Senior Risk Management and Compliance Leader
Resume:
Steven G. Kraser
Irvine, CA ***** • 949-***-**** • *******@***.*** • https://www.linkedin.com/in/steven-kraser-b443246/
PROFESSIONAL SUMMARY
Senior Leader within the Risk/Compliance/Assurance, Audit and Management Consulting spaces serving stakeholders within multiple industries and operational risk management Lines of Defense (LoD). Extensive experience serving Technology Executives supporting several lines of business such as Mobile/Digital, Consumer Banking, Wealth Management and Lending/Mortgage. Proven expertise in risk management, business process and IT controls, compliance, and audit readiness. Hands on knowledge of COSO, COBIT, ISO, and NIST frameworks with a strong track record in risk reduction, regulatory compliance, and building client relationships. Key role in establishing a risk framework for emerging AI technologies.
CORE COMPETENCIES
Technology & Business Controls • Risk Mitigation Strategies • Data Security • Audit & Compliance (SOX, OCC, FINRA, SSAE 18) • Risk Management Tools (Archer, ServiceNow, Power BI, Tableau) • Staff Management & Development • Professional Services Business Development • Business Process Redesign • M&A Integration
Selected Client Industries Serviced: Financial Services • Telecommunications • eCommerce • Healthcare • Automobile Manufacturing • Sports Entertainment • Retail. Extensive knowledge of several Financial Services operations and products including: Digital Banking • Mortgage Origination/Servicing • Custody • Cash Management • Portfolio Management/Accounting • Securities Trading/Processing.
EDUCATION
Master of Business Administration: Finance & Banking - HOFSTRA UNIVERSITY, Hempstead, NY
Bachelor of Business Administration: Marketing - HOFSTRA UNIVERSITY, Hempstead, NY
CERTIFICATIONS
CRISC and CISA certification training
MEMBERSHIPS
Councils of Advisors (Financial Services Industry)
RECENT EXPERIENCE
WELLS FARGO BANK
Executive Director - Senior Lead Control Management Officer January, 2020 – February, 2025
Within the Technology Risk & Control Group, support the Digital Technology and Innovation (DTI) and Enterprise Functions Technology (EFT) Teams, as well a segment of the Consumer and Small Business Banking Technology (CSBBT) Team, with the following responsibilities:
Drove a 30% improvement in several Key Risk Indicator (KRI) performance metrics for my team in the areas of issue management, cybersecurity, project management/new product risk, application security vulnerabilities, incident management, change management and business continuity; consistently meeting or exceeding targets by leading targeted remediation and risk reduction initiatives. Proactively guided Technology Partners through Audit, Regulatory and internal second line of defense reviews, resulting ineffective or needs improvement ratings, with none rated as ineffective.
Directly supported the DTI and EFT Teams that included Digital User Experience (mobile and web based), Generative Artificial Intelligence, Application Architecture/Performance, Platform Management and internal team member experience (productivity applications such as Microsoft Products, ServiceNow, Finance, HR, Legal and Public Affairs).
Scope of work included approximately 700 applications; identifying risks and assessment of risk and controls’ gaps/performance.
Developing issue pre-vetting and documentation including root cause analysis and corrective actions that include remediation steps to address root causes.
Managed the overall issue portfolios and the development, review and presentation of executive level monthly reporting (internal and regulatory review use) that includes risk performance measurement against enterprise standards, emerging risks and areas requiring escalation.
Established and grew trusted relationships with the DTI, CSBBT, Strategy, Digital and Innovation (SDI) Operations Risk/Control, First and Second Line Issue Assurance and Validation, Information & Cyber Security and Audit Services Groups.
Technology control subject matter expert within several risk and control self assessments (RCSA), providing control analysis and risk identification/remediation strategies.
Provided cross (horizontal) risk assessment support to both DTI and CSBBT for Business Continuity Planning.
CONSULTANT July, 2018-December, 2019, 2002–2010, March 2025 – Present
Performed various strategy, technology and business risk analysis, audit readiness project experiences; driving audit compliance across enterprise-level systems and influencing vendor management strategy.
Selected Financial Services clients:
Wells Fargo: Operational and Technology Risk Management within the Enterprise CIO Group – Service Asset and Configuration Management, supporting Technologies for Internal Associate Solutions (Desktop & Mobility Platforms), HR and Corporate Properties (Assets), including ATM Technology. Risk and Controls Assessment. Compliance, Regulatory and Internal Identified Issue Remediation Analysis and Development.
