Key Responsibilities

Regulatory & Business Conduct 

• Embedding the highest standards of ethics, including regulatory and business conduct, across EBKL. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct. 

• Oversee the completion and maintenance of a Business Unit specific Regulatory Universe to effectively enable EBKL’s adherence to the required legislative requirements. 

• Drive customization and maintain generic risk management plans (RMPs) to ensure it is appropriate within the regulatory context of the specific Business Unit and all its jurisdictions. 

• Fulfil the required regulatory role as prescribed by the relevant governing bodies. 

• Inform Business Line Heads, about regulatory inspections and act as a conduit for any information requests, comments, and findings. 

• Review and provide input into compliance training material to ensure that it is appropriate for the needs of the business unit therefore providing sufficient understanding and awareness of compliance requirements within the relevant area of operations and develop and deliver bespoke face-to-face training where required. 

• Provide advice to management, employees, and relevant committees, across a specific Business Unit, regarding the regulatory universe, relevant compliance frameworks underpinning their operations and any other regulatory developments, to ensure that the Business Unit can comfortably manage compliance risks and conduct business in a compliant manner. 

• Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters. 

• Develop and ensure maintenance of a robust system for tracking new laws and regulations, interpreting the impact of these laws, and mapping them against current policies and procedures to determine where changes are needed.  

• Provide advisory and recommendations to EBKL on compliance matters towards advancing business objectives while meeting legal and regulatory requirements 

• Complete and contribute to compliance reports as required by various governance structures, committees and regulations, particularly regarding the compliance performance of the business unit. 

• Review Bank policies to include relevant legal and regulatory requirements.   

• For new regulations, proactively identify and address gaps in controls, processes and procedures as well as advise on and monitor remediation plans to address any shortcomings in liaison with impacted business unit. 

• Act as liaison with regulators by submitting applications for approval, notifications and all relevant correspondences with regulators.  

• Report all material compliance issues, using the established escalation and reporting mechanisms and processes to ensure these issues are resolved swiftly and therefore minimising the impact of any financial or reputational damages. 

• Receive escalation of risk events and new products that present material Conduct Risks. 

Adoption of Compliance Risk Management Framework 

• Implement Board risk appetite metrics, revise and consolidate Data Protection Policy and procedures, and implement Regulatory Conduct and Customer Conduct policies and procedures. All policies and procedures to be clear, concise, consistent, and user-friendly.  

• Automate Obligations Register (OR) to monitor compliance with applicable regulations and generate Management Information (MI) on issue remediation and forward-looking risks, which are to be reported to NFRC and BRAC.  

• Adopt Government Regulatory Relationship Plan (GRRP) to generate business intelligence and MI for NFRC and BRAC. In addition, support regulatory examinations/inspections in EBKL, socialize lessons-learned and ensure effective closure of corrective actions from inspections. Escalate long outstanding items to senior management. 

• Collaborate with relevant stakeholders to implement Risk Control Self-Assessment and Compliance testing for key Data Protection, Regulatory Conduct, and Customer Conduct processes, including Complaints Handling, Products/Services Periodic Reviews, Consent Management, Data Subject Rights, GRRP, and New/Amended Laws and Regulations Lifecycle processes. 

• Provide to NFRC and BRAC FY23 Affirmation on account of findings from internal audit, regulatory and CFCC second line reviews in 2023 and their resolutions; 2023 EBKL Compliance Risk Assessment, and 2023 gap analysis and remediation.  

• Collaborate with relevant stakeholders to remediate data processing agreements for existing customers; ensure qualifying partners, such as bank agents, are registered with Data Commissioners; ensure all channels have effective consent management module; ensure customers’ rights to data erasure and rectification are effective; and ensure data privacy and consumer protection risk assessment are embedded into the new product governance process. 

• Review the effectiveness of the Data Loss Prevention Measures through risk assessment and gap analysis of the implementation of the Data Protection Act 2023 and track remedial actions to closure. 

Adoption of Conduct Principal Risk Framework 

1. Implement Board risk appetite metrics, implement Conduct Management Policy, Conduct Risk Plans, and revise Whistleblower, Conflict of Interest, Insider Trading and Market Abuse, Gift and Entertainment policies. All policies to be clear, concise, consistent, and user-friendly.  

2. Adopt EBKL Conduct Dashboard showing key risk indicators across employee behavior (e.g., attrition, disciplinary data, policy breaches, etc.); conduct of business (e.g., complaints, bundling, mis-selling, conflict of interest, etc.); customers’ rights (e.g., to fair treatment, privacy, transparency, fair and honest dealing, product suitability, grievance redress and compensation). Dashboard to be tracked into NFRCs and BRAC. 

3. Create a roadmap to migrate Conduct risk monitoring from manual checks and verification to an inclusive data monitoring analytics that connects the activities of individuals and departments, mines complex data terrains to establish outlying activities/patterns and detects potential instances of misconduct or non-compliance before significant financial or reputational damage crystallizes 

People management 

• Create staff productivity analysis for optimal operating model. 

• Develop leave schedule for staff.  No staff should have overdue leave days.  

• Facilitate personal development plan for staff. Undertake 40 hours of training. 

• Identify successor, if one is not ready, time bound plan to bring them up to speed.  

• Provide guidance, mentorship and supervision reportees to enhance their understanding of Business Unit operations and related legislation/regulation. Guide them in the resolution of more complex compliance matters in a manner that enables sufficient transfer of knowledge.

Qualifications 

• Bachelor’s degree in business, Finance, or any business-related field. 

• Minimum of 5 years of experience in compliance, with knowledge on how to manage anti-bribery & corruption and Conduct risk. 

• Strong understanding of relevant laws, regulations, and industry standards, particularly in regulatory compliance and ABC. 

• Professional certifications such as Certified Compliance & Ethics Professional (CCEP), Certified Regulatory Manager (CRCM), or equivalent are added advantage. 

• Bachelor’s degree in law is an added advantage. 

KEY SKILLS AND COMPETENCIES