monitor and review Third-Party compliance on an ongoing basis and identify risks of no compliance with internal standards and regulatory requirements
- Complete and manage internal documentation and gather necessary metrics for reporting
- Assist with the preparation and presentation of reports on Third-Parties risk, compliance monitoring to Management and notification to regulators
- Provide advice, guidance, and training to various stakeholders on the TPRM framework, including in an intra group context.

**Required experience & competencies**
- A minimum of 5 years’ experience in Third Patry Risk management acquired in a global financial institution or other regulated industries
- Data analytics and reporting
- Lean process en