Privacy and Responsible Information Management Sr. Officer, SVP

Serves as a Privacy and Responsible Information Compliance Risk Officer for Independent Compliance Risk Management (PRIM ICRM) including records management, responsible for establishing internal strategies, policies, procedures, processes, and programs to prevent violations of law, rule, or regulation and design and deliver a risk management framework that maintains risk levels within the firm's risk appetite and protect the franchise. In addition, engages with the ICRM product and function coverage teams, to partner to develop and apply CRM program solutions that meet business and customer needs in a manner consistent with the PRIM ICRM and Citi program framework.   Foster proactive engagement and collaboration with key stakeholders across Citi.

Responsibilities:

• Designing, developing, delivering and maintaining best-in-class Compliance program, policies and practices for PRIM ICRM including GEN AI advisory, data localization, data disclosure, impact assessments and records management.

• Participate in trade industry and advocacy forums relevant to PRIM risks to help influence  regulatory policy changes.

• Engaging with key stakeholders to identify opportunities for Citi processes and systems/ applications connectivity, simplification, integration, and consistent reporting to facilitate timely identification and ongoing mitigation of PRIM risks. 

• Foster and maintain strong stakeholder relationships and proactive engagement across businesses and functions and across global ICRM.

• Regularly reviewing and updating privacy and records management policies aligned with relevant data protection laws (e.g., GDPR, CCPA) to reflect changing regulations and organizational needs.

• Act as the primary point of contact for PFICRM regarding privacy and records management matters.

• Conducting relevant compliance risk assessments

• Preparing reports to disseminate pertinent information to PFICRM and lines of business to oversee privacy and records management risks.

• Conducting monitoring to identify potential privacy and records management risks and non-compliance issues.

• Providing credible challenge of existing control environment across businesses and functions aligned with relevant privacy laws (e.g., GDPR, CCPA).

• Developing and/or enhancing current reporting metrics to demonstrate the oversight of compliance and risks aligned to relevant privacy laws (e.g., GDPR, CCPA).

• Translating PRIM ICRM firm principles, strategy and goals across Citi’s businesses and global functions and geographies in a succinct and clear manner; provide direction and guidance on the PRIM ICRM programs.

• Serves as a subject matter expert on PRIM risks and programs.

• Identifying and assessing Citi’s key PRIM risks. Ensuring PRIM risks within Citi are effectively identified, measured, monitored, and controlled, consistent with the bank’s risk appetite statement and all policies and processes established within the risk governance framework.

• Monitoring adherence to Citi’s PRIM risk policies and regulations and measuring PRIM risk through a robust control framework and ensuring that reviews are conducted consistently across each entity on a regular basis to confirm that controls identified are operating effectively.

• Performing complex analyses of comparative data, preparing and presenting country and global reports related to compliance risk assessments, and monitoring of compliance related issues as and if required.

• Partnering, collaborating and working with other areas within Citi, as necessary to enable consistent approach to identifying and managing PRIM risk.

• Keeping abreast of regulatory changes, new regulations and internal policy changes in order to further identify new key risk areas pertaining to PRIM.

• Appropriately assess PRIM risk across Citi when business decisions are made, demonstrating consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

• Additional duties as assigned.

Qualifications:

• 10+ years of relevant experience

• Excellent business analytical skills and experience with creating business requirements and functional requirements documents

• Expertise of Compliance laws, rules, regulations, risks and typologies.

• Excellent written, verbal and analytical skills

• Must be a self-starter, flexible, innovative and adaptive.

• Excellent change mindset with the ability to influence and drive positive change.

• Growth attitude, willingness to learn from others, embrace lessons learned and to share knowledge.

• Highly motivated, strong attention to detail, team oriented, organized.

• Strong presentation skills with the ability to articulate complex problems and solutions through concise and clear messaging.

• Ability to work collaboratively with local country and global partners in other functional units; ability to navigate a complex organization; to influence and lead people across cultures at a senior level.

• Experience in managing regulatory exams and relationships with examiners, internal and external auditors etc.

• Awareness of regulatory requirements including local and US laws, international and industry standards

• Expertise of Compliance risks and typologies;

• Good understanding of data privacy laws and regulations including GDPR, CCPA, GLBA, etc.

• Strong analytical skills to assess PRIM risks and develop mitigation strategies

• Advanced Microsoft Office skills, including Excel, PowerPoint, and Word

Education:

• Bachelor’s degree; experience in compliance, legal or other control-related function in the financial services firm, regulatory organization, or legal/consulting firm, or a combination thereof; Advanced degree preferred.

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

------------------------------------------------------

Job Family Group:

------------------------------------------------------

Job Family:

------------------------------------------------------

Time Type:

------------------------------------------------------

Primary Location:

------------------------------------------------------

Primary Location Full Time Salary Range:

In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.

------------------------------------------------------

Anticipated Posting Close Date:

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting