Director, PayPal Bank Chief Compliance Officer

PayPal•Salt Lake City, UT

15d

About The Position

Establish overall business or technical strategy for risk management with significant impact on operations. Influence executive-level decision-making through strategic risk assessments and recommendations. Partner with stakeholders to implement strategies that reduce or transfer identified risks. Monitor and analyze risk exposure to ensure alignment with organizational objectives. Lead initiatives that contribute to long-term sustainability and resilience in the face of uncertainty. Develop, implement, and maintain the Bank's Compliance Management System (“CMS”), ensuring alignment with regulatory guidance and Board-approved risk appetite and policies. Oversee and maintain compliance policies and procedures designed to ensure that the Bank's activities are conducted in accordance with applicable consumer protection, privacy, and regulatory laws and regulations. Monitor changes in laws and regulations affecting the Bank and communicate the impact of such changes to management and the Board, recommending appropriate policy or procedural updates. Oversee compliance testing and monitoring programs to identify control gaps or process weaknesses and track remediation activities through completion. Serve as the primary liaison with regulatory agencies for compliance-related inquiries and examinations. Collaborate with business lines and the first line of defense to ensure compliance risk is identified, assessed, and mitigated within acceptable tolerance levels. Provide compliance training programs to ensure management and employees understand their responsibilities under applicable laws and regulations. Work closely with the Bank's CRA Officer to ensure that the Bank meets its community reinvestment obligations consistent with Board policy and applicable regulations. Partner with the CRO to ensure enterprise-wide risk management processes appropriately incorporate compliance risk. Report regularly to the CRO, senior management, and the Board's Risk & Compliance Committee on the status of the Bank's compliance posture, including significant findings, corrective actions, and emerging risks. Effectively communicate and address regulatory inquiry or examination activities. Establish and maintain effective communication and coordination with management and staff across all lines of business. Participate in and capably make presentations and address questions at various management and Board-level committee meetings. Establish the bank's second line CMS across governance, regulatory change, policies/procedures, training, monitoring & testing, complaint management, issues management, and independent audit coordination. Ensure governance over models/rules used in transaction monitoring, sanctions screening, credit, and fraud (thresholds, tuning, back‑testing, and independent validation, as applicable). Establish and enforce Develop and oversee third‑party risk/compliance standards across vendors, program managers, fintech partners, and loan/deposit agents—covering due diligence, contracting, ongoing monitoring, complaints/issues, marketing/UD(A)AP controls, data use, and termination/exit. Ensure clear bank level ownership of compliance obligations in partner programs; implement robust SLAs, testing, and reporting. Own the enterprise compliance risk assessment, risk appetite metrics (KRIs/KPIs), and the annual compliance plan; update dynamically as products, volumes, and partners scale. Maintain and continuously improve policies covering federal and state banking and consumer protection laws/regulations (e.g., GLBA privacy & safeguards, FCRA, ECOA/Reg B, TILA/Reg Z, EFTA/Reg E, Reg` DD, Reg CC, Fair Lending, HMDA/CRA as applicable, UDAAP/UDAP, advertising/marketing, esign/edisclosures). Oversee Compliance related aspects for deposits, lending (consumer and/or commercial, as applicable), payments, card issuance/network rules, ACH/NACHA, and digital channels (web/mobile). Build and lead a high‑performing team covering Advisory, Monitoring & Testing, Regulatory Change, Complaints, Marketing/UD(A)AP Review, and Partner/Vendor Compliance; select and manage outside counsel/consultants as needed. Implement and optimize a GRC/RegTech stack for regulatory change tracking, control testing, issues management, workflowed marketing reviews, and regulatory reporting. Develop and oversee the bank's Fair Lending review (qualitative & quantitative) program of bank models. Ensure marketing, loan offers, and loan approvals are made in line with ECOA guidance to protect individuals from discrimination, bias or disparate impact. Create concise, risk‑based Board and executive reporting; chair/coordinate the Management Compliance Committee. Drive a strong “tone from the top” culture focused on customers and regulators. Deliver targeted, role based compliance training for Board, executives, and staff; certify completion and effectiveness. Embed compliance early in product/engineering lifecycles through formal product approval and marketing review processes.

Requirements

10+ years relevant experience and a Bachelor's degree OR Any equivalent combination of education and experience.
15+ years of progressive compliance leadership in U.S. depository institutions.
Demonstrated success building or materially upgrading a bank compliance program; de novo chartering experience strongly preferred.
Proven leadership of FDIC and state examinations and sustainable remediation of findings.
Expert knowledge of core banking and consumer protection laws/regulations, UDAAP, and third‑party/partnership compliance expectations.
Experience overseeing/partnering with BSA/AML/OFAC and Fraud functions.
Strong governance and Board reporting capability; mastery of compliance risk assessment, monitoring/testing, complaint management, and regulatory change management.
Track record recruiting, developing, and leading high caliber compliance teams in scaling environments.
Excellent executive communication and stakeholder management.
Bachelor's degree required.

