The leader is responsible for contributing to, and managing execution of, the bank’s Strategic Plan with specific attention to Risk Management and Compliance. This role is responsible for the governance of key risks, including Compliance, BSA, AML-CFT, Third-Party Oversight, Operational Risk, Transaction Risk, and Strategic Risk, while balancing business opportunities, through the development and maintenance of a well-defined Risk Management Framework. The position will be accountable for the identification, measurement, mitigation, monitoring, reporting, and incident management of key risks in all of these areas on a timely basis. Third and fourth-party oversight and risk management is critical given Hatch’s sponsorship business model as Hatch partners with third parties to deliver financial products to customers.
Duties include, but are not limited to:
- Establish and maintain the bank’s Risk Management Framework ensuring that the right risks are identified and are being managed, the assessments of the likelihood and consequences of each identified risk are current and realistic, and plans for managing each identified risk, including decisions to bear any risks unmitigated, are appropriate and effectively implemented. This includes making decisions and taking action for incident resolution.
- Manage and strengthen the bank’s Compliance Management System (CMS), with a focus on Fair Lending and UDAAP risk.
- Manage the BSA, AML-CFT officer and assist in strengthening policies, processes and controls.
- Manage and strengthen the risk oversight function for third-party partners/Fintechs and vendors, including risk assessment, due diligence, ongoing monitoring, and testing.
- Report to the board and the executive team on various issues, including insurance, IT security, financial audits, internal audits, global business variables, fraud prevention, and other internal corporate matters.
- Design and share strategic risk management priorities in the company’s overall strategic plan.
- Plan and execute information assurance strategies to protect against and manage risks associated with the use, storage and transmission of data and information.
- Implement operational risk management and mitigation processes to prevent losses caused by insufficient or failed procedures, systems, or policies.
- Respond promptly with actions to resolve incidents and reduce risk when issues arise from, for example, identity theft, network breaches or account takeovers.
- Understand the business from end-to-end, front to back, with the ability to evaluate potential risk caused by fraudulent activity.
- Produce and distribute risk analyses and progress reports to company executives, board members and employees.
- Assist in the development, monitoring, and compliance reporting for the Bank’s risk appetite in accordance with the strategic plan.
- Prepare budget and oversee risk management and mitigation projects.
- Keep stakeholders and board members informed about the business’s risk profile and assessments.
- Enhance (through education, mentorship, staffing, and/or technology) the skillsets and knowledge of the risk and compliance team.
- Ensure the necessary policies, procedures and controls are in place with regard to complying with applicable laws, regulations and international standards and best practices applicable to the Banking Industry.
- Ensure the bank is in compliance with various internal policies and procedures, external regulations, and relevant laws at state and federal levels.
- Aggregate, review, and report, at least quarterly, information on the major risk exposures of the bank’s business and support areas.
- Facilitate Bank-wide required training on AML Compliance and other risk related required trainings and conduct transaction monitoring as part of the AML program.
- Partner with the leadership team to develop a culture of compliance within the bank that emphasizes commitment to internal controls, risk management and high ethical standards.
- Oversee the bank’s Information security systems while ensuring the security triad of Confidentiality, Integrity and Availability is achieved.
- Oversee the bank’s Business Continuity Planning and Disaster Recovery Management.