Matt S.

Details

Education: MS

Management & Organizational Leadership

Warner Pacific University

2007 : 2008

BS

Business Administration

Eastern Oregon University

2001 : 2004

Experience: I was recruited for this role to lead and mature the data compromise and information security issue mitigation and response program. Additionally responsible for reviewing and acting upon CFPB complaints and other escalated member concerns. As part of a team-wide goal, achieved PRMIA certification for Operational Risk Manager (ORM).

2021 : Present

Navy Federal Credit Union

Information Security Governance & Risk Management, Principal

The NAPE Foundation is a registered 501(c)(3) non-profit organization dedicated to providing disadvantaged youth in Ghana, Africa with access to higher education. NAPE is focused on providing scholarships to high performing students with financial needs and is actively constructing and building out Palm Institute, a much needed expansion of higher education opportunities in Ghana. I serve on the Board of Trustees and have been involved with this organization for several years.

2008 :

Naa Amerley Palm Education (NAPE) Foundation

Trustee Board Member (Interim Chairman)

Provided enterprise-wide compliance consultation, review, risk assessment, test plan development, training and support related to privacy regulations. Enterprise proponent for TCPA, TSR and state telemarketing law compliance, and also supported ECPA/state intercept and record requirements in this role. Monitored control metrics, risk assessment activities, customer complaints, issues and risk events as a key aspect of this role, which includes credible challenge and follow through to ensure resolution. While this position has gave me a deep dive into the telecommunications side of privacy, it also afforded me a more completed view and immersion into all Wells Fargo divisions, including Regional Banking, Commercial Banking and Investments (in addition to Consumer Lending, which is already the theme of my experience).

2019 : 2021

Wells Fargo

Privacy Compliance Officer, VP

Supported consumer lending and operations business areas for privacy and information security policy and compliance requirements. This involved consulting with business partners, assessing risk and controls, process review and development, escalation of issues, identifying and monitoring key metrics and responding to legislative changes. In this role, I continued to develop my experience with credit cards, retail services, health care finance, co-brand (PLCC), personal lending and student lending, and applied my skills and experience to help grow these businesses to ensure Wells Fargo's market dominance. Privacy regulations are my forte, but in this role I was able to grow my information security knowledge, which is an area of great strength for Wells Fargo. Having direct reports for records management and access management consultants also expanded my skillset in these disciplines and grew my experience as a manager/team leader. In 2019, I was recognized as a Golden Spoke Champion for high performance in this role.

2016 : 2019

Wells Fargo

VP, Privacy & Information Security Leader

This was a gap employment opportunity while I transitioned between big banks. CarePayment was a great learning experience for me where I helped a fin-tech startup transition through receivership and to a rent-a-bank model with a normalized business model. While reporting to the general counsel I performed the following tasks :

- Policy creation, development, training and governance

- Regulatory research and trusted business advisor

- Vet and design of strategic initiatives, processes and procedures

- Calm and confident response to incidents and complaints

- Reviews and audits of business processes and controls

- Development of a strong control environment

- Managed bank relationship, compliance and investor audits

- Performed FinCEN and OFAC scrubs

2015 : 2016

CarePayment

Compliance Manager & Privacy Officer

Company: Navy Federal Credit Union

Years of Experience: 30

Skills

AML, banking, california sb1, collections, complaint management, Compliance, coppa, corporate governance, Credit, credit cards, data security, due diligence, employee training, enterprise risk management, facta, FCRA, fdcpa, finance, financial regulation, financial risk, Financial Services, fraud, glba, Governance, identity theft, internal audit, internal controls, kyc, leadership, legal compliance, Management, mergers & acquisitions, ofac, Operational Risk, operational risk management, pci dss, policy, Privacy Law, privacy regulations, process improvement, red flags, regulatory affairs, risk assessment, Risk Management, sarbanes-oxley act, sox, strategy, tcpa, usa patriot act, vendor management, Enterprise Risk

About

With more than two decades in the banking industry, I've had the opportunity to gain knowledge and management experience in the areas of operations, marketing strategy and compliance risk management with special emphasis on credit lending and the privacy discipline.

Specialties:

- Team and corporate initiative leadership

- Risk and control analysis

- KRI/KPI bench marking

- Process mapping and improvement

- Issue identification, escalation and remediation

- Policy development, training and awareness

- Recruitment, management and development of compliance staff

- Regulatory experience in the areas of:

* Privacy Compliance: GLBA (Reg P & H), Private Label (PLCC), HIPAA/HITECH, state (e.g. SB1, CCPA) & international privacy (APEC, GDPR, EU Directive, DPA, IT Act, PIPEDA, PIPAs), data protection & breach requirements

* Digital Compliance: CANSPAM, CASL, COPPA, CalOPPA, DOPPA, FTC FIIP, Web Linking, TCPA/TSR

* Lending Compliance: ECOA (Reg B), FCRA/FACTA (Reg V), TILA (Reg Z), UDAAP, FDCPA

* Corporate Governance: FFIEC Guidance, Transactions With Affiliates (Reg W), Bank Holding Company Act (Reg Y), IT SOX 404

* Fraud/AML Compliance: Red Flags Rule, MFA, USA PATRIOT ACT CIP, BSA/AML, OFAC/FinCEN

* Payment Compliance: ACH/NACHA, EFTA (Reg. E), PCI DSS