Operational Risk Executive - DBA MBA with AI Risk focus
Resume:
Dr. Curtis Delbert Mccullough, DBA, MBA, BBA
President & CEO - CDMc LLC Consulting
Charlotte, NC 28269
linkedin.com/in/dr-curtis-d-mccullough-dba-mba-ba-a6756547
****************@***.***
SUMMARY
Dynamic Operational Risk management and control assessments. Proficient in implementing achievements including facilitating successful risk assessments and enhancing control procedures across various organizations. Equipped with a Doctorate in Business Administration and specialized expertise in risk strategies, ready to leverage unique skills to drive effective risk management solutions at prospective employers.
WORK EXPERIENCE
PROFESSIONAL EXPERIENCE
CDMc LLC - President & CEO Oct 2024 – Current
Conduct research and needs assessment for how small businesses are adopting AI in their businesses.
Assess the link between operational risk in small businesses and how AI can mitigate those gaps.
Assess inherent risk, control effectiveness, and risk impact to support risk decision-making.
Review and validate risk documentation, control descriptions, and issue remediation actions.
Perform Risk Control Self-Assessment (RCSA) activities to identify risks and control gaps across business processes.
Collaborate with stakeholders to support risk assessments and ensure consistent risk evaluation practices.
Wells Fargo Jul 2024 – Oct 2024
Lead Operational Risk Officer
Managed the development and publication of key control procedures, ensuring alignment with required policies, procedures, and guidance. Evaluated the adequacy and effectiveness of methods, processes, and internal controls.
Executed monthly/quarterly risk metric reporting cycles with strict adherence to timelines
Maintained reporting calendars and tracked metric dependencies across stakeholders
Owned end-to-end production of recurring risk reports and dashboards
Assured that the muli-cloud approach as part of the digital infrastructure strategy continues to support the risk management line of business from a (2LOD) perspective. This strategy includes Microsoft Azure, and Goggle Cloud Platform.
Performed variance analysis to identify anomalies in month-over-month risk metrics
Validated data completeness, accuracy, and consistency across reporting sources
Partnered with data teams to resolve discrepancies in reporting outputs
Reported on cybersecurity risk metrics including control effectiveness, issue trends, and risk exposure
Supported reporting of cyber risk posture to governance forums
Power BI / Tableau / Qlik
Built narratives, explained what changed and why
Developed executive-level narratives explaining key risk trends, drivers, and business impact
Translated quantitative risk metrics into clear business insights and recommended actions
Managed recurring reporting deliverables under tight monthly and quarterly deadlines
Ensured consistent and repeatable reporting processes aligned with governance standards
Maintained documentation for metric definitions, calculation logic, and data sources
Ensured alignment with governance standards for risk metrics and reporting
Supported audit and regulatory requests by providing metric documentation, evidence, and reporting artifacts
Ensured reporting outputs met regulatory scrutiny and documentation standards
Acted as a bridge between technical teams and business stakeholders to interpret and communicate risk metrics
Collaborated with data teams to validate outputs and explain results to non-technical audiences
Improved accuracy and timeliness of risk reporting by 25%
Delivered executive reporting packages for senior leadership across multiple business lines
Perform Second Line of Defense (2LOD) assessments to validate business unit controls and processes.
Implemented and monitored risk-based programs to identify, assess, and mitigate operational risk.
Perform Risk Control Self-Assessment (RCSA) activities to validate business unit controls.
Track and escalate key operational risks through 2LOD reporting to senior management.
Monitor RCSA outcomes and report findings to senior management.
Led risk assessments and control evaluations for high-impact projects, delivering actionable insights to senior management to support strategic decision-making.
Provided operational risk expertise and consulting to complex business units for high-risk initiatives.
Truist Financial Sep 2022 – Mar 2023
RCSA Assessor / Project Manager
Administered and facilitated the Risk and Control Self-Assessment (RCSA) program within the Operational Risk Management (ORM) framework to ensure compliance with internal policies and regulatory requirements.
Collaborated with cross-functional teams to identify, assess, and document risks, controls, and gaps within financial services portfolios.
Review risk and control activities as part of Second Line of Defense (2LOD) oversight to ensure proper risk management.
Addressed Matters Requiring Attention (MRAs) and recommendations from external regulators, ensuring prompt resolution and implementation of sustainable control measures.
Support improvements to control documentation and risk reporting as part of 2LOD oversight.
Organized and led RCSA workshops to assess operational, financial, and compliance risks, ensuring controls were measurable, sustainable, and aligned with business objectives.
Supported risk portfolio management by monitoring key risk indicators (KRIs) and assessing the effectiveness of mitigation strategies for financial services products and processes.
Provided detailed reporting and actionable insights to senior leadership, highlighting risk trends and recommending control enhancements to mitigate emerging risks.
Ensured proper documentation and archiving of all risk assessments, control reviews, and remediation plans to meet audit and regulatory standards.
Worked with product and operational teams to embed risk management practices into the lifecycle of financial services, promoting a proactive risk culture.
Wells Fargo Apr 2021 – May 2022
Risk Control Strategy & Planning Consultant
Led and supported RCSA Workshops for Corporate & Investment and Commercial Banking sectors.
Utilized Archer tools to capture and manage risk within the business support function.
Conduct 2LOD reviews of risk data and control effectiveness to identify gaps and opportunities for improvement.
Assured that the muli-cloud approach as part of the digital infrastructure strategy continues to support the risk management line of business from a (1LOD) perspective. This strategy includes Microsoft Azure, and Goggle Cloud Platform.
