Description

With 20 years of experience across the asset management, audit & advisory, financial corporate services, and real estate investment sectors, I help companies design, assess, and optimize their internal control frameworks. My expertise spans audit, regulatory compliance (COSO, SOX, ISAE), risk management, and process digitalization. I deliver targeted assignments or strategic projects to secure operations, enhance efficiency, and ensure full compliance.

Langues

Français
Bilingue ou natif
Anglais
Capacité professionnelle complète

Préférences en matière de lieu de travail

En télétravail uniquement

Travaille majoritairement à distance

Patrizia AG
Director Internal control
CAPITAL-INVESTISSEMENT
juin 2024 - Aujourd'hui (2 ans)
Luxembourg, Luxembourg
- Assess the internal control system across regulated entities of PATRIZIA , applying the COSO framework to elevate compliance, governance, and operational resilience.
- Led and steered ISAE audits, including the strategic rollout of a dedicated IT control framework.
- Designed and mandated a new operational testing framework covering ESG, AML, and annual accounts (Group and AIFM), ensuring consistent and reliable control execution.
- Took ownership of a renewed governance structure for processes and procedures, enhancing accountability and decision-making transparency.
- Redesigned the incident management process, migrating from a manual wordform setup to a structured SureCloud solution.
- Developed a new taxonomy and governance model, introducing standardized incident categories, escalation paths, and root cause analysis to enhance transparency, remediation tracking, and continuous control improvement.
- Drove and prioritized COSO-based assessments in critical departments, units, making key decisions on remediation and resource allocation.
- Aligned and influenced internal practices with industry benchmarks, strengthening risk management, governance, and executive decision-making structures.
- Led the redesign of the Business Impact Analysis (BIA) framework and template to align with DORA, engaging cross-functional teams to identify key business processes, dependencies, and resilience priorities.
- Standardized the BIA process across regulated entities, reinforcing business continuity planning and operational resilience.
COSO Internal Audit Services Internal Control SOX Gouvernance
Intertrust Group
Senior manager Internal Control
CONSEIL & AUDIT
août 2019 - mai 2024 (4 ans et 9 mois)
Luxembourg, Luxembourg
Review and challenge execution of operational controls performed by the 1st Line of Defense: comprehensive identification of inherent risks, description of key controls (including their effectiveness), proposal of action plans or risk acceptance statements
- Independent audit with Big 4 Luxembourg for ISAE 3402 type I and II– Including assessment on effectiveness controls, write audit findings
- Implementation of control monitoring plan on key business operational processes Fund services, Corporate Services, Private Equity (PowerBI)
- Monitor the Internal audit status and follow-up on recommendations actions with operations teams
- Review, write and design processes with Business teams
- Coordinate Business continuity plan with Management (including testing, BIA)
- Assist Group projects (Transaction monitoring, Risk Assessment, KYC)
Audit interne BIA Internal Audit Services Governance, Risk and Compliance Management d'équipe
State street
Senior Internal control
BANQUE & ASSURANCES
décembre 2006 - juillet 2019 (12 ans et 7 mois)
Luxembourg, Luxembourg
Control and Governance :
- Provide a view of risk and controls in the business unit and function through and strengthen risk excellence.
- Identify and timely communicate high risk observations to management, through ongoing testing and active involvement with business to review and assess issues that arise
- Strengthen the collaboration and coordination between the First Line of Defense (FLOD) and Second Line of Defense (SLOD) : Between business Controls and the Business/Operations, Compliance, Risk, Audit, and Legal teams, including oversight of the various risk programs (Risk & Control Self-Assessment, Material Risk Inventory and Compliance Oversight Program)
- Testing and review fund administration process
- Risk management Sox : Review of the control steps with operations, testing, appraisal,
- Assurance review of list of Business controls fund accounting and custody process
- Coordinate Internal /external Auditors review
- Delegation outsourcing oversight with delegations sites: Review of KPI, Nav timeliness and Nav Accuracy per delegation site, implementation of KPI on quarterly basis
Project management and business analyze for internal in-house program

Compliance :
- Certification process and list of controls for month end assets for Volcker rule in Luxembourg
- Volcker local implementation procedure and follow up compliance rule within the Bank
- Review of controls steps for Volcker on semi annual
- CSSF : Review NAV error ( material/ non material) liaise with Cssf- kpi reporting with risk management on regular basis
- Complaints Policy compliance, Central Reporting Management of process to closure of complaints
- Inadvertent Data Disclosure policy compliance and management of reporting of IDDs
- Reporting and follow up data incident ( data privacy and customer complaints)
- Compliance Oversight Program – Assurance testing & Remediation
- Implementation of internal control keys indicators for MIFID 2
MIFID II SOX Business risk Risk Management AML KYC