CRAIG A. CRANDALL
**** ******** ***** firstname.lastname@example.org
Granite Bay, CA 95746 Cell: 916-***-****
Risk, Compliance, & Audit Professional
Global Project Management, Global Audit & Testing, Compliance Management, Enterprise Risk Management, Information Security & Operational Risk Management
cuLearn with Thrivent
SR. COMPLIANCE AND REGULATORY ANALYST
(APRIL, 2018 – CURRENT)
• Responsible for the implementation, maturity, and maintenance of the Entity Risk Management Program (ERMP).
• Provided leadership and direction for the ERMP and management of the Governance, Risk, & Compliance (GRC) tool, LogicManger.
• Developed and conducted compliance reviews, audits and monitoring activities to ensure compliance with all ap- plicable laws, regulations and regulatory guidance.
• Subject matter expert for compliance and business risk related matters, including special projects, initiatives and risk culture training for cuLearn staff.
• Implemented RIMS RMM (Risk Maturity Model) and facilitated the completion of the annual Entity Risk Assessment, FFIEC Cybersecurity Assessment, and like assessments for cuLearn.
• Developed dashboard metrics, scorecard, and reports outlining the current state of cuLearn’s ERMP.
• Enhanced monitoring oversight and evolved cuLearn’s Quality Assurance Program while developing a correspond- ing mitigation and remediation process.
• Coordinated the data collection and audit execution to lead the SSAE18 (SOC 1) audit operational walkthrough for cuLearn.
• Implemented and maintained the Vendor Management Oversight Program at cuLearn.
• Set the agenda and led the Business Risk and Compliance Management Committee.
• Prepared materials on risk and compliance monitoring, assessments, audit, and regulatory surveillance activities for leadership and board of director meetings.
Wells Fargo Bank, N.A.
OPERATIONAL RISK CONSULTANT/TECHNOLOGY RISK MANAGEMENT OVERSIGHT/STRATEGY & GOVERNANCE
(JULY, 2017 – DECEMBER, 2017)
• Developed project plan and led project team to ensure the adherence of the TRMO Risk Policy for all lines of busi- ness while providing weekly executive status reports.
• Managed the remediation of the technology related issues as part of (EIT) Enterprise Information Technology and
(FLOD) first line of defense.
• Developed training plan for tracking and timely completeness of the issue remediation and validation lifecycle in the Governance, Risk, & Compliance tool (SHRP).
• Collaborated with line of business partners in both the (FLOD) first line of defense and (SLOD) second line of de- fense as to ensure the timely completion of the issue’s remediation and validation efforts. Rabobank, N.A.
VICE PRESIDENT/SENIOR OPERATIONAL IT RISK ANALYST
(JULY, 2016 – JULY, 2017)
• Designed and implemented the IT risk management framework, control tools, and measure for Rabobank, N.A.
• Facilitated the IT Risk and Control Self-Assessment in order to assess the effectiveness of the control measures and identify emerging risks.
• Worked directly with the CIO, CTO and Security Director to review risk acceptance and risk treatment plans. sub- mitted by business and IT to form an independent opinion on the risk posed to different parties and to develop audit remediation strategies.
• Developed and delivered enterprise-wide Operational Risk Management training to all lines of business.
• Represented Operational Risk Management at the Risk Committee, Vendor Management Committee, and Security
& Business Continuity Committee.
• Prepared monthly dashboard report for submission to the Risk Committee and Technology Risk Committee, cover- ing IT risks (loss/incidents) and risk limits, identifying trends and movements from previous months, as a supple- ment to any monitoring performed by the business.
• Analyzed the IT loss incidents report and advised on remediation.
• Worked directly with the Chief Auditor for audit remediation of IT and Security related audit findings. ASSISTANT VICE PRESIDENT/SENIOR AUDITOR
(OCTOBER, 2015 – JULY, 2016)
• Conducted operational and compliance audits including BSA, OFAC and Global Sanctions.
• Supported all audit work with detailed documentation including evidence of control deficiencies, non compliance with laws, regulations, and policies or procedures, duplication of effort, or fraud.
• Coordinated, prepared and analyzed periodic reports on specific department activities.
• Prepared audit reports and presented audit findings, root causes, and recommendations for corrective action. Bank of America Corporation – Banking, Compliance, and Operational Risk (1993 – 2015) VICE PRESIDENT/SENIOR BUSINESS CONTROL SPECIALIST, RETAIL PREFERRED AND GWIM TECHNOLOGY AND OPERATIONS
(2011 TO 2015)
• Developed and implemented the Quality Assessment (Q/A) program for independent review of the Universal Change Risk Assessment (UCRA) for Consumer Banking Tech & Ops Risk Strategy and Quality Assurance.
• Developed risk assessment scoring process to address seven key risk elements of the UCRA tool to ensure high quality for all CBT&O UCRA’s.
• Ensured proper risk ratings and mitigation plans for all Global Technology & Operations (GT&O) UCRA’s were properly documented.
• Strategic design and implementation of Global Information Security (GIS) policy standards for Consumer Banking Tech & Operations global footprint, which included audit preparedness, self-assessment, policy implementation in Europe and U.S. work areas.
