Enterprise Risk Manager
Salt Lake City, UT
WebBank (the "Bank)
is headquartered in Salt Lake City, Utah, and is an FDIC insured, state
chartered Industrial Bank organized under the laws of the State of Utah. Through its industrial bank charter, WebBank
engages in a full range of banking activities.
The Bank is a leading provider of
national revolving and closed-end financing programs. In addition to originating and funding
consumer and commercial (small to medium size business) private-label
(closed-loop network) and bank card (i.e. MasterCard/Visa) programs the Bank
also participates in both new and existing syndicated senior secured loans
originated by national and regional financial institutions.
Strategic Partnership Group
cooperation with third-party vendor relationships ("Strategic Partners), the
Bank originates and funds primarily consumer and commercial (small to medium
size business) private-label (closed-loop network) or bank card (i.e.
MasterCard/Visa) programs ("Strategic Partner Programs). The Bank enters into contractual arrangements
with Strategic Partners in which a Strategic Partner will market, administer,
and service one of the Banks Strategic Partner Programs under the framework
and guidelines established by the Banks policies and procedures and under the
direct oversight and supervision of the Bank.
management of Strategic Partners is the joint responsibility of the Strategic
Partners Group ("SP Group) and the Compliance Department. The SP Group is responsible for overseeing
each Strategic Partner relationship, including management of day to day
activities. Program Managers that report
into the SP Group function as the single point of contact for each Strategic
Partner relationship in order to manage ongoing oversight and supervision of
their assigned programs. The Program
Managers are supported by Compliance Managers that are also dedicated to
specific programs. The focus of the
Compliance Managers is to manage and mitigate regulatory risk within their
assigned relationship(s) and ensure that each Strategic Partner implements an
effective and robust compliance management system.
The Enterprise Risk Manager reports directly to the
Chief Compliance Officer. Risk
management responsibilities of the position are broad and reach across
virtually every area of Bank Operations. In particular, the Enterprise Risk
Manager is responsible for evaluating, monitoring, mitigating, and managing all
areas of risk associated with Strategic Partners and Strategic Partner
Programs, including but not limited to vendor management, technology, and data
security. In addition, the Enterprise
Risk Manager will take a leading role in managing or collaborating in the
management of core risk areas outside of Strategic Partner Programs. These core risk areas will include those
associated with deposit operations, product risk management, credit risk
management, audit, and legal risk. The Enterprise
Risk Manager shall draw upon internal and third-party specialists as needed to
help evaluate and manage such risks. The
Enterprise Risk Manager shall work under the direction of the Chief Compliance
Officer and will work closely with the SP Groups VP Operations and the Banks
Chief Credit Officer to evaluate, communicate and mitigate identified risks in
credit, compliance, and operational management areas. The Enterprise
Risk Manager shall also work closely with, yet independent from, the Program
Managers and Compliance Managers to mitigate and eliminate risk within the
Strategic Partner Programs. The Enterprise
Risk Manager position shall be autonomous from any specific Strategic Partner
relationship which shall provide the independence needed to look at Bank-wide
risk related to all Strategic Partner Programs.
for the overall risk management of Strategic Partner Programs as outlined in relevant
Bank policies and as directed by the Chief Compliance Officer.
- In collaboration with the Chief Compliance Officer,
Executive Management and the SP Group, identify, evaluate and mitigate risks across
Strategic Partner programs, including but not limited to Strategic, Operational,
Credit, Information Technology and Compliance risks. Assist
in the due diligence process and evaluation of new Strategic Partners through
the documentation and completion of relevant sections of Strategic Partner Risk
Assessments. Provide support and input
pertaining to Loan Committee and Board presentations that relate to the
analysis and communication of SP Risk.
- Develop a Strategic Partner Contingency Plan prior
to the implementation of all new Strategic Partner Programs. Evaluate and enhance current contingency plans
as necessary and manage and maintain each Contingency Plan for all existing Strategic
Partner Programs annually thereafter.
- Frequent communication (calls, conference calls, testing, site
visits) with Strategic Partners to facilitate understanding of risk areas and
to enable the clear and concise reporting of the risks associated with each
potential areas of operational vulnerability and risk; coordinate SP Group and
Compliance Department activities to ensure the development and implementation
of corrective action plans for resolution of issues, and provide general
guidance on how to avoid or deal with similar situations in the future. Elevate all high risk findings and concerns to
the Chief Compliance Officer.