Support RCSA for business units by analyzing risk and control performance.
Designed and delivered training programs to educate teams on operational risk policies, tools, and methodologies, fostering consistent risk management practices across the organization.
Guide teams on implementing recommendations from Risk Control Self-Assessment (RCSA) reviews to enhance operational risk management.
Recommend improvements to processes and controls for stronger 2LOD oversight.
Supported enterprise-wide risk governance by preparing detailed reports on risk trends, control performance, and mitigation strategies for presentation to executive leadership and regulatory bodies.
Acted as a key liaison between internal stakeholders and external auditors, ensuring transparency and alignment during audits and reviews.
Managed cross-functional projects and collaborated directly with business leadership teams.
Wells Fargo Sep 2020 – Dec 2020
Sustainability Control Consultant
Ensured compliance of the First Line of Defense (FLoD) and Second Line of Defense (SLoD) with regulatory requirements.
Perform 2LOD reviews of compliance activities to ensure regulatory alignment.
Review Risk Control Self-Assessment (RCSA) results to ensure controls effectively manage risks.
Collaborated with Lines of Business (LOB) to ensure compliance with Matters Requiring Attention (MRA) and the Fair Credit Reporting Act (FCRA) requirements.
Track and document RCSA issues and support follow-up on remediation efforts.
Participated in the development of the annual Sarbanes-Oxley (SOX) testing plan.
Partnered with WFVC FLoD and SLoD to ensure compliance with regulatory requirements.
Conducted risk mitigation oversight as a member of the Risk Integration
Wells Fargo May 2019 – Jan 2020
IT Business Analyst / Technical Consultant
Leveraged RSA Archer and SHRP platforms to perform comprehensive assessments of risk and control environments, ensuring alignment with organizational standards and regulatory requirements.
Experience with both Agile and Waterfall project methodologies.
Ensure that the muli-cloud approach as part of the digital infrastructure strategy continues to support the risk management line of business from a (1LOD) perspective. This strategy includes Microsoft Azure, and Goggle Cloud Platform.
Conducted in-depth analyses of business processes to identify potential risks, inefficiencies, and areas for improvement, delivering actionable insights to stakeholders.
Partnered with cross-functional teams to document, assess, and validate business and technical requirements, ensuring accurate implementation of risk and control solutions.
Provided technical consulting expertise to enhance the functionality and usability of RSA Archer and RCSA platforms, streamlining risk assessment and reporting workflows.
Facilitated workshops and stakeholder meetings to gather requirements, clarify objectives, and communicate the status of risk management initiatives.
Wells Fargo Jan 2020 – Jul 2020
Risk Integration Team (RIT)
Collaborated with the Technology Risk team to ensure compliance with regulatory requirements.
Developed and maintained detailed documentation, including process maps, user guides, and technical specifications, to support risk assessment and control monitoring activities.
Conducted testing and quality assurance activities for platform enhancements, ensuring seamless integration and adherence to business needs.
Wells Fargo Sep 2014 – Jun 2018
AVP / Risk Consultant
Participated in the Corporate Risk Management/WIM BPRM Program Management team.
Ensured governance and compliance with various regulations.
Tracked RCSA outcomes and issues related to Cybersecurity and Data Risk for governance reporting.
Documentation to validate risk identification and control design for cyber
Leveraged enterprise risk management systems and mentored others on risk assessment.
Monitored and reported on key risk metrics, providing stakeholders with clear and actionable data to guide decision-making.
Acted as a liaison between business units and IT teams, ensuring alignment on risk management priorities and addressing technical challenges effectively.
Delivered training and support to end-users to promote effective utilization of risk management tools and adherence to best practices.
Wells Fargo Dec 2000 – Nov 2010
Project Manager
Facilitated business and technical projects, overseeing the trust setup.
Trained new team members on self-managed brokerage products.
Managed and coordinated business and technical initiatives, including the establishment and customization of trust setups, ensuring alignment with client objectives and regulatory requirements.
Developed comprehensive project plans, defined timelines, and allocated resources to achieve successful delivery of business and technology projects.
Partnered with business units, IT teams, and external vendors to define project scopes, gather requirements, and manage project risks, ensuring seamless execution and stakeholder satisfaction.
Provided onboarding and in-depth training to new hires, focusing on self-managed brokerage products, operational procedures, and compliance requirements.
Identified inefficiencies in project workflows and introduced enhancements to improve productivity, streamline operations, and reduce project cycle times.
Tracked progress against key performance indicators, prepared detailed reports for senior management and addressed challenges to keep projects on schedule and within budget.
EDUCATION
Walden University Jun 2018 – Dec 2023
Doctor of Business Administration (DBA) - Finance
Capella University Jun 2012 – Jun 2014
Master of Business Administration (MBA)
Winston-Salem State University Jun 1974 – Jun 1979
Bachelor of Arts (BBA) - Business Administration & Economics
SKILLS
Advocacy
Change Management
Communication
Cross-functional relationship management
Diversity and Inclusion
Executive Level Presentation
Financial Statement
Governance and risk regulatory framework
Jira/Agile
Leadership
Microsoft Office (Word, Excel, Access, Visio, PowerPoint, SharePoint)
Operational Risk
Problem-Solving
Project Management
Reporting
Risk Control Self-Assessment (RCSA)
SOX Compliance
SQL
Strategic Planning
Tableau
Team Management
Risk Reporting & Analytics
Executive Reporting & Storytelling
Data Validation & Quality Assurance
Cyber Risk Metrics
Dashboard Interpretation (Power BI / Tableau)
Contact this candidate