The primary mandate of the Privacy Officer, Enterprise Compliance Program (ECP) is to utilize a risk-based and data-driven approach to effectively, efficiently and independently assist the Privacy Team Lead, ECP to operate the ECP function of the Enterprise Privacy Office, in order to assist the Enterprise Chief Privacy Officer in operating BMO’s Privacy Oversight Program which enables the Enterprise to deliver on its commitment to protect customer and employee personal information and empowers the Enterprise to address privacy considerations in a way that advances its business objectives.
The Privacy Officer, ECP reports directly to the Privacy Team Lead, ECP.
While no official reporting relationship exists, the Privacy Officer, ECP keeps the Head, Privacy Canada informed of all Canadian privacy-related matters and collaborates with the Head, Privacy Canada, where Head, Privacy Canada deems it necessary, to address those matters.
Key Accountabilities: Privacy ECP
Assists Privacy Team Lead, ECP in efficiently and effectively performing Privacy’s ECP accountabilities, including:
- Educating the Enterprise about who the ECP team of the Privacy Office is and when and how to engage with the Privacy Office.
- Formalizing a more robust and integrated Enterprise Privacy Compliance Program.
- Developing, documenting and updating the Privacy Compliance procedures and guidelines relating to ECP element of Privacy.
- Keeping current and keeping the Enterprise current on the Privacy regulations applicable to each Assessable Unit in every BMO jurisdiction;
- Along with the business, maintaining and updating regulation inventories, ensuring the LOB and Corporate Areas have the appropriate regulation inventories mapped in CORE.
- Conducting the external risk in order to determine the inherent risk for all applicable privacy regulations as part of the RCRA.
- Conducting effective challenge of Privacy regulation validation.
- Conducting effective challenge of RCRA of Privacy regulations conducted by the LOB and Corporate Areas.
- Ensuring the planning and execution of 1st Line M&T by the 1st Line, and conducting effective challenge of that 1st Line M&T.
- Ensuring the planning and execution of 2nd Line M&T by the Privacy Office.
- Conducting Privacy Issues Management oversight, including surfacing and integrating Privacy Issues identified by other teams of the Enterprise Privacy Office.
- Relationship management with the ECP stakeholders and regulator(s), as needed.
- Addressing ad hoc business privacy inquiries regarding ECP.
- Supporting the reporting activities of the Enterprise Privacy Reporting Lead to complete Privacy ECP related reporting.
- Educating the 1st Line about Privacy regulation, RCRA, M&T and Issue Management and developing and executing Privacy training program to the Enterprise in connection with ECP.
- Such other things as determined by the Enterprise Chief Privacy Officer
Key Accountabilities: Privacy (Canada) Assessable Unit, Business Unit Compliance Officer
Leads the First Line ECP activities for the Canadian Privacy Office business unit, including:
- Ensuring all regulatory requirements mapped are accurate and complete.
- Identifying potential regulatory risks and making recommendations or escalate.
- Developing and managing the Privacy Canada program calendar including scheduling and tracking completion & executing First Line RCRA, M&T and Issues Management.
- Working with the Compliance Team Lead of the Privacy (Canada) Assessable Unit.
- Managing the day to day risk of the Privacy (Canada) Assessable Unit.
Key Accountabilities: Canadian Privacy Officer
Participates in the cross-functional Canadian working group to ensure Canadian privacy compliance, oversight and knowledge sharing, including:
- Participating in weekly Canadian Privacy meetings.
- Escalating Canadian Privacy issues to the Enterprise Chief Privacy Officer.
- Assisting to address Canadian audit activities and any Canadian regulators inquiries.
- Fostering the relationship with other Canadian Financial Institution Privacy Officers.
Key Accountabilities: General
- Establish and maintain a trusted advisor relationship with the Operating Group and Corporate Area members by providing Privacy direction and guidance;
- Establish strong relationships, and especially with colleagues (including international Privacy Delegates), other LCCG groups, Technology, Compliance Risk Program Office, LOBs and their BUCOs, and Corporate Areas and their BUCOs.
Privacy and BMO Management
- Align tasks and assignments with departmental goals and objectives;
- Increase effectiveness and performance by identifying and closing skill and knowledge gaps through appropriate training;
- Adhere to First Principles, Our Code of Business Conduct and Ethics Corporate Policy, and Bank HR standards, and policies;
- Ensure the maintenance (and development where necessary) of processes, systems and technology that support Privacy functions and accountabilities.
- Continuously seek productivity and cost-reduction initiatives.
- Model, promote and support Being BMO vision, values, brand, actions and outcomes.
Closing Date: June 28, 2016