• Lead role in execution and governance of the Risk Control Self Assessment (RCSA) process for technology support teams. Responsible for tracking and monitoring risks, key controls, metrics, control effectiveness and mitigation plans. Identified key, top and emerging risks.
• Generate executive level review presentations driven by fact base results.
• Managed remediation of Technology Risk, Compliance, and Corporate Audit issues impacting multiple technology groups, systems and lines of business within Retail Preferred and GWIM/Technology & Operations. Vice President/Compliance Manager, Global Compliance/US CARD/Marketing
(2008 TO 2011)
• Provided compliance and operation risk support for US CARD marketing projects and strategies.
• Ensured key Credit Card Act (CCA) and all related CARD regulations, policies, and guidelines have been effectively communicated via (UCRA) governance and control process.
• Applied regulation expertise to various CARD initiatives such as the Monthly Annual Fees Assessment, Statement Marketing strategies, Pricing initiatives and Change in Terms.
• Performed Baseline Assessment of Risk (BAR) on various processes including, but not limited to Affinity Banking.
• Ensured all current technology and process issues are resolved, mitigation plans are well documented and desktop processes were completed and approved.
Vice President/Compliance Manager, Compliance and Operation Risk/GCSBB/Banking Center Channel
(2006 TO 2008)
• Implemented compliance and operational risk policies and standards to all related Banking Center Policies and Procedures.
• Reviewed all Banking Center Channel Marketing and Advertising reviews and provided regulatory support.
• Responsible for the Federal Reserve Bank Consolidations for check processing centers which included systemic changes to all teller systems for Reg CC compliance.
• Project Lead for the FDIC Signage project, which required all Banking Centers nationwide to have the updated sig- nage at all, teller and drive up windows.
• Considered Reg CC subject matter expert from Banking Center Policy and Procedure and National Helpline.
• Worked with Audit and developed procedures for the Issues Management System as the Issues Lead for Compli- ance and Operational Risk Banking Center Channel and provided weekly updates and analysis of all Audit /Banking related issues.
Assistant Vice President/Senior Compliance Officer, Consumer Real Estate/Compliance Risk Management
(2004 TO 2006)
• Responsible for all regulatory compliance support for the Custom Mortgage Lending department.
• Performed on-side audit of regulatory and operational functions and provided a comprehensive audit finding report to the Senior Leadership Team in Consumer Real Estate.
• Collaborated with the Custom Mortgage Lending site management team on a weekly basis to determine action plans to reduce risk and regulatory exposure.
• Evaluated current policies and procedures to ensure all gaps have been addressed.
• Provided project support for LoanSolutions Mortgage Rewards program.
• Worked with Legal, Process Design, and Operations in development and rollout of Mortgage Reward product within the LoanSolutions channel.
• Provided gap analysis of LoanSolutions home equity line of credit process to senior management.
• Represented Compliance Risk Management with Conditions Standardization project to standardize real estate con- ditions to ensure regulatory guidelines were met.
• Identified and elevated inaccuracies in Home Mortgage Disclosure Act (HMDA) reporting due to systemic limitations in (LPS) Loan Processing System.
• Launched project to align current process to meet FFIEC guidelines.
• Worked with Legal and Credit Risk to translate FFIEC guidance and determined legal ruling on the proper disposi- tion of loans.
• Developed and provided compliance and loan disposition training to all Bank of America underwriters nationwide with respect to the FFIEC guidelines.
Senior Compliance Officer, Transaction Review Team/Consumer Real Estate
(2003 to 2004)
• Responsible for reviewing real estate and home equity transaction files for all Consumer Real Estate sites.
• Reviewed loan files to ensure all regulatory, bank policy, and procedures are met.
• Provided analysis and feedback for key stakeholders.
• Determined action plans for Consumer Real Estate sites to address all regulatory and bank policy errors. Real Estate Underwriter/Project Support/LoanSolutions
(1999 to 2003)
• Responsible for underwriting real estate loans in the LoanSolutions channel as par of Consumer Real Estate.
• Trained new hires to achieve and receive underwriting authority.
• Participated in various projects to launch the LoanSolutions ‘end to end’ loan process. Consumer Credit and Sales Officer/Loan Line/Consumer Real Estate
(1993 to 1999)
• Sold both consumer and real estate loan products to both existing and new Bank of America customers.
• Obtained underwriting and credit authority and provided credit decision to customers within a 24-hour SLA.
• Trained new associates to achieve credit authority levels and all systems related to LoanLine. EDUCATION AND TRAINING
Bachelor of Science (B.S.), Business Administration, June 1993 – California State University, Sacramento American Bankers Association Regulatory Compliance School, October 2003 – Norman, Oklahoma COMMUNITY INVOLVEMENT
Eureka Youth Soccer Club, Coach & Trainer
Bayside Church Mexico Outreach Mission, Impact Group Leader Granite Bay High School, Boys & Girls Soccer Coach Granite Bay High School, Volunteer Leadership Speaker Boy Scouts of America, Eagle Scout