CRAIG SPIELMANN
CANYON LAKE,CA
Summary
Highly skilled Risk Intelligence Officer with proven experience in collecting, analyzing and disseminating various types of intelligence. Strong proficiency in critical thinking, problem-solving and decision-making skills to anticipate and assess potential threats. Demonstrated ability to make significant impacts in previous roles through effective communication and collaboration within multidisciplinary teams.
Overview
36
36
years of professional experience
1
1
Certification
Work History
Risk Intelligence Officer
CNM LLP
01.2020 - Current
- Oversees critical client risk projects to ensure client success
- Provided a risk structure for a REIT which uncovered a potential risk and strengthened their governance processes
- Additionally, provided competitive intelligence reports to keep them aware of industry events
- Built the RCSA, Scenario, Risk Appetite, Issue Management and Taxonomy processes for several clients
- Assist 'C' suite clients to develop critical business strategies
- Develops ongoing and continuous risk training to maximize client awareness
- Consults on all aspects of GRC solutions from RFP to post implementation
- Conduct all aspects of risk assessments to create audit and risk group annual plans.
CEO
RiskTao LLC
01.2017 - Current
- Manages RiskTao business, sets strategy, and executes on all client assignments
- Chaired major risk conference streams for the Center for Financial Professionals (CFP)
- Presented risk topics such as ESG, AI, Scenario Analysis, RCSA, GRC, Technology Risk, and Multiple Event Simultaneous Scenarios (MESS)
- Advises firms on Governance, Incident Response, Regulatory Management, ESG, ERM, FinTech, ERM and GRC.
Global Head of Enterprise Risk Management Strategy
First Data Corporation
01.2015 - 01.2017
- Developed strategy for the Global ERM program, including ERM Framework, Technology, Training, and Board/Executive Communications
- Conducted several 'Top Risk Assessments' which identified material risks and effective remediation plans for FDC's senior managers, the Board, and Risk Committee
- These included: Cyber, BCP/DR, Strategic Business Partnerships, Third Party Risk Management and Technology Management
- Designed and managed GRC (Archer) development and production management
- Built a client development committee to manage and prioritize development pipeline
- In addition, developed advanced automated analytics and reporting based on Risk Data Aggregation (RDA) principles
- Built the Enterprise Risk Framework; Risk Appetite, Issue Management, Risk & Control Self-Assessment, Scenario Analysis, Internal and External Loss Events, New Product Approvals & ERM Training Program
- Advised two of First Data's major joint ventures by developing a 'business risk assessment process' which was 'goal focused' and covered material risks to their business and P&L goals
- Ran highly sensitive scenario analysis exercises to determine strategies for major client risk events such as credit defaults, cyberattacks, and liquidity risk.
Global Head of Operational Risk Systems and Analytics
Royal Bank of Scotland
01.2013 - 01.2014
- Developed and implemented an ORM reporting & analytics solution that supported Risk Data Aggregation (RDA) and was a key interface to the UK & US regulators
- Created an automated risk analytics tool that delivered critical risk reports to all RBS businesses and central banks
- Chaired the 'Global ORM Technology Committee,' which managed the ORM development agenda.
Head of Operational Risk - Americas
Royal Bank of Scotland
01.2011 - 01.2013
- Successfully led the closure of the FRB's Cease & Desist Order for Americas' Operational Risk
- Drove 'cultural change' that enhanced senior management's understanding of business risks
- Led the Crisis Management committee for the Americas which included senior representatives from the Investment Bank, Wealth Management, Retail Banking, & Shared Services which managed several major events such as Hurricanes Irene & Sandy, Boston Marathon Terrorist Incident, state sponsored cyber-attacks, major UK technology outage and unauthorized trading
- Successfully represented Risk on 'RBS's Compensation Initiative' which was approved by the FRB's Board of Governors
- Provided governance and oversight for regional committees such as: Americas Compliance & Operational Risk Committee, Vendor Risk Management Committee, IT Risk Committee, Compensation Committee, Investment Banking Trading Control Committee, Basel II Capital Committee, and New Product Approval Committees.
NA Financial Services Industry Practice Leader
PCubed LLC
01.2009 - 01.2011
- Hired to set strategy, develop sales, and project management practices, and risk programs
- Advised firms on major risk, project management, and commercialization initiatives
- Led the Financial Services sales and program management team for the Americas.
