Oversee compliance of applicable Latin American and Canadian Privacy Protection laws, rules and regulations impacting the enterprise. Provide consultative support to the business on initiatives involving Privacy. Oversee and drive execution of Privacy risk assessments across the enterprise to identify compliance risks and work collaboratively with business and operational stakeholders to develop and implement remediation plans for compliance. Identify and evaluate monitoring and testing activities, metrics and executive reporting to monitor the health of the policies, procedures, processes, and operations related to compliance with Privacy. Escalate and oversee remediation of issues, trends and compliance impacts/concerns, including inclusion of escalated items in standard Compliance reporting routines.• Serve as compliance consultant and subject matter expert for Latin America and Canada Privacy Protection laws with a focus on Privacy Notices, Choices, Privacy Events, Information Use, Affiliate/Third Party Sharing, Telemarketing, Email Marketing, and Cross Border Data Movement regulatory requirements and business control implementation.• Maintained documentation of business applicability for privacy laws to ensure comprehensive Monitoring & Testing (M&T) established for applicable regulations and key provisions.

Oversee compliance of applicable U.S. Privacy laws, rules and regulations in scope for designated lines of businesses. Provide consultative support to the business on initiatives involving Privacy. Oversee and drive execution of Privacy risk assessments within designated businesses to identify compliance risks and work collaboratively with business and operational stakeholders to develop and implement remediation plans for compliance. Identify and evaluate monitoring and testing activities, metrics and executive reporting to monitor the health of the policies, procedures, processes, and operations related to compliance with Privacy. Escalate and oversee remediation of issues, trends and compliance impacts/concerns, including inclusion of escalated items in standard Compliance reporting routines.• Serve as compliance consultant and subject matter expert with a focus on Privacy Notices, Choices, Privacy Events, Information Use, Affiliate/Third Party Sharing, Telemarketing, Email Marketing, and Cross Border Data Movement regulatory requirements and business control implementation.• Maintain documentation of business applicability for privacy laws to ensure comprehensive Monitoring & Testing (M&T) established for applicable regulations and key provisions.

Provided executive leadership and direction to the implementation of the Privacy Program for the Preferred Banking Division, which encompassed defining clear scope and ensuring consistent execution across multiple lines of business. Gained specialized expertise in new privacy rules/requirements and impacts on business. Defined Privacy Risk Metrics and formalized monthly scorecard, which focused on generating awareness from the top-down and raised accountability of risk management. Implemented new regulatory requirements. Identified privacy related reporting and metrics. Supported internal and external audits related to Privacy as well as managed required remediation. Acted as a liaison with Regulatory Agencies including OCC, CFPB, State, and Federal Attorneys General. • Established and implemented privacy program and developed key controls to comply with Privacy Notice, Choices, Privacy Event Management, Information Use, Affiliate/Third Party Sharing, Telemarketing, Email Marketing, and Cross Border Data Movement Company and regulatory requirements. • Administered the Consumer Privacy Breach Notification Program which led to a reduction of the total number of Privacy Breaches by 20%, number of breaches requiring consumer notification by 48%, and number of consumers notified by 64%.• Served as a member of the Global Privacy Governance Committee and partnered with Global Compliance partners on formulating strategy, structure, policy, and risk decisions.

Supervised the support staff that performed Privacy Breach tracking and reporting. Led efforts to ensure optimal customer experience while minimizing reputational/brand impact. Oversaw the management and administration of critical components of the Privacy Event Management Program, which encompassed strategy, training, and consumer communication. Managed the Consumer Privacy Response Call Center queues and Credit monitoring services provided in connection with a Privacy event. • Maintained full responsibility for managing high-impact Privacy Breach, which resulted in the notification of 2.5 million customers and management of related Class Action Settlement impacting 17 million customers.• Formulated remediation plans required to mitigate privacy non-compliance and gaps.• Served as a Privacy subject matter expert supporting business units and functional areas across the Enterprise.

Architected and implemented Anomalous (red flag) Activity Monitoring Programs for the early detection of potential customer or employee data breach incidents. Introduced Privacy compliance policies and procedures while driving consistency and mitigating non-compliance risk. Cultivated relationships with National Credit Reporting Agencies. Investigated and reported on data breach events.• Drove the development, implementation, and management of de-centralized Privacy and Information Security program for the division.• Maintained accountability for data security staff charged with managing daily anomalous/red flag reporting.• Partnered with respective Compliance and Privacy contacts on Privacy breaches • Coordinated all Data Security and Privacy compliance projects, which ensured the achievement of objectives.

Administered expansion plans in California, Texas, and Arizona as well as provided business direction, strategic focus, and leadership. Managed compliance measures as well as implemented policies, controls, and risk mitigation strategies. Executed capacity planning and budget control initiatives. Exceeded Customer Service levels while managing growth in order to service over 60,000 customers. Established Associate New Hire Training, Fair Credit Reporting Act (FCRA), and Product Certification Programs. • Led aggressive multi-state growth plans that expanded the company from 10 employees to 500+ employees. • Designed Company’s Web based product fulfillment system that provided a 20% reduction in data entry efforts and consolidated 4 product processing platforms.• Established the Quality Control Program to monitor product quality and customer call center experience in order to exceed regulatory and customer requirements.