PayPal
Director, PayPal Bank Chief Compliance Officer
PayPal, San Jose, California, United States, 95199
Essential Responsibilities
Establish overall business or technical strategy for risk management with significant impact on operations.
Influence executive-level decision-making through strategic risk assessments and recommendations.
Partner with stakeholders to implement strategies that reduce or transfer identified risks.
Monitor and analyze risk exposure to ensure alignment with organizational objectives.
Lead initiatives that contribute to long‑term sustainability and resilience in the face of uncertainty.
Expected Qualifications
10+ years relevant experience and a Bachelor’s degree OR any equivalent combination of education and experience.
Role Summary PayPal is establishing a de novo industrial bank charter (ILC) and is seeking an experienced Chief Compliance Officer (“CCO”) to design, stand up, and lead the bank’s Compliance Management System (CMS). The CCO will be the primary compliance executive for the ILC, with independent access to the Board (or Board Risk & Compliance Committee) and day‑to‑day partnership with the CRO and senior leadership. The CCO will be responsible for developing and administering the Bank’s second line compliance management program to ensure adherence to applicable federal and state banking laws, regulations, and regulatory expectations. The CCO will report to the ILC’s Chief Risk Officer (“CRO”) and will have a direct line of communication to the Board’s Risk & Compliance Committee.
Key Responsibilities
Develop, implement, and maintain the Bank’s Compliance Management System (“CMS”), ensuring alignment with regulatory guidance and Board-approved risk appetite and policies.
Oversee and maintain compliance policies and procedures designed to ensure that the Bank’s activities are conducted in accordance with applicable consumer protection, privacy, and regulatory laws and regulations.
Monitor changes in laws and regulations affecting the Bank and communicate the impact of such changes to management and the Board, recommending appropriate policy or procedural updates.
Oversee compliance testing and monitoring programs to identify control gaps or process weaknesses and track remediation activities through completion.
Serve as the primary liaison with regulatory agencies for compliance‑related inquiries and examinations.
Collaborate with business lines and the first line of defense to ensure compliance risk is identified, assessed, and mitigated within acceptable tolerance levels.
Provide compliance training programs to ensure management and employees understand their responsibilities under applicable laws and regulations.
Work closely with the Bank’s CRA Officer to ensure that the Bank meets its community reinvestment obligations consistent with Board policy and applicable regulations.
Partner with the CRO to ensure enterprise‑wide risk management processes appropriately incorporate compliance risk.
Report regularly to the CRO, senior management, and the Board’s Risk & Compliance Committee on the status of the Bank’s compliance posture, including significant findings, corrective actions, and emerging risks.
Effectively communicate and address regulatory inquiry or examination activities.
Establish and maintain effective communication and coordination with management and staff across all lines of business.
Participate in and capably make presentations and address questions at various management and Board‑level committee meetings.
De Novo Charter Formation & ILC Buildout
Lead the compliance workstream for the ILC de novo application, including program narratives, policies, risk assessments, governance charters, training plans, monitoring / testing strategies, and compliance components of the three‑year business plan.
Translate conditions of approval from state and FDIC orders into actionable controls, milestones, and Board reporting.
Establish the bank’s second line CMS across governance, regulatory change, policies / procedures, training, monitoring & testing, complaint management, issues management, and independent audit coordination.
Embed compliance in product, servicing, marketing, operations, technology, and vendor onboarding before first customer.
Stand up frameworks for BSA / AML / OFAC (in partnership with / overseeing the BSA Officer), UDAAP, fair banking / fair lending, third‑party / fintech partnerships, privacy & data protection, records & reporting, and model / algorithm oversight (credit, fraud, and marketing use cases).
Ongoing Program Leadership (Post Opening)
Own the enterprise compliance risk assessment, risk appetite metrics (KRIs / KPIs), and the annual compliance plan; update dynamically as products, volumes, and partners scale.
Maintain and continuously improve policies covering federal and state banking and consumer protection laws / regulations (e.g., GLBA privacy & safeguards, FCRA, ECOA / Reg B, TILA / Reg Z, EFTA / Reg E, Reg DD, Reg CC, Fair Lending, HMDA / CRA as applicable, UDAAP / UDAP, advertising / marketing, esign / edisclosures).
Oversee Compliance related aspects for deposits, lending (consumer and / or commercial, as applicable), payments, card issuance / network rules, ACH / NACHA, and digital channels (web / mobile).
