Data Controls

Role Description

The AD Data, Analytics and AI Governance and Control Enablement Director is accountable for enabling, governing and assuring the effectiveness of Data, Analytics and AI controls across the Americas Division (AD), in alignment with AD specific requirements and globally positioned Policies, Standards and Frameworks. 
This role is based in Charlotte, North Carolina, with a primary reporting line to the AD Strategic Data Governance Program Delivery Lead and a dotted line to the Global Head of Data Controls.
This role partners with AD Control Office, Function Data Officers (FDOs) / Entity Data Officers (FDOs), Control Owners and project teams to facilitate data risk identification, Risk & Control Assessments (RCSAs), control implementation and monitoring activities. 

Acting as the CDAO authority for data, analytics and AI control outcomes, the role ensures risks are appropriately identified, controls are consistently taken through a lifecycle of design, implementation, evidencing and ensuring ongoing monitoring & sustainability. The role ensures control-related issues are remediated effectively, and outcomes are defensible from a regulatory, audit and risk perspective.

While first line control implementation and risk & control assessment activities (including control testing) are owned by AD Control Owners and Control Officers (within the Central Control Office), this role provides design and training, facilitation, challenge and decision making across to ensure data control implementation consistency, quality of evidence and sustainability.

The scope spans data management, analytics and artificial intelligence, recognizing that all three domains are subject to evolving regulatory expectations, enterprise risk standards and global governance frameworks.

Role Objectives

•Provides CDAO authority for Data, Analytics and AI control outcomes across AD strategic initiatives and business processes ensuring consistency and quality across design, implementation and ongoing monitoring.  
•Provides governance and AD control subject-matter expertise to support AD interpretation and application of global and enterprise Data, Analytics and AI impacting policies, standards and frameworks. 
•Provides partnership with AD Control Office to facilitate data risk identification and Risk & Control Assessments (RCSAs) including: 
•Identification of material data, analytics and AI risks
•Consistent application of data, analytics and AI controls
•Alignment of CDAO RCSA results, including residual risk conclusions
•Provides partnership with the AD Control Office in identifying changes to data, analytics and AI control taxonomy and ensures adoption relevant Control Owners
•Provides AD specific consultation and input on updates to Global Data, Analytics and AI related frameworks and taxonomies 
•Provides design and ongoing monitoring over AD key metrics (e.g., key risk indicators, key control indicators) to evaluate control performance and operational effectiveness. 
•Provides enablement to ensure data, analytics and AI controls are embedded by design into business processes, data flows, platforms and BI layers and use cases, including strategic projects and initiatives. 
•Provides oversight of remediation for data quality issues and exceptions arising from control deficiencies, ensuring appropriate uplift to control design, standards or operating processes, as necessary. 
•Coordinates and supports engagements with AD Control Office, Second Line of Defense (Risk Management, Compliance), Internal Audit, and regulators pertaining to data, analytics and AI risks and controls.
•Provides ownership of policies, standards and guidance pertaining to Data, Analytics and AI controls, partnering with relevant AD CDAO, Control Office and 2LOD teams to support enablement and training. 
•Supports risk & control awareness efforts to ensure that data, analytics and AI risk management considerations are embedded in policies, processes and business strategy, disseminating best-practice guidance.
•Produces periodic management reporting and presents escalation items to senior management and in governance meetings.
•Provides identification and analysis of emerging data, analytics and AI risks, including evolving regulatory expectations, to support compliant control design, risk assessments and governance decisions.

Critical Job Knowledge and Core Competencies / Skills

•Minimum of 7-10 years of experience in data governance, non-financial risk management and control frameworks, ideally within regulated financial services, preferably at a large banking institution or consultancy.
•Proven experience in the identification and management of key data risks and controls, including experience in the design and execution of controls and continuous process improvement practices, including embedding controls in change initiatives. 
•Strong understanding of RCSA processes, risk identification, control design, monitoring, issue management and remediation
•Solid understanding of U.S. compliance laws, rules and regulations (e.g., FRB, SEC, FDIC, DFS), working knowledge of BCBS 239 and a broader familiarity of regulatory expectations impacting data, analytics and AI.
•Strong leadership, communication, and ability to drive change and consensus across functions, senior leadership/CXO functions and across all three lines of defense, in a complex regulatory and financial environment.
•Demonstrated ability to manage multiple tasks and initiatives effectively, leveraging strong analytical skills, and proficiency in Microsoft Office applications (Excel, PowerPoint, Word).
•Bachelor’s degree required; master’s degree or MBA preferred.