Tom C. Vincent II, CRCM, CIPP/US
Tom C. Vincent II brings extensive experience in regulatory compliance to his practice at GableGotwals. His background includes serving as chief compliance officer for different financial institutions, responsible for ensuring compliance with a myriad of requirements including customer protection, privacy, information security, and corporate governance. Tom provides assistance to his clients with issues involving data security and privacy, including the establishment of cybersecurity programs, negotiation of appropriate protections for client information, breach identification and required reporting. Additionally, Tom has experience in investment advisory and trust and fiduciary compliance, and has held various broker-dealer and investment advisory securities licenses.
Tom regularly presents on cybersecurity issues to a variety of audiences, including attorneys, healthcare practices, human resource professionals, and professional services firms. He has also presented on trust administration and compliance topics to audiences of attorneys, bankers, and trust professionals.
As both a Certified Regulatory Compliance Manager and Certified Information Privacy Professional/United States, Tom’s hands-on industry experience helps him guide clients though the myriad of state and federal laws, regulations and requirements to ensure compliance and protect them from potential lawsuits and regulatory action. Currently Tom serves as a member of the Board of Trustees of the Oklahoma Bar Foundation.
Recent Experience includes:
- Provided onsite bank compliance services, including reviews of the bank’s compliance policies and procedures and risk committees.
- Developed and implemented cybersecurity policies, training, and risk assessment processes for a professional services firm.
- Served as a bank’s HIPAA/HI-TECH Security Officer, including performing risk assessments on impacted areas, drafting the bank’s HIPAA/HI-TECH policy, and developing appropriate training materials.
- Analysis of responsibilities under consumer lending laws for non-bank lenders and development of corresponding credit documentation and disclosures.
- Identification of data breach reporting responsibilities and development of required customer communications across multiple states.
- Development of HIPAA policies and vendor review process for a healthcare practice group.
- Development and implementation of an overall bank compliance management process, including a comprehensive compliance policy, a board-level Compliance and Ethics Committee (including chairing the Committee), and a regulatory surveillance system.
- Development and implementation of a Gramm-Leach-Bliley compliance program for a university, including risk assessments and policy revisions.
- Coordinated implementation of Dodd-Frank mortgage revisions across multiple departments within a bank, including the revision of impacted credit policies and development of appropriate compliance monitoring for qualified and non-qualified mortgages.
- Served as a bank’s Bank Secrecy Act and Anti-Money Laundering Compliance Officer and chaired the bank’s Suspicious Activity Review Committee, working with Security, Fraud, and Supervised Assets departments to identify and report suspicious activity as required.
- Served as Chief Compliance Officer and Corporate Secretary for a broker dealer and an institutional investment adviser to a family of mutual funds.
- Served as an expert witness for a bank with respect to appraisal requirements under FIRREA.