Description of the Business Line or Department
The Compliance Service Unit (CPLE) is responsible for the definition and consistency of the compliance risk prevention and control system, and for coordinating the framework aimed at preventing, identifying, assessing and controlling reputational risk.
In conjunction with the Business Units and other Service Units (BU/SUs), CPLE performs the following tasks with respect to compliance risk:
- defining and implementing the overall normative framework of the Compliance service and monitors its implementation;
- defining procedures and implementing a framework to ensure compliance with respect to compliance risks;
- awareness-raising among Group employees regarding compliance risk and the strengthening of the compliance culture within the Group;
- mapping and analysing Group compliance risk and general vigilance regarding issues likely to harm the Group's reputation or that of one of its activities;
- performing the second-level control and supervision of the framework, including independently assessing compliance risk management within the entities/activities with a major impact on the Group's risk profile, and individually with respect to regulated employees, in compliance with the applicable regulations;
- monitoring relations with supervisory and regulatory authorities, and representing the Societe Generale Group to these authorities, not including supervisory and regulatory authorities where the Legal function (SEGL/JUR) organises and coordinates the monitoring of these relations, in particular the Autorite de Controle Prudentiel et de Resolution (ACPR) and the European Central Bank (ECB);
- consolidating and monitoring significant compliance events in the entities
SG has developed a second line of defence Compliance Controls team (CPLE/CTL) with teams located worldwide. With direct reporting to the Group's General Management, the Compliance Controls team (CPLE/CTL) mandate is to operate, within the 3 lines of defence model, as a 2nd Line of Defence (LOD) Compliance Controls function covering both Regulatory and Financial Crime Compliance risks, based on a robust compliance risk assessment which drives the prioritization of the risk-based annual monitoring review plan.
The objective of the Compliance Controls department is to assess and test independently the adequacy and effectiveness of the 1st LOD compliance risk and control framework that the Business Units (BU) and Support Units (SU) have put in place to mitigate the risks of non-compliance, reputation and misconduct that SG Group is exposed to across its business activities and operations globally.
The Compliance Controls team in London is responsible to cover SG Wholesale Banking activities in the UK for SG London Branch and SG International Limited.
The Compliance Controls department includes specialised teams to cover the annual control plan primarily for the following BUs and supporting SUs:
- Global Markets (MARK),
- Global Banking and Advisory (GLBA),
- Global Transaction & Payment Services (GTPS),
- Global Business Service Unit (GBSU),
- Other SUs supporting the BUs listed above (CPLE, RESG, RISQ, SEGL, etc.).
Summary of the key purposes of the role
The mission of the UK Compliance Controls Officer is to conduct – primarily but not exclusively - risk-based reviews of SGLB and SGIL, with a focus on a specific perimeter as agreed with Management. The role includes, but is not limited to, the following responsibilities:
- Assist in the development and timely delivery of the annual control plan,
- Ensure timely tracking and resolution of CTL’s recommendations,
- Maintain regular engagement and provide feedback with/to key business and Compliance stakeholders, and
Ensure timely implementation of internal/external audit and regulator’s recommendations assigned to CTL
Summary of responsibilities
- Development of the annual control plan
- Support the Manager in developing the annual risk-based second level control plan pertaining to his/her perimeter by reference to meetings with Business and Compliance stakeholders, the results of the compliance risk assessment and other relevant indicators (e.g. regulatory agenda, past regulatory examinations, compliance reviews or internal audits, etc.)
- Delivery of the annual review plan and reporting
- Execute reviews and report results to the Manager. A typical review will include planning, fieldwork and reporting phases, and will require the following:
- Perform research and gather sufficient information to understand the theme/activity to be reviewed;
- Meet with business and Compliance stakeholders to understand the business and regulatory context;
- Perform walkthrough and document business processes through the use of workflows, where required;
- Formalise scoping document, design and execute testing programme;
- Document review work on the appropriate CTL templates/tools and timely escalate findings;
- Supervise and coordinate the work delegated to other team members, if applicable;
- Identify issues through testing and write draft findings/reports, including recommendations;
- Get clearance from Manager, issue report to stakeholders and validate recommendations/action plans; and
- Ensure that all the tools (e.g., E-Control, MyActions) are maintained up to date at all times.
- Submit draft reports to the Manager in charge to supervise the review prior to issuance and communication to the relevant business and Compliance stakeholders.
- Ensure timely tracking of CTL recommendations once the report is issued as assigned by the Manager and provide updated status in the relevant tool.
- Provide periodic updates of the review status to the Manager in charge and update the team’s activity report on a monthly basis, as required. Comment on key risks/issues identified and highlight any risk of slippage, or provide justification for slippage, if the original delivery schedule is not going to be met.
- Engagement with business line and Compliance stakeholders
- Manage communication to relevant business line and Compliance stakeholders as per the review life cycle,
- Participate in ad-hoc meetings with key business and Compliance stakeholders, as agreed with the Manager,
- Maintain knowledge of the business line organisation as well as its strategic developments and projects, and
- Engage with CTL teams in non-UK locations, if required.
- Engagement with internal/external audit and regulators
- Support Manager in timely implementing internal/external audit and regulator’s recommendations, when/if relevant/applicable, and
- Assist internal/external auditors and regulators during their investigations, as required, under Manager’s supervision.
- Maintain a detailed and updated working knowledge of the FCA rules and regulations and any other relevant rules and regulations, and
- Mentor, coach and support any CTL new joiners, and when required and as directed by the Compliance Manager / Head of CTL staff from regional offices.