Steven DiBerardino
Coatesville
Summary
Resourceful and focused professional with a robust track record in risk management, internal audit, regulatory compliance, internal controls, performance management, third-party risk management, and due diligence. Proven ability to manage multiple initiatives and tackle complex issues, consistently surpassing objectives and setting new standards in dynamic environments. Excels as a results-driven producer, collaborating effectively across cross-functional teams to meet and exceed both short-term and long-term financial goals, while adeptly addressing evolving organizational needs.
Overview
26
26
years of professional experience
1
1
Certification
Work History
Senior Specialist, Enterprise and Third-Party Risk Management
SOFTHEON,INC.
10.2023 - Current
- Established and leads the Enterprise Risk Management and Third-Party Risk Management programs leading $1.2 M in implementation and budgeting savings
- Oversees the implementation of risk controls and mitigation programs, conducts risk assessments, and analyzes risk data to coordinate incident responses
- Prepares monthly and quarterly risk reports for key committees and stakeholders, while identifying emerging industry trends and developing proactive risk management strategies
- Provides staff training in risk management and business continuity planning
- Leads third-party risk management processes, including onboarding, assessments, offboarding, and periodic due diligence, ensuring compliance with regulations and industry framework
- Implemented and manages BCP and DR plans
- Compiles risk assessment and business continuity reports for management and the Risk Management Committee
- Enhanced team productivity by streamlining processes and identifying key areas for improvement.
Director, Enterprise Risk Management
Resolution Life
08.2022 - 09.2023
- Directed Senior Management in creating and implementing a coordinated risk methodology and GRC implementation
- Prepares Management and Board Committee risk reports, regulatory filings (ORSA, ERR reports), and supporting documentation
- Acts as Secretary for all risk committees
- Engaged with Heads of Operational Risk Management, Compliance, and Information Security to coordinate risk assessments, activities, and reporting
- Manages the annual maintenance and review of Risk Policies and Guidance Documents, preparing an annual report to the RLUS Board of Directors documenting policy review
- Chaired the organizations Risk Committee
- Implemented a top and emerging risk methodology for continuous monitoring and inclusion in quarterly reporting
- Designed risk assessments and RCSA processes to identify and mitigate risks effectively
Senior Compliance Risk and Control Advisor, Third Party Risk Management
USAA Inc.
04.2021 - 08.2022
- Provided oversight and compliance expertise in developing a third-party risk management program, enhancing controls, and guiding RCSA’s, KRI’s, and KPI’s for risk and regulatory compliance initiatives
- Managed ad hoc and annual due diligence reviews, along with contract evaluations, ensuring audit rights, regulatory requirements, and Service Level Agreements were addressed
- Performed ongoing due diligence and supervision of business controls for compliance risk, advising senior management on compliance control environments, and escalating critical issues to stakeholders
- Co-managed the rebuild of the compliance third-party risk management program, clarified roles and responsibilities, and tracked due diligence reviews for key stakeholders
- Ensured compliance with OCC 2013-29, FFEIC and Fed regulations
- Streamlined due diligence processes to limit additional staff required while providing more comprehensive reviews
- Delivered staff training on control-based testing and industry best practices and consolidated third-party risk management programs into a unified system for data accuracy and consistency across the organization
Chief Compliance Officer
Wealthcare Capital Management /Chartwell Investment Partners
05.2018 - 04.2021
- Led compliance oversight for two Registered Investment Advisor firms, establishing standards and procedures to ensure effective compliance programs
- Developed and periodically revised the annual compliance work plan to align with organizational and regulatory changes
- Implemented and maintained a compliance risk management framework covering risk assessment, issue management, training, testing, and reporting processes for investment advisory services
- Spearheaded a comprehensive rebuild of the compliance management infrastructure, incorporating a robust compliance culture, efficient testing programs, and risk management software
- Delivered clear, real-time compliance reporting to Senior Management and the Board, and managed the due diligence and oversight of third-party vendors
Senior Enterprise Third Party Risk Manager
DLL Group
03.2017 - 05.2018
- Led oversight and compliance efforts in developing and enhancing a third-party risk management program resulting in $17M in annual savings by identifying redundancies in third party relationships
- Guided RCSA’s, KRI’s, and KPI’s for risk and regulatory compliance
- Provided 2LOD oversight
- Managed ad hoc and annual due diligence reviews, contract evaluations, and ensured adherence to audit rights, regulatory requirements, and SLAs
- Advised senior management on compliance control environments, escalated critical issues, and co-managed the rebuild of the third-party risk management program
- Delivered staff training on control-based testing and industry best practices, and unified third-party risk management programs for data accuracy and consistency
Regulatory Internal Audit Director
Vanguard Group, Inc.
