Maureen Ramahlo

Risk Management and Risk Governance: (supporting Head of ERM and embedding enterprise risk at business unit level – Personal and Commercial Lines Insurance):

Ownership of overall risk governance, oversight and integrated reporting for short-term insurance business

• This includes responsibility of managing risk profile, by enabling identification of emerging risks in daily operations of business, in line with ERM framework, ORM Policy, IC policy, Risk Escalation Policy and Risk Governance framework
• Developed and maintained all Group ERM governance policies, frameworks, standards, processes and other ERM tools, that support effective risk management and control within first line of defense
• Facilitated annual end-to-end policy review process for ERM specific policies and ensure that that all updates and changes are implemented and approved at different governance forums
• Designed policy training material for annual group-wide online policy refresher courses as well as Board training
• Facilitate implementation and embedding of risk management framework within parameters of applicable risk appetite statements
• Provide input into Group’s risk profile to ensure that key risks are managed, relevant action taken, and adequate controls are implemented by management
• Overall coordination and aggregation of all key business units’ risks for Risk Committee reporting purposes in order to provide summary and overview of Group’s key risks
• Monitor compliance with applicable regulations while ensuring that significant operational losses are identified, remediated and reported through relevant process
• Establish risk indicators to pro-actively identify risks and/or to act as early warning signs of events that may occur or risks that are not managed within predefined risk appetite and tolerance thresholds
• Obtain good understanding of external and internal business environment, including strategic and operational objectives in order to evaluate and identify any new and emerging risks
• Obtain and aggregate loss events occurring at business unit level as input into Group reporting process
• Monitor performance of key processes and systems within specified parameters and report any identified control gaps
• Monitor business units’ compliance to ERM framework, policies and other risk standards, and escalate instance of non-compliance according to escalation matrix
• Monitor delivery of internal audit findings management actions and conduct risk assessments on impact of changing management action due date on significant rated findings
• Provide subject matter expertise to business management through articulation of accurate information, guidance and advice aligned to regulatory requirements, standards, and audit findings
• Developed annual risk plan that supports business strategy with specified targets, as approved by EXCO, OPCOM, ERMF and Risk Committee
• Drive risk culture building initiatives
• Combined Assurance: Established Combined Assurance Forum, took lead on selecting relevant forum attendees and ensuring that planned and ad hoc Combined Assurance Plan reviews are undertaken timely for closure of weaknesses identified through external and internal assurance providers
• Conduct Combined Assurance Assessments with business risk and control owners and assurance providers, across Group
• Establish and maintain optimal working relationships with business’ Executive Management, Operational Management and other Group functions that support operations (IT, Finance, Underwriting, HR and Procurement)
• Reporting on Combined Assurance coverage at business unit level and aggregated to Group level
• Responsible for related governance activities with respect to Combined Assurance Management- developed charter, framework, and aggregated reporting template
• Reporting: Developed and implemented framework for reporting, including applicable templates for all risk reports and dashboards, for business units within different entities, aligned with Group reporting standards
• Responsible for managing inputs into and submission of BU related top-down risk heat-maps and bottom-up risk registers
• Prepared final reports and presentations required for Group reporting at various levels, for different forums
• Responsible for ensuring information is integrated in timely manner; it’s acute, completed and appropriately integrated and synthesised at strategic level
• Collation of data for periodic Regulatory Reporting requirements for ERM.

