Job ID: 1051151 Full-Time: Regular Department (i.e., Application Hosting Services) Finance Position Purpose
The Compliance, Controls, and Risk (CCR) Lead will be responsible for providing in-market risk, compliance and control guidance around Compliance Quality monitoring activities, remediation plans, and reporting.
The current in-scope areas for CCR function are Internal Control Over Financial Reporting (“ICOFR”), Sarbanes-Oxley Act (“SOX”), Healthcare Law Compliance (My Anti-Corruption Policy and Procedures (“MAPP”)), and Foreign Corrupt Practices Act (“FCPA”)
The scope of role may change to align with commercial restructuring.
Primary Responsibilities Operational Responsibilities:
Support Finance Director and GRCC Regional Colleague to develop and maintain a strong and practical risk awareness, compliance and control culture and environment
Provide in-market support, guidance, and consultation in collaboration with Finance Director, Business Process Owners, and Legal to:
With market leadership, ensure process and internal control changes resulting from new or changing Corporate Financial Reporting Policies and Procedures and Corporate/ Divisional FCPA/ MAPP/ Policies and Procedures are documented in local standard operating procedures (SOPs)
Develop and maintain a central repository for local SOPs and a maintain a change management process for local SOPs based on centralized GRCC guidance and Corporate Policy #506, “Records and Information Requirements”
Streamline and harmonize local policies, including removal of local/ divisional policies where they can be leveraged from Corporate Policies and Procedures
Support execution and coordination of annual ICOFR/ SOX and FCPA/ MAPP risk assessment in market using centralized tools/ methodologies developed by GRCC Leadership and Regional Colleagues; analyze and summarize results of risk assessments and report results
Provide local consultation and support with consistent guidance on ICOFR/ SOX and FCPA/ MAPP controls, best practices, monitoring and Corporate Audit trends, which includes guidance and instructions on FCPA/ MAPP/ and ICOFR/ SOX documentation and guidance/ questions related to the enabling technology requirements for FCPA/ MAPP
Provide support and guidance to business process owners in the development, execution, and documentation of remedial actions for any deficiencies in ICOFR/ SOX or FCPA/ MAPP design or operating effectiveness or process enhancements identified through day-to-day compliance and control activities, control self-assessments, Corporate Audits, or Compliance Quality monitoring activities
Document the ICOFR RCMs, including types of controls (key vs. secondary, preventive vs. detective, manual vs. automated) using the guidance provided by GRCC Leadership and Regional Colleagues (to the extent the BPOs and control owners need assistance)
Organize and manage any locally required SAS70 reports (or equivalent)
Support other risk and compliance management activities such as:
Gathering data and performing financial reporting related to Healthcare Professional (HCP) Payment Disclosure process from Corporate
Gathering data related to Financial Disclosure requests from Corporate Data Strategy and Reconciliation Team for “Payments of Other Sorts Search”
Gathering data related to Financial Disclosure requests from Corporate Data Strategy and Reconciliation Team for “Data Monitoring Committee Payment Searches”
Support the monitoring of the design and effectiveness of the remediation activity and report on its progress
Execute Compliance Quality monitoring activities using guidance, tools, and templates provided by GRCC Leadership. Activities include:
Coordinating and executing market internal control self assessment and certifications
Coordinating and executing SOX 302 and 404 certifications, where applicable
Executing analytical reviews used to identify and investigate red flags in the areas of ICOFR, FCPA/ MAPP, and T&E, which may include the identification of Key Risk Indicators (“KRIs”) and/ or Key Performance Indicators (“KPIs”) that align with defined risk appetite and tolerance that can serve as dashboard mechanisms assisting with Compliance Quality monitoring and reporting, and which will ultimately allow for measurements of performance; may also include the monitoring of exceptions stemming from Oversight T&E tool
Performing walkthroughs of key controls
Performing sample based testing in the areas of ICOFR/ SOX, FCPA/ MAPP, and T&E to identify control deficiencies or exceptions or other red flags requiring investigation and/ or remediation
Assist Regional Finance Leaders, Finance Directors, and Regional Colleagues with coordination and preparation of the audit process, by serving as the main point of contact with the external/ internal auditors for scheduling and logistics; communicate the list of requirements to Finance Directors, Regional Colleagues, and BPOs and inform them of any non-compliance
Responsible for preparing annual FCPA Trend Analysis and certification. Responsible for preparing annual MAPP Trend Analysis and certification.
Report results of Compliance Quality monitoring activities using guidance, tools, and templates provided by GRCC Leadership and Regional Colleagues, which will also be presented to local and regional management
Execute escalation protocols designed by GRCC Leadership and Regional Colleagues for deficiencies or issues identified as a result of the execution of Compliance Quality monitoring activities
Partner with GRCC Regional Colleague and other key stakeholders (e.g., Legal, Divisional Controllers) to facilitate the development of periodic training materials related to ICOFR/ SOX, FCPA/ MAPP Compliance Quality activities
Perform periodic training in the market on ICOFR/ SOX, FCPA/ MAPP Compliance Quality activities, and the deployment of GRCC tools and reporting requirements
Support the Control Automation and Continuous Control Monitoring efforts driven by the GRCC Leader and CoE
Support global and regional compliance and control projects as appropriate
Support other in-market activities and compliance work as appropriate
Attend training as required
Qualifications (i.e., Preferred Education, Experience, Attributes)
Approximately 4 – 9 years of working experience in a risk management/ control environment, including experience with risk identification, measurement and assessment, risk monitoring, reporting and escalation
Experience working in a Internal Control Manager, Controller, Compliance and/ or Audit role
Experience in ICOFR, SOX, FCPA
Experience navigating a large, complex organization and managing stakeholders interests using a matrixed organization
Strong project management skills
Experience influencing and executing complex solutions involving multiple groups
Experience in developing and executing training at all levels of the organization
Bachelor’s Degree from an accredited college or university; MBA / CPA preferred or other equivalent education/ certification (e.g., Chartered Accountant)
Excellent analytical skills with a demonstrated ability in risk identification, measurement and assessment, risk monitoring, reporting and escalation
Ability to work in a fast-paced and demanding environment
Strong organization and planning skills
Ability to communicate well within all levels of Pfizer
Ability to identify business issues/ opportunities and to frame business questions
Ability to interact with business and finance leaders across Pfizer Inc.
Savvy with industry and Pfizer financial systems and financial reporting processes.
Technical Skills/Knowledge Requirements:
Strong understanding of key risk areas in scope
Knowledge of risk management, compliance and control frameworks (e.g., COSO) and concepts (e.g., risk and control identification, risk assessments, monitoring and reporting)
Strong knowledge of Pfizer’s markets globally; strong understanding of FCPA IT systems (e.g., ACM)
go to method of application »
Note: When the page opens, select your preffered location from the drop down menu and click on Search e.g Select “Africa – Nigeria, then click Search”
Apply via :
globaljobs.pfizer.com