Singapore
A National University of Singapore (NUS) alumnus with a double major degree in both Chemical Engineering as well as Business Management. Possesses both a deep analytical mind of an adept engineer, as well as the robust leadership, soft skills, and communication skills of an effective manager. Harnesses a burning passion and ambition to shine brightly in the Regulatory Compliance, Financial Crime and Risk Advisory fields within the financial and professional services sectors. Currently a Vice President at Citibank for Regulatory Change Management & Advisory under Global Legal & Compliance. Holds essential working experiences obtained from reputable organizations such as Citibank, Capco, Deloitte, Mizuho Bank, J.P. Morgan, UBS, Great Eastern Life Assurance, Sembcorp Marine, Standard Chartered, International Enterprise Singapore, Singapore Press Holdings (SPH), Singapore General Hospital (SGH) and the Republic of Singapore Air Force (RSAF). Accredited as a Professional Scrum Master (PSM I) with Scrum.org, a Certified Information Privacy Manager (CIPM) with IAPP, and a Certified Anti-Money Laundering Specialist (CAMS) with ACAMS. Also holds an Advanced Diploma in Data Analytics (R) and Machine Learning (Python) from the Singapore Management University Academy and an Advanced Certificate in Governance, Risk and Compliance (with Merit) from the International Compliance Association. Conferred IBF Qualified (IBFQ) and IBF Advanced Level 2 (IBFA) for Compliance by the Institute of Banking & Finance Singapore. P.S. Also a cooking and baking enthusiast who takes fitness seriously and adores Japanese pop culture!
- Subject matter expert on emerging and known compliance risks and the associated laws, rules, and regulations (LRRs) - Analysed and reviewed LRRs issued by various regulatory authorities and bodies within Singapore and globally, including potential extra-territorial LRRs - Assessed applicability and extent of regulatory changes and updates on how they would impact product and service lines, business units, functions and legal entities within Citigroup - Assigned and aligned regulatory risk rating taxonomies, tiers and categories for all applicable LRRs - Monitored and tracked the development and implementation of robust impact assessments, action plans and control measures executed by the various lines of defence - Crafted and disseminated detailed legal regulatory requirements and obligations summary reports based on official publications, acts, regulations, directives, orders, notices, guidelines, codes, practice notes, circulars, amendments, notifications, FAQs, consultation papers, bills, eGazettes, advisories, news, etc. on a global scale - Identified regulatory changes and trends via multiple channels, including receiving direct correspondences and notifications from regulatory channels, conducting horizon scanning, working with law firms, third party vendors and subscription services (CUBE) on a daily basis - Restructured and maintained dynamic group-wide regulatory inventory and centralised repository - Reported and communicated on regulatory risk management data and developments to senior stakeholders to facilitate robust governance over compliance risks - Collaborated closely with multiple cross-functional and cross-jurisdictional stakeholders on ongoing group-wide regulatory projects and compliance programs
- Seconded to a leading international bank to drive and advise on its digital transformation efforts. - Executed Agile and Scrum methodologies to coordinate between multiple dependencies, functions and stakeholders within complex, large-scale project deployment and operational environments. - Managed implementation and testing of effective solution designs and controls in order to achieve outcomes in alignment with the overall business requirements, digital architecture and infrastructure. - Propelled and tracked progression timelines and statuses, identified impediments and blockers, managed change communications and interim transitions to ensure continuous business value realisation. - Validated and reported on risk impact assessments for new digital products, processes and customers. - Experienced in using JIRA, MURAL and Microsoft SharePoint for prioritising project tasks and workflows.
- Designed and implemented frameworks, recommendations and post-engagement initiatives for a multitude of local, regional and global scale clients from a variety of industries regarding their compliance with the requirements of all applicable data protection & privacy laws and regimes, including the PDPA and DNC Registers (SG), GDPR (EU) and CCPA (US). - Performed risk impact assessments and gap analysis via bespoke questionnaires, conducting interviews and UATs, understanding the current operations of the clients, analysing their SOPs, frameworks, documentations, policies and practices to identify potential gaps and violations. - Customised independent reviews and solutions for multiple data protection & privacy themes; data subject rights, legitimate interest assessments (LIA), data protection impact assessments (DPIA), appointment of data protection officers (DPO), data inventory & mapping, data lifecycle management, data breach incident plans, data loss prevention (DLP), third party and cross-border data transfer mechanisms, privacy by design frameworks, information security controls, complaints handling procedures, vendor management practices, privacy-enhancing tools and technologies (PET), etc. - Conducted training sessions to enhance staff knowledge, provide refreshers, and raise awareness regarding GRC and data protection & privacy for clients. Also chaired regular webinars to broadcast and communicate on related emerging trends and technologies within the region and around the globe. - Delivered full step-by-step guidance and support to clients for various data protection & privacy programs such as DPaaS, annual retainer services and industry certifications including DPTM and APEC CBPR. - Coordinated with various internal cross-functional teams and external solution providers & vendors to plan, design, develop and implement GRC and data protection & privacy solutions for all clients.
- Analysed and reviewed policies established by the various local financial regulatory authorities in the Asia & Oceania region and Japan, to conduct gap analysis and ensure that the compliance frameworks across all offices in the various jurisdictions are robust. There are 10 countries involved including Singapore, Malaysia, India, Thailand, Indonesia, Philippines, Vietnam, Myanmar, Cambodia and Australia. - Executed on-site and off-site monitoring and controls testing for multiple compliance themes on a regional level; information & data security, anti-bribery & corruption, fraud, conflicts of interest, insider trading, FATCA & CRS, cross-border marketing, firewall, arm’s-length principle, anti-social elements, corporate governance and local regulations such as Banking Act, SFA, FAA, PDPA, GDPR, etc. - Performed periodic compliance risk impact assessments and allocated regulatory risk ratings for every business unit, branch and subsidiary in the region after identifying their compliance gaps and potential violations. - Provided daily regulatory advisory, guidance, recommendations and knowledge support to the local compliance departments with regard to resolving and managing all their compliance issues and concerns. - Initiated regular training sessions, compliance committee meetings and conference calls to broadcast and communicate on the latest updates on all regulatory compliance matters within the region and bank. - Cooperated closely with all local and overseas partners to continuously ensure that compliance risks are duly identified, assessed, mitigated and monitored throughout the bank based on a risk-based approach.
- Specialised in performing lateral enterprise-wide KYC – AML assessments for ultra-high net worth private banking clients who also have accounts with other Citi lines of business. Required extensive cross-LOB, cross-functional and cross-border coordination with SG, HK, IN, US, LATAM and EMEA teams. - Conducted independent investigations to corroborate sources of funds and manage key risk metrics for each client, to mitigate any potential red flags and ensure compliance with international regulations. - Carried out enhanced due diligence and screenings on higher risk clients, including PEPs and complex entity structures, tools used daily include World-Check, Factiva, LexisNexis, Wealth-X and Bloomberg. - Implemented quality assurance controls based on risk drivers and risk responses, in relation to each unique case encountered. Involved substantial usage of risk-based approaches, personal judgment and independent logic for effective risk scoring, corroboration and decision-making. - Evaluated monthly transaction reports based on anticipated account activities; to identify, assess and seek justifications for all anomalous breaks or potentially suspicious transactions within each account.