- On a monthly basis provide the Chief Compliance
Officer with a written summary of key activities, developments, and issues for
inclusion in the Monthly Compliance Report presented to the Board Compliance
- Provide leadership as a subject matter expert related
to IT and Operational Risk Management initiatives.
- Collaborate with the V.P. Operations in managing the
Strategic Partner Oversight Tracking Log with respect to pertinent areas of
responsibility across all Strategic Partner Programs. Provide monthly updates on same to Chief
- Participate in periodic targeted and annual
Strategic Partner Site Visits to assist in the evaluation of the following Strategic
Partner risk areas:
- IT and Data Security
- Funding/Liquidity/Interest Rate
- Country - Foreign Outsourcing
- Directly responsible for the management and
maintenance of the following Strategic Partner Program Policies and Procedures:
- Information Security
- Business Continuity Plan
- Records Retention
- Vendor Management
- Payment Processing / Statement Delivery
- Other Policies or Procedures identified by the Chief Compliance Officer
- Primary steward of all Bank Risk Assessments
including but not limited to the Bank Wide Risk Assessment, Compliance Risk
Assessment, IT Risk Assessment, BSA Risk Assessment, Vendor Risk Assessment and
Strategic Partner Risk Assessments. The Enterprise
Risk Manager will not have direct responsibility for completion of these Risk
Assessments but will be responsible for completing applicable areas of each as
designated by the Chief Compliance Officer and will also be responsible for
coordinating efforts to ensure that each Risk Assessment is concluded within
prescribed time frames. The Enterprise
Risk Manager will also be responsible for ensuring that the Risk Assessments
are carefully reviewed, professionally written and submitted in a timely manner
to the Executive Management Team and/or relevant committee for evaluation.
- In collaboration with the applicable Program and
Compliance Managers, meet with the Strategic Partners Bank Relationship
Manager and Compliance Officer to review risk assessment findings and implement
remediation plans as necessary.
- Coordinate the completion of Strategic Partner Program-wide Third-Party Audits or
Reviews and submit such Audits or Reviews to the Chief Compliance Officer and Audit
Coordinating Committee. Carefully review
each Third-Party Audit Report and make sure all management responses are
professionally written prior to submission to the Chief Compliance Officer and
Audit Coordinating Committee.
- Work closely with and yet independent from Program
and Compliance Managers and the Business Development Officer.
- Manage the monthly and quarterly Financial Reviews
(Dashboard) of each Strategic Partner.
- Attend Loan Committee and/or Audit Coordinating Committee
meetings to present Third-Party Audit and Review reports, financial dashboards,
and Annual Risk Assessments. Analyze operational and financial data to identify
and evaluate areas of existing and emerging risks.
- Pro-actively manage to the results of any findings
- Assess each
Strategic Partners Business Continuity and Disaster Recovery plans as well as
their overall IT audit, information security, and systems maintenance programs. Collaborate with Banks IT Manager, Chief
Compliance Officer, and VP Ops/Oversight to identify and recommend enhancements
- Support the SP Group during periodic SP
Group audits by an independent third-party at the direction of the Banks Audit
additional duties as directed by the Chief Compliance Officer.
- Bachelors degree and minimum 10 years of consumer and/or
commercial financing experience managing Operational Risk, Credit Risk, Compliance
and/or Audit functions.
- Strong compliance skills and knowledge of the current banking regulatory environment. CRCM preferred.
- Good people-management and interpersonal skills including the
ability to work well in a team or on an individual basis.
dealing with regulators (FDIC, Utah Department of Financial Institutions) is
ability to analyze complex issues and identify suitable solutions.
- This position requires travel to client locations equivalent
to 20 30% of time.
to interface effectively with other departments and operate in a fast paced
environment with minimum supervision.
- Ability to recognize and
focus on critical issues. Flexibility to
balance and respond to competing needs within the organization.
- Willing to work flexible schedule.
- Willing to stay after hours to finish special projects.
- Positive attributes include an assertive self starter, with
exceptional professional verbal / written skills, who is highly organized and able
to work independently to finish assigned projects.
- Solid working knowledge of
various computer systems, software and changing technology.
- Attention to detail, with the ability to plan strategically and execute tenaciously.
If you would like to apply for this position, please send your resume to: email@example.com