hero






Enterprise Privacy Compliance and Operational Risk Manager

Bank of America

Bank of America

Legal
Charlotte, NC, USA · pennington, nj, usa · United States · Remote
Posted on Saturday, June 15, 2024

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Job Description:

Enterprise Privacy is a global team of subject-matter experts responsible for Compliance & Operational Risk coverage of Data Privacy across the enterprise operating in a highly technical, fast-changing and dynamic environment. This job is responsible for the execution of the Global Compliance - Enterprise Policy, the Operational Risk Management - Enterprise Policy and the Compliance and Operational Risk Management (CORM) Program specific to Data Privacy risks. Key responsibilities include identifying, escalating, and mitigating risks in a timely manner, engaging with Front Line Units and Control Functions (FLU/CF) leaders globally, coordinating with the FLU/CF Compliance and Operational Risk Officer teams, executing the CORM Program and the Policies, identifying themes and trends, and conducting analysis for new and emerging risks.

Responsibilities:

  • Assesses risks, associated controls and their effectiveness, driving compliance with applicable laws, rules, and regulations and adhering to policies

  • Engages in activities to provide independent compliance and operational risk oversight of Front Line Unit or Control Function (FLU/CF) performance and any related third party/vendor relationships in alignment with the Global Compliance - Enterprise Policy, the Operational Risk Management - Enterprise Policy (collectively the Policies) and the Compliance and Operational Risk Management Program and Standard Operating Procedures

  • Identifies and escalates problems or issues that arise and drives actions to address the root causes that lead to compliance risk issues and/or operational risk losses, including opening new issues based on risk severity in the centralized issues tool

  • Manages inventory of processes, risks, controls, and associated metrics for risk appetite and limits, reporting violations of compliance or regulatory activities

  • Identify and manage risks including monitoring the regulatory environment to identify regulatory changes applicable to area(s) of coverage and maintaining a comprehensive regulatory inventory, while supporting communication of regulatory changes to the FLU/CF and ensuring that policies, standards, procedures and/or processes are appropriately implemented or amended to address regulatory requirements

  • Responds to regulatory inquiries, other audits, and examinations and identifies regulatory training needs supporting the development of the training curriculum

  • Reviews and challenges FLU/CF process, risk, Single Process Inventory and FLU/CF Risk and Control Self-Assessment related to themes or trends, while monitoring the regulatory environment to identify regulatory changes applicable to area(s) of coverage

Skills:

  • Advisory

  • Regulatory Compliance

  • Reporting

  • Risk Management

  • Written Communications

  • Active Listening

  • Analytical Thinking

  • Interpret Relevant Laws, Rules, and Regulations

  • Negotiation

  • Policies, Procedures, and Guidelines Management

  • Adaptability

  • Business Process Analysis

  • Issue Management

  • Monitoring, Surveillance, and Testing

Desired Skills: In depth knowledge of or certification in law, rule, regulation and/or Data Privacy; Association of Privacy Professional (IAPP) accredited certification programs

Required Skills:

  • Bachelor’s Degree or equivalent experience

  • 7 years minimum of business and functional experience

Shift:

1st shift (United States of America)

Hours Per Week:

40