Michael Schwendemann - Compliance Consultant

Q: Where is Michael based?

Michael is based in Mainz, Germany and can operate in on-site , hybrid , and remote work models.

Q: What languages does Michael speak?

Michael speaks the following languages: German (Native), English (