Andrew Baker

Senior Business Leader in Cyber & Technology Risk, Compliance and Regulatory Compliance. Diverse leadership experience having led multicultural regional and global teams, both direct as well as matrix teams. Strong grasp of Technology regulations regionally as well as international security standards. Managed multiple global programs to address increased regulatory focus. Maintains a deep understanding of technology challenges facing the Financial Industry and brings an analytical and problem-solving mindset to define and deliver value-adding business solutions. Passionate about delivering real Risk Reduction in the fast pace world of Finance. Remain committed to the Asia region. 

JP Morgan Chase Singapore, Nov 16 – August 22

Vice President, Cyber & Technology Control – Asset and Wealth Management (AWM)

The Cyber, Technology Risk and Control agenda is primarily driven by regulatory requirements, where the regulators in region have a strong focus on Cyber Security, Technology Governance, Outsourcing, raising the bar on Technology Controls, Data Protection and Privacy. 

Responsibilities 

Consult and approve (Tech risk) New Business Initiatives for Asia and enterprise-wide information security strategy for Private Bank projects

Regulator Engagement including Regulatory Inspections, Questionnaires, Notifications, etc with a primary focus on MAS, PDPA, HKMA, SFC, RBI, JSFC, JFSA, APRA, Bank Negara and others

Cyber hygiene and control effectiveness

Reporting of risks identified and control weaknesses to Management Committees within AWM Asia.

Risk identification, Treatment and Governance

Achievements

Successfully rolled out web and mobile Online Money Transfer and Online Order taking to Private Bank Clients – a first for the International Private Bank. This required the introduction of transaction signing plus increasing use of Multi-factor Authentication across client facing applications, regulatory approval, and changes to the way Technology and Operations supported clients

Guided the Mobile Application deployment for the International Private Bank to ensure all App based controls were in place and meeting all Asian in-scope regulations.

Successfully lobbied to use the Covid-19 epidemic to increase the digital footprint and increase the digital abilities of Private Bank clients. Examples: “Paperless” initiative, Digital client on-boarding, and consolidation of online and offline contact details, WeChat and WhatsApp offerings to clients.

Reported on Monthly Risk Analytics to the AWM Technology leaders that provide senior management awareness and focus on areas of high risk.

Acted as the Technology Risk advisor for the Private Bank Digitisation projects globally, Private Bank Regionally, and the Singapore Trust Company.

Delivered the Technology Risk induction/education for all new starters in the Private Bank in Asia

Standard Chartered Bank Singapore, Mar 13 – Mar 16

Head, Compliance – Regulatory, Technology Governance (Global)

Reporting to Global Head of Technology Governance and responsible for interfacing with regulators and external auditors for cross-function Group Technology external audits covering Architecture, Build, Run and Security.

Responsibilities 

Manage Group Technology interface with Regulators, Regulatory Inspections, Questionnaires, etc

Manage Group Technology interface with external audits, financial audits, etc.

Ensure Group Technology is compliant with Technical Regulatory obligations globally, leading Gap Analysis to Regulatory changes, raising awareness and projects required to close gaps that may arise from those changes, in conjunction with Country CIO’s.

Produce reports of risks identified and control weaknesses within Technology Governance.

Lead a team to perform:

Generating the Audit related MIS for both internal and External Audits.

Reporting and escalation of Audit related risks senior Management Risk Committees.

Achievements

Built new function and team of 8 line staff (SG, KL and Chennai) and matrix manage dynamic/ad hoc audit response teams, managing & coordinating external Audits including RFI evidence and responses.

Ensured Internal IT governance complied with regulators globally by conducting gap analysis of guidelines across regional business units and collaborating with business to proactively address risks.

Reduced number of Overdue Audit findings & Overdue Regulator Responses by providing dashboards to the business and Group Technology and following up on findings and responses proactively

Closed out global change programs to address Regulator findings by working with country technology teams, especially concerning Security Monitoring / intrusion detection & privileged ID management.

Reported Risk Analytics bi-monthly to the Group Technology Risk Committee that provided senior management awareness and focus on areas of high risk.

Implemented monthly Global Operational Reporting that improved awareness of Group Technology’s delivery against country regulatory and internal audit findings on risk and compliance.

Barclays Bank Singapore, Feb 10 – Mar 13

VP, Asia Pacific Technology COO Office May 11 – Mar 13

The APAC Technology COO Office implements global strategy across both build and run the bank functions. Responsible for delivering regulatory and compliance projects for Technology in the APAC region.

Responsibilities

Manage and report Asia Pacific Regulatory and Compliance projects implemented to address gaps / issues as determined by Asian regulators, including the MAS, RBI, JFSA and HKMA.

Actively manage Technology risks and deliver risk remediation and change programs.

Improve internal and external processes to better deliver solutions to the business.

Ensure the business understood technology risks and made informed decisions.

Regularly report technology operations analysis to Barclays Global CIO, including reports on attrition analysis, spending and organisational structure (spans and layers).

Achievements

Closed out large global change programs which addressed findings of Regulators.

Developed regional change programs addressing location specific regulatory issues where synergies existed. Examples being Intra-group outsourcing, trader access to onshore / offshore books and data access recertification programs.

Ensured IT governance team complied with APAC regulators by conducting gap analysis of regulator guidelines across regional business units and collaborating with business to proactively address risks.

Reported Risk Analytics to APAC CIO and COO that provided senior management awareness and focus on areas of high risk.

Successfully managed expectations and negotiations with MAS around strategic multi factor authentication project into the Barclays global trading platforms (which lacked this requirement).

Quality Manager, Global Software Development Centre Feb 10 – May 11

The Global Software Development Centre (GSDC) was a globally focused, high quality software development centre in Singapore. 

Responsibilities

Ensuring that best practices for Software development were deployed worldwide and those processes meet the requirements of Regulators and Barclays Global Control Catalogue. 

Owned GSDC processes, audit process compliance, and collected and analysed metrics to improve processes. Responsibility also included Technology gap analysis of team level development practices.

Achievements

Championed Agile Development and Agile Project Management

Built a team of 8 direct reports, matrix management of over 1000 technical staff

Bachelor of Engineering (Electronic Systems), and Bachelor Applied Science (Computing)

Queensland University of Technology, Australia