Prafulla Mehrotra — Associate Consultant

Hi there! I’m a dynamic and results-oriented Compliance Manager with a proven track record in Financial Services, specialising in risk management, regulatory compliance, auditing, and risk consulting. I specialise in designing and implementing control frameworks that strengthen organizational resilience and meet evolving industry regulations. My experience includes RCSA frameworks, SOP creation, and Compliance Monitoring, driving operational efficiency and risk mitigation. I am also skilled in Fraud Prevention, and ensuring compliance with ISO 27001, SOC 1 and SOC 2, GDPR and other data privacy laws. One of my standout achievements? Reducing compliance risks by 45%, a milestone that reflects my ability to design and implement effective controls, streamline processes, and foster a culture of compliance. My work is driven by a commitment to ensuring operational excellence while safeguarding business integrity. What I Bring to the Table: • Expertise in developing and implementing robust RCSA frameworks to proactively identify and mitigate risks. • Skilled at creating detailed, actionable SOPs that improve operational efficiency and regulatory adherence. • Proven ability to assess, optimise, and implement control mechanisms that enhance organizational resilience. • Strategic thinker with a knack for identifying vulnerabilities and applying proactive, results-focused solutions. • Deep understanding of aligning business processes with complex regulatory requirements to ensure seamless compliance. • History of conducting comprehensive audits and establishing governance frameworks to future-proof operations. • Strong communicator adept at bridging gaps between teams, regulators, and leadership to foster trust and transparency. Are you looking for a Compliance Manager who can not only ensure regulatory adherence but also actively enhance your risk management strategies? With deep experience in RCSA, Risk management, and internal controls, I’m equipped to tackle complex challenges and drive proactive, results-oriented solutions. If you're ready to strengthen your compliance framework, reduce operational risks, and ensure your team stays ahead of evolving regulations, let's connect! Feel free to reach out directly via LinkedIn or email at Prafulla.Mehrotra@yahoo.com. I’m eager to explore how my expertise can support your organization's compliance and risk goals.

Stackforce AI infers this person is a Compliance Manager specializing in risk management within the Fintech industry.

Location: Ghaziabad, Uttar Pradesh, India

Experience: 11 yrs 9 mos

Skills

Risk Management
Compliance Management

Career Highlights

Reduced compliance risks by 45%
Expert in RCSA frameworks and compliance monitoring
Skilled in aligning business processes with regulations

Work Experience

Tata Consultancy Services

Consultant (1 yr 7 mos)

American Express

Compliance Analyst (3 yrs 5 mos)

Team Leader (2 yrs 8 mos)

Senior Analyst (4 yrs 1 mo)

Education

Postgraduate Degree at International Institute of Information Technology Bangalore

Bachelor of Business Administration - BBA at University of Lucknow

lucknow university at University of Lucknow

Prafulla Mehrotra

Associate Consultant

Ghaziabad, Uttar Pradesh, India11 yrs 9 mos experience

Highly Stable

Key Highlights

Reduced compliance risks by 45%
Expert in RCSA frameworks and compliance monitoring
Skilled in aligning business processes with regulations

Stackforce AI infers this person is a Compliance Manager specializing in risk management within the Fintech industry.

Contact

Skills

Core Skills

Risk ManagementCompliance Management

Other Skills

AnalyticsAsset ManagementAttention to DetailBusiness Process ImprovementCalifornia Consumer Privacy Act (CCPA)Change ManagementCompliance MonitoringConsumer Financial Protection Bureau (CFPB)Contract ManagementControl DesignControl TestingData Encryption StandardsData PrivacyDue DiligenceFraud Prevention

About

Experience

Tata consultancy services

Consultant

Aug 2024 – Present · 1 yr 7 mos · Noida, Uttar Pradesh, India · On-site

▪ Analyzing client's business challenges and identifying areas of improvement by conducting weekly client meetings and ensure at least 90% client satisfaction, as measured by feedback surveys.
▪ Conducting Information Security Risk Assessment for client, with primary focus on ISO 27001 guidelines and SOC reports.
▪ Building strong relationships with clients and their key stakeholders by ensuring alignment and minimizing scope creep.
▪ Evaluating controls for Data Encryption, Network security, Patch Management, Change Management, Access Management and others to ensure security, compliance adherence and be audit ready.

IT GRCISO StandardsStandard Operating Procedure (SOP)Risk ControlDue DiligenceRisk Reporting+9

American express

3 roles

Compliance Analyst

Feb 2021 – Jul 2024 · 3 yrs 5 mos

Leading compliance assessments of 80+ third-party service providers, resulting in the identification and resolution of 14 security vulnerabilities, thus improving the overall security posture of the organization.
Led cross-functional teams in analyzing, prioritizing, and mitigating security vulnerabilities, resulting in a 45% decrease in high-risk vulnerabilities.
Reviewed and validated 100% of vendor documentation—including SOC reports, insurance certificates, regulatory licenses, Privacy Policies and others, ensuring compliance with third-party risk standards and reducing procedural audit findings by 30%.
Setting up calls with third-party service providers and assist them in completing Service Level Questionnaire and Third-Party Level Questionnaire, which are used to evaluate the third parties as a part of ongoing monitoring.
Projects:
(i) Creating Ongoing Monitoring Team to evaluate post contract risks while working with Third Party Service providers, keeping primary focus on GDPR, CCPA and ISO:27001 requirements. This resulted in 25% increase in system security compliance.

Stakeholder ManagementBusiness Process ImprovementRisk Control Self Assessment (RCSA)Third Party Risk Management (TPRM)California Consumer Privacy Act (CCPA)Standard Operating Procedure (SOP)+11

Team Leader

Promoted

May 2018 – Jan 2021 · 2 yrs 8 mos

▪ Implementing process improvement ideas, resulting a 75% enhancement in efficiency and effectiveness in regulatory testing processes.
▪ Developed Standard Operating Procedures for 15 different tests detailing the testing procedures to be followed in US and Manila markets.
▪ Trained and onboarded new team members, reducing ramp-up time by 25% and achieving 100% production readiness within the first 30 days.
▪ Efficiently collaborating with stakeholders such as LOBCO and Central Compliance Team to close any audit findings.
▪ Analyze test results, call recordings, system errors, and complaints to detect emerging risk patterns.
Projects:
(i) Assist in developing and implementing process control pillars/checkpoints for Regulatory Testing, guaranteeing thorough adherence to regulations encompassing Reg Z, Reg B, Reg E, Reg F, UDAAP.
(ii) Created Procedural documents that enhanced process efficiency by 30%.

Team ManagementStakeholder ManagementRisk MonitoringData PrivacyGlobal Regulatory ComplianceProcess Improvement+6

Senior Analyst

Mar 2014 – Apr 2018 · 4 yrs 1 mo

▪ Conducting comprehensive compliance-based evaluations of services offered by Third parties (Global Partner Network) to American Express.
▪ Assist in identifying regulatory risks throughout the process.
▪ Cross skilling new and existing team members.
▪ Assist in preparing presentations for Director highlighting the health of process, top issues identified and action plan to mitigate those issues.