Associate, CFCC, Governance - Standard Chartered Bank

We’re an international bank, nimble enough to act, big enough for impact. For more than 160 years, we’ve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you’re looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can’t wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity,  together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you’ll see how we value difference and advocate inclusion. Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously strive to improve and innovate, keeping things simple and learning from doing well, and not so well
• Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
• In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations
• Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with minimum global standards for an annual and public holidays, which is combined to 30 days minimum
• Flexible working options based around home and office locations, with flexible working patterns
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning
• Being part of an inclusive and values-driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies – everyone feels respected and can realise their full potential.
• Recruitment assessments – some of our roles use assessments to help us understand how suitable you are for the role you’ve applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process.

Role Responsibilities 

• Managing local regulatory engagement/relationships including liaison, reporting and regulatory audit in collaboration with other CFCC teams.

• Regulatory Breach Investigations
• Regulatory Notifications / Reporting
• Regulatory Review
• Regulatory Correspondence
• Regulatory Meetings
• Horizon Scanning

Obligations Register for Financial Services Regulation – Overall framework delivery, with responsibility for only completing functions obligations management

Ensuring the Functions are compliant with local regulatory obligations.

• Functions Compliance Advisory
• Management of standards
• Obligations Register for Financial Services Regulation

Ensuring all relevant 2nd line risk management policies and procedures, including any governance framework, are embedded by the Functions & CFCC Teams.

• Standards implementation for Functions
• Risk Framework Activity embedding: Risk Assessment, Training, Standards, MI, Projects.

Escalating country regulatory issues specific to Functions to regions where relevant

• Risks & issues escalation
• Investigations / Complaints Management

Managing the relationship with Functions stakeholders

• Committee Attendance

Executing role of 2nd line as outlined in the ERMF to Functions

• Provide oversight and challenge of relevant 2nd line processes
• Deliver required F2F training to the Functions for CFCC owned policies and procedures

Supporting review engagement & management activities as required

• In-Function Review Management
• Business & Functions Review Management

Providing advice required to fulfil local entity corporate governance requirements where relevant in collaboration with other country CFCC teams.

• Accountable for managing the relationship with other 2nd line stakeholders, 3rd line stakeholders and external stakeholders

Performing the roles below as the Country Data Protection Supervisor (DPS)

1) Informing and advising the Group on its local Privacy obligations:

• determine if the Group Privacy Standard needs to be adapted to comply with any more onerous local Privacy obligations and develop a Country Addendum if required, in line with theCountry Risk Governance Standards;
• ensure the local Obligations Register includes any applicable local Privacy obligations, in accordance with the Standard for Managing Legal and Regulatory Obligations by Compliance;

2) Monitoring compliance by local Businesses and Functions with the Group Privacy Standard and local requirements:

• ensure local compliance monitoring and periodic reviews include monitoring and reviews of Privacy controls, such as reviewing the Control Sample Testing (CST) results conducted by the 1st Line;

escalate Privacy-related metrics and key performance indicators, identified through monitoring, to the Group Data Protection Officer (GDPO) and, where considered appropriate by the country DPO, to local senior management.

3)  Acting as the contact point for any local data protection supervisory authority:

• determining whether a Personal Data Breach impacting Individuals in their country is notifiable to the local data protection supervisory authority; to avoid doubt, any communications with the local data protection supervisory authority must comply with the requirements of the Group Communications with Regulators Standard.

4. Providing advice and guidance on Privacy Impact Assessments (PIAs) where the Personal Data Processing is only carried out in or for their country, in line with the PIA Guidance;
5. Escalating any significant Privacy issues or risks relating to their country:

• where any local / country compliance risk assessments are conducted, ensure it contains an

assessment of Privacy risk. Consult with the GDPO for latest methodologies and recommended approaches to risk assessment and for the Group context;

• inform the GDPO of any material issues via email (for any urgent, time-sensitive or high-risk matters) or via the regular Privacy Network / Country DPO forums/discussion sessions/calls;
• keep the GDPO team informed of any significant changes to the Privacy risk landscape for the country (e.g. the development of a new laws or regulations, significant changes to any existing laws or regulations or significant changes to the enforcement regime)
• ensure issues relating to the Privacy risk sub-type are appropriately escalated to the Board / senior management, in line with the Compliance Risk Type Framework.

Regulatory & Business Conduct

• Display exemplary conduct and live by the Group’s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Support the Compliance team to achieve the outcomes set out in the Bank’s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.] *
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key Stakeholders

• Head, CFCC, Ghana
• Head, CFCC, West Africa
• Business and Functional Heads (Ghana)
• Data Protection Commission and all other relevant Regulators in Ghana
• Group Data Protection team
• Other Risk and Control Functional Heads (Risk, Audit, etc)

Other Responsibilities

• Includes Risk Assessment, Policy Governance, Training, Reporting & Escalation, and Remediation.

Our Ideal Candidate 

The qualifications below are relevant for this role:

• University Degree
• Certification in any area Compliance
• Certification in Data Protection and Privacy risk management