Role Overview:

IT Compliance Lead supports the Compliance Department in the implementation of the IT Compliance System, ensuring compliance culture is well maintained, mitigates compliance risks and monitors delivery of compliance program with quality.

Roles and Responsibilities

Assists the IT Compliance Head in:

• Advisory and Consultancy - attend GRC meetings, other AdHoc meetings, respond to regulatory and compliance questions by business daily
• Compliance Testing - coordinate with the Compliance Reporting, Governance and Testing Head on the conduct of Compliance Testing. Conduct gap analysis, existing operations vs. regulatory requirements. Review of proposed products, services and policies on regulatory compliance
• Liaison with the regulators (BSP, SEC, and PDIC)
• Correspond with BSP AdHoc requests and surveys
• Ensure requirements are complete prior submission to BSP (licensing, regulatory notifications, MORB requirements)
• Advises the CTO, CISO and IT personnel of emerging compliance issues and consults and guides the Bank in the establishment of controls to mitigate risks
• Develops initiates, maintains, and revises policies and procedures for the Information Security, Business Continuity and Quality Assurance operations of the IT Compliance Program and its related activities to prevent illegal, unethical, or improper conduct
• Collaborates with other departments (e.g., Risk Management, Internal Audit) to direct compliance issues to appropriate existing channels for investigation and resolution
• Responds to alleged violations of rules, regulations, policies, procedures, and Standards of Conduct by evaluating or recommending the initiation of investigative procedures
• Ensures that compliance issues/concerns within the IT environment are being appropriately evaluated, investigated and resolved
• Identifies potential areas of compliance vulnerability and risk; develops/ recommends corrective action plans for resolution of problematic issues, and provides general guidance on how to avoid or deal with similar situations in the future
• Provides reports on a regular basis, and as directed or requested, to keep the IT & Cyber Security Committee ITCC and senior management informed of the operation and progress of compliance efforts
• Works with HR and others as appropriate to develop an effective IT Compliance training program, including appropriate introductory training for new employees as well as ongoing training for all employees and managers
• Monitors, and as necessary, coordinates IT compliance activities to remain abreast of the status of all compliance activities on a continuing basis, taking appropriate steps to improve its effectiveness and identify trends

Qualifications:

• Relevant experience within the banking industry with exposure in the areas of compliance, legal and internal audit
• Sound knowledge about the Philippine regulatory framework, regulations governing banking and finance industry, corporate governance principles, banking products and services, banking systems and processes, front/back office processes and procedures and related controls
• Ability to work through complex regulatory requirements while balancing the need for pragmatic, customer-focused solutions
• Strong understanding of the link between business and resource strategy
• Excellent written and oral communication, planning, problem solving and organizing skills

Please refer to job description.