Build and lead a high‑performing team covering Advisory, Monitoring & Testing, Regulatory Change, Complaints, Marketing / UD(A)AP Review, and Partner / Vendor Compliance; select and manage outside counsel / consultants as needed.
Implement and optimize a GRC / RegTech stack for regulatory change tracking, control testing, issues management, workflowed marketing reviews, and regulatory reporting.
Develop and oversee the bank’s Fair Lending review (qualitative & quantitative) program of bank models. Ensure marketing, loan offers, and loan approvals are made in line with ECOA guidance to protect individuals from discrimination, bias or disparate impact.
Create concise, risk‑based Board and executive reporting; chair / coordinate the Management Compliance Committee.
Regulator Engagement & Exams
Serve as the primary compliance contact for the FDIC and the state banking department, coordinate with other agencies as applicable.
Lead examinations end‑to‑end: readiness, first‑day letters, on‑site / virtual exam management, corrective action plans, and sustainable remediation of MRAs / MRIAs / observations.
Maintain a forward‑looking regulatory change management process, brief leadership and the Board on developments and operational impacts.
BSA / AML / OFAC & Fraud Collaboration
Oversee the design and adequacy of the BSA / AML / OFAC program (risk assessment, policies, CDD / KYC / EDD, transaction monitoring, SAR / CTR reporting, sanctions screening), partnering closely with the BSA Officer and Fraud / Risk leads.
Ensure governance over models / rules used in transaction monitoring, sanctions screening, credit, and fraud (thresholds, tuning, back‑testing, and independent validation, as applicable).
Third‑Party & Fintech / Partnership Oversight
Establish and enforce develop and oversee third‑party risk / compliance standards across vendors, program managers, fintech partners, and loan / deposit agents—covering due diligence, contracting, ongoing monitoring, complaints / issues, marketing / UD(A)AP controls, data use, and termination / exit.
Ensure clear bank level ownership of compliance obligations in partner programs; implement robust SLAs, testing, and reporting.
Culture, Training & Change Leadership
Drive a strong “tone from the top” culture focused on customers and regulators.
Deliver targeted, role based compliance training for Board, executives, and staff; certify completion and effectiveness.
Embed compliance early in product / engineering lifecycles through formal product approval and marketing review processes.
Governance & Reporting Lines
Primary reporting: ILC Chief Risk Officer.
Direct line of communication: Board’s Risk & Compliance Committee; regular executive sessions with independent directors as appropriate.
Risk partnership: Close collaboration and regular reporting to the CRO on compliance risk profile, KRIs / KPIs, significant findings, corrective actions, and emerging risks.
Independence from revenue generating functions, with authority to elevate issues and pause or veto launches / marketing that present unacceptable compliance risk.
Required Qualifications
15+ years of progressive compliance leadership in U.S. depository institutions.
Demonstrated success building or materially upgrading a bank compliance program; de novo chartering experience strongly preferred.
Proven leadership of FDIC and state examinations and sustainable remediation of findings.
Expert knowledge of core banking and consumer protection laws / regulations, UDAAP, and third‑party / partnership compliance expectations.
Experience overseeing / partnering with BSA / AML / OFAC and Fraud functions.
Strong governance and Board reporting capability; mastery of compliance risk assessment, monitoring / testing, complaint management, and regulatory change management.
Track record recruiting, developing, and leading high caliber compliance teams in scaling environments.
Excellent executive communication and stakeholder management.
Bachelor’s degree required.
Preferred Qualifications
CRCM and / or CAMS; JD or related advanced degree a plus.
Experience with industrial loan companies and the parent / affiliate dynamics unique to ILC ownership.
Background in digital banking, bank‑as‑a‑service / fintech partnerships, or card / payments programs.
Hands on experience with GRC / RegTech platforms and data driven reporting.
Familiarity with privacy and data governance (GLBA, data minimization / retention, vendor data controls) and coordination with InfoSec on safeguards.
Our Benefits At PayPal, we’re committed to building an equitable and inclusive global economy. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you. We offer a flexible work environment, employee share options, health and life insurance and other benefits to support employees in every stage of life.
Commitment to Diversity and Inclusion PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and / or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at …
Belonging at PayPal Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with acceptance and security where all employees feel valued and included.
Travel PayPal does not charge candidates any fees for courses, applications, resume reviews, interviews, background checks, or onboarding. Any such request is a red flag and likely part of a scam. For the majority of employees, PayPal’s balanced hybrid work model offers 3 days in the office for effective in‑person collaboration and 2 days at your choice of either the PayPal office or your home workspace.
