About me

James Hammond [New Jersey/New York - james (at) jameshammond.net]

Overview

Dynamic and accomplished professional with over 18 years of experience in the Financial Services industry. Seeking a challenging leadership role where I can leverage my expertise in risk management, controls, Technology and Cyber Security to drive organizational success and growth. I am recognized for my ability to build high-performing teams, ensuring a secure and robust control environment. My leadership philosophy revolves around fostering an environment of collaboration, empowerment, and accountability. I firmly believe that by empowering individuals within the team, harnessing their unique strengths, and aligning their goals with the organization’s objectives, a culture of excellence emerges and team members can excel in their own way.

Professional Experience:

Director, Chief Controls Office (1LOD) Barclays plc - London, UK and New York/New Jersey, USA November 2014 - Current

• Led the Chief Controls Office (CCO) function for Consumer Banking & Payments (CB&P), overseeing the US Consumer Bank, Barclays Payments, and the German business within retail products.
• Managed all aspects of Technology, Cyber, and Resilience controls, metrics, and reporting.
• Collaborated with CIOs, CB&P CISO, and associated Chief Security Office function.
• Oversaw 13 Technology standards, including change, resilience, and service management, as well as Cyber and Information Security frameworks.
• Managed incidents, risk events, and issues while liaising with audit functions and regulators.
• Provided input and challenged Control Frameworks within CCO, including Risk event and Lessons Learnt, Issues Management standard.
• Previously built and led the Fraud Operational Rigour (controls) team and Fraud Resilience workstream.
• Ensured the Fraud Operations, Fraud Strategy, and Fraud Analytics control environment met required standards.
• Led a team of control assurance professionals and managed the annual Risk & Control Self-Assessment (RCSA) process.
• Oversaw senior management commitments to issues resolution and risk event escalation.
• Represented the Head of the Fraud Transaction cycle at various forums.
• Acted as the primary lead for responses to regulators, 3LOD, 2LOD, and other assurance partners.
• Owned the annual Fraud Threat Assessment (FTA) process globally and the Fraud Awareness training globally.

Head of IT Audit European Bank for Reconstruction and Development - London, UK May 2013 - November 2014

• Led the IT Audit function, managing stakeholder relationships with Technology up to and including the IT Director and direct reports.
• Collaborated closely with Operational Risk and Information Security teams to identify current and emerging IT-related risks and assisted in incident analysis.
• Drafted and ensured the quality of IT audit reports and observations presented to senior IT management.
• Managed the yearly audit planning process and audit universe, utilizing a risk-based approach, and delivered the IT audit plan, including integrated audits.
• Conducted regulatory reviews related to reporting requirements, including trade, transaction, and position reporting.
• Conducted reference data audits, covering products, pricing, entity, and account master applications.
• Reviewed applications used to consolidate and calculate Basel II data.

IT Audit Bank of England - London, UK August 2012 – April 2013

• Internal Audit contractor performing project reviews within the Bank of England and Prudential Regulatory Authority (PRA) unit
• Leading a review of the project covering the transition progress (pre-migration and post-migration) of the Prudential Regulatory Authority migration to the Bank, including details of infrastructure, applications, people and data, which included attendance to project working groups and “go-live” decisions

Executive Director Goldman Sachs - London, UK December 2007 – August 2012

• Leading global and regional integrated business and application audits (up to 6 team members) across front-office trading applications, trading desk reviews, middle and back office trade confirmation applications, settlement applications and accounting systems, including reviews of books and records ledgers and sub-ledgers and compliance applications;
• Responsible for the EMEA aspects of Operations and Technology, including the delivery of the EMEA Operations Technology audit plan and stakeholder relationships (continuous monitoring) as well as delivery of issues to senior IT Management (Managing Directors);
• Regulatory Reviews around reporting requirements, including trade, transaction and position reporting, including leading a review of the analysis and governance of all trade and transaction reporting data within the Bank
• Reference data audits, including products, pricing, entity and account master applications.
• Review of the applications used to consolidate and calculate Basel II data for the Bank
• Working closely with other Risk functions within the Bank (Compliance, IT Security, SOX function, Operational Risk) to ensure that all appropriate risks were identified and any emerging risks or themes were factored into planning)
• Extensive experience using Audit Control Language (ACL) and other data analysis tools in order to identify unused and suspense and wash accounts used within the front office systems and product/financial controllers;
• Experience in various financial services vanilla and derivative capital markets and asset management products;
• Experience around “Thematic” or pathway audits including global change management and flow-based reviews;
• Liaising with clients with regards to closure of audits, issues associated with audits, scoping of audits and audit fieldwork;
• Understanding business risks as part of integrated audit teams and translation of business risks into associated Technology risks;
• Worked on audits in different teams across capital markets, asset management and corporate (books and records, market and credit risk) areas;
• Reviewing of audit files are to ensure an appropriate standard and adherence to the audit process;
• Review of trade confirmations process across credit derivatives, foreign exchange and equity derivatives operations areas;
• Review of Change process across Asset Management division, Operations division and Securities Division;
• Review of daily and monthly processes regarding sub-ledger to ledger transaction flow, including the reconciliation tool used to identify breaks across all ledger applications;
• Review of Control Room processes and procedures, including the application used to manage firm trading restrictions;
• Review of trade matching engines, including a Multilateral Trading Facility (MTF).

Assistant Manager KPMG - Dublin, Ireland (12-month secondment) and Johannesburg, South Africa January 2005 - November 2007

In Ireland (12-month secondment)

• Information Technology General controls reviews;
• Information Technology SOX assessments, including financial institutions and manufacturing (SOX control testing);
• Application Controls reviews, including data warehouse and project implementation review;
• Computer assisted audit techniques to determine appropriate interest charges;
• Evaluation of system controls in place over various financial systems; and
• Responsible for quality of deliverables, including report writing and presentation of findings.

In South Africa

• IT General Controls, application controls reviews, both from an internal and external audit perspective;
• IT Strategic review at the central bank of South Africa;
• Assessment of IT controls over financial reporting (SOX controls evaluation) for leading manufacturing, mining and gas organisation (role: team leader);
• Assisted with various COBIT-related reviews, including assessments and development of processes;
• Developed a key deliverable for a new product under the Governance and Performance service line;
• A number of security reviews, including vulnerability assessments, operating system reviews, database reviews, firewall reviews and web application reviews;
• Cobit reviews, including DS5 (manage security);
• AS400 security (RACF) review;
• Interaction with senior members of the organisation;
• Providing guidance to other colleagues;
• Supporting the sales process;
• Supporting the mentoring process;
• Initiating knowledge transfer.

Key Achievements:

• Consistently received outstanding performance ratings.
• Demonstrated leadership by leading teams on various audits.
• Achieved a high score in the CISA exam.
• Developed a methodology for the Governance and Performance service line.

Education:

• Bachelor of Commerce Honours (Business Informatics) University of South Africa Graduated: 2008

• Certified Information Systems Auditor (CISA) Year of Certification: 2007

• Higher Diploma in Computer Auditing University of the Witwatersrand Graduated: 2006

• Bachelor of Commerce in Information Systems University of the Witwatersrand Attended: 2000 - 2002

• National Diploma Information Technology University of Johannesburg Attended: 1996 - 1998

Additional Information:

• Presented on Financial Services to university students.
• Volunteered for English as a Second Language (ESL) immigrants.

References available upon request.