Data Governance Management

Job description

Role Title: Data Governance Management

Business: Financial Crime Risk

New or Existing Role? New
Grade: GCB4

Key Accountabilities

Impact on Business

·
The directing the development and delivery of data privacy and protection controls based on data policies that assure the compliant use of data and information across the Compliance business requirements.

· Drive implementation on Data Privacy TOM across Compliance for RoPs, PIA, DSARs, Disclosures, Retention, Governance and Documentation, Privacy Breaches and Risks and Issues logs, Supporting and Maintaining Compliance Data Privacy Frameworks, maintain all CDO owned controls.
· Identify areas of improvement in local practices relative to managing data privacy.
· Performs regular privacy assessments of operational processes, identifying, and mitigating risks across the company through effective tools, training and guidance
· Coordinate DP requests, liaising with business areas, Information Security, Information Technology, and Records Management.
· Support the Data Privacy Office with ad hoc projects as requested
· Assist in driving DP risk management and improvement, including providing oversight of Data Privacy and CDO controls and testing the effectiveness of implemented controls where appropriate.
· Work with stakeholders on Data Privacy law, compliance and risks as required (for example by providing input on any changes to scope in controls or processes required as a result of new local laws).
· Assist with the handling of individual rights requests.
· Assist with managing data incidents and breaches
· Be involved in Data Protection regulatory and auditory requirements, assist Compliance CDO with managing responses to requests from regulators – information, inspection, and audit.
· Data that can be trusted by both HSBC and our customers
· Establish required controls to maintain integrity of data across Compliance
· An effective, consistent and well understood data architecture that enables automation, agility and improves transparency
·
Balancing the needs of the business with the need for data security and privacy compliance to FIMs and jurisdictional data privacy and protection policy.

·
Acting a role model, demonstrating active leadership on data privacy and protection law for the Compliance function, working collaboratively with Legal Data Privacy and Regulatory Compliance to communicate across regional and local jurisdiction on data risk policies.

· Act as primary contact point and subject matter expert on behalf of HSBC Compliance function for Data Protection Officers, Group Data Privacy Legal teams and Group Data Services and others relating to data privacy risks and issues.
· Act as Subject Matter Expert with regards to data privacy within EU and other jurisdiction where HSBC operates
· To ensure that the business complies with all relevant data-related legislation in accordance with the Compliance's risk appetite.


Customers / Stakeholders

· Show ability to manage multiple stakeholders, strong business partners and understand technology and commercial concepts quickly
· Manages and owns relationships with key internal stakeholders across Global functions, lines of business, regions, and countries.
· Develops, strengthens, manages, and owns external relationships with key public sector partners and peers.
· Provides strategic direction and oversight of the firm's participation in initiatives with key members of Group, public sector and peers to share information on financial crime threats.
· Manages the sharing of information and creation of feedback loops across the firm to continuously adapt and improve our financial crime controls and support the business in their first line responsibilities.
· Oversee, support and coordination capability necessary to manage the issues related to FCTM data to high priority financial crime threats requiring a coordinated response across Global FCR functions, lines of business, regions, or countries.
· Leads the CDO data privacy and governance controls framework globally and provide SME and advice
· Leads the Data Privacy and Governance Controls team
· Continue building data privacy knowledge base and communications strategy to assist with a variety of departmental deliverables and knowledge sharing.
· Develop and administer guidance, training and educational materials, interact closely with cross-functional stakeholders and team members to tailor materials appropriately for various business areas.
· Champion, raise awareness and understanding of data privacy & CDO governance controls framework within Compliance function


Leadership & Teamwork

· Takes a leading role in promoting data privacy and CDO governance controls throughout own area of responsibilities and collectively within the Compliance function.
· Take ownership / responsibility for work and be comfortable working independently
· Show strong communication skills with the ability to explain complex issues clearly
· Assist with handling escalations and conflicts from Business Areas
· Provides direction at a global level and support at CDO Compliance function
· Establishes approach to attract, retain and motivate high calibre talent
· Influences through action and strong leadership the key stakeholders to own and optimize decisions.
· Provides sponsorship and strategic vision for People Development initiatives for Compliance CDO
· Co-ordinate communication across Compliance and the business to all key stakeholders in relation to Compliance CDO Privacy and Controls Governance matters.
· Managing the demands of multiple diverse aspects of the role;
· Maintaining a global perspective, but with particular consideration of regional distributions (staff, budgets, resources, operations) and the impact of these, and ensuring a proportionate balance in each region