• Compliance Management (supporting InfoSec, Technology, Enterprise Business Solutions and Data Governance functions)
• Maintained all Group ERM and Compliance governance policies, frameworks, processes and tools
• Conducted periodic reviews and ad hoc updates of risk policies, frameworks and procedures with changes in business strategy and processes
• Facilitated ongoing identification and assessment of risks affecting achievement of strategic, tactical and operational objectives
• Conducted in-depth structured analysis into topical and emerging risks within business areas of responsibility
• Facilitated Control Self-Assessments (CSAs) on key operational processes, including monitoring of planned mitigations
• Provided guidance and support to business units and functions, specifically risk owners, on risk identification and management activities
• Provide Subject matter expertise on risk and compliance management issues, incidents and trends
• Identified requirements for project assurance provision as part of Combined Assurance processes
• Combined Assurance Forum member, responsible for undertaking planned and ad hoc Combined Assurance reviews for closure of assurance gaps identified through external and internal assurance providers
• Established Group-wide improvement initiatives for risk governance and reporting requirements
• Defined, implemented and maintained risk intelligence database and automated data analytics at various reporting levels
• Established trusted advisory capability for Management to provide leading risk practices and consulting activities
• Developed and maintained reporting templates for all risk reporting requirements aligned to Group reporting standards
• Group reporting at various levels, for different forums
• Insurance Portfolio and Renewal Specialist:
• Developed comprehensive insurance renewal strategy, complete with risk-based goals and objectives for approval by Executive Management
• Extensive review of insurance specifications for each line of coverage
• Ensured timely submission of complete insurance underwriting data, applications and questionnaires
• Assisted business representatives with collation and submission of insurance renewal data for annual renewal process
• Ensured all applicable country-specific legislations relating to insurance are observed and complied with
• Provided training to responsible staff on new insurance data renewal system - resolved queries from users and managed escalations to system service provider
• Facilitated timely review and approval of quotes, and payment of insurance premium invoices
• Reviewed and managed insurance claims during periods of cover and identified control weaknesses and trends prior to next renewal period
• Central point of contact for company's insurance broker - management of queries and changes to insurance coverage
• Produced periodic and ad hoc reports for different risk governance forums and Executive Management committees
• Project Risk Management:
• Second line assurance provider for key group projects/ programs
• Supported Programme/ Project Manager in managing risks and opportunities across complex, high-value projects
• Facilitated risk and opportunity identification workshops with project sponsors, project owners, business analysts and business functional representatives to identify risks related to new initiatives - technology or business projects
• Ensured sound project risk management processes are in place and executed effectively
• Attended at key project meetings and forums to assist with resolutions to project risk challenges and disputes
• Maintained portfolio view of projects within business units
• Periodic project risk reporting at business unit and Group management forums and meetings
• System Administrator and Super-user - Risk Management System:
• Implementation and maintenance of GRC system
• Super user and GRC system administrator, including license allocations, user training and support
• Query management to resolution including management of escalations to system service provider
• Central point of contact between Group and system service provider regarding resolving queries, managing payment of invoices or additional system requirements for further development.

• Management: Managed and maintained risk profile for short-term insurance business unit, including risk incidents and mitigation actions
• Facilitated awareness activities and capacity for risk management across all operational activities
• Managed (identify, assess, mitigate, report and escalate) all risks to business and appraised Executives and Group Risk Management
• Implemented and embedded all risk policies and frameworks within within operations
• Offered advisory services to business' Executives on all emerging and current risk matters
• Facilitated annual risk management planning
• Coordinated functioning of business unit's Risk Executive committee
• Prepared and reported significant risks to business unit EXCO, Board, Group Risk Management and Compliance committees
• Responsible for developing Quality Assurance Risk Assessment Frameworks – systematic monitoring and evaluation of various risks to ensure that business standards and quality are being met
• Responsible for Process Mapping and improvement initiatives
• Implemented business specific Compliance Frameworks - in conjunction with Group Compliance Officer, assist in closing business compliance exposure gaps
• Driving effective implementation of relevant industry specific legislation
• Developing strong solid Policies, Processes and Procedures that are directly linked to simplified measurable set of targets to be followed
• Performed Root Cause Analysis of escalated issues within business with special focus on designing processes to improve on current processes and prevent reoccurrence of issues
• Business Continuity Planning for discovery Insure and its business partners, e.g. Strategic and Retail Partners, to complete risk assessments and provide clarity on management of their business continuity planning activities
• Management of Internal and External Audit findings with specific focus on creating interventions to prevent future audit findings
• Creation of strategic road maps (Processes, Policies and Procedures) to look for new areas of improvement to mitigate/eliminate risks and create measurable targets continuously
• Attendee at Finance and Risk Committee meeting
• Data Privacy Programme (part of Group-wide POPIA implementation programme): Monitoring Data Leakage points across key areas and business users
• Risk Assessment of Data Dispensation Requests from business users
• Monthly reporting to CIO and relevant stakeholders on Data Dispensations approved/ declined and provided rationale for data movement approvals
• Monitoring User Access Management of high-risk data repositories
• Implementation of internal controls for business processes that require data movement
• Approval management of requests for SFTP channels for B2B data transmissions
• Business Continuity Management: Ensure departmental business continuity/ disaster recovery plans are kept up to date
• Representative at Group BC/DR Management forum
• Planning for Interim, ad-hoc (due to operational process changes) and year-end Disaster Recovery testing
• Key point of contact for planned disruptions to invoke plans as and when required
• Managing BC/DR call trees and administrated BC/DR WhatsApp group

