Associate Director, Regulatory Risk
Do work that matters:
The IB&M Non-Financial Risk and Conduct team (IB&M Chief Controls Office) is a central, Line 1 team of risk professionals supporting IB&M to achieve better risk outcomes.
The team supports IB&M businesses across Australia, Asia, Europe and North America, manage non-financial risks, comply with regulatory obligations, and embed a customer centric and market integrity approach to activities. This includes the identification and assessment of key risks that could impact the way in which IB&M achieves its objectives.
See yourself in our team:
The Associate Director Regulatory Risk is responsible for supporting the IB&M business manage its regulatory obligations within appetite and provide subject matter expertise in relation to privacy and records management, to ensure compliance with obligations and management of compliance risk.
Your responsibilities:
Privacy SME for Regulatory Management & Engagement NFR&C function:
Providing trusted and timely privacy and records management SME advisory and support in relation to Australian regulatory and Group requirements
Working with Line 2, support IB&M global locations to meet and implement Group requirements.
Discharge Line 1 Privacy accountabilities under the CBA Group privacy framework
Develop and maintain excellent and constructive working relationships with all relevant CBA Group and IB&M stakeholder groups and functions (Group Privacy, Line 1 Risk, Operations, Technology, Legal, Compliance, Line 2 Operational Risk, etc)
Assessments & Evaluations:
Privacy impact assessments for IB&M initiatives and processes
Supplier Risk Governance assessments for IB&M suppliers and third parties
Internal access risk assessments for IB&M IT services
Regulatory change applicability assessments for privacy
IB&M Product governance and analytics data governance assessments
Privacy Support:
Manage IB&M front door for privacy support requests and respond to ad hoc enquiries.
SME guidance to identify and close privacy incidents and issues.
SME support to embedded risk teams in completing Compliance Self Assessments and Risk & Control Self Assessments
Deliver training to embedded risk teams and provide online resources through the IB&M Privacy Hub
Control Environment & Risk Management:
Perform privacy controls owned by NFR&C and design, document, implement and embed business processes, procedures and controls to ensure compliance with regulatory expectations.
Keep under review the effectiveness of design and operation of IB&M privacy controls, and make recommendations for changes where appropriate
Support change initiative owners to Identify required privacy controls and actions required to manage impacts to privacy risk.
Skills and Experience:
Experience in an advisory role in relation to Australian privacy regulatory requirements.
Knowledge of risk management and/or compliance in a financial services setting
Pro-active outcome-focused approach; able to work autonomously.
Strong organisational skills and the ability to deliver a program of work alongside diverse BAU activities
Ability to develop constructive working relationships with large and varied stakeholders.
Strategic and conceptual thinking and problem-solving skills.
Excellent written and oral communication skills
International perspective, experience in working offshore or with offshore teams preferred.
Experience advising on de-identification and analytics preferred.
Working at CommBank
At CommBank, we’re committed to building a diverse and inclusive workforce reflecting the customers, businesses and communities we serve. As a value’s driven organisation, we nurture and support our people, through focusing on skill and talent development, collaboration, flexibility and internal promotion.
#J-18808-Ljbffr