Zoltan Szabo

Risk Management

• Implement risk management tools, practices, and policies across the enterprise to analyze and report on current and forward-looking risks exposures, manage risks mitigation activities, monitor, measure, and issue corrective action plans.
• Provide risk registry updates to the Enterprise Risk Management Committee, and Board Audit & Risk Management Committee.
• Oversee the development, evaluation and implementation of all corporate and departmental policies, programs and procedures reflecting relevant regulations, industry standards and best practices.
• Assess risk for strategic initiatives for new market acquisitions, development of new products and services.
• Recommend improvements to products, pricing, cost effectiveness, and procedures.
• Provide consultation and advice to management through various risk management processes, such as RCSA, KRIs and KPIs practices, controls, and documentation (i.e., Engineering, Software, Product and Development, Information Security, etc.)
• Coordinates with third parties and internal stakeholders to ensure that CU Direct’s risk management efforts meet all requirements including needed audits (i.e., PCI, NIST, ACH, FedLine and SOC 2 Type II.)
• Implement the Artificial Intelligence Committee and Co-Chair of same.

Compliance

• Direct the Compliance Department to ensure the organization's risk management policies, strategies, and controls comply with applicable regulations, industry standards, and strategic imperatives of the organization.
• Publish monthly Compliance Bulletin to provide a comprehensive view of relevant regulatory changes, with direct or potential impact to our operations or business model.
• Manage relationships and audits with government agencies and regulatory bodies such as the NCUA and CFPB.
• Work closely with Information Security to ensure risk mitigation about asset preservation and sensitive information protection.

Business Continuity

• Co-chair of the Incident Response Team.
• Maintain, update, and promulgate business continuity and disaster recovery plans.
• Approve business impact assessments.
• Coordinate business continuity and disaster recovery (tabletop) exercises quarterly.

Insurance and Vendor Management

• Assist Legal to identify, measure, and manage insurable risks.
• Assist with management of the insurance broker relationship and ensure the proper management of claims and loss control.
• Manage the vendor management group and the company’s relationships with third-party service providers.

• Managed the overall ERM Program and reported to the Chief Risk Officer and to Senior Management the status of the inherent risks and opportunities, establishing risk tolerance levels and report on the status of the ongoing monitoring of key controls in support of strategic goals and objectives.
• Identified and evaluated key risk drivers, risk appetite, risk tolerance levels, risk limits and risk response strategy – avoid, reduce, take alternative action, share/insure, or accept, across all risk categories and implement risk management monitoring and response practices.
• Developed and produced independent enterprise-wide dashboard reports to the business unit managers, Senior Management, and the Board to report on whether objectives are achieved and to identify possible needed changes to the risk response strategy.
• Directed and establish risk controls to ensure all functions and divisional branches are in complete compliance with federal, state, regulatory, investor, and company guidelines and recommend corrective action as needed.
• Oversaw Compliance and Vendor Management activities relating Board designated Entity-Level Risks, mitigation and monitoring activities.
• Internal/External Auditors and Regulatory Examiners (NCUA, Office of Financial Regulation (OFR) liaison.
• Shared information and documentation with external auditors and regulatory examiners to assist in the completion of audits and exams as it relates to the institution’s risk mitigation activities, regulatory compliance practices and functions.
• Drive the risk intelligent culture and build strong collaborative relationships across the organization to create an increased understanding and awareness of business line managers’ responsibility for risk assessment and management activities in their daily decision-making processes and procedural guidance.
• Chaired the Enterprise Management Committee and provide informational updates to management and Board Committees on changes in the regulatory and investor requirements, emerging risks, responses, and their potential impact.
• Oversaw the Model Governance and Data Governance Councils.
• Risk Management Liaison for Mergers and Acquisitions.
• Prepare the Annual Budget for the ERM department and forecast staffing needs.