Special Projects: Collaborated with Forensics, Internal Audit, Compliance and Ethics teams to complete Group-wide assessment of organization’s exposure to Fraud especially one perpetrated by staff members

• Analysis of standard operating procedures of various critical business activities that are susceptible to Fraud, to find all potential exposure points taking into account people and systems involved in processes
• Documented identified failure points together with current control weaknesses and made recommendations for improvement
• Provided input into presentation for Group Executive team detailing organization’s risk rating, financial impact over assessment period, gaps in mitigating controls and recommended improvements in line with best practice
• Developed strategy for prevention, detection, and response to fraud risk
• Periodic monitoring is conducted to ensure adherence to agreed terms including performance in line with agreed service levels
• Further reviews will be conducted on contract close-out, extension or renewal
• Business as Usual Activities: Risk Assessments: Facilitate risk identification/ assessing interviews and/ or workshops
• Facilitate risk and control self-assessments (RCSA) to help Business Units (BUs) identify risks and assess effectiveness of their controls
• Effectively challenge business unit's risk and control assessments, where necessary
• Interact with BUs in order to identify practical solutions to address control weaknesses and process deficiencies that are of concern to them
• Risk Quantification and Aggregation: Assisting BUs with Risk Appetite & Risk Tolerance level setting
• Risk Monitoring: Monitoring key risks via loss events, risk events, key risk indicators (KRIs)
• Monitoring and tracking resolution of risk and control matters through use of action plans and effectively escalating issues timely
• Governance and Culture: Working with Head of Risk and CRO to create and maintain Risk Management strategy across Group
• Giving input into design of new risk and compliance policies in line with applicable risk management standards and legislative requirements
• Co-ordinate annual risk policy attestation and review processes, including writing new policies
• Responsible for designing and documenting of Risk Function's standard operating procedures
• Monitoring compliance to organization’s policies, processes and guidelines, and report on risk exposure arising from non-compliance
• Monitoring business activities to determine compliance with applicable legislation including accurate and timeous reporting to specific regulatory/ compliance monitoring managers
• Designing risk awareness campaigns to enhance ERM culture across organization and Group Risk Function brand
• Cultivating compliance culture across business unit's through ongoing awareness, training and other relevant interventions
• Strategic Initiatives – Special Project: Conducted strategic risk assessment to identify significant risks that business would be exposed to from increase in shareholding in joint venture
• Analysis of external consultant’s reports to determine impact on Group strategy, capital requirements and value created should shareholding be increased
• Reviewed memorandum of understanding to ensure that terms agreed are commercially favorable to Group with relevant legal protections in place and communicated observations (gaps)
• Provided input during drafting of definitive contract documents ensuring timely review and approval/ reconciliation of variations
• Risk Reporting: Regulatory Reporting lead – SAIA champion responsible for coordinating feedback on requests from various Regulators by facilitating business’ input and ensuring quality of submissions
• Managed input into all applicable risk reports to ensure completeness, accuracy and validity of risk reporting for Board, Audit and Risk Committee and Group Executive Committee
• Maintaining Risk and Incident Registers for Corporate functions
• Reporting on effectiveness of Risk Management System and/ or actions required to ensure its efficiency
• Reporting on Loss Events, KRIs, Emerging Risks, RCSAs and Project Risks)
• Used combination of Word, Excel and Visio to create various risk reports and dashboards; Infographics to enhance PowerPoint presentations; MS Projects to track scheduled tasks for projects and MS Access to store risk data
• Project Risk Management: Supporting Programme/ Project Management in managing risks and opportunities across complex, high-value projects
• Facilitated risk and opportunity identification workshops with project sponsors, project owners, business analysts and business associates to identify risks related to new initiatives - technology or business projects
• Ensuring sound project risk management processes are in place and executed effectively, in line with Group Project and Change Management Framework
• Assist project teams in resolution of project risk challenges and disputes, which affect overall rating of project
• Conducting project reviews and evaluation of project risks and development, execution and monitoring of project risk management plans
• Conduct pre-project and closeout activities starting, with operational readiness assessments and post-implementation reviews
• Maintained portfolio view of projects within business units, for monitoring and reporting to business unit and Group level forums
• Risk Management System Administrator and Super-user: Responsible for managing procurement and implementation of GRC system, including: Documenting business requirements (within RFP), Managing communication with vendors, Evaluating received proposals, and Documenting recommendations for selection of suitable vendors
• Business Support/ Advisory: Developed and implemented risk management operational plan for various business units
• Assessing risks embedded in company contracts during Drafting, Evaluation, Negotiation and Execution stages
• Assess contracting processes not designed to achieve strategy or comply with policies
• Working with Contract Management and Finance teams to coordinate contractual insurance requirements
• Provided guidance on contract matters to project managers or other operational staff, on risks arising from contracting practices and procedures
• Chaired monthly Risk Executive Committee Meetings and attending entity’s management committee and project meetings
• Escalated Risks identified to appropriate forums in line with Risk Escalation Policy
• Provided input into annual Group insurance cover reviews to ensure all applicable classes of risk are considered and covered appropriately
• Facilitated ongoing rollout of relevant training and providing hands-on assistance to external consultants
• Facilitated developments of business continuity plans and adequacy and effectiveness testing of contingency/ recovery procedures
• Provided support to management and employees through strong relationships and efficient information flow
• Assisted business units monitor, measure and evaluate external third-party procedures for constant improvement.

