Scotiabank is a premier financial institution and Canada’s most international bank recognized as a Best Workplace®, in Canada, Mexico, El Salvador, Costa Rica, Puerto Rico, Dominican Republic, Panama, Peru, Chile and Latin America by the Great Place to Work® Institute.
A multinational winning team
Scotiabank is Canada’s international bank and a leading financial services provider in North America, Latin America, the Caribbean and Central America, and parts of Asia. We are dedicated to helping our 21 million customers become better off through a broad range of advice, products and services, including personal and commercial banking, wealth management, corporate and investment banking.
Corporate Social Responsibility
Scotiabank helps to build bright futures worldwide through ethical banking practices, environmental awareness and a commitment to communities.
PURPOSE: To help protect Scotiabank, its directors, officers and employees from the serious adverse consequences of non-compliance with privacy legislation (including regulatory sanction and damage to reputation) by: managing and assisting with privacy breaches, policies, programs, training and awareness raising; providing support to business units in managing privacy complaints, inquiries; and developing and maintaining analytics and dashboard reporting. KEY ACCOUNTABILITIES: 1.Complaint Management
Providing assistance to the to various customer-facing channels to effectively manage customer complaints, including evaluating whether there has been a breach of customer or employee privacy, assessing severity, providing scripts and credit monitoring support, assessing whether there are systemic issues, etc. Channels supported include, but are not limited to, the Office of the President – Customer Concerns (OP/CC), Shared Services – Operations (SS-Ops), Wealth Management Business Solutions and the Customer Contact Centres.
2. Breach Management
Manage data breach incidents as required. This includes daily escalations from SS-Ops and Security & Investigation, and larger incidents which require the Privacy Breach management Incident Team to be convened.
3. Monitoring, Oversight and Testing – This includes:
-Supporting the Privacy Office’s monitoring and oversight program by: reviewing reports received by partners throughout the Bank (e.g., Branch Review Teams, Employment Law Group, Human Resources, Internal Audit, Symcor, etc.) for systemic or other issues; escalating or initiating corrective action as required; and documenting actions in accordance with the Privacy Office monitoring program.
-Executing and documenting testing activities in accordance with the Business Conduct and Privacy Unit Compliance Oversight Plan.
4. Analytics and Reporting
Manage and assist with compiling all business unit reports to develop dashboard reporting regarding data breaches, provide metrics and develop analytics based on breaches, risk present, controls and remediation procedures implemented enterprise-wide.
5. Training and Awareness Raising – Contributing privacy content to the weekly privacy newsletter; providing privacy training regularly to various business units, maintaining the annual Privacy at Scotiabank online learning course; maintaining the Privacy Portal on the Global Compliance Website; developing new innovative techniques to foster a culture of privacy in all jurisdictions Scotiabank operates; and ensuring local privacy officers understand their legal and regulatory privacy obligations and that their operations are in compliance with privacy policies, processes and procedures.
Assisting in providing guidance and support to various business lines regarding their privacy obligations; socializing various privacy policies and procedures enterprise-wide and maintaining consistent communication with business unit privacy officers to ensure they are abreast of regulatory or policy changes and to provide advice on bank led initiatives.
7. Maintaining the Privacy Network – This includes: maintaining an up-to-date list of Business Unit Privacy Officers, in accordance with the Privacy Handbook; acting in as the Secretariat of the Canadian and Quarterly Privacy Officers Committee; and supporting the Senior Manager’s efforts to build Business Unit Privacy Officer capacity.
Other Duties and projects as Assigned
SKILLS: The incumbent must be or become:
– Knowledgeable about global privacy and information security regulations, enforcement trends and best-practices;
– Knowledgeable about the organization of Scotiabank, in particular, the risk management, control, administrative and operational structure, policies and procedures, and generally understand the business activities, products and services conducted/provided within or by various business units;
– Familiar with information privacy concepts, and able to quickly understand and assess financial services technology, systems and processes;
– Knowledgeable as to the uses of technology in online marketing, including the tracking of consumer behaviours online and best practices to present internet users with privacy notices and consumer choices;
– Experienced at using technology to support compliance programs;
– Innovative and a self-starter with good research, project management and documentation skills;
– Skilled in communicating both verbally and in writing with all levels including branch staff, operational and senior management, regulators and customers;
– Sensitive to the diverse cultural make-up of the Bank’s customer and employee population;
– Able to solicit and keep the good will and cooperation of a wide range of individuals, including operational and senior management, while providing advice, guidance and strategic influencing on complex privacy compliance issues; and
– Highly proficient at written and verbal communications, in particular, the development of succinct and useful reporting on compliance issues for an Executive Management audience.
The incumbent must have:
– Sound judgment and a strong practical approach to considering courses of action;
– The flexibility to balance multiple accountabilities with competing priorities; and
– The ability to work independently and to tight deadlines, and to quickly adapt to unforeseen changes in priorities and initiatives.
– The ability to produce high quality dashboard reporting.