The Risk Manager, Privacy and Compliance reports in to the AVP, Policy and Governance, Canada Credit Card and Merchant Solutions CCC&MS).
The CCC&MS Business Governance and Control department is a first line of defense function responsible for working with internal support and control groups to ensure effective management of operational risk and regulatory compliance. Our programs play a key role in the efficient and effective implementation and execution of: Operational Risk Management; Board policies; Compliance programs; Privacy; risk assessment; and monitoring programs / audits. In addition, the department provides ongoing guidance in assisting the businesses we support in all areas related the review, assessment, and proactively mitigating key risks and providing guidance on all control matters.
Specific Accountabilities include:
§ Act in the capacity of Privacy Designate for the Canada Credit Card and Merchant Solutions businesses reviewing and approving where applicable Privacy Impact Assessments (PIA) as well as supporting and influencing a culture of Privacy compliance.
§ Maintain and monitor privacy standards, procedures and processes ensuring compliance with Corporate Privacy Office and industry Privacy regulations.
§ Review Business Segment and partner specific policies and procedures to ensure Privacy requirements are included.
§ Facilitate the communication of Privacy standards, guidelines and practices to the CCC&MS businesses.
§ Provide Privacy-related subject matter knowledge for business support areas products, services and initiatives, and look for gaps in knowledge and opportunities to further educate the business on Privacy regulations and requirements.
§ Identify and escalate Privacy-related issues and risks, and maintain the tracking, to ensure it is complete and easily accessible if required.
§ Manage and/or support Privacy Events (e.g., as member of the Resolution Team) following Privacy Office requirements, ensuring timely closure and customer remediation. Review the root cause to ensure control gaps are addressed if applicable.
§ In support of Privacy Office reporting, coordinate privacy event reporting and share business or support area specific Privacy risks and issues with the Privacy Office
§ Maintain regular executive reporting for CCC&MS, focusing on-business trends, risks, and privacy issues on aggregated basis and recommend management action to minimize privacy risk exposures.
§ Develop and maintains comprehensive knowledge of business unit objectives and strategic project goals and key processes, in order to deliver the most effective solutions aligned with TD Bank’s Privacy Standards and practices.
§ Protect TD Bank’s interests by keeping up to date on external business trends, privacy issues, regulatory guidance and maintaining knowledge of existing and emerging privacy issues across the business.
- Privacy Risk Management experience strongly preferred.
Requires strong knowledge of privacy related knowledge including specific regulations pertaining to privacy including Do Not Call, Do Not Solicit, Canada Anti-Spam Legislation, etc.
Strong understanding of the TD Bank Privacy Policies, standards and guidelines, including Privacy Event Notification policy.
Strong interpersonal skills including demonstrated conflict management and negotiation skills.
Experience working or managing risk programs preferred.
Knowledge of Canadian Credit Card and/or Merchant Solutions regulations preferred.
Strong presentation and communications skills both written and verbal.
Ability to influence the decisions and actions of others without express authority.
Some travel may be required.