• Set team performance expectations, monitored progress towards goals and provided constructive feedback as needed
• Developed team members'' skills through targeted coaching sessions, resulting in improved individual performance
• Enhanced team productivity by implementing efficient work processes and regularly reviewing performance metrics
• Mentored junior staff members, helping them develop their leadership potential and advance in their careers
• Empowered team members by delegating responsibilities according to individual strengths and areas of expertise
• Managed conflict resolution among team members, fostering positive and collaborative work environment
• Evaluated team member performance against established objectives during regular reviews, offering praise for achievements or identifying areas requiring further development
• Established open and professional relationships with team members to achieve quick resolutions for various issues
• Collaborated with other department leaders to establish shared goals and ensure alignment across teams
• Increased customer satisfaction ratings by closely monitoring service quality standards and addressing any issues promptly
• Provided ongoing support to direct reports, addressing concerns or questions promptly
• Maintained inclusive and diverse team culture, promoting respect and understanding among all members
• Streamlined workflows for increased efficiency, reducing turnaround times for critical tasks
• Coordinated resources effectively to meet project deadlines and achieve desired results

• Created customer support strategies to increase customer retention
• Managed customer relations on ongoing basis to maximize customer retention
• Enhanced customer satisfaction by addressing and resolving customer queries, concerns, and complaints timely
• Managed a team of customer service representatives, providing coaching and guidance for improved performance
• Developed long-term relationships with customers through personalized interactions, ensuring loyalty and repeat business
• Trained and mentored new hires, creating a knowledgeable and efficient team that consistently met or exceeded performance targets
• Developed and implemented standards for staff to provide consistent service to customers
• Created detailed client profiles within CRM systems, enabling tailored approaches when recommending products or services based on specific needs
• Delivered superior customer service to strengthen relationships and drive future business revenue
• Streamlined communication between departments for better understanding of customer needs and quicker problem resolution
• Developed strategies that reduced response time to inquiries while maintaining high-quality responses

• Consistently met or exceeded performance goals by focusing on customer needs and delivering tailored solutions
• Actively sought out feedback from peers and supervisors to improve performance and provide better support to customers
• Contributed to development of departmental policies and procedures, ensuring consistent service delivery across all consultants
• Collaborated with team members to create positive work environment, boosting employee morale and productivity
• Managed challenging situations gracefully by utilizing empathetic communication techniques when dealing with frustrated customers
• Implemented new strategies for handling high call volumes during peak hours, resulting in decreased wait times for customers
• Adapted quickly to changing priorities within call center environment without sacrificing quality or efficiency in task completion
• Worked closely with team members to develop innovative solutions for recurring customer issues, resulting in more streamlined support experience

• Collaborated with cross-functional teams to successfully deliver comprehensive solutions for clients
• Evaluated customer needs and feedback to drive product and service improvements
• Optimized customer experience by delivering superior services and effectively troubleshooting issues
• Managed client relationships through regular check-ins and updates on query resolution progress

Tested products for function and accuracy and verified that final product configurations met engineering specifications

• Oversaw machine operation and assembly personnel for compliance and adequacy
• Removed imperfect products from shipment line
• Kept detailed records of quality and imperfect products
• Ensured compliance with industry standards by meticulously reviewing product specifications and requirements
• Maintained calibration records and vendor certifications
• Oversaw maintenance, calibration and control of inspection, measuring and all test equipment
• Upheld safety regulations by consistently following guidelines during inspections