Drove transition of the enterprise GRC platform implementation to business as usual, completing a four-year initiative to unify operational and non-financial risk methodology and technology across the enterprise. Enterprise owner of the Operational Non-Financial Risk (ONFR) framework, methodology, and policy; operational risk capital and stress testing; and the five core horizontal programs (Issues Management, Events, KRIs, RCSA, and Testing), with scope expanded upon promotion to include enterprise digital enablement, risk data strategy, and the digital modernization program. Responsible for translating five years of enterprise GRC investment into business intelligence, executive decision support, and proactive risk management across 230+ business units. • Deployed an operational risk data mart feeding 160+ enterprise Power BI dashboards, replacing legacy manual reporting and enabling real-time executive visibility across both lines of defense. • Drove development and implementation of 60 AI/ML models to strengthen data integrity and reduce administrative burden; flagship model assesses Key Control documentation quality with 98% accuracy, improving program effectiveness and reducing testing burden simultaneously. • Served as primary enterprise spokesperson to the OCC, Federal Reserve, and OSFI across US and enterprise risk governance forums.
Delivered end-to-end GRC integration unifying approximately 1,000 product, service, and activity libraries, 3,000 Key Risks, and 13,000+ Key Controls (operational risk and compliance) on a single platform, an integration level rarely achieved across the industry. Led the enterprise ONFR framework, operational risk capital and stress testing, and the centralized second-line Independent Testing program. Rescued and delivered a four-year enterprise GRC integration initiative that had lost momentum, bringing it to full production across 230+ lines of business. Modernized RCSA into a process-based risk assessment in which control effectiveness ratings are generated by formal monitoring and testing results and imported directly into risk assessments, reducing burden on both lines of defense while producing more defensible outcomes. Established the bank's first enterprise-wide Monitoring & Testing program for Key Controls, migrating planning from spreadsheets to the enterprise GRC platform and enabling second-line oversight of testing execution and results at scale. Re-engineered the operational risk capital program from a model-based approach to a scenario-based, three-pronged framework aligned with the leading practices OSFI identified in its published 2025/2026 Pillar 2 horizontal review. Negotiated regulatory agreement expediting recognition of approximately $1B in risk-weighted asset capital benefit.
Developed and embedded an End-to-End Value Chain methodology within the RCSA program, increasing documented cross-business control dependencies by 224% and materially strengthening first and second line alignment; the methodology was subsequently scaled enterprise-wide at BMO. Led second-line operational risk oversight across Retail Banking, Wealth Management, Operations, and corporate functions, covering approximately 70% of the bank, during a period of regulatory scrutiny and acquisition integration culminating in BMO's acquisition of Bank of the West. Partnered with Chief Data Officer and data loss prevention leadership to conduct an enterprise-wide data protection risk assessment across seven control domains, increasing identification of data protection risk in RCSAs fourfold. Enhanced first-line control governance, taxonomy alignment, and the risk documentation framework to support regulatory expectations through the acquisition.
Selected by the CRO and CFO to establish a newly created enterprise governance function and lead remediation of Critical Services-related Resolution Plan deficiencies after Wells Fargo became the only GSIB to fail resolution plan scrutiny twice. Delivered remediation within a regulator-mandated 16-week window while building sustainable long-term governance infrastructure. Led 100+ senior leaders and subject matter experts to develop an enterprise Service Catalog and execute 1,500 inter-affiliate SLAs covering approximately 10,000 resolution-period services within the mandated window. By 2019, matured the program to approximately 18,000 services governed by 600 SLAs: nearly double the coverage at one-third the contract volume. Directed enterprise legal entity governance across 3,500+ global entities; redesigned the core operating entity structure from approximately 300 to 180 (a 47% reduction), strengthening transparency, resolution readiness, and cost discipline. Led remediation of a publicly disclosed Material Weakness in Wells Fargo's financial statements related to legal entity cost allocation, coordinating Finance, Controllers, Independent Risk, Legal, and Audit across 300+ entities within a single fiscal year. Established the Shared Services Governance Office and the governance framework embedding the Critical Services delivery model into business-as-usual operations across the enterprise.
Built and led an enterprise operational risk and shared services organization of 480+ professionals consolidated from previously disparate groups, covering Business Continuity, Privacy, Information Lifecycle Management, Payments Risk, Third-Party Risk, and Enterprise Risk Operations. Gallup Q12 engagement ratio nearly doubled under direct leadership, improving from 3.5:1 to 6.2:1. Scaled enterprise third-party risk governance from fewer than 5,000 to approximately 30,000 vendors and 115,000 engagements using consistent risk tiering, resolving longstanding supervisory concerns and bringing the program to a sustainable standard that withstood regulatory scrutiny. Preserved approximately $207M in deposits by preventing approximately 9,000 risk-driven account closures through targeted CIP remediation; directed enterprise risk operations including 2.4M+ annual CIP reviews, 1.7M+ CTR filings, and 11,000+ SAR submissions. Implemented automated information lifecycle controls eliminating 56M emails monthly, significantly reducing legal discovery exposure and data risk. Built the enterprise Business Process Risk Management program from concept: published formal policy, completed a risk-stratified enterprise process inventory, and delivered regulatory commitment milestones within required timelines.
Designed and directed global shared services, risk operations, sourcing, and compliance functions for JPMorgan Chase client-facing, middle, and back-office operations worldwide. Built an enterprise third-party oversight program governing approximately 30,000 vendors; developed a multi-phase governance lifecycle with standards and controls subsequently mirrored in financial sector industry guidance on third-party risk management. Sourced and structured a $1B+ global IT portfolio annually, executing approximately 4,000 IT projects and 7,000 staff augmentation positions with less than 15% of overall sourcing staff, while doubling year-over year savings and increasing diversity spend by 34%. Absorbed a 40% increase in volume while simultaneously expanding the operating model globally.
Senior outsourcing counsel supporting enterprise third-party risk oversight, strategic contract structuring, and regulatory engagement. Served as legal representative to JPMorgan's Third-Party Oversight implementation team and played a leading role in interactions with regulators regarding the firm's third-party oversight activities.
Architected and executed WaMu's enterprise offshoring and BPO governance strategy, transitioning 8,000 FTE across 60+ back-office processes in under three years and delivering $240M+ in cost savings. Increased offshore activity by 1,500% from program founding. • Developed a KPMG-audited, best-in-class offshoring methodology covering the complete lifecycle from process-level assessment to enterprise governance. • Served as primary point of contact for the Board of Directors, senior management, and regulators on all offshore governance matters.
Lead outsourcing attorney responsible for negotiating strategic outsourcing and significant service provider relationships. Recognized with the Star Award for leading transactions yielding $100M+ in savings.
Mergers and acquisitions, outsourcing, and technology transactions counsel for public and private company clients.
Licensed to Practice Law in New York
New York State Bar Association
License to Practice Law in Ohio
Ohio State Bar Association
License to Practice Law in Washington State
Washington State Bar Association