Citi Managing Director, Chief Compliance Officer – Global Conduct Risk Management in New York, New York
Primary Location: United States,New York,New York
Education: Bachelor's Degree
Job Function: Compliance and Control
Shift: Day Job
Employee Status: Regular
Travel Time: Yes, 25 % of the Time
Job ID: 18069292
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.
Citi’s Mission and Value Proposition at https://www.citigroup.com/citi/about/mission-and-value-proposition.html explains what we do and Citi Leadership Standards explain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients’ and the public’s trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.
Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop are widely available to all.
Independent Compliance Risk Management (ICRM) is a global organization of over 2,200 professionals covering Citi’s global businesses striving to be the best for our clients. ICRM facilitates responsible finance with objectives to i) Drive and embed a risk culture throughout the organization; ii) Maintain a framework that provides reasonable assurance and facilitates firm-wide compliance with local, national, or cross-border laws, rules, regulations, Citi’s internal policies and procedures, and relevant standards of conduct; and iii) Protect Citi’s reputation by managing compliance risk across products, business lines, and geographies, supported by globally consistent systems and processes.
Compliance Risk is defined as the risk arising from violations of, or non-conformance with, local, national, or cross-border laws, rules, or regulations, Citi’s internal policies and procedures, and relevant standards of conduct.
The Chief Compliance Officer (CCO) – Global Conduct Risk Management (“Conduct Risk Management”) is responsible for designing, implementing and managing effectively and efficiently a plan, to be prepared annually, and updated quarterly for the execution of the Conduct Risk Management Program. The plan will include risk assessment, risk-based execution plan, accountabilities, timetables and due dates, resource requirements and fulfilment of the requirements, budget and budget management. This includes ensuring global policies, standards and processes are applied, and suitable addenda and supplementary procedures established and maintained for compliance with applicable jurisdictional laws and regulations. Contradictions between local law and regulations, and group standards must be promptly identified and escalated, and mitigating processes and controls established to comply with jurisdictional requirements and mitigate the risks of non- compliance with applicable group-wide or entity-chain related laws and regulations, and global policies and procedures.
Responsibilities also include implementing applicable global compliance processes, setting ICRM priorities and driving transformation. The CCO for Conduct Risk Management will work closely with senior product, function, and regional management, and other ICRM teams on strategic initiatives and emerging issues.
The CCO of Conduct Risk Management provides franchise support to global management, including offering credible challenge, escalation of issues and reporting, as appropriate. In addition, the role also provides strategic direction and facilitates the implementation of the Compliance Risk Management (CRM) Framework, supported by the Comprehensive Strategic Plan (CSP). This role is based in New York and reports to the CCO – Ethics and Conduct Risk Management.
Key Responsibilities Governance and Organization:
• Annual Compliance Plan: Preparing, obtaining approval and successfully completing an annual compliance risk management plan, in accordance with the global template and content and presentation requirements, setting out how Conduct-related compliance risk will be managed, and the role to be played by ICRM in order to achieve the plan. Identification of the business requirements, accountabilities and the process ownership and monitoring and testing ownership, as well as the determination of suitable staffing, hours required and secured budget in order to achieve the state of compliance within risk appetite will be set out in the plan, which will be reviewed quarterly with Executive Leadership and ICRM, as well as any applicable legal entity, as well as where required by applicable regulatory agencies. The annual global Conduct Risk Management compliance plan must take into consideration the applicable compliance risk assessments and MCAs appropriate to the business and its activities.
• State of Compliance Reporting: Preparing quarterly, in accordance with the approved global format, and in adherence to all established requirements for the State of Compliance reporting. The State of Compliance report will be presented to the appropriate CCC, BRCC and legal entity Board or Board Audit Committee, or other such Board committee required for the business. Reporting to include operational effectiveness of the Conduct Risk Management Program related activities, including timelines, efficiency and effectiveness of the Conduct Risk Management Program.
