Mahmoud Al Masri

• Executed audits across Finance and IT functions, emphasizing internal controls over financial reporting in compliance with Canadian regulation 52-109.
• Managed comprehensive financial audit engagements, ensuring timely identification of control deficiencies and actionable recommendations.
• Oversaw IT Operations and Information Security audits, covering Cybersecurity, Vulnerability Management, Active Directory, and IT Service Continuity.
• Provided advisory support for system implementations, focusing on ITGC readiness and Go/No-Go decision criteria.
• Participated in CMMC compliance readiness reviews, supporting regulatory compliance initiatives for defense and industry standards.
• Drove process improvement through ad-hoc reviews of ITGC and SDLC controls, enhancing operational effectiveness.
• Facilitated audit walkthroughs to ensure accurate representation of controls for internal and external auditors.
• Collaborated across functions to enhance audit processes and strengthen alignment between Finance, IT, and compliance.

• Coordinated internal and external regulatory and audit assignments to ensure compliance.
• Updated audit recommendations and assisted in monthly IT Governance Committee reporting.
• Trained IT staff on overall audit processes and tools, including PwC Connect.
• Participated in key audit walkthroughs to accurately present controls to auditors.
• Reviewed ICT incidents and documented root causes in Risk360, ensuring compliance with management guidelines.
• Conducted weekly P1/P2 ServiceNow reconciliations to identify incidents for Risk360 recording.
• Assisted in providing evidence for second-line defense incident checks and challenges.
• Executed quarterly regulatory 17-a5 ITGC testing, coordinating working papers with ISPL colleagues for accuracy.

Developed and deployed control plans alongside system flow modeling.

• Conducted continual reviews of Operations Control Matrices.
• Monitored and reported on CIB Operations Control framework, focusing on Key Risk Indicators and audit recommendations.
• Assisted in designing standard control procedures, templates, and methodologies incorporating BNP Paribas protocols.
• Performed data collection exercises and walkthroughs with CIB Operations teams.
• Supported control reviews and conducted root cause analyses to enhance inadequate procedures.
• Established partnerships with CIB Operations management and Operational Risk teams to strengthen collaboration.
• Drafted and published operating procedures on the territory procedure platform.

• Led and managed team of five employees, overseeing daily operations and project assignments.
• Developed and implemented strategic plans to achieve departmental objectives.
• Managed budgeting and resource allocation to enhance operational efficiency.
• Resolved conflicts and addressed team challenges, fostering a positive work environment.
• Conducted audit reviews of GL and client accounts using ACL data analysis, following up on exceptions.
• Reviewed treasury activities related to interbank placements and borrowings.
• Tested internal control designs through comprehensive walkthroughs of business processes with IT department.
• Prepared audit reports detailing system process effectiveness, findings, and management rectification activities.
• 
  

• Conducted assurance engagements across branch locations to ensure compliance and operational integrity.
• Supervised audit reviews for central operations, focusing on Wire Transfer Department effectiveness.
• Oversaw audit activities for branches located in Cyprus and Iraq to maintain compliance standards.
• Executed continuous audit reviews on daily bank transactions, general ledger, and client accounts.
• Performed special projects to assist business units in evaluating business processes and identifying risks.
• Facilitated improvements in key controls for SOX 404 compliance across departments.
• Reduced audit timeframes by over 20% through process optimization and strategic planning.

• Complied with trading clearing agreements from European financial institutions and investment banks.
• Established monitoring activities to ensure compliance with company policies and regulations, reporting results to CEO.
• Managed client portfolios, ensuring timely responses to inquiries and requests.

• Conducted audits related to ISO-9001:2008 Quality Management System.
• Developed quality management system documentation and procedures for organizational compliance.
• Facilitated training sessions to enhance staff understanding of quality standards.

• Executed financial and compliance audits for banks and financial institutions.
• Reviewed internal controls and identified areas for improvement in operations.
• Performed Anti Money Laundering audits to ensure regulatory adherence for financial institutions.
• Conducted comprehensive audits of compliance programs and internal controls.