06.2008 - 03.2017
- Developed and executed audit strategies, including risk identification, control objectives, and audit approach, while preparing and overseeing detailed audit activities
- Led audits and projects, providing regulatory and compliance expertise to audit teams and business partners, and managed complex operational and compliance audits, assessing business and technology risks
- Collaborated with business management, compliance, risk management, and legal teams to define the three lines of defense and develop remediation plans addressing audit findings
- Contributed to enterprise-wide initiatives involving investigations, new business ventures, and emerging technologies
- Partnered with business units to strengthen risk and control frameworks, reducing consulting fees for decentralized processes such as website content deployment, data governance, vendor management, and access management
- Designed and implemented an automated continuous audit program to monitor low-risk areas, reducing their inclusion in the audit plan, and provided immediate notifications of issues in high-risk areas before scheduled audits
- Enhanced financial integrity by implementing comprehensive audit procedures.
- Led audit team to ensure compliance with regulatory standards.
Vice President, Operations Control and Enterprise Risk Management
BNP Paribas Securities Services
02.1999 - 06.2008
- Built and led a team responsible for reviewing and validating operational processes for compliance with risk methodology, control standards, policies, and regulations across North American broker-dealer operations
- Oversaw the consolidation and distribution of monthly risk and control reports, presenting key findings and trends to management
- Directed incident and regulatory reporting, serving as the primary contact for regulatory issues
- Led the creation and implementation of risk methodology, control reviews, and management oversight
- Managed operational incident reporting, gain/loss allocation, and improvements to the control environment
- Designed and coordinated BCP and disaster recovery efforts for all operations departments
Education
B.S. - Financial Management/Accounting
St. Joseph’s University
Philadelphia, PennsylvaniaSkills
- Enterprise/Operational Risk Management Framework Development & Implementation
- Third Party Risk Management
- Cross Functional/Large Complex Organization Risk Assessing and Audit Planning
- Regulatory Compliance and Change Management
- Security and compliance frameworks
- COSO
- COBIT
- NIST
- ISO 27001
- ISO 31000
- SOC 1/2
- PCI-DSS
- GDPR
Certification
- CRMP, 06/30/25
- 3CPRMP, 2021
- CFE, 2019
- FINRA Series 63, 2009
- IIA, 2008
Affiliations
- RIMS (Risk Management Society)
- National Society of Compliance Professionals
- Association of Certified Fraud Examiners
- The Institute of Internal Auditors
Timeline
Senior Specialist, Enterprise and Third-Party Risk Management
SOFTHEON,INC.
10.2023 - Current
Director, Enterprise Risk Management
Resolution Life
08.2022 - 09.2023
Senior Compliance Risk and Control Advisor, Third Party Risk Management
USAA Inc.
04.2021 - 08.2022
Chief Compliance Officer
Wealthcare Capital Management /Chartwell Investment Partners
05.2018 - 04.2021
Senior Enterprise Third Party Risk Manager
DLL Group
03.2017 - 05.2018
Regulatory Internal Audit Director
Vanguard Group, Inc.
06.2008 - 03.2017
Vice President, Operations Control and Enterprise Risk Management
BNP Paribas Securities Services
02.1999 - 06.2008
B.S. - Financial Management/Accounting
St. Joseph’s University
Similar Profiles
Jalon WilsonJalon Wilson
Client Operations Analyst at SoftheonClient Operations Analyst at Softheon
Joshua BorrouschJoshua Borrousch
Rehabilitation Technician at Fast Track Physical TherapyRehabilitation Technician at Fast Track Physical Therapy
Karissa ElizaldeKarissa Elizalde
Material Handler/Receiving/Forklift Operator at Ingersoll RandMaterial Handler/Receiving/Forklift Operator at Ingersoll Rand
Lauren MermelsteinLauren Mermelstein
Group Leader Quality Assurance at Teva PharmaceuticalsGroup Leader Quality Assurance at Teva Pharmaceuticals
Latoya ButcherLatoya Butcher
Caregiver at SYNERGY HomeCareCaregiver at SYNERGY HomeCare