Operational Effectiveness & Control

· Be solutions focused / innovative in approach to creating an engaging story around data privacy
· Participate in the architectural design solutions for infrastructure and applications to ensure Data Privacy by Design principles embedment
· Identifying security and privacy issues in services, data, and products, potential weaknesses and then working with cross-functional teams on creative solutions to eliminate those weaknesses.
· Work to align advanced technologies and Privacy by Design principles from the first stages of development and ensure that the data use meets established regulatory compliance needs.
· Define compliance metrics, build tracking and develop dashboards to provide transparency to leadership.
· Ability to deliver consistent and valuable MI rapidly and in an automated manner, achieving actionable insights through advanced analytical techniques
· Establishing and embedding proactive data discovery and analysis whilst improving effective decision making based on timely insights
· Increasing efficiency in mechanism for measuring Data Privacy and CDO governance controls framework effectiveness globally and against organisation performance
· Collaborate with the wider teams in Compliance, e.g. Regulatory Compliance to utilise the existing technological solutions that can be used for the advancement and growth of this area within the CDO remit.

Role Context
· In light of our increased dependency on data and technology to realize our strategic objectives, the overall purpose of this role is to support the business to navigate data regulation in a way that balances regulatory, commercial and operational needs.
· CDO Data Privacy and Governance Controls role is to further develop the Compliance data privacy strategy and CDO maintained controls working with Global Business, Group Legal and Corporate functions, acting as data privacy strategist and adviser, monitoring and implementing CDO data controls and an asset covering both internal infrastructure and applications. To ensure that data protection is an enabler and not a hindrance, allowing the business to take advantage of its digital assets while nurturing a culture of data protection, reflecting the organisational commitments to customers and employees and any other stakeholders:
·
Sponsoring key data initiatives in support of the data privacy and CDO governance controls strategy

·
Working with program owners to ensure programs align to the Compliance data strategy

·
Working with stakeholders to plan future data privacy needs and adhere to the global scope

·
Develop and implement solutions to ensure privacy policies are correctly implemented advancing compliance with legal forms of data use as well as support business use of data.

·
Ensure data governance and privacy considers and manages both internal controls and external regulatory requirements and restrictions for using data across HSBC

·
Ensure that business intelligence capabilities are developed, supported and maintained to allow HSBC to maximise the benefit of data assets

·
Develop, manage and maintain data standards, policies and methodologies in line with Group Data Privacy Policy

·
Ensure data privacy governance practices in HSBC help support business decision making

·
Promote Privacy by Design in all internal Compliance infrastructure and applications.

·
Foster a culture of collaboration, accountability and transparency around data

· Build, mentor and support the data community within the Group
·
Create a linkage between the business, technology and corporate functions underpinned by data privacy.

·
Grow awareness and knowledge of the data privacy and other changing laws and regulations within the remit of HSBC operations.

Observation of Internal Controls

· Develop and embed a clear accountability framework over data privacy, ensuring compliance with industry standard policies and frameworks
· Standardised Data Privacy Controls, CDO governance controls and Accountability Global Frameworks Implementation and Management
· Drive Compliance wide data privacy awareness and adoption, transparency of data privacy across Compliance and other GBs/GFs in the Bank, Group Strategy and latest global legal and regulatory developments
· Drive the framework, policies, procedures, and controls for the effective identification and mitigation of the specific data risk threats.
· Agree and oversee the monitoring of the adherence to the Compliance CDO related elements of the Compliance FIMs.
· Monitor and assess the resourcing, costs, and spend of the function.

Desired profile

Qualifications :

Knowledge & Experience / Qualifications

·  Demonstrable program management skills including strong organizational and multi-tasking abilities
·  Leadership experience and an experienced strategic thinker
·  Excellent written and verbal communication skills
·  Strong interpersonal & inclusiveness skills
·  Attention to detail and accuracy
·  Have experience in delivering training, writing policy documents and rolling out change
·  Significant experience in a leadership role in the field of Data Management, Data Governance & Policies, Data Quality, Data Visualisation
·  Significant data privacy, analytics and business intelligence experience
·  Deep expertise in Data Management & Architecture
·  Solid IT skills, e.g. SQL, javascript, html, Hadoop or Cloud experience
·  Experience with data privacy software a plus
·  Privacy certifications, e.g. CIPP/E, CIPT other
·  Law degree or similar discipline.
·  Perseverance and agility to work in rapidly changing environment
·  Proven experience working with a team
·  Experience working with regulations or data protection/privacy projects, GDPR programmes
·  Exceptional knowledge of GDPR regulation and extensive knowledge of other data privacy frameworks globally.
·  Be interested in technology, solutions, ability to apply the theory to practise and be a bridge between different stakeholders, especially, IT and legal.
As a business operating in markets all around the world, we believe diversity brings benefits for our customers, our business and our people. This is why HSBC is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of background, circumstances, age, disability, gender identity, ethnicity, religion or belief and sexual orientation.

We want everyone to be able to fulfil their potential which is why we provide a range of flexible working arrangements and family friendly policies.

https://www.hsbc.co.uk/1/2/popups/uk-privacy-statement#/ overview