IT Audit Manager

Your Opportunity

At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location.

The Internal Audit Department (IAD) of The Charles Schwab Corporation provides independent and objective assessments to determine whether all significant risks are identified and appropriately reported by management and risk functions to the Board and Executive Management, to evaluate whether risks are adequately controlled, and to challenge Executive Management to improve the effectiveness of governance processes, risk management, and internal controls.

The Bank enterprise team is seeking an Internal Audit Senior Team Manager – AML Technology primarily responsible for managing IT audit coverage for the AML/BSA audits with a focus on automated control functionality and data integrity that support business processes such as segregation of duties, configuration management, system interfaces, and data processing and model design and effectiveness. The Bank/AML Internal Audit team is focused on the execution of Bank, Trust and AML audits that target governance processes, risk management programs, internal controls, and regulatory compliance. The team also shares responsibility for regulatory agency interactions, Board and Executive Management reporting, and general relationship management. Internal Audit activities are directed towards the Charles Schwab Banking and Trust Services (BTS) organization, which represents three banks and two personal trust companies. These entities represent wholly-owned subsidiaries of the Charles Schwab Corporation (CSC) that are focused on offering traditional retail and advisor-sponsored banking and personal trust services to complement Schwab’s brokerage capabilities. Business trust services are provided for entities seeking trust and custody services for employee benefit plans.  In addition, the team is responsible for providing internal audit coverage for the CSC organization’s Anti-Money Laundering (AML) program, including Bank Secrecy Act (BSA) and Office of Foreign Assets Control (OFAC) requirements. These internal audit activities follow the guidelines established in the FFIEC BSA/AML Manual for the purpose of providing an independent assessment of CSC’s compliance with the regulatory requirements pertaining to the BSA and OFAC, including review of risk management and internal control practices.

Reporting to Director IT Internal Audit within the Bank enterprise team and heavily coordinating with the Director of AML/BSA, the Internal Audit Manager will have responsibility for the independent and objective assurance activity designed to improve the organization’s operations and compliance with key regulations by evaluating and improving the effectiveness of risk management, control, and governance processes. This position will focus on application technology risks within the integrated audits for the Bank enterprise, working closely with the operational auditors. This position is also responsible for working with audit resources provided by an external co-sourcing provider. 

What you’ll do:

• Audit Execution:

  • Direct and supervise the design and execution of application testing within integrated internal audits, ensuring work is performed in accordance with IIA standards and IAD policies and procedures.

  • Coordinate audit teams, including co-sourced resources, in conducting individual audits.

  • Lead meetings with stakeholders.

  • Ensure coordination with operational and data analytic audit teams.

  • Prepare and/or reviewing work papers to ensure clear identification of risks and issues, validating appropriateness of fieldwork testing, and sign-off on audit deliverables.

  • Manage and escalate changes in audit timelines, budget, resourcing, and milestones.

  • Assess the quality of management’s Risk & Control Self-Assessments; and support the assessment of the operational risk management program that manages the RCSA program.

• Issues Identification: Review and draft issue observations, vet issues with key stakeholders, identify compensating controls, and evaluate the appropriateness of the management action plan prior to finalizing the audit report.
• Issue Management and Validation: Monitor and review issue validation testing to ensure comprehensive testing and adherence to IAD policies and procedures.
• Business and Project Monitoring: Participate in the department’s business and project monitoring program execution to identify emerging risks.
• Risk Assessment: Participate in ongoing risk assessment activities, such as updating the audit universe after the completion of each audit.
• Coaching:  Provide support, coaching, and feedback to the audit team throughout the audit. Provide assistance with onboarding and ongoing support to new team members.
• Regulatory: Conduct validation testing on the action plans completed by management to address regulatory matters. As needed, provide responses to IAD management related to regulatory requests.
• Other Initiatives/Special Projects: As needed, assist with special projects related to business process improvement or department strategic initiatives.

What you have

To ensure that we have fulfilled our promise of "challenging the status quo," this role has specific qualifications that successful candidates should have.

Required Qualifications

• 5-7+ years of AML/BSA and IT audit experience with increasing responsibility, including review of system infrastructure, data processing, and end-to-end system or model data validation. Financial services and/or Big 4 Accounting experience a plus.

• Demonstrated experience managing IT internal audits and their associated team members, amongst a complex operational and regulatory environment.

• Ability to lead a project team and cultivate a strong working relationship with other audit teams,, regulators, and internal lines of businesses.

• CAMS certification required. CISA strongly preferred. Other relevant certifications will be considered.

• Clear understanding of regulatory expectations in the execution of audit work, issue validation, MRA validation, and the response to regulatory inquiries.

• Clear understanding of risks and internal controls and the ability to evaluate and determine the adequacy and effectiveness of controls.

• Stays current on industry and regulatory issues and best practices; imparts this knowledge to the team and the auditees.

• Excellent analytical skills, including the ability to anticipate issues and to design appropriate solutions.

• Strong verbal and written communication skills with a demonstrated ability to articulate effectively and professionally.

• Leverages relationships and insights to successfully influence others. Builds authentic and trusted relationships to create alignment and support.

• Bachelor’s degree required. 

• Ability to travel 15-20%

Preferred Qualifications

• Financial services and/or Big 4 Accounting experience a plus.

In addition to the salary range, this role is also eligible for bonus or incentive opportunities