Robert Smith

• Ensuring GDPR-compliant processing across the HR function and wider change agenda.
• Liaising with and influencing Senior Stakeholders within HR Function and Group-wide including Group DPO, Legal, IT Security, Audit, Procurement, and Supplier Management.
• Providing expert guidance on Data Privacy and Records Impact Assessments. Leading stakeholders through required governance for data processing activities, linked records management requirements and resolution of data privacy breaches.

Key achievements:

• Launched new low risk privacy assessment journey which enhanced review of data processing activities, associated controls, and regulatory obligations, delivering 75% reduction in average completion time from 2 weeks to under 3 days for 250 low risk assessments allowing for greater focus on governance of high-risk processing activities.
• Led the Data Hub’s controls framework refresh and path to green remediating and enhancing 23 controls, improving residual risk scores to bring them within tolerance.
• Advised on controller/processor relationships and assessed third-party data protection risks, conducting vendor data risk assessments and defining governance standards aligned to risk profiles. Launched new supplier risk matrix and quarterly interlock with supplier management, driving a 15% reduction in third-party related incidents and non-conformances.
• Led cross-functional team to enhance the Right To Be Forgotten process for external applicants. Reducing average response times by 33% from 3 to 2 weeks and aligning retention requirements and response processes to produce a 35% reduction in possible treatment strategies and scenarios.
• Owned the Employee, Applicant, and Contractor Privacy Notices annual refresh, including launch of new targeted communication method driving a 300% increase of colleague views.

• Delivered supplier assurance across LBG’s global supply chain as part of the Third-Party Risk Management framework. Assessing the control framework of LBG’s critical supplier population to determine alignment to regulatory requirements, LBG policies/risk appetites, allowing for the identification of third-party risks and negotiating remediation with suppliers and internal stakeholders.

Key Achievements

• Led the Supplier Cyber Security Assessment programme, overseeing outsourced assurance activity covering 65% of LBG’s supplier reviews.
• Directly managed over 200 onsite assurance reviews across 11 countries, including scoping, gap analysis, reporting, escalation and remediation activities. Including leading cross-functional teams to assess impact/likelihood scoring and agree remediation plans with senior third party stakeholder for all failed controls. Over 80% of suppliers developed an improvement in RAG ratings and both severity and volume of findings following annual retesting activities across their contractual lifecycle.
• Owned 7 Severe-High Priority Findings which were escalated to LBG’s Group Executive Board and required tactical resolution activities to immediately reduce LBG’s risk exposure.
• Acted as Data Privacy, Records Management, and Supply Chain Risk Policy Lead, providing expert guidance and training to the team and also leading and influencing policy owners through the annual refresh of assurance test scripts.
• Led implementation and launch of the Data Management third-party assurance methodology.
• As Records Management Champion, established the team’s Records Management framework and control activities to ensure alignment to LBG’s policy and regulatory requirements.
• Conducted control effectiveness testing across LBG’s 23 Third Party Policy suite including Supply Chain risk, Data Privacy, Records Management, Financial Crime, Operational Risk, Business Continuity/Operational Resilience, Regulatory Compliance, and Customer Service.

• Supported supplier management and regulatory compliance activities.
• Analysed supplier KPIs and audit results to maintain risk appetite.
• Managed stakeholder expectations using data-driven insights.
• Delivered procurement projects to consolidate supply chains, reduce costs, and improve efficiency.
• Supervised a team delivering improvements in indirect supply processes.

• Sole buyer responsible for supplier management and procurement.
• Worked with Production, Quality, Regulatory, and Engineering teams to address supply, compliance, and cost-efficiency issues.
• Supported supplier audits and regulatory compliance activities.