Roshini Mahendran

Operational Risk Management - Senior Risk Analyst

• Partnered with business units to identify current and emerging risks, and advised on the design and implementation of risk mitigation strategies.
• Assessed and tested the operating effectiveness of internal controls in alignment with SOPs, regulatory requirements, and the control environment.
• Prepared detailed control assessment reports and supporting documentation to meet internal audit and reporting standards.
• Conducted day-to-day risk management activities, including risk and control self-assessments (RCSAs), incident tracking, root cause analysis, and scenario planning.
• Analyses control failures and trends, provided actionable insights, and supported the development of Corrective Action Plans (CAPs) in coordination with Risk & Control Coordinators.
• Delivered end-to-end process training for new team members and supported successful execution of internal and external audits through accurate documentation and audit readiness.

UK Transaction Services (Banking & Cards)

• Supported corporate clients with banking and card operations, maintaining GDPR-compliant data handling.
• Responsible to provide all the personal information of the customer related to bank whenever they requested based upon GDPR (Rights to access act).
• Maintaining customer information and account details and credit card details and products owned by the customer with high restrictions to access.
• Processed Data Subject Access Requests (DSARs) in compliance with the UK Data Protection Act and GDPR regulations.
• Handled both BAU DSAR and Short DSARs-which involved predefined disclosures such as credit agreements, transaction histories, PPI letters, and customer reports-and full DSARs upon request.
• Conducted PPI (Payment protection insurance) information checks to determine if customers had active PPI policies, ensuring accurate and timely responses to all data access and information requests.

Retail Compliance Monitoring - Risk & Compliance Analyst

• Conducted compliance testing across multiple verticals including Design & Operating Effectiveness (DE&OE), Credit Controls (CE), and Data Management (DM).
• Evaluated adherence to key U.S. regulatory frameworks such as ECOA (Reg B), FCRA (Reg V), and TILA (Reg Z) for both design and operational effectiveness.
• Led kick-off meetings and walkthrough with business units to understand control frameworks and define critical test attributes.
• Tested 40+ samples per control to ensure policy compliance; documented findings and exceptions in GRC Archer (Fuse and Prime).
• Assessed Line of Business (LOB) compliance and escalated non-compliance issues, recommending corrective actions where necessary.
• Developed Desktop Procedures for tested controls and facilitated knowledge transfer sessions to maintain consistent quality across the team.

Levis and Garnishment

• As an associate in the team dealing with unpaid tax amounts, and processed legal orders including levies, garnishments, and child support from tax departments, courts, and law firms.
• Also, provided subpoenas and account information to legal entities to assist in legal proceedings.
• We hold customer accounts and process cheques to the relevant agencies for a debt owed to the defendant or the amount available and after the court and defendant have approved the amount liable, we also hold a certain amount of payrolls, wages, and salaries in the customer's account.