Independent Compliance Risk Management (ICRM) is a global organization of over 2,200 professionals covering Citi’s global businesses striving to be the best for our clients.
ICRM facilitates responsible finance with objectives to i) Drive and embed a risk culture throughout the organization; ii) Maintain a framework that provides reasonable assurance and facilitates firm-
and iii) Protect Citi’s reputation by managing compliance risk across products, business lines, and geographies, supported by globally consistent systems and processes.
Compliance Risk is defined as the risk arising from violations of, or non-conformance with, local, national, or cross-border laws, rules, or regulations, Citi’s internal policies and procedures, and relevant standards of conduct.
The Head of ICG and EMEA Conduct Risk Management is responsible for designing, implementing and managing effectively and efficiently a plan, to be prepared annually, and updated quarterly.
The plan will include risk assessment, risk-based execution plan, accountabilities, timetables and due dates, resource requirements and fulfilment of the requirements, budget and budget management.
This includes ensuring global policies, standards and processes are applied, and suitable addenda and supplementary procedures established and maintained for compliance with applicable jurisdictional laws and regulations.
Contradictions between local law and regulations, and group standards must be promptly identified and escalated, and mitigating processes and controls established to comply with jurisdictional requirements and mitigate the risks of non-
compliance with applicable group-wide or entity-chain related laws and regulations, and global policies and procedures.
Responsibilities also include implementing applicable global compliance processes, setting ICRM priorities and driving transformation.
The Head of ICG and EMEA Conduct Risk Management will be based in London and will report to the Global Chief Compliance Officer (CCO) Conduct Risk Management in Independent Compliance Risk Management (ICRM).
This individual will be responsible for heading Conduct Risk Management for the ICG globally and the EMEA region and leading key elements of the existing global Conduct Risk Management Program
The Head of ICG and EMEA Conduct Risk Management provides franchise support to global management, including offering credible challenge, escalation of issues and reporting, as appropriate.
In addition, the role also provides strategic direction and facilitates the implementation of the Compliance Risk Management (CRM) Framework, supported by the Comprehensive Strategic Plan (CSP).
Key Responsibilities Governance and Organization :
related compliance risk in EMEA and through ICG will be managed, and the role to be played by ICRM in order to achieve the plan.
Identification of the business requirements, accountabilities and the process ownership and monitoring and testing ownership, as well as the determination of suitable staffing, hours required and secured budget in order to achieve the state of compliance within risk appetite will be set out in the plan, which will be reviewed quarterly with Executive Leadership and ICRM, as well as any applicable legal entity, as well as where required by applicable regulatory agencies.
The annual Conduct Risk Management EMEA and ICG compliance plan must take into consideration the applicable compliance risk assessments and MCAs appropriate to the business and its activities.
The State of Compliance report will be presented to the appropriate CCC, BRCC and legal entity Board or Board Audit Committee, or other such Board committee required for the business.
Reporting to include operational effectiveness of the EMEA and ICG Conduct Risk Management related activities, timelines, efficiency and effectiveness.
Providing stakeholders with insight and practical solutions as well as credible challenge to improve the ethical control culture, and conduct risk environment.
Timely reporting of significant regulatory issues to local, overseas, regional, and global stakeholders. Same-day escalation of regulatory reports received.
Maintaining on-going assessment and reporting of the State of Compliance through the relevant corporate governance committees such as country audit committee(s) and / or subsidiary board(s), country coordinating committee and business risk management committee, and other management body(ies).
Key Responsibilities Compliance Risk Culture :
Proactively anticipate and help the business and functions plan for changes in the compliance and regulatory environment.
Provide support to compliance programs and business management on policy interpretation and gray area exposures. Build and maintain strong relationships with other functional leads, including Legal, Risk Management, including Operational Risk Management, and Internal Audit to create a supportive and seamless compliance and ethical control culture and an appropriate conduct risk environment.
Creatively and personally engage with stakeholders globally in different countries and businesses to create awareness of and confidence in Citi’s EMEA and ICG Conduct Risk Management Program, including employees, management, Boards and regulators.
Key Responsibilities Processes and Activities :
Coordinating as the key interface with regulators on compliance risk management issues and supervisory exam management matters related to Ethics.
Providing same day notification of regulator correspondence to Citi Compliance Officer, Regulatory Liaison and Exam Management CCO and ICRM COO.
Providing leadership, coordination and regular interaction with the authorities on behalf of ICRM and the Citi franchise.
Record regulator correspondence and minutes of regulator meetings on Citi system in line with the Global Regulatory Exam Management Governance and Process Standards.
Ensuring prompt recording of, responses to, and escalation of regulatory queries, notices of violations and breaches, any forbearance, and concerns identified.
Deliver to regulators and supervisors a valued interactive program of support and assurance in accordance with requirements and appropriate expectations on compliance issues, trends, themes, root cases and impacts relating to governance, regulatory risk management and internal control issues.
The overall objective is to earn the regulator’s trust and to establish a strong, independent and professional regulatory relationship across the franchises.
Raising awareness around both emerging areas of elevated risk and where implemen tation is off-track or likely to lead to non-
compliance, and providing credible challenge to the applicability, impact, and implementation plan; and verifying completeness of Citi’s regulatory inventory.
Reviewing / approving exception; Assessing and reporting on implementation status via policy effectiveness metrics, including exceptions, breaches, issues.
Providing direction and oversight in supporting ICRM teams related to global requirements and the applicable extraterritorial laws, regulations, relevant Citi policies, standards, and global procedures.
Deliver consistent application of program procedures.
ensuring that the training delivery method is tailored to the requirements of the subject matter and audience. Oversee the end-
to-end development of content, as well as the delivery to employee and non-employee populations.
Developing team operational efficiency with the timely implementation of enhancements. Conducting and meeting required standards in the relevant MCAs.
Key Responsibilities Resources and Capabilities :
communicating vision / values / business strategy and managing succession and development planning for the team.
Provide relevant information and materials related to data to enhance the development of enhanced metrics and analytics for compliance risk.
Ensure that efficient use is made of technology and information systems. Work closely with the CCO Technology and Information Security and the Technology and Information Security Compliance Risk Management team to support technology and systems requirements by researching and understanding technology needs, developing detailed functional requirements documentation, communicating clear priorities (including identifying which functionality is designed to meet regulatory mandates, efficiency goals or other business objectives).
Ensure clear accountability for planning and oversight of technology projects, including timelines, budget, ongoing maintenance and support and updating or replacing systems as requirements whether regulatory or business needs change.
Accountability for designated technologies as the technology owner’ include : ensuring the technology functionality is fit for purpose, managing the technology expenditure within budget and specifications, monitoring amortization costs, anticipating requirements for functionality upgrades and replacement when appropriate.
Liaison with the ICRM CCO for Technology and Information Security and Citi OandT to ensure cost effective management of effective technology tools.
The tools for which this role is owner, or for which this role supervises the owner, are attached to this role profile. The supervisor of a technology owner has the same responsibilities as the direct owner.
Knowledge, skills and experience required :
The successful candidate will have strong technical knowledge of compliance regulations and requirements, through a minimum of 12 years of experience within a highly complex, global financial institution, regulator or related industry participant.
Specifically, the successful candidate will have :
Professional qualifications may include : J.D., MBA, LLM, CRMC or equivalent, CPA.
Exceptional candidates who do not meet these criteria may be considered for the role provided they have the necessary skills and experience.
Valuing Diversity :
Demonstrates an appreciation of a diverse workforce. Appreciates differences in style or perspective and uses differences to add value to decisions or actions and organisational success.
Citi is an Equal Opportunities Employer