Global Compliance Director – Third-Party Compliance Risk - The Boston Consulting Group

This amazing new opportunity is for an experienced Compliance Director to join the Global Compliance Team at BCG.  

The Global Compliance team provides support, guidance and oversight on critical compliance topics that anchor how BCG employees support each other, their clients, and the business – with policies, processes, and systems which BCG continuously improve. The team develops and implements smart capabilities, toolkits, frameworks and training to empower BCG employees to act in accordance with the values and code of conduct, and to promote adherence to laws, regulatory requirements, and internal policies and procedures. 

In this role you will help to build effective compliance controls and procedures, relevant to a global professional services organization, in place for third-party  risks. You will:  

• Help the first line of defence build effective end-to-end processes around third-party risk management (suppliers/contingent workforce/expert networks program), focusing on anti-bribery and corruption, sanctions and ESG compliance.  
• Provide specialist advice and analysis, guidance, and oversight to first line of defence once those processes are established to support continuous improvement and learning. 
• Oversee compliance with applicable legislative requirements. 
• Advise on regulatory change projects and enhancements to existing controls and procedures and oversee the delivery of global programs to comply with such legal and regulatory initiatives.  
• Build third-party and ESG compliance risk oversight program and support a creation of the reporting dashboard.   
• Work with other global functions (e.g., legal, procurement, sustainability, HR, IT & finance) and a regional compliance network to drive compliance controls and procedures. 
• Build and maintain a wide network of key stakeholders across the business globally, including in procurement, legal and finance.   

• Together with other global functions (including Legal, Risk, Procurement, HR and Finance), review existing processes and design, deploy, and oversee a due diligence framework for third party (supplier) risk that meets relevant regulatory & legal requirements as well as BCG’s internal policies.  
• Exercise independent judgments to identify potential issues on complex third-party (vendors) compliance risks relevant to a global professional services organization.  
• Perform testing and monitoring to give assurance that the organisation has adequate third-party (supplier) procedures and controls, and that these are operating effectively.  
• Assist in ensuring that BCG’s policies and procedures are in line with current legal and regulatory requirements. Recommend mitigation measures to ensure global minimum standards are met.  
• Support the first line of defence to manage the risk of third-party intermediaries via close coordination with areas seeking to engage introducers/ experts etc.  
• Ensure that first line of defence business escalations relating to third-party (supplier) compliance risks are accurately prioritized, assigned and assessed, engaging with other specialist functions (e.g., Legal) as appropriate.  
• Carry out horizon scanning and proactively give advice to the business regarding changes to legislation, regulations and global requirements relating to third-party (supplier) compliance risks. 
• Work with relevant product owners to recommend improvements / priorities to software capabilities for third-party (supplier) compliance risk management.  
• Provide subject matter input into the Enterprise Risk function risk register and risk assessment activity on third-party (supplier) risk exposure and management. 
• Update senior management (including the Chief Compliance and Chief Risk Officer) on the management of third-party (supplier) compliance risks and issues. 
• Project manage compliance deliverables across the global business. 
• Maintain knowledge of trends, developments, and new technologies. Provide recommendations on new technology and tools for third party (supplier) risk identification and management.  
• Support the Compliance Centre of Excellence and regional compliance network with the delivery of education, training, and awareness programs relating to third-party compliance risks. 
• Support internal and external audits and regulatory reviews. 
• Be actively involved in relevant external industry forums. 
• Assume additional responsibilities as required.