Chief Risk Officer (CRO)

Voya's Chief Risk Officer (CRO) will be the senior executive responsible for overseeing and managing the risk management function for the organization. The CRO responsibilities include working with the Board of Directors and senior management to establish and manage enterprise risk assumptions and frameworks across all risk dimensions consistent with the company’s strategic goals. This includes playing a critical role in identifying, assessing, and mitigating risks that could impact Voya's financial stability, reputation, and compliance with regulatory requirements. Voya's CRO must possess a deep understanding of the financial services industry, risk management principles, and the ability to develop and implement effective risk management strategies that align with Voya's acceptable calculated risk standards. The CRO will work closely with the Executive Committee, Executive Leadership Team and the Board of Directors to ensure alignment of the organization’s risk management strategies with the Board Risk Committee Charter. By leading the development and implementation of comprehensive scenario planning, the CRO will ensure that potential risks are identified, assessed, and mitigated effectively. These risk categories will include but are not limited to Enterprise Risk, Financial Risk, Risk Appetite development and monitoring, Business Continuity and Resilience along risk areas that are critical to Voya. This proactive approach not only enhances organizational resilience but also supports the Board Risk Committee in fulfilling its mandate to oversee risk management practices. The Chief Risk Officer will be responsible for the leadership of a team of almost 50 associates spread across three key direct reports. This executive will have ultimate accountability for a variety of risk functions including all Operational Risk, Business Risk, Balance Sheet Risk, Underwriting Risk and Technology Risk for Voya. S/he must work to assess and improve the group’s approach to all aspects of Enterprise Risk from policy through processes and controls to monitor how those risks are being managed in various business areas.