Elmo is a Risk and Compliance Lead with focus in the Payment Service Provider industry. Hyphen is a FinTech business in providing tailored financial solutions to clients.● Implemented and executed the governance risk framework, enhancing enterprise-wide risk management and compliance.● Led risk identification, reporting, and mitigation efforts for operational, IT, and cybersecurity risks, reducing exposure. ● Improved the 1st line and 2nd line maturity reporting from “Risk… Show more Elmo is a Risk and Compliance Lead with focus in the Payment Service Provider industry. Hyphen is a FinTech business in providing tailored financial solutions to clients.● Implemented and executed the governance risk framework, enhancing enterprise-wide risk management and compliance.● Led risk identification, reporting, and mitigation efforts for operational, IT, and cybersecurity risks, reducing exposure. ● Improved the 1st line and 2nd line maturity reporting from “Risk Defined” to “Risk Managed” with elements of “Risk Optimized” as noted in the internal audit report. Also, only one severe audit finding raised in the last year. ● Managed operational losses, fraud risks, and key risk indicators, resulting in a 75% decrease in severe incidents.● Served as the 2nd line of defence, measuring control adequacy and advising on business process improvements to mitigate risks.● Control optimization and business assurance around control adequacy. ● Directed the implementation of Payment Card Industry Data Security Standard (PCI DSS) and ISO27001, achieving full compliance.● Lead regulatory compliance expert and maintained a healthy compliance universe with zero penalties for noncompliance. ● Liaised with regulatory bodies such as the South African Reserve Bank (SARB), Payment Association of South Africa (PASA), and Bank of Namibia (BoN), ensuring compliance with licensing requirements and regulatory standards. Show less

● Established the information security and IT risk framework for Shared Services and Core Banking Solutions, enhancing security posture.● Identified, reported, and mitigated IT risks, reducing exposure across the organisation.● Managed external and internal audits, ensuring timely resolution of findings and maintaining audit schedules. Further, reducing the number of findings by 50% year-on-year. ● Implemented IT security controls, including user access management, network security,… Show more ● Established the information security and IT risk framework for Shared Services and Core Banking Solutions, enhancing security posture.● Identified, reported, and mitigated IT risks, reducing exposure across the organisation.● Managed external and internal audits, ensuring timely resolution of findings and maintaining audit schedules. Further, reducing the number of findings by 50% year-on-year. ● Implemented IT security controls, including user access management, network security, and patch management, to safeguard production systems.● Led key security initiatives, such as PCI compliance, data loss prevention (DLP), email encryption and Host-to-Host (H2H) secure channel, Identity and Access Management (IAM) to strengthen data protection and compliance. ● Improved resilience to core banking applications and reduced number of outages to a minimum. ● Aligned IT objectives and risk frameworks with the bank's overall strategy, ensuring group-wide consistency in security measures. Show less

● Implemented ITIL and Cobit practices, improving IT governance and service management.● Established a fully functional ICT Service Desk, enhancing user support and incident resolution.● Led business process modelling for the ICT department, streamlining operations and improving efficiency.● Managed and maintained all ICT policies, including the creation of new policies and the rollout of awareness programs.● Maintained the ICT Risk Register, providing regular reports to senior… Show more ● Implemented ITIL and Cobit practices, improving IT governance and service management.● Established a fully functional ICT Service Desk, enhancing user support and incident resolution.● Led business process modelling for the ICT department, streamlining operations and improving efficiency.● Managed and maintained all ICT policies, including the creation of new policies and the rollout of awareness programs.● Maintained the ICT Risk Register, providing regular reports to senior executives on risk management.● Conducted informal access reviews for finance systems, identifying and reporting risks to management. Show less

● Led a project to enhance reporting capabilities for ABSA Capital Market Risk department, improving data accuracy and efficiency.● Conducted COBIT and ITIL gap analysis for ABSA Capital, identifying non-compliant processes and implementing best practices for improved governance.● Assisted Imperial Bank that were later bought by Nedbank with BASEL II framework implementation, by developing BRS and BSS for accurate SARB reporting on capital adequacy and risk exposure.● Supported Teba… Show more ● Led a project to enhance reporting capabilities for ABSA Capital Market Risk department, improving data accuracy and efficiency.● Conducted COBIT and ITIL gap analysis for ABSA Capital, identifying non-compliant processes and implementing best practices for improved governance.● Assisted Imperial Bank that were later bought by Nedbank with BASEL II framework implementation, by developing BRS and BSS for accurate SARB reporting on capital adequacy and risk exposure.● Supported Teba Bank that became later known as UBank in ensuring compliance with the National Credit Act (NCA) by delivering BRS and BSS to the IT department for system alignment. Show less

● Conducted technical compliance tests for Sarbanes-Oxley, ensuring adherence to regulatory requirements.● Utilised Computer Aided Audit Techniques (CAATS) to analyse client data, testing data integrity and detecting malicious transactions.● Reviewed Integrated Framework practices for BSkyB IT projects, ensuring alignment with best practices within the System Development Life Cycle (SDLC).● Evaluated Business Continuity and Disaster Recovery (BCP & DR) processes, assessing… Show more ● Conducted technical compliance tests for Sarbanes-Oxley, ensuring adherence to regulatory requirements.● Utilised Computer Aided Audit Techniques (CAATS) to analyse client data, testing data integrity and detecting malicious transactions.● Reviewed Integrated Framework practices for BSkyB IT projects, ensuring alignment with best practices within the System Development Life Cycle (SDLC).● Evaluated Business Continuity and Disaster Recovery (BCP & DR) processes, assessing effectiveness from both technical and business perspectives and identifying management gaps. Show less

● Review of the group's IT infrastructure according to Information Security standards and best practice.● Systems, Database and Network audits and reviews of various business and reporting.● Consultation and implementation of the BS7799 standard, by establishing information security governance framework, standards, policies and procedures for the group. ● Implementation of various in house processes and IT platforms to enhance the internal audit process reporting.