• Enhancing Governance: Providing a valued interactive program of support and compliance risk management services covering the assessment and reporting of Key Compliance Risks across Conduct Risk as a whole. Providing stakeholders with insight and practical solutions as well as credible challenge to improve the ethical control culture, and conduct risk environment. Timely reporting of significant regulatory issues to local, overseas, regional, and global stakeholders. Same-day escalation of regulatory reports received. Maintaining on-going assessment and reporting of the State of Compliance through the relevant corporate governance committees such as country audit committee(s) and/or subsidiary board(s), country coordinating committee and business risk management committee, and other management body(ies).
Key Responsibilities Compliance Risk Culture:
• Stakeholder Support and Relationships: Developing senior management relationships with key stakeholders. Informing senior management of significant compliance matters that require their attention or action. Proactively anticipate and help the business and functions plan for changes in the compliance and regulatory environment. Provide support to compliance programs and business management on policy interpretation and “gray area” exposures. Build and maintain strong relationships with other functional leads, including Legal, Risk Management, including Operational Risk Management, and Internal Audit to create a supportive and seamless compliance and ethical control culture and an appropriate conduct risk environment. Creatively and personally engage with stakeholders globally in different countries and businesses to create awareness of and confidence in Citi’s Conduct Risk Management Program, including employees, management, Boards and regulators.
Key Responsibilities Processes and Activities:
• Regulatory Management & Coordination: Supporting ICRM in the management and development of regulatory relationships. Coordinating as the key interface with regulators on compliance risk management issues and supervisory exam management matters related to Ethics. Providing same day notification of regulator correspondence to Citi Compliance Officer, Regulatory Liaison & Exam Management CCO and ICRM COO. Providing leadership, coordination and regular interaction with the authorities on behalf of ICRM and the Citi franchise. Record regulator correspondence and minutes of regulator meetings on Citi system in line with the Global Regulatory Exam Management Governance and Process Standards. Ensuring prompt recording of, responses to, and escalation of regulatory queries, notices of violations and breaches, any forbearance, and concerns identified. Deliver to regulators and supervisors a valued interactive program of support and assurance in accordance with requirements and appropriate expectations on compliance issues, trends, themes, root cases and impacts relating to governance, regulatory risk management and internal control issues. The overall objective is to earn the regulator’s trust and to establish a strong, independent and professional regulatory relationship across the franchises.
• Regulatory Inventory: Ensuring prompt identification, logging in, evaluation and formulation of a plan to address requirements arising from new and amended laws, regulations, rules and other requirements and expectations from regulatory and enforcement authorities.
• Regulatory Change Management and Controls: Ensuring that the regulatory change management requirements and processes, along with the regulatory control framework for existing requirements, as they impact surveillance activities are effectively operating with respect to the identification, impact assessment and implementation of all applicable laws, regulations, rules and related processes, controls and reporting that impact Citi activities in the jurisdiction. Provide oversight and guidance of the implementation of laws, regulations and rule (LRR) changes. Effectively manage compliance risk associated with regulatory changes by: Ensuring a holistic approach to regulatory implementation; Raising awareness around both emerging areas of elevated risk and where implementation is off-track or likely to lead to non-compliance, and providing credible challenge to the applicability, impact, and implementation plan; and verifying completeness of Citi’s regulatory inventory.
• Policies, Standards and Procedures (PSPs): For all PSPs assigned to the role the holder (owner) is responsible for: Developing and maintaining policies that meet policy framework requirements; Reviewing and approving underlying policy including local country addenda and associated documents aligned to policies; Completing a stakeholder review and feedback process; Clear, complete, concise policy drafting; Completing policy committee approval requirements; Completing periodic review requirements; Reviewing/approving exception; Assessing and reporting on implementation status via policy effectiveness metrics, including exceptions, breaches, issues.
• Independent Compliance Risk Management (Conduct Risk Management Program): Developing and implementing a global organizational design framework, as well as supporting policies and procedures, to enable consistent and appropriate identification, investigation, escalation and reporting of significant risks arising from the Conduct Risk Management Program, including providing thought leadership and advice as to the remediation of such risks. Providing direction and oversight in supporting ICRM teams related to global requirements and the applicable extraterritorial laws, regulations, relevant Citi policies, standards, and global procedures. Deliver consistent application of program procedures.