#J-18808-Ljbffr
Establish overall business or technical strategy for risk management with significant impact on operations.
Influence executive-level decision-making through strategic risk assessments and recommendations.
Partner with stakeholders to implement strategies that reduce or transfer identified risks.
Monitor and analyze risk exposure to ensure alignment with organizational objectives.
Lead initiatives that contribute to long‑term sustainability and resilience in the face of uncertainty.
Expected Qualifications
10+ years relevant experience and a Bachelor’s degree OR any equivalent combination of education and experience.
Role Summary PayPal is establishing a de novo industrial bank charter (ILC) and is seeking an experienced Chief Compliance Officer (“CCO”) to design, stand up, and lead the bank’s Compliance Management System (CMS). The CCO will be the primary compliance executive for the ILC, with independent access to the Board (or Board Risk & Compliance Committee) and day‑to‑day partnership with the CRO and senior leadership. The CCO will be responsible for developing and administering the Bank’s second line compliance management program to ensure adherence to applicable federal and state banking laws, regulations, and regulatory expectations. The CCO will report to the ILC’s Chief Risk Officer (“CRO”) and will have a direct line of communication to the Board’s Risk & Compliance Committee.
Key Responsibilities
Develop, implement, and maintain the Bank’s Compliance Management System (“CMS”), ensuring alignment with regulatory guidance and Board-approved risk appetite and policies.
Oversee and maintain compliance policies and procedures designed to ensure that the Bank’s activities are conducted in accordance with applicable consumer protection, privacy, and regulatory laws and regulations.
Monitor changes in laws and regulations affecting the Bank and communicate the impact of such changes to management and the Board, recommending appropriate policy or procedural updates.
Oversee compliance testing and monitoring programs to identify control gaps or process weaknesses and track remediation activities through completion.
Serve as the primary liaison with regulatory agencies for compliance‑related inquiries and examinations.
Collaborate with business lines and the first line of defense to ensure compliance risk is identified, assessed, and mitigated within acceptable tolerance levels.
Provide compliance training programs to ensure management and employees understand their responsibilities under applicable laws and regulations.
Work closely with the Bank’s CRA Officer to ensure that the Bank meets its community reinvestment obligations consistent with Board policy and applicable regulations.
Partner with the CRO to ensure enterprise‑wide risk management processes appropriately incorporate compliance risk.
Report regularly to the CRO, senior management, and the Board’s Risk & Compliance Committee on the status of the Bank’s compliance posture, including significant findings, corrective actions, and emerging risks.
Effectively communicate and address regulatory inquiry or examination activities.
Establish and maintain effective communication and coordination with management and staff across all lines of business.
Participate in and capably make presentations and address questions at various management and Board‑level committee meetings.
De Novo Charter Formation & ILC Buildout
Lead the compliance workstream for the ILC de novo application, including program narratives, policies, risk assessments, governance charters, training plans, monitoring / testing strategies, and compliance components of the three‑year business plan.
Translate conditions of approval from state and FDIC orders into actionable controls, milestones, and Board reporting.
Establish the bank’s second line CMS across governance, regulatory change, policies / procedures, training, monitoring & testing, complaint management, issues management, and independent audit coordination.
Embed compliance in product, servicing, marketing, operations, technology, and vendor onboarding before first customer.
Stand up frameworks for BSA / AML / OFAC (in partnership with / overseeing the BSA Officer), UDAAP, fair banking / fair lending, third‑party / fintech partnerships, privacy & data protection, records & reporting, and model / algorithm oversight (credit, fraud, and marketing use cases).
Ongoing Program Leadership (Post Opening)
Own the enterprise compliance risk assessment, risk appetite metrics (KRIs / KPIs), and the annual compliance plan; update dynamically as products, volumes, and partners scale.
Maintain and continuously improve policies covering federal and state banking and consumer protection laws / regulations (e.g., GLBA privacy & safeguards, FCRA, ECOA / Reg B, TILA / Reg Z, EFTA / Reg E, Reg DD, Reg CC, Fair Lending, HMDA / CRA as applicable, UDAAP / UDAP, advertising / marketing, esign / edisclosures).
Oversee Compliance related aspects for deposits, lending (consumer and / or commercial, as applicable), payments, card issuance / network rules, ACH / NACHA, and digital channels (web / mobile).
Build and lead a high‑performing team covering Advisory, Monitoring & Testing, Regulatory Change, Complaints, Marketing / UD(A)AP Review, and Partner / Vendor Compliance; select and manage outside counsel / consultants as needed.
