Job Description

About Standard Chartered We're an international bank, nimble enough to act, big enough for impact. For more than 160 years, we've worked to make a positive difference for our clients, communities, an About Standard Chartered We're an international bank, nimble enough to act, big enough for impact. For more than 160 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents. And we can't wait to see the talents you can bring us. Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion. Together we: . Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do . Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well . Be better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing. . Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations . Time-off including annual, parental/maternity (20 weeks), sabbatical (12 weeks maximum) and volunteering leave (3 days), along with with minimum global standards for annual and public holiday, which is combined to 30 days minimum . Flexible working options based around home and office locations, with flexible working patterns . Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits . A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning . Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential. Recruitment assessments - some of our roles use assessments to help us understand how suitable you are for the role you've applied to. If you are invited to take an assessment, this is great news. It means your application has progressed to an important stage of our recruitment process. The Role Responsibilities The Director will play an essential role in the Group's Data Protection Office (DPO)/Compliance Privacy team, developing and implementing the Group's approach to managing privacy, data protection and banking secrecy risks. Strategy . Provide advice on the interpretation, application and implementation of laws and regulations pertaining to privacy and banking secrecy . Support both the GDPO and deputy GDPO with the implementation of the Group's privacy strategy . Provide expert guidance on privacy and banking secrecy risk assessment and management. Business . Provide subject matter expertise (SME) guidance to Businesses and Functions, and colleagues in Conduct, Financial Crime & Compliance (CFCC) on privacy and banking secrecy risks and other applicable privacy and data protection legislation across the Group's footprint . Monitor relevant legislative and regulatory changes and advise on associated impact to the Group's business and operational functions . Actively engage in and contribute to the relevant workstreams of the Group's Data & Privacy Transformation Programme. Processes . Develop and implement a robust plan for managing banking secrecy related risks . Review, assess and advise on Privacy Impact Assessments (PIAs) and data incidents . Review and assess Records of Processing Activities (RoPAs) . Lead global initiatives as requested by the GDPO . Develop and deliver training where required . Draft mandatory documentation, such as Standards and guidelines, and help maintain a library of mandatory documentation . Draft and maintain additional, non-mandatory documentation such as FAQs, Privacy-related communications including content for the Group's intranet (Bridge) site. People and Talent . Provide effective second-line SME support and advice to the Group, particularly across ASA and GCNA . Champion good privacy practice and standards across the Group . Develop and provide training to colleagues at all levels to ensure data protection principles and good practices are adopted . Collaborate with Businesses and Functions to foster an environment that drives appropriate privacy and banking secrecy risk control behaviour, including early anticipation, identification and mitigation of privacy risk, escalating issues in line with the Group's Operational Risk Framework. Risk Management . Oversee, monitor and challenge implementation of controls to mitigate risks . Ensure privacy and data protection controls are regularly tested in accordance with the controls testing plan . Lead risk assessments to identify gaps and deficiencies, and help determine remedial action to correct or mitigate risk . Provide expert guidance and support on privacy and banking secrecy risk identification and management . Ensure proactive and timely identification, assessment, advice and dissemination of evolving legal and regulatory changes / practices and associated risks on client privacy issues across the Group . Assist in agreeing the scope of audits and second-line / Compliance Monitoring Reviews . Support with firm-wide internal audits as well as audits of third parties . Integrate privacy and banking secrecy requirements into the third-party vendor framework to ensure data protection and banking secrecy risks are appropriately integrated. Governance . Draft committee papers pertaining to privacy and banking secrecy . Establish and maintain strong relationships with key stakeholders at all levels, while independently performing own duties . Work with Businesses and Functions, and colleagues in CFCC, to identify and develop innovative solutions to personal data processing and privacy related matters. Regulatory & Business Conduct . Display exemplary conduct and live by the Group's Values and Code of Conduct. . Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Group. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct. . Support the CFCC Privacy Team to achieve the outcomes set out in the Bank's Conduct Principles: Fair Outcomes for Clients Effective Financial Markets Financial Crime Compliance The Right Environment. . Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters. Key Stakeholders . Strategy, Governance & Core Compliance Leadership team . CFCC Advisory colleagues . Regional CFCC colleagues . Country DPOs . Head, Data Management & Privacy, Operations and team . CFCC Assurance . Group Internal Audit . Connected Policy owners, including CISRO and CDO . Legal (COO's team) Other Responsibilities . Embed Here for good and Group's brand and demonstrate the Valued Behaviours in SGCC. . Perform other responsibilities as assigned. Our Ideal Candidate . CIPP certification or other equivalent industry recognised qualification. . Legal qualification or training preferable but not essential. . 5+ Years of experience in Privacy compliance . Experience in Cross boarder data Role Specific Technical Competencies . 5+ years of experience as a Privacy Practitioner advising on a wide range of privacy compliance related matters managing risks and developing pragmatic solutions to problems, including employee privacy related issues . Technical knowledge of privacy laws and regulations in Singapore, Hong Kong or Malaysia as a minimum (ideally also European rules) . Ability to translate data protection supervisory authorities' recommendations, privacy case-law and any other policy developments into workable internal guidelines and documentation . Practical understanding of financial services . Ability to understand and map a process and to determine how privacy obligations impact a process . Ability to draft guidance and translate complex, regulatory concepts into practical, easy to understand recommendations that can easily be implemented by a variety of stakeholders . Experience of implementing Privacy Impact Assessments . Experience of implementing Privacy by Design . Practical knowledge of key information security principles . Proven ability to identify and articulate privacy requirements, risks and issues, and to make pragmatic decisions / recommendations . Ability to understand business drivers and risk appetite and to align privacy compliance accordingly . Ability to pro-actively drive change, while being able to anticipate privacy challenges. . Proven ability to incorporate privacy considerations into innovative solutions so that the business can continue to function and evolve whilst ensuring the rights and freedoms of individuals are being met Visit our careers website www.sc.com/careers