The primary mandate of the Privacy Team Lead, Enterprise Compliance Program (PTL, ECP) is to utilize a risk-based and data-driven approach to effectively, efficiently and independently operate the ECP function of the Enterprise Privacy Office; in order to assist the Enterprise Chief Privacy Officer in operating BMO’s Privacy Oversight Program which enables the Enterprise to deliver on its commitment to protect customer and employee personal information and empowers the Enterprise to address privacy considerations in a way that advances its business objectives.
The PTL, ECP reports directly to the Enterprise Chief Privacy Officer. In role as PTL, ECP, the successful candidate has a number of Privacy Officers reporting to him/her. Privacy delegates in Europe and Asia, while no official reporting relationship exists, work under the PTL, ECP’s direction to fulfill the Privacy Office mandate in connection with the Privacy ECP function.
- Assist the Enterprise Chief Privacy Officer in efficiently and effectively leading Privacy’s ECP accountabilities by managing all Privacy components of the ECP, including:
- Delivering a Privacy ECP training program to the 1st Line, including educating about who the ECP team of the Privacy Office is, when and how to engage with us, and how to execute Privacy-related RCRA (risk assessments), M&T and Issue Management.
- Developing, documenting and updating the Privacy Compliance procedures and guidelines relating to ECP element of Privacy.
- Keeping current, and keeping the Enterprise current, on the Privacy regulations applicable to each Assessable Unit in every BMO jurisdiction, and maintaining and updating regulation inventories.
- Conducting, ensuring others conduct, and performing effective challenge of, Privacy-related RCRA (risk assessments), M&T and Issue Management
- Addressing ad hoc business privacy inquiries regarding ECP.
- Manage the Privacy Regulatory Development program as part of the Enterprise Regulatory Development Framework.
- Manage privacy input in Risk and Control Self Assessments.
- Assist to oversee the Privacy Reporting program.
- Contribute to the Privacy governance accountabilities, including assisting to document policy, process, other key privacy framework and guidance documents.
- Such other things as determined by the Enterprise Chief Privacy Officer.
- Establish and maintain a trusted advisor relationship with the Operating Group and Corporate Area by providing Privacy direction and guidance;
- Establish strong relationships, and especially with staff of other LCCG groups (including international Privacy delegates), LOBs and their BUCOs, and Corporate Areas and their BUCOs.
- Direct Privacy ECP team members, including international Privacy delegates, in overseeing Privacy Enterprise compliance to manage Privacy Risk.
- Ensure appropriate team training.
- Model, promote and support Being BMO vision, values, brand, actions and outcomes.
- Monitor adherence to Code of Conduct, bank HR standards, and policies.
- Ensuring the maintenance (and development where necessary) of processes, systems and technology that support Privacy functions and accountabilities.
- Fulfil all HR requirements for the Privacy ECP team.
Knowledge and Skills:
- Minimum of 5-7 years of Compliance function or other relevant experience.
- Solid academic and professional qualifications.
- Strong leadership, interpersonal, organizational, and communication skills.
- Strong capabilities in risk management, problem solving, strategic planning, and change leadership.
Must have and/or develop:
- Knowledge of complex body of privacy regulations and how they apply to the bank and how to risk assess situations against those regulations.
- knowledge and expertise in ECP methodology and use of the CORE tool, or any other Compliance tool use by BMO to fulfill the ECP mandate
- strategic approach to problem solving to provide privacy risk mitigation strategies
- subject matter expertise to advise Operating Groups, Corporate Areas and other compliance professionals.
- advanced level of knowledge of regulatory/compliance requirements and the operations of the Enterprise
- Must analyze and address problems by:
- Overseeing the satisfactory resolution of complex or sensitive privacy issues.
- Responding to sophisticated functional queries typically of a confidential and/or sensitive nature.
- Exercising judgment on complex, and often ambiguous, situations.
- Resolving most day-to-day issues within policy and/or escalating with appropriate analysis and recommendation.
We’re here to help
At BMO we have a shared purpose; we put the customer at the centre of everything we do – helping people is in our DNA. For 200 years we have thought about the future—the future of our customers, our communities and our people. We help our customers and our communities by working together, innovating and pushing boundaries to bring them our very best every day. Together we’re changing the way people think about a bank.