Full Job Description
About Wells Fargo
Wells Fargo & Company (NYSE: WFC) is a diversified, community-based financial services company with $1.9 trillion in assets. Wells Fargo’s vision is to satisfy our customers’ financial needs and help them succeed financially. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides banking, investment and mortgage products and services, as well as consumer and commercial finance, through 7,600 locations, more than 13,000 ATMs, the internet (wellsfargo.com) and mobile banking, and has offices in 32 countries and territories to support customers who conduct business in the global economy. With approximately 263,000 team members, Wells Fargo serves one in three households in the United States. Wells Fargo & Company was ranked No. 29 on Fortune’s 2019 rankings of America’s largest corporations.
Wells Fargo Compliance
Wells Fargo Compliance is part of the company’s independent risk management function, providing company-wide leadership, standards, support, and independent oversight to ensure that all business groups abide by applicable laws, rules, regulations and regulatory requirements, while meeting compliance responsibilities and managing compliance risks.
Compliance challenges management decisions, business processes and activities, and evaluates and assesses adherence to applicable regulatory requirements. It provides appropriate analysis, reporting, and escalation to senior management and the Board of Directors, sets minimum standards for the company, and gives advice, guidance, and support for compliance risk management activities across the enterprise.
The Chief Privacy Officer leads the enterprise Privacy compliance program across Wells Fargo. Enterprise Privacy, within Enterprise Functions Compliance in Corporate Risk is accountable for providing independent risk management (second line of defense) oversight for privacy risks and initiatives, including guidance for front line privacy leaders and front line control teams. The Chief Privacy Officer oversees all activities related to the development, implementation, maintenance of and adherence to Wells Fargo’s privacy policies and standards for applicable privacy law, rule and regulation. The Chief Privacy Officer will provide subject matter expertise to the enterprise with respect to privacy requirements and issues. This position reports to the Head of Enterprise Functions Compliance and will be expected to:
Develop and manage the privacy governance structure, including policies, standards, notices and guidance
Manage the privacy regulatory inventory and related regulatory change management
Independently review controls and procedures to implement privacy policies and applicable privacy-related laws, regulations, provide oversight and credible challenge to business, country or region-specific procedures and controls developed by the businesses and staff functions and consult on the design and/or performance of independent testing as appropriate
Support development of program metrics, monitoring, testing plans and other controls through strategic inputs and implementation
Escalate privacy-related issues and incidents to Independent Risk Management governance committees and appropriate business and function management; consult with the business, privacy leaders and other leaders regarding risk and front line control function escalations and exceptions
Ensure mechanisms and controls to authorize cross-border transfers of personal data within Wells Fargo and affecting third party service providers are in place and operational
Perform Independent Risk Management oversight of enterprise or regional risk assessment activities to ensure they address privacy issues, including consultation on cross-border transfers of personal data
Lead the Privacy Leader Community of Practice with appropriate representation from all front line businesses and functions as well as other Independent Risk Management, Legal and Internal Audit functions to ensure appropriate communication and enterprise support for the privacy program
Provide oversight and guidance for management of data subject requests and privacy complaints and support for Privacy by Design activities
Monitor and communicate to privacy leaders, management, Corporate Risk and other appropriate groups about any privacy developments impacting the company
Develop and manage content for enterprise privacy training as appropriate; review, provide input and approve any privacy-related training developed by the businesses
Serve as primary point of contact for privacy authorities or appoint regional privacy officers to serve in that role
Support the Compromised Data function and related information security functions in managing incidents involving personal data
Leadership, integrity, and credibility will be determining factors in selection. Successful candidates will be articulate and possess a demonstrated leadership capability; they will be impressive in their inter-personal effectiveness and with regard to their accomplishments. These roles require leaders with strong relationship management, influencing, vision, and execution skills. A key differentiator will be the ability to understand and operate successfully in a complex, heavily matrixed corporate environment. These roles require a sense of urgency, passion for results, and personal accountability for achievement.
The successful candidate will work closely with other senior leaders across the company in the development and execution of company risk management strategies. Accordingly, critical success factors will include the ability to develop partnerships with many business and functional areas.
10+ years of management experience
12+ years of experience in risk management (includes compliance, financial crimes, operational risk, audit, legal, credit risk, market risk, IT systems security, business process management) or 12+ years of financial services industry experience, of which 10+ years must include direct experience in risk management
Other Desired Qualifications
15+ years of experience in financial services or regulated industry
Strong knowledge of global privacy requirements
Relevant compliance, risk and privacy experience
Strong organizational and facilitation skills
Experience working independently and virtually within a global organization
Exceptional communication and influencing skills
Good working knowledge of technology related controls and security measures and management
CIPP or equivalent certification or qualification
Leadership and team management experience in a global financial institution
Experience in advising senior management
All major Wells Fargo hub cities may be considered