CAO/Head of IT Risk Management, Global Technology Operations
CITI
01.2006 - 01.2009
- Recruited to create and centralize the risk management function including setting strategy, develop risk governance programs and risk framework, and respond to internal audits and regulatory exams
- Drove the organization to 'perfect audit rating' and improved action plan performance latency to '0.' Created a specific Wealth Management risk assessment program to cover risk & regulations specific to their area
- Chaired the cross-business 'Electronic Communications Committee' that monitored CITI's compliance with 'Chinese Wall' restrictions.
Head of Global Client Services
Fitch Ratings/Algorithmics
01.2005 - 01.2006
- Recruited to manage client relationships, operational risk advisory, P & L, and quality assurance
- Provided ORM consulting services to major financial institutions to improve their ORM programs
- Consulted with major international institutions to improve the effectiveness of their ORM program.
Risk Business Leader & Executive
J.P. Morgan
01.2000 - 01.2005
- Founder and head of JPM's Horizon's Risk Business and responsible for leading all business aspects, including Sales, P&L management, software development, business & product strategy, and maintaining 'C' level client relationships
- Designed and commercialized Horizon's software and methodology
- Initiated and led JPM's Horizon Operational Risk Advisory business that grew from an internal solution to a market leader and enhanced JPM's brand as 'Best Bank for Risk Management'
- Cited in 1999 Chairman's Letter to Shareholders as 'model of innovation' and received a US patent
- Developed and managed critical senior client relationships which included US Federal Reserve, Merrill Lynch, JP Morgan, The World Bank, Freddie Mac, Bank of China, HKMA, Swiss Re, Prudential, Bank of Tokyo - Mitsubishi, BP, Kasikorn Bank, QNB, Prudential, Credit Suisse, and Bank One.
Head of Information Technology Risk Management Group
J.P. Morgan
01.1996 - 01.2000
- Selected by CIO to create JPM's first Information Technology Risk Group that focused on IT governance, board reporting, and managing internal and external regulatory relationships
- Designed and delivered the global Technology Risk & Control Self-Assessment (RCSA) program
- Devised a key risk indicator daily report that measured technology's risk performance
- Chaired the 'Global Business Technology Risk Committee', charged with managing enterprise technology risk.
Head of Emerging Technology Audit Group
J.P. Morgan
01.1989 - 01.1996
- Led innovative approach to auditing 'technology as a business' by evaluating client and major vendor risks
- Represented Audit & Controls in the Pinnacle Alliance selection for outsourcing a third of JPM's technology, resulting in saving $200M per year, improved technical capabilities, and improved performance.
Education
Bachelor of Arts - <ul><li>Communications</li><li>History</li></ul>
Iona College
Skills
- Enterprise Risk Management
- Corporate Governance
- Incident Response Management
- Regulatory Relationship Management
- ESG
- E commerce
- GRC Selection, Development & Implementation
- Risk and Control Self- Assessment (RCSA)
- Scenario Analysis
- Technology Risk Management
- Risk Training
- Issue Management
- Loss Data Event Management
- Operational Risk Management
- Business strategy Development
- Cybersecurity
- Third party risk management
- Risk Data Aggregation
- Crisis management
- Client Relationships Management
- Leadership
- People Development
- Audit
- Product Management
- Sales
- Artificial Intelligence Management
Advisoryboards
CeFPro Operational Risk and Fintech Advisory Boards
Certification
Certified Information Systems Auditor (CISA) (0977043)
Patents
Method & System for Managing Risk (US7113914b1)
Other
2nd Degree Black Sash in Northern Shaolin Kung Fu & Tai Chi
Timeline
Risk Intelligence Officer
CNM LLP
01.2020 - Current
CEO
RiskTao LLC
01.2017 - Current
Global Head of Enterprise Risk Management Strategy
First Data Corporation
01.2015 - 01.2017
Global Head of Operational Risk Systems and Analytics
Royal Bank of Scotland
01.2013 - 01.2014
Head of Operational Risk - Americas
Royal Bank of Scotland
01.2011 - 01.2013
NA Financial Services Industry Practice Leader
PCubed LLC
01.2009 - 01.2011
CAO/Head of IT Risk Management, Global Technology Operations
CITI
01.2006 - 01.2009
Head of Global Client Services
Fitch Ratings/Algorithmics
01.2005 - 01.2006
Risk Business Leader & Executive
J.P. Morgan
01.2000 - 01.2005
Head of Information Technology Risk Management Group
J.P. Morgan
01.1996 - 01.2000
Head of Emerging Technology Audit Group
J.P. Morgan
01.1989 - 01.1996
Bachelor of Arts - <ul><li>Communications</li><li>History</li></ul>
Iona College