• Oversaw all aspects of risk-taking activities across the enterprise, including processes, tools, and systems to identify, assess, measure, manage, monitor, and report risks
• Maintained the Board approved risk framework for identifying, assessing, and managing risk, including loss policy framework, loss data collection, reporting practice, standards, and the process for developing risk policies and procedures, risk limits and approval authorities
• Monitors the activities of the business for Quality Control processes and risk outcomes.
• Managing business relationships with Bankers, Brokers and Correspondents, Investors, Mortgage Insurers, Regulatory and other industry partners
• Responsible for the oversight and continued development of the Company's Quality Control Department to ensure compliance with Fannie Mae, Freddie Mac, HUD, VA, and USDA program requirements for origination and servicing activities.
• Integrated Risk Management practices and culture into the company's performance management processes.
• Made recommendations on complex risk issues or products, deal structure and strategic planning and manage the process for elevating control risk to C -level executives or the Board when appropriate.
• Delivered regular risk analysis reports to company executives complete with actionable plans for avoiding or preventing potential threats at various modeled stress levels.
• Supported the Board Risk Committee in its implementation, review and approval of the enterprise-wise risk governance framework which includes risk appetite, risk limits and corresponding capital planning.

Risk Management

• Responsible for the development and management of operational risk governance activities and framework for consumer facing business lines
• Monitored the operational risk exposures from existing and future business operations that could result in significantly impact the operational integrity of the Bank and direct action necessary to offset or remediate significant exposures
• Managed and directed the Risk Analysts and Quality Control audits, testing, analysis and reporting to business line managers, committees, investors, and regulatory agencies.
• Maintained the Board approved risk framework, for identifying, assessing, and managing operational risk.
• Functioned as a risk advisor to senior management in their operational risk management responsibilities.
• Implemented the operational risk process, providing coaching and guidance to business line managements.
• Provided company-wide analysis of operational and compliance risk levels to the CRO and CCO.
• Coordinated risk input to the Risk Committee and the Board on the banks risk profile, control infrastructure and any control failings to weaknesses and actions taken.
• Directed the development, training, awareness, and integration of the risk management culture to support the implementation and effective operation of ERM within all levels of the organization.
• Monitored, tracked, and reported on all outstanding mitigation plans (MRA’s, MAP’s.)
• Directed the Quality Control Teams to ensure adequate monitoring and testing is in place for key risks and agency requirements.

Commercial & Retail Bank

• Onsite audits of the Bank’s Financial Centers
• Bank wide operations audits
• Commercial Lending and Leasing Operation
• Business Property Lending and Servicing
• Warehouse Finance
• Wealth Management:
• Audits to SEC, FINRA, SIPC, state and federal laws
• New Accounts / Account Maintenance / CIP & OFAC / Declined/Closed Accounts / Call Copy

World Markets

• Precious metals trading and storage
• Currency Trading
• Foreign currency-based investments & Foreign wire transactions

• Conducted the planning of audits to include identification of inherent risks and controls, scope, and testing methodology development
• Performed audits of an advanced type requiring expertise in multiple business lines with a high degree of autonomy, discretion, and judgment
• Performed reviews of work papers for accuracy, validity, and standardization of audit procedures used and provided coaching to assigned staff
• Prioritized daily responsibilities and prepared routine project status reports
• Advised appropriate auditees on the implementation of control issues identified during the audit.

• Developed, led, and executed the annual audit plan across a diverse business platform with a team of audit professionals
• Prepared and monitored allocated budget hours and resources to actual project hours and implement opportunities for efficiency
• Ensured that high professional audit standards are maintained across the various business lines
• Areas of coverage included retail bank branch activity, residential mortgage originations, servicing and master servicing, whole loan purchases and sales, commercial mortgage originations and servicing, warehouse lending and student loans.
• Participated in evaluating the Bank’s strategic initiatives to ensure that a strong control environment is maintained and worked with business owners to develop processes to achieve effective control designs and implementation.
• Managed and developed audit test steps to support the company’s Sarbanes-Oxley compliance efforts documentation, testing and remediation.
• Worked with business management to develop action plans and verify that remediation efforts are implemented.
• Analyzed finance and operations processes and identified gaps, control deficiencies, and potential risks.