Union Bank: Operational Risk Assessment within Transaction Banking Group – supporting cash management and treasury management products in the Commercial Space. Review new/enhanced product development assessments and advise Product Managers with identified risk related items. Execute Third Party Vendor Engagement Risk Assessments from a Holistic Vendor Risk Vision.
Countrywide/Bank of America: Technology/Operational Risk & Compliance Management. Define IT risk policies, act as liaison to internal and external auditors: Fannie Mae, VA, OCC, Federal Reserve and FFIEC, SOX, SAS 70 and Payment Card Industry (PCI).
BANK OF AMERICA August 2010 – July, 2018
Senior Vice President, Technology/Operational Risk and Business Control
Managed Risk & Compliance for over 300 internal and vendor managed applications supporting the Mortgage Servicing and Global Wealth/Investment Management business processes. Drive overall enterprise-wide standards and policies’ compliance by partnering with Internal Risk Partner Groups.
Established risk measures – Key Risk Indicators (KRIs), Key Performance Indicators (KPIs) and Key Control Indicators (KCIs). Developed and executed a comprehensive Risk Reduction Plan that focused on key operational risks. Resulted in significant control strengthening and risk reduction within regulatory/critical/high risk issues (25%), systems’ stabilization/monitoring, capacity planning, business continuity and declining technologies.
Led Data Security/Technology Risk Compliance review for a large-scale Transformation Project ($100 MM Plus) covering the conversion of the internal Mortgage Services Platform over to the Black Knight Inc. MSP Product.
Managed a staff of Risk Analysts who perform risk assurance, control monitoring and consulting activities for the Technology Development, Service Delivery, and Business Areas.
Key stakeholder in the continuous Risk & Control Self-Assessment Program.
Risk identification and evaluation:
Analysis for potential risks, monitor results of Audits (internal/external), Regulatory Exams (i.e. OCC), Third Party Vendors
Determine risk exposure and severity
Identify thematic issues and emerging risks
Risk response:
Develop remediation strategies/action plans and validate remediation results.
PREVIOUS EXPERIENCE
QWEST COMMUNICATIONS – SOLUTIONS GROUP
Director, Western Region Financial Services Industry Practice
Established and managed a Financial Services Vertical Industry Practice, generating new consulting revenue to $25 million in delivering several professional services products. Assisted Global 1000/Fortune 500 clients with developing traditional and Internet business strategies, defined communications & operational requirements, and delivered several professional services products.
Key clients included Wells Fargo, Safeco, Pacific Life, Invesco, Key Bank, UnionBancal, and Charles Schwab.
Developed revenue growth, marketing, and promotional strategies targeting specific financial services business segments such as global banking, capital markets, securities processing, mortgage services, and insurance.
Professional Services product set included data security, web application development, strategic consulting, complex hosting, systems & network integration, outsourced application management, and online/interactive branding.
DELOITTE CONSULTING
Senior Consultant
Diversified range of consulting engagements. Driver for business and practice development for the Western Region Financial Services Industry Practice. Key clients included Bank of America/NationsBank, Trust Company of the West, Washington Mutual, ADP, E*TRADE, E*OFFERING, ADP Canada, Pacific Life, and Football.com.
Trust Company of the West: Outsourcing and Business Analysis Review
$80b asset manager had operational and ROI issues concerning the Fund Accounting & Reporting back-office areas. Evaluated outsourcing services vendors for the back-office trading and investment management accounting processes. The recommended outsourcing provider was awarded business with significant (30-40%) incremental operational cost reductions realized by the engagement client.
E*TRADE Offerings: Product Management
Web-site development/implementation & functionality enhancements: Provided product management assistance to the Corporate Executive Services Group, targeting high net-worth individuals in providing enhanced account & brokerage services, including private placements and IPOs.
J.P. MORGAN AND COMPANY
Associate/Assistant Vice President - Securities, Trust & Information Services
Manager of Product Implementations & Client Support Staff, providing customized electronic banking product implementations, on-site business & product training, consulting, and product demonstrations.
Operations supported included cash management, global & domestic custody, futures & options, and securities lending. Product consultant for high transaction volume clients including Fidelity Investments, IBM, Harvard Management, Saudi Aramco, Prudential Securities, J.P. Morgan Futures, Wachovia/First Union, and J.P. Morgan Private Banking.
Contact this candidate