I&M Bank Uganda is a commercial bank headquartered at Kingdom Kampala with a growing regional presence.  The Bank offers a wide range of commercial banking and financial products and services, and prides itself on introducing innovative products and services based on the needs of its customers. We are seeking to recruit a competent and highly motivated individual with extensive experience and abilities to support business growth in the following position:

JOB PURPOSE

The role is responsible for overseeing the Bank’s compliance with laws and regulations and provides pro-active, accurate and timely advice to enable all units operate in accordance with regulatory requirements, global best practice and any other applicable Group minimum standards. The DPO also serves as the primary contact for supervisory authorities and individuals whose data is processed by the Bank. He collaborates with the Information Security function to raise employee awareness of data privacy and security issues and provide training on the subject matter.

KEY RESPONSIBILITIES:

Governance:

• Implementing data privacy policies and procedures in compliance with the local and international regulations.
• Setting standards and reviewing policies and procedures globally that meet the requirements under the DPA and any localization requirements in countries of operation.
• Participating and coordinating the data protection Committee and reporting action arising to the risk management committee.
• Reporting the status of implementation of the DPA and or breaches to Senior management and the BRC.

Implementation of Compliance risk management (CRM)program:

• Oversee regulatory Compliance for all Business units across the Bank.
• Engage with stakeholders as necessary to maintain an understanding of the business processes of each business covered and develop & maintain one single regulatory and control inventory (compliance tracker)
• React to horizon scanning information to ensure appropriate incorporation into CRM program
• Monitor and provide assurance on the adherence to compliance practices in the first line of defense to ensure compliance risks are managed and reported across the Bank.
• Consult on and advise the business units regarding relevant local and international legislation to ensure abidance thereby minimizing risk to and protecting the reputation of the Bank
• Ensure audit finding remediations and control enhancements meet regulatory requirements before execution.
• Ensure new and existing products adhere to the local and international regulations.
• Working with key internal stakeholders in the review of projects and related data to ensure compliance with local and international data privacy laws, and where necessary, complete and advise on privacy impact assessments.
• Serving as the primary point of contact for queries in the business.
• Managing and conducting ongoing data impact assessments and recommending mitigation actions on gaps identified.
• Coordinating data privacy audits.
• Collaborating with the Information Security function(s) to maintain records of all data assets and exports and maintaining a data security incident management plan to ensure timely remediation of incidents including impact assessments, data breach response, complaints, claims or notifications
• Serving as the primary point of contact and liaison for the Data protection office’s office all data protection related matters.
• Reporting data security breaches to the DPO in line with the Data Protection regulations
• Conduct compliance risk and control assessments (CRA’s). and ensure compliance standards are met through Identification of all risks in the regulatory universe applicable for each Business Unit.
• Implement a process that identifies and manages emerging Compliance risk from regulatory and geo-political changes and provides assurance that changes have been effectively embedded into the relevant Compliance business processes.
• Managing and conducting ongoing data impact assessments and recommending mitigation actions on gaps identified.

Leadership responsibilities:

• Allocate work and set delivery expectations using objective setting within the professional development / appraisal process
• Ensure delivery through others (through constructive criticism, guidance and support)
• Help to define, evolve and promote the Compliance culture.
• Identify training / skill-set requirements and coach direct report.
• Regularly oversee / manage relevant training on regulatory Compliance topics across the Bank including collaborating with the Information Security function(s) to raise staff awareness of data privacy and security issues and providing training on the subject matter

Minimum Education Qualification:

• Bachelor’s Degree preferably in Law, Business Administration, or a related field.
• post-graduate education with a focus on compliance and risk management is preferred.
• Hold at least one Data Protection and/or Privacy certification such as, Certified DPO.

Work Experience:

• Minimum of 7 years’ experience in Compliance related role and 2 years at Managerial level preferably in Banking and Teleco.

Required Competencies (Knowledge, Skills & Abilities):

• Bachelor’s Degree preferably in Law, Business Administration, or a related field.
• post-graduate education with a focus on compliance and risk management is preferred.
• Hold at least one Data Protection and/or Privacy certification such as, Certified DPO.

Skills and Competences:

• Knowledge of the requirements of the Data Protection Act, 2019, Data protection Regulations, 2021, GDPR, BOU prudential Guidelines, CMA Regulations & guidelines and other laws & regulations applicable to financial institutions and a good understanding of other major privacy frameworks and evolving legislation worldwide.
• Sufficient knowledge of information technology and data management systems is an added advantage
• Good experience in leveraging analytics and technology solutions to manage Compliance risks.
• Critical thinking skills to understand and analyze complex problems.
• Effective communicator with strong writing and verbal abilities to communicate across all levels.
• Ability to develop strong relationships and collaborate with senior business and function leaders to influence change
• Self-starter, highly organized, and detailed-oriented
• Strategic and critical thinking and the ability to concisely convey complex regulatory concepts and possible solution sets.
• Excellent facilitation and presentation skills
• Exercise high level of discretion and confidentiality due to the sensitive nature of the scope of work