• ICRM Training: Ensuring that Conduct Risk Management elements of the ICRM global training plan are current and reflect global regulations while providing a fresh perspective on global trends and emerging regulation; ensuring that the training delivery method is tailored to the requirements of the subject matter and audience. Oversee the end-to-end development of content, as well as the delivery to employee and non-employee populations.
• Risk Mitigation and Issue Remediation: Work with management to ensure continued improvement in self-identification of issues, and appropriate escalation and monitoring processes to ensure timely and effective remediation to mitigate the Compliance Risk per ICRM Methodology and applicable policy.
• ICRM Operational Activity: Proactively leading the ICRM team to provide value added and timely compliance risk management direction, providing oversight of global delivery of the Conduct Risk Management Program to meet regulatory requirements and expectations, as well as global key performance indicators. Developing team operational efficiency with the timely implementation of enhancements. Conducting and meeting required standards in the relevant MCAs.
Key Responsibilities Resources & Capabilities:
• Management of Team: Championing a high performance environment and implementing a people strategy that attracts, retains, develops, embraces diversity and motivates teams (includes ICRM CSC colleagues) by fostering an inclusive work environment; communicating vision/values/business strategy and managing succession and development planning for the team.
• Compliance Technology and Automation; Data, Metrics, and Analytics: Support ICRM efforts to enhance technology and automation across the function. Provide relevant information and materials related to data to enhance the development of enhanced metrics and analytics for compliance risk. Ensure that efficient use is made of technology and information systems. Work closely with the CCO Technology and Information Security and the Technology and Information Security Compliance Risk Management team (“Tech Compliance”) to support technology and systems requirements by researching and understanding technology needs, developing detailed functional requirements documentation, communicating clear priorities (including identifying which functionality is designed to meet regulatory mandates, efficiency goals or other business objectives). Ensure clear accountability for planning and oversight of technology projects, including timelines, budget, ongoing maintenance and support and updating or replacing systems as requirements – whether regulatory or business needs – change. Accountability for designated technologies as the ‘technology owner’ include: ensuring the technology functionality is fit for purpose, managing the technology expenditure within budget and specifications, monitoring amortization costs, anticipating requirements for functionality upgrades and replacement when appropriate. Liaison with the ICRM CCO for Technology and Information Security and Citi O&T to ensure cost effective management of effective technology tools. The tools for which this role is owner, or for which this role supervises the owner, are attached to this role profile. The supervisor of a technology owner has the same responsibilities as the direct owner.
• Compliance Transformation: Being the transformation leader for Conduct Risk Management and being accountable ultimately to the Transformation Managing Director supporting the CSP to strengthen ICRM’s and Citi’s compliance risk management.
The successful candidate will have strong technical knowledge of compliance regulations and requirements, through 15 years of experience within a highly complex, global financial institution, regulator or related industry participant. Specifically, the successful candidate will have:
• Effective persuasion skills, the ability to work effectively at the highest levels of the organization, and display highly effective networking and influencing skills.
• An ability to influence senior business leaders on all compliance risk-related matters affecting the business. The individual should have the ability to independently challenge, when needed, while at the same time being supportive and solution-based and not being perceived as obstructive;
• An ability to be “hands on” and “in the trenches” with the direct team, while also bringing a sense of strategic vision and a global sensibility to the function;
• An ability to navigate and negotiate through conflicting demands to maintain focus on priority objectives while ensuring key stakeholders’ needs are met;
• Strong team leadership, communication, interpersonal and management skills, with a track record of leading through change and the ability to effectively communicate the strategic vision to various stakeholder groups;
• Executive presence and a reputation for building strong relationships with stakeholders, regulators, and leading teams, both direct reports and in peer/influence models. This person will interface with local external regulators and risk and control thought leaders as Citi will be driving leading edge practices;
• Effective negotiation skills, a proactive and “no surprises” approach in communicating issues and strength in sustaining independent views;
• The ability to thrive and execute in a complex, highly matrixed, global environment;
• Subject matter product and compliance expertise in institutional and/or consumer banking products desirable;
• Bachelor’s Degree required. Preference for post graduate degree and/or recognized professional qualifications where applicable. Professional qualifications may include: J.D., MBA, LLM, CRMC or equivalent, CPA.
Citi is an equal opportunity and affirmative action employer. Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.