Nice To Haves

CRCM and/or CAMS; JD or related advanced degree a plus.
Experience with industrial loan companies and the parent/affiliate dynamics unique to ILC ownership.
Background in digital banking, bank‑as-a‑service/fintech partnerships, or card/payments programs.
Hands on experience with GRC/RegTech platforms and data driven reporting.
Familiarity with privacy and data governance (GLBA, data minimization/retention, vendor data controls) and coordination with InfoSec on safeguards.

Responsibilities

Establish overall business or technical strategy for risk management with significant impact on operations.
Influence executive-level decision-making through strategic risk assessments and recommendations.
Partner with stakeholders to implement strategies that reduce or transfer identified risks.
Monitor and analyze risk exposure to ensure alignment with organizational objectives.
Lead initiatives that contribute to long-term sustainability and resilience in the face of uncertainty.
Develop, implement, and maintain the Bank's Compliance Management System (“CMS”), ensuring alignment with regulatory guidance and Board-approved risk appetite and policies.
Oversee and maintain compliance policies and procedures designed to ensure that the Bank's activities are conducted in accordance with applicable consumer protection, privacy, and regulatory laws and regulations.
Monitor changes in laws and regulations affecting the Bank and communicate the impact of such changes to management and the Board, recommending appropriate policy or procedural updates.
Oversee compliance testing and monitoring programs to identify control gaps or process weaknesses and track remediation activities through completion.
Serve as the primary liaison with regulatory agencies for compliance-related inquiries and examinations.
Collaborate with business lines and the first line of defense to ensure compliance risk is identified, assessed, and mitigated within acceptable tolerance levels.
Provide compliance training programs to ensure management and employees understand their responsibilities under applicable laws and regulations.
Work closely with the Bank's CRA Officer to ensure that the Bank meets its community reinvestment obligations consistent with Board policy and applicable regulations.
Partner with the CRO to ensure enterprise-wide risk management processes appropriately incorporate compliance risk.
Report regularly to the CRO, senior management, and the Board's Risk & Compliance Committee on the status of the Bank's compliance posture, including significant findings, corrective actions, and emerging risks.
Effectively communicate and address regulatory inquiry or examination activities.
Establish and maintain effective communication and coordination with management and staff across all lines of business.
Participate in and capably make presentations and address questions at various management and Board-level committee meetings.
Establish the bank's second line CMS across governance, regulatory change, policies/procedures, training, monitoring & testing, complaint management, issues management, and independent audit coordination.
Ensure governance over models/rules used in transaction monitoring, sanctions screening, credit, and fraud (thresholds, tuning, back‑testing, and independent validation, as applicable).
Establish and enforce Develop and oversee third‑party risk/compliance standards across vendors, program managers, fintech partners, and loan/deposit agents—covering due diligence, contracting, ongoing monitoring, complaints/issues, marketing/UD(A)AP controls, data use, and termination/exit.
Ensure clear bank level ownership of compliance obligations in partner programs; implement robust SLAs, testing, and reporting.
Own the enterprise compliance risk assessment, risk appetite metrics (KRIs/KPIs), and the annual compliance plan; update dynamically as products, volumes, and partners scale.
Maintain and continuously improve policies covering federal and state banking and consumer protection laws/regulations (e.g., GLBA privacy & safeguards, FCRA, ECOA/Reg B, TILA/Reg Z, EFTA/Reg E, Reg` DD, Reg CC, Fair Lending, HMDA/CRA as applicable, UDAAP/UDAP, advertising/marketing, esign/edisclosures).
Oversee Compliance related aspects for deposits, lending (consumer and/or commercial, as applicable), payments, card issuance/network rules, ACH/NACHA, and digital channels (web/mobile).
Build and lead a high‑performing team covering Advisory, Monitoring & Testing, Regulatory Change, Complaints, Marketing/UD(A)AP Review, and Partner/Vendor Compliance; select and manage outside counsel/consultants as needed.
Implement and optimize a GRC/RegTech stack for regulatory change tracking, control testing, issues management, workflowed marketing reviews, and regulatory reporting.
Develop and oversee the bank's Fair Lending review (qualitative & quantitative) program of bank models.
Ensure marketing, loan offers, and loan approvals are made in line with ECOA guidance to protect individuals from discrimination, bias or disparate impact.
Create concise, risk‑based Board and executive reporting; chair/coordinate the Management Compliance Committee.
Drive a strong “tone from the top” culture focused on customers and regulators.
Deliver targeted, role based compliance training for Board, executives, and staff; certify completion and effectiveness.
Embed compliance early in product/engineering lifecycles through formal product approval and marketing review processes.