Managing Attorney, Regulatory Legal and Compliance - UK/I

D&B - Dun & Bradstreet

London, United Kingdom

The role

We are looking for a Senior Attorney, Regulatory (United Kingdom and Ireland (UK/I) who will serve as the Lead Regulatory Attorney for Dun & Bradstreet operations across the subregion UK/I, including our Dun & Bradstreet Information Solutions business in Ireland.

The Senior Attorney will also serve as our Lead Regulatory Attorney for our data science subsidiaries in Belgium and France as well as regulatory matters related to our Worldwide Network (WWN) in Europe.

You will report to the Chief Ethics and Compliance Officer and you will build and continually enhance bridges between global and regional teams, local operations, and the commercial legal team for the subregion.

As the leader in this role, you will balance internal legal and compliance operational responsibilities in support of the UK/I Leadership Team, and their respective teams, with external engagement and advocacy on regulatory, compliance and ethics priorities for Dun & Bradstreet.

Responsibilities

Serves as the lead regulatory attorney for Dun & Bradstreet in the United Kingdom, Ireland, Belgium, and France;
In close coordination with commercial counsel representing specific European markets and our WWN in Europe, other Europe-based regulatory legal colleagues, as well as D&B’s Global Compliance & Ethics centers of excellence (COEs) responsible for providing advice and counsel on a broad range of laws and regulations related to:
- financial services, AML/KYC, sanctions, credit information;
- privacy and data protection;
- anti-bribery and anti-corruption;
- competition;
- ESG and sustainability;
- marketing and electronic communications;
- artificial intelligence, digital platforms and services, sanctions;
- whistleblowing, and similar obligations applicable to D&B operations across the (Europe – United Kingdom). Coordinates compliance risk management for the (Europe – United Kingdom) and ensures timely escalation and updates to the global compliance risk register.
In coordination with the Group DPO - Europe and COEs, supports the global D&B privacy and data protection program by serving as the data protection leader for the United Kingdom, Ireland, Belgium, and France;
Supports D&B on inquiries from data protection regulators in the UK, Ireland, Belgium, and France markets;
In coordination with the GCE COEs, ensures that accurate records of processing are maintained for each of the D&B markets in the UK/I;
In coordination with the GCE COEs, ensures that data protection risks have been identified for the D&B (Europe – UK) records of processing;
In coordination with the GCE COEs, undertakes Legal, Compliance, and Ethics reviews for activities in the region, and provides advice on impact assessments for activities in the UK, Ireland, Belgium, and France;
Provides expert guidance on data subject rights requests and data subject complaints for the UK, Ireland, Belgium, and France;
In coordination with the Corporate Compliance COE, ISMS team, and Global Security & Risk team, leads the evaluation of data protection and privacy incidents in the for the UK, Ireland, Belgium, and France;
Coordinates with GCE leadership on breach reporting determinations for the UK, Ireland, Belgium, and France;
Monitors trends in privacy and data protection enforcement, guidance, interpretation, and other leading indicators to inform GCE program priorities and compliance risk management for the UK, Ireland, Belgium, and France;
Supports the COEs on development and implementation of global standards in the subregion;
In coordination with D&B’s Chief Compliance & Ethics Officer, the Group DPO - Europe, and other members of GCE, works closely with ISMS, Security, Quality, Environment and other team leads in the UK and Ireland to coordinate ISO certification and sustainability reporting obligations with GCE program obligations across the region. Coordinates regional review and feedback on policies, procedures, and other standards, communications and training, oversight and monitoring, metrics and reporting, and other program elements.

Experience and Competencies

Law studies or Doctorate degree in Law. Qualified to practice law in the jurisdiction in which the attorney is located. Additional relevant certifications, such as CIPP/E or CIPM, preferred but not required;
Must be either a UK registered solicitor or a UK registered foreign lawyer;
Preferably 15+ years of legal experience, preferably some in-house, with at least 5 years of experience in area of financial services regulation of the UK, AML, trade compliance, privacy, data protection and privacy and digital marketing. Added knowledge and experience of the EU law and EU regulatory legal matters is preferred;
Customer-focused commercial-oriented, and innovation mindset. Comfortable translating complex legal requirements into operational controls for business and technology teams;
Excellent judgment and decision-making skills. Demonstrates strong aptitude for evaluating a range of risks and effectively communicating relevant impact to business owners;
Driven team-player motivated by bringing colleagues and stakeholders together to maximize successful outcomes. Prioritizes teamwork and team-based success. Appreciates, respects, and leverages diverse perspectives;
Excellent verbal and written communication skills. Persuasive, influential negotiator;
Prior experience with regulatory outreach and advocacy and participation in industry and trade groups;
Demonstrated ability to effectively manage complex projects and programs;
Comfortable with change and ambiguity. Open-minded and preferably a change agent. Demonstrated ability to regularly adjust and re-prioritize to meet multiple stakeholder and organizational needs as well as an ever-evolving regulatory landscape;
Passionate about data and data-driven. Willingess to engage deeply with data, product, and technology teams on data and technology matters. Comfortable communicating with prospects, customers, and other constituents about data and compliance;
Outcomes-oriented. Strives not only to get things done well, but to demonstrate the value of contributions;
Experience with ethical decision-making, values-oriented compliance, and supporting a culture of compliance preferred;
Risk management experience preferred;
Agile, scrum, lean six-sigma or other operational excellence experience a plus.