Global Compliance Director - Third-Party Compliance Risk

Help the first line of defence build effective end-to-end processes around third-party risk management (suppliers/contingent workforce/expert networks program), focusing on anti-bribery and corruption, sanctions and ESG compliance.
Provide specialist advice and analysis, guidance, and oversight to first line of defence once those processes are established to support continuous improvement and learning.
Oversee compliance with applicable legislative requirements.
Advise on regulatory change projects and enhancements to existing controls and procedures and oversee the delivery of global programs to comply with such legal and regulatory initiatives.
Build third-party and ESG compliance risk oversight program and support a creation of the reporting dashboard.
Work with other global functions (e.g., legal, procurement, sustainability, HR, IT & finance) and a regional compliance network to drive compliance controls and procedures.
Build and maintain a wide network of key stakeholders across the business globally, including in procurement, legal and finance.
WHAT YOU'LL DO
Together with other global functions (including Legal, Risk, Procurement, HR and Finance), review existing processes and design, deploy, and oversee a due diligence framework for third party (supplier) risk that meets relevant regulatory & legal requirements as well as BCG's internal policies.
Exercise independent judgments to identify potential issues on complex third-party (vendors) compliance risks relevant to a global professional services organization.
Perform testing and monitoring to give assurance that the organisation has adequate third-party (supplier) procedures and controls, and that these are operating effectively.
Assist in ensuring that BCG's policies and procedures are in line with current legal and regulatory requirements. Recommend mitigation measures to ensure global minimum standards are met.
Support the first line of defence to manage the risk of third-party intermediaries via close coordination with areas seeking to engage introducers/ experts etc.
Ensure that first line of defence business escalations relating to third-party (supplier) compliance risks are accurately prioritized, assigned and assessed, engaging with other specialist functions (e.g., Legal) as appropriate.
Carry out horizon scanning and proactively give advice to the business regarding changes to legislation, regulations and global requirements relating to third-party (supplier) compliance risks.
Work with relevant product owners to recommend improvements / priorities to software capabilities for third-party (supplier) compliance risk management.
Provide subject matter input into the Enterprise Risk function risk register and risk assessment activity on third-party (supplier) risk exposure and management.
Update senior management (including the Chief Compliance and Chief Risk Officer) on the management of third-party (supplier) compliance risks and issues.
Project manage compliance deliverables across the global business.
Maintain knowledge of trends, developments, and new technologies. Provide recommendations on new technology and tools for third party (supplier) risk identification and management.
Support the Compliance Centre of Excellence and regional compliance network with the delivery of education, training, and awareness programs relating to third-party compliance risks.
Support internal and external audits and regulatory reviews.
Be actively involved in relevant external industry forums.
Assume additional responsibilities as required.

YOU'RE GOOD AT

Experience in an international working environment, ideally at a global professional or financial services organization.
Ability to assess end-to-end business risk priorities associated with third-party compliance risks relevant to a professional services organization.
Ability to make risk-based decisions, using sound judgement to escalate appropriately.
Capability to provide advice & guidance to business units, covering policies, procedures, and risks.
Strong background in third-party risk management (people/process/technology/data & governance).
Strong ability to identify trends and unusual activity in management information and data.
Demonstrated experience in project and risk management.
Confidence engaging with cross functional stakeholders at all levels and across geographies.
Ability to develop working methods independently as well as in a consensus-driven environment.
Ability to implement change processes.
High integrity, flexibility, willingness, and sense of ownership.
Fluent business English (spoken and written); additional languages desirable.
Good Understanding of regulation as it applies to onboarding and managing third-party relationships.

YOU BRING (EXPERIENCE & QUALIFICATIONS)

An academic degree in a relevant discipline. Advanced degree preferred
Minimum 6-10 years relevant experience in compliance/ risk function
Hands on experience of establishing end-to-end third-party risk management capability (people/process/technology/data & governance) for large complex organisation
Strong understanding of third-party management life-cycle gained (procurement, outsourcing, risk and vendor management)
Strong experience of working with supplier data to support regulatory requirements (e.g, Brexit, EU model Clauses, German SCDDA, DORA)
Working knowledge of relevant regulatory frameworks (US and international)
Willingness to travel to BCG office locations on an ad hoc basis
Commitment to confidentiality required

YOU'LL WORK WITH
You will be part of the Compliance team reporting to the Chief Compliance Officer as part of the wider Risk team.