Serves as a key compliance risk manager and thought leader for Independent Compliance Risk Management (ICRM) responsible for establishing internal strategies, policies, procedures, processes, and programs to prevent violations of law, rule, or regulation and design and deliver a risk management framework that maintains risk levels within the firm’s risk appetite and protect the franchise. In addition, engages with the ICRM product and function coverage teams, in order to partner to develop and apply CRM program solutions that meet business and customer needs in a manner consistent with the Citi program framework.
- Establish a best in class Cyber and Information Security compliance program that spans the global organization. Develop a horizontal enterprise program to assess risk, vulnerabilities, identification of triggers and KPIs/KRIs that align to risk appetite and evaluation of thematic concerns through ongoing analysis.
- Serve as Senior Compliance Leader in key forums and committees to provide credible challenge for ongoing remediation and transformational efforts.
- Overseeing the design, development, delivery, and maintenance of best-in-class Compliance, programs, policies and practices and sets strategic ICRM direction. Translates ICRM strategy and goals across Citi’s clients, products and geographies in a succinct and clear manner; provide direction and guidance on the program.
- Leading and managing a staff of Compliance professionals, with direct accountability for hiring and organizational structure. Has direct oversight for compensation, performance appraisals, staff development, training, etc. Provides input on performance and compensation recommendations for staff and utilities that provide Compliance-related services on a matrix basis.
- Providing oversight and guidance over the assessment of broad complex issues, structures potential solutions and drives effective resolution with other senior stakeholders.
- Ensuring Citi’s compliance risk governance framework meets global regulator requirements and is commensurate with the size, complexity, and risk profile of Citi.
- Managing the identification and assessment of Citi’s key compliance risks. Ensures compliance risks within Citi are effectively identified, measured, monitored, and controlled, consistent with the bank’s risk appetite statement and all policies and processes established within the risk governance framework.
- Directing the development and establishment of firm wide compliance risk management policies and procedures to mitigate risks. Oversees compliance risk monitoring and measurement through a robust control framework and ensure that reviews are conducted consistently across each entity on a regular basis to confirm that controls identified are operating effectively.
- Establishing professional relationships with relevant regulatory bodies and represents Citi on critical regulatory matters as required. Serves as liaison with regulatory examiners, Internal Audit, and external auditors on critical Compliance issues and oversees the implementation of related remediation.
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm’s reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.
- In depth technical knowledge in Cyber and Information Security protocols. Strong foundational knowledge in technical concepts such as architecture, network configurations and security parameters, agile methodologies, crisis management, etc.
- Experience in compliance, legal or other control-related function in the financial services industry; experience in area of focus; managerial experience
- Highly motivated, strong attention to detail, team oriented, organized
- Strong presentation skills with the ability to articulate complex problems and solutions through concise and clear messaging
- Demonstrated ability to assess complex issues through root cause analysis and other analytical techniques, structure potential solutions, and drive to resolution with senior stakeholders
- Ability to influence and lead people across cultures at a senior level using sound judgment and successful execution, understanding how to operate effectively across diverse businesses
- Experience managing diverse teams, and comfort navigating complex, highly-matrixed organizations
- Comfortable acting as an agent for positive change with agility and flexibility
- Effective negotiation skills, a proactive and ‘no surprises’ approach in communicating issues and strength in sustaining independent views. Strong presentation and relationship management skills are essential
- Articulate and effective communicator, both orally and in writing, with an energetic, charismatic and approachable style. Candidates must have effective persuasion skills, the ability to work effectively at the highest levels of the organization, and will display highly effective networking and influencing skills
- Executive presence and a reputation for building strong relationships with stakeholders and leading teams, both direct reports and in peer/influence models
- Subject matter expertise in Cyber and Information Security with emphasis on intelligence practices and global threat
- Bachelor’s Degree highly preferred or relevant, equivalent experience. Preference for post graduate degree and/or recognized professional qualifications where applicable. Professional qualifications may include: CRMC or equivalent, CPA, ACA, CIA, CFA, ACAMS, etc. strong technical knowledge of compliance regulations and requirements, through experience within a highly complex, global financial institution, regulator or related industry participant; Advanced degree and/or professional certification preferred