Keriann M. Atencio

Executive leader reporting directly to the CEO, responsible for legal strategy, risk management, regulatory compliance, and corporate governance.

• Develop and implement legal strategy for Credit Union and subsidiaries.
• Build and lead high-performing Legal Department supporting all credit union operations, products and services.
• Advise C-suite and Board of Directors on legal risk management, compliance, and governance.
• GC to Credit Union subsidiaries, supporting IT, data governance, commercial transactions, B2B, and wealth management.
• Support all areas including financial services regulation, HR, privacy, InfoSec, technology, contracts, litigation.
• Manage outside counsel, regulatory inquiries, and all litigation for CU and subsidiaries.
• Build Legal Operations to optimize $2MM+ budget through legal technology, people and processes.

Interim Chief Privacy Officer responsible for driving the strategy, design, implementation, and maintenance of the Association's global privacy function. Led 15 privacy professionals and served as Data Incident Response leader.

• Executive leader of Shared Services legal team with focus on privacy, info/cyber security, breach response, commercial transactions, technology, AdTech, marketing, and AI. Responsible for building and leading the high-performing legal team advising the global enterprise (banking, insurance, and life products).
• Chief Privacy Counsel, incident response leader.
• Develop and manage 8-member attorney team, outside counsel, and $5MM+ budget performance and reporting.

• Lead counsel advising executive management and all functional areas of the bank-owned consumer reporting agency and payments company across all products and services (fraud, risk, and payments). Led all aspects of strategy, design, implementation, and management of the company’s Privacy Program and Privacy Office.
• Responsible for privacy and legal compliance in B2B and B2C products, consumer reporting, call center operations, consumer rights/protection and incident response. Relevant laws included GLBA, FCRA, TCPA, GDPR, CCPA, UDAAP, and CAN-SPAM.
• Designed and implemented Data Breach Response Program. Led data incident management.
• Managed company litigation portfolio.
• Established and developed high-performing team in support of privacy and data risk management.
• Prior progressive responsibilities included regulatory relations and exam management, infosec, compliance, employment, and contract administration.

Large law firm practice in business reorganization, restructuring, and complex commercial bankruptcy.