Senior Compliance Officer: Data Privacy

Empowering Africa’s tomorrow, together one story at a time.
- With over 100 years of rich history and strongly positioned as a local bank with regional and international expertise, a career with our family offers the opportunity to be part of this exciting growth journey, to reset our future and shape our destiny as a proudly African group.

Job Summary

To develop tactical strategy and delivery plans, formulate associated practice/s and to ensure operational implementation and adaption i.t.o. compliance management methodology, governance and delivery objectives.

Job Description

Accountability: Strategic direction & governance
- Provide Assistance in setting the Absa Group Limited data privacy strategy, as well as the privacy risk and control threshold for the Group.
- Assist in driving compliance to all Data privacy laws and regulations and address these requirements early on in new technologies.
- Enable compliance with data privacy regulations and foster a data protection culture within the organization.
- Proactively conduct data protection impact assessments for the Group’s products, projects, and processes.
- Provide SME guidance on Data Privacy Risk management with Business stakeholders and suppliers.
- Partner with Business and Technology to ensure data privacy issues are considered at the outset of new projects, products, and initiatives.
- Monitor the evolving data privacy regulatory landscape to keep visibility on trends, and best practices to adequately address current policies or standards.
- Inform and monitor the Absa Group Limited Data Privacy risk appetite and changes to it.
- Assist in the development and maintaining of an appropriate operating model to ensure that the data privacy policy requirements are implemented within the Business with adequate oversight from the Group Privacy Office.
- Assess the risk on all requests for dispensations, waivers, and breaches, and escalate to the Principal Risk Officer for consideration.
- Participate in investigations, reviews, approvals, incidents, and exceptions to address matters impacting the risk
- Assist in the development of the process for the identification and assessment of all severity 1-4 incidents within Absa Group Limited

Accountability: Oversight & reporting
- Monitor compliance with data protection regulations and Group policies
- Continuous engagement with the various regulators and keeping up to date with data privacy regulations.
- Support the data incident response and data breach notification procedures
- Assistance in overseeing data privacy incident and breach procedures and response, including investigation, documentation, reporting, maintenance of records, and the implementation of corrective action.
- Oversee the development and/or implementation of training on the policies and standards to deliver compliance and foster a data privacy culture.
- Review and make recommendations on the Key Risk Indicators submitted by Business.
- Oversee the gathering, collation, and aggregation of risk reporting; challenge inputs from Business and develop and report on an overall picture of the status of the Risk from a Group perspective.
- Assists in the management of and reporting on the status of data privacy risk to internal and, where relevant, external stakeholders, including regulatory bodies.
- Keep up to date and maintain the Group Risk Framework and identify and warn the business and the Compliance Executive Committee of emerging risks. Develop how those risks may be managed, by providing actionable intelligence.
- Promote and communicate the embedment of compliance throughout the organisation and oversee the development and implementation of high-quality compliance policies and standards
- Ensure adequate monitoring capability is incorporated into solutions to provide key risk metrics and indicators. This may include participation in designing and implementing systems of metrics to provide additional monitoring insight.

Accountability: Management and Leadership
- Develop the capability through internal and external networks, research, and tools to identify emerging risks and potential enhancement of the Risk Framework and Data Privacy Policy.
- Assist in the Developing and implementation of policies, procedures, and systems to ensure efficient and effective identification and assessment of Data Privacy risks
- Promote the cultural, behavioral, and organisational changes necessary within the business to achieve continuous improvement.

Accountability: Stakeholder management
- Act as an ambassador with colleagues, regulators, and other stakeholders to establish a leading function within the organization.
- Be registered with relevant regulatory or professional bodies
- Advise stakeholders on the management of relevant data risks, by participating in product/project/change approval and review processes.
- Ensure that proactive and risk-based advice is delivered through effective partnership with others at all levels - the front of