BNY Mellon Careers

EMEA Data Privacy Specialist

London, United Kingdom

Job Description

Team Overview:

The role forms part of the Technology Risk Management (TRM) organisation at the Bank of New York Mellon. TRM is divided into functional teams globally, as follows:

  • Privacy & Data Protection
  • Technology Assurance & Advisory
  • Technology Project Risk Oversight and Mergers and Acquisition / Due Diligence
  • Vendor Technology Risk
  • Technology Governance and Control
  • Technology Risk Intelligence

Job Purpose:

To support the Chief Privacy Officer in the execution of their duties across the EMEA region to ensure that all Lines of Business and Business Partners fulfil their regulatory and organisational requirements to protect the privacy of both client and staff personal information.




Note: Individual goals will be agreed with the Head of Data Privacy – EMEA as part of the Performance Management process.

  • Support the Head of Data Privacy – EMEA and the global Chief Privacy Officer in the rollout of the EU General Data Protection Regulation remediation programme. Assist in the creation of templates and tools to aid with this remediation and provide advice to key stakeholders on the completion/use of such tools.
  • Support in the creation, maintenance and periodic review of relevant Data Privacy guidance, policy and standards
  • Support the scoping and execution of the EMEA/Global annual Data Privacy Compliance Monitoring Programme, and help ensure that all reviews are completed in line with requirements, all issues are resolved in line with targets set and all reports produced in a timely fashion
  • Assist with maintenance of Data Protection Authority notifications, local authorisations for International Transfers and other communications with, and requests from, local DPAs
  • Evaluate data protection breaches and incidents in a timely manner, assist with route cause analysis and provide credible challenge. Assist in the production of associated MI and trend analysis
  • Support the team in the completion and administration of Data Protection Impact Assessments
  • Completion of data protection risk assessments of third party suppliers and/or high risk projects as required
  • As directed, analyzes existing legislation, regulatory announcements and industry practices in order to ensure the assigned business is in compliance with current requirements.
  • Support the annual review of Privacy training materials. Provide face to face Data Protection training on an ad-hoc basis dependent on the individual business needs
  • Assist in the review of data subject access requests and other information requests pursuant to individual rights to ensure that all requests are dealt with effectively and within the statutory time frames
  • Provide timely, pragmatic and accurate Privacy guidance to business areas as and when required
  • Preparation and presentation of metrics to indicate the effectiveness of BNY Mellon’s Privacy programme across EMEA
  • Lead on team administration activities, e.g. meeting planning, minutes and actions tracking; records management; Privacy team goals/objectives tracking; creating team delivery plans and preparing progress snapshots, etc.
  • With minimal guidance, contributes to the compliance efforts of the assigned business units. Helps to bring the business units into compliance with standard regulatory and policy requirements.
  • Helps the business units respond to and develop compliance reporting, as directed. Based on assessments of controls, works with business units to implement improvements and develop documentation when control changes are made.
  • Contributes to projects and program tasks intended to improve compliance and enhance the control environment. Analyzes control processes to ensure they are in compliance with all applicable laws, rules and regulations.
  • Reviews the appropriateness of control processes and may help guide the assigned business units in implementing improvements.
  • Continues to build working relationships with outside regulators, government officials and business unit managers in order to facilitate the timely delivery of information and increase the likelihood of favorable conditions for compliance activities.
  • With minimal guidance, contributes to assessments of the effectiveness of controls that help ensure ongoing compliance with key laws, regulations and policies affecting BNY Mellon businesses.
  • Continues to gain experience preparing risk based reviews of existing and emerging regulatory requirements, concerning issues and control gaps.
  • Contributes to the preparation of time sensitive reporting and appropriately escalates issues to more experienced professionals
  • Contributes to the achievement of team objectives. 

Generic Staff Responsibilities:

  • Comply with all corporate policies and procedures within the department;
  • Alert management immediately of any significant changes to business risks and internal controls effectiveness;
  • Notify management immediately of any regulatory breach;
  • Comply with health and safety policies and procedures operating within the business.

Core Competencies:

  • Adaptability
  • Communication
  • Customer Orientation
  • Leadership
  • Interpersonal Skills
  • Judgment
  • Managing Risk
  • Qualifications

Job Specific Competencies:

  • Investigative and questioning nature
  • Excellent inter-personal skills
  • Excellent organisational skills
  • Ability to manage and prioritise workload
  • Ability to communicate orally and in writing with various levels of management


Technical Skills, Knowledge, Systems Knowledge:

  • Experience of the practical application (business operations and technology) of Data Protection and Privacy laws in EMEA within the Financial Services environment
  • Demonstrable knowledge of current Data Protection and Privacy legislation in EMEA jurisdictions and in respect of the incoming EU General Data Protection Regulation (GDPR) is required
  • Strong analytical skills, problem-solving ability and attention to detail
  • Data analysis and metrics presentation skills
  • Previous exposure to international data protection and privacy laws and regulations, e.g. Americas (including LATAM) and APAC, is advantageous
  • Strong knowledge of the financial services regulatory environment is essential

Academic/Professional Qualifications: (or equivalent qualifiers)

  • Data Protection experience is essential
  • ISEB and/or IAPP certifications are highly desirable
  • Bachelor Degree educated or equivalent

For over 230 years, the people of BNY Mellon have been at the forefront of finance, expanding the financial markets while supporting investors throughout the investment lifecycle. BNY Mellon can act as a single point of contact for clients looking to create, trade, hold, manage, service, distribute or restructure investments & safeguards nearly one-fifth of the world's financial assets. BNY Mellon remains one of the safest, most trusted and admired companies. Every day our employees make their mark by helping clients better manage and service their financial assets around the world. Whether providing financial services for institutions, corporations or individual investors, clients count on the people of BNY Mellon across time zones and in 35 countries and more than 100 markets. It's the collective ambition, innovative thinking and exceptionally focused client service paired with a commitment to doing what is right that continues to set us apart. Make your mark:

Risk and Compliance provide risk and compliance services across all BNY Mellon businesses. Organizationally, Risk and Compliance includes the following groups: Risk Management, Compliance, Global Corporate Security, Information Risk Management and Global Business Continuity. Risk Management oversees and delivers risk services and ensures new business risks are reviewed and approved. Risk Management is organized through Chief Risk Offices for each core business and critical operation. Risk managers provide shared support to BNY Mellon for operational risk services for Global Corporate Trust, Depositary Receipts, Treasury Services and Global Operations in EMEA. Compliance helps ensure BNY Mellon's businesses maintain appropriate processes to comply with applicable laws, regulations, BNY Mellon policies and ethics. This is accomplished through business- and business partner-specific teams of professionals, under centralized global management.

BNY Mellon is an Equal Employment Opportunity Employer.

Primary Location: United Kingdom-Greater London-London
Job: Risk
Internal Jobcode: 85160
Organization: Technology Risk Mgmt-HR06032
Requisition Number: 1802521