Implement and optimize a GRC / RegTech stack for regulatory change tracking, control testing, issues management, workflowed marketing reviews, and regulatory reporting.
Develop and oversee the bank’s Fair Lending review (qualitative & quantitative) program of bank models. Ensure marketing, loan offers, and loan approvals are made in line with ECOA guidance to protect individuals from discrimination, bias or disparate impact.
Create concise, risk‑based Board and executive reporting; chair / coordinate the Management Compliance Committee.
Regulator Engagement & Exams
Serve as the primary compliance contact for the FDIC and the state banking department, coordinate with other agencies as applicable.
Lead examinations end‑to‑end: readiness, first‑day letters, on‑site / virtual exam management, corrective action plans, and sustainable remediation of MRAs / MRIAs / observations.
Maintain a forward‑looking regulatory change management process, brief leadership and the Board on developments and operational impacts.
BSA / AML / OFAC & Fraud Collaboration
Oversee the design and adequacy of the BSA / AML / OFAC program (risk assessment, policies, CDD / KYC / EDD, transaction monitoring, SAR / CTR reporting, sanctions screening), partnering closely with the BSA Officer and Fraud / Risk leads.
Ensure governance over models / rules used in transaction monitoring, sanctions screening, credit, and fraud (thresholds, tuning, back‑testing, and independent validation, as applicable).
Third‑Party & Fintech / Partnership Oversight
Establish and enforce develop and oversee third‑party risk / compliance standards across vendors, program managers, fintech partners, and loan / deposit agents—covering due diligence, contracting, ongoing monitoring, complaints / issues, marketing / UD(A)AP controls, data use, and termination / exit.
Ensure clear bank level ownership of compliance obligations in partner programs; implement robust SLAs, testing, and reporting.
Culture, Training & Change Leadership
Drive a strong “tone from the top” culture focused on customers and regulators.
Deliver targeted, role based compliance training for Board, executives, and staff; certify completion and effectiveness.
Embed compliance early in product / engineering lifecycles through formal product approval and marketing review processes.
Governance & Reporting Lines
Primary reporting: ILC Chief Risk Officer.
Direct line of communication: Board’s Risk & Compliance Committee; regular executive sessions with independent directors as appropriate.
Risk partnership: Close collaboration and regular reporting to the CRO on compliance risk profile, KRIs / KPIs, significant findings, corrective actions, and emerging risks.
Independence from revenue generating functions, with authority to elevate issues and pause or veto launches / marketing that present unacceptable compliance risk.
Required Qualifications
15+ years of progressive compliance leadership in U.S. depository institutions.
Demonstrated success building or materially upgrading a bank compliance program; de novo chartering experience strongly preferred.
Proven leadership of FDIC and state examinations and sustainable remediation of findings.
Expert knowledge of core banking and consumer protection laws / regulations, UDAAP, and third‑party / partnership compliance expectations.
Experience overseeing / partnering with BSA / AML / OFAC and Fraud functions.
Strong governance and Board reporting capability; mastery of compliance risk assessment, monitoring / testing, complaint management, and regulatory change management.
Track record recruiting, developing, and leading high caliber compliance teams in scaling environments.
Excellent executive communication and stakeholder management.
Bachelor’s degree required.
Preferred Qualifications
CRCM and / or CAMS; JD or related advanced degree a plus.
Experience with industrial loan companies and the parent / affiliate dynamics unique to ILC ownership.
Background in digital banking, bank‑as‑a‑service / fintech partnerships, or card / payments programs.
Hands on experience with GRC / RegTech platforms and data driven reporting.
Familiarity with privacy and data governance (GLBA, data minimization / retention, vendor data controls) and coordination with InfoSec on safeguards.
Our Benefits At PayPal, we’re committed to building an equitable and inclusive global economy. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you. We offer a flexible work environment, employee share options, health and life insurance and other benefits to support employees in every stage of life.
Commitment to Diversity and Inclusion PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and / or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at …
Belonging at PayPal Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with acceptance and security where all employees feel valued and included.
Travel PayPal does not charge candidates any fees for courses, applications, resume reviews, interviews, background checks, or onboarding. Any such request is a red flag and likely part of a scam. For the majority of employees, PayPal’s balanced hybrid work model offers 3 days in the office for effective in‑person collaboration and 2 days at your choice of either the PayPal office or your home workspace.
#J-18808-Ljbffr