Gin Jing Ching
London,United Kingdom
Summary
Compliance and controls professional with 10+ years in risk management, predominantly in Sarbanes-Oxley (SOX) compliance activities, specializing in the independent assessment of Business and IT controls. Recognized as the subject matter expert for IT application controls (ITACs), with a proven track record of designing, testing, and strengthening internal controls in line with the Non-Financial Risk framework. Highly skilled at working in high-pressured environments, managing multiple priorities simultaneously, and maintaining exceptional attention to detail in all aspects of compliance and documentation. A quick learner, evidenced by successful transition from Business to Technology Control Assurance in support of Group SOX Office ITAC initiatives.
Overview
14
14
years of professional experience
2021
2021
years of post-secondary education
Work history
Director in C&ORC Group SOX Office (TCA)
UBS AG
08.2021 - 12.2025
- Led the ITAC (IT Application Controls) stream in TCA (Technology Control Assurance) to deliver annual independent SOX controls testing of ITACs covering multiple Business Divisions and Group Functions globally across the bank.
- Oversaw internal quality assurance reviews covering both Technology and Business Control Assurance to maintain high documentation standards, developing strong attention to detail that ensured audit readiness and accuracy.
- BAU activities as second line of defence:
- Lead a team of 9 testers based in India and UK to deliver SOX controls testing
- Deliver training sessions to team members on SOX requirements, controls testing methodology, and compliance best practices.
- Collaborate with business risk managers, external auditors and other stakeholders throughout planning, testing, delivery and reporting phases to identify and address control deficiencies
- Challenge business risk managers in discussions on control issue agreements with and provide input on impact evaluations.
- Acted as Subject Matter Expert (SME) for ITACs, providing guidance on design, implementation, and testing of ITACs.
- Core contributions as ITAC SME:
- Produced and maintained SOX guidance documentation to help business divisions across the bank interpret and apply SOX requirements, improving compliance readiness.
- Collaborated with external auditors and process owners to document workflows and identify SOX-relevant ITACs across business and IT processes.
- Engaged with business risk managers and conducted workshops across business divisions and group functions to establish IT application controls within the bank’s control repository, strengthening internal controls over financial reporting.
Associate Director in C&ORC Group SOX Office (BCA)
UBS AG
06.2017 - 12.2025
- Led the Group Operations stream in BCA (Business Control Assurance) to deliver annual independent SOX controls testing of SOX business controls within Group Operations.
- BAU activities as second line of defence:
- Lead a team of testers based in India, Switzerland and Singapore to deliver SOX controls testing
- Deliver training sessions to team members on SOX requirements, controls testing methodology, and compliance best practices.
- Collaborate with business risk managers, external auditors and other stakeholders throughout planning, testing, delivery and reporting phases to identify and address control deficiencies
- Challenge business risk managers in discussions on control issue agreements with and provide input on impact evaluations.
Manager in Risk Advisory
Deloitte LLP
10.2011 - 05.2017
- Managed delivery of GITC testing engagements throughout planning, fieldwork and reporting phases. Key elements of the role include:
- Identifying control deficiencies, and identifying IT mitigating controls
- Reporting of control deficiencies to management
- Engagement planning and administration
- Overseeing day to day fieldwork of team members
- Strong technical knowledge on application and infrastructure IT controls testing and post-implementation reviews developed from experiences across portfolio of clients across the financial services sector, mainly RBS, Santander and EBRD.
Education
ISACA - CISA exam-qualified
ICAEW - Exam and time qualified
01.2011 - 01.2014
BA (Hons) - Accounting and Finance
University of East London
01.2006 - 01.2009
Additional Skills and Interests
Languages: English (Fluent), Malay (Fluent), Cantonese (Conversational), Japanese (Conversational)
Additional Skills and Interests
Competent across the full range of Microsoft Office programs, including proficiency in a wide range of Excel functions, Keen practitioner in the martial art of kendo, represented home country in multiple World Kendo Championships
Timeline
Director in C&ORC Group SOX Office (TCA)
UBS AG
08.2021 - 12.2025
Associate Director in C&ORC Group SOX Office (BCA)
UBS AG
06.2017 - 12.2025
Manager in Risk Advisory
Deloitte LLP
10.2011 - 05.2017
ICAEW - Exam and time qualified
01.2011 - 01.2014
BA (Hons) - Accounting and Finance
University of East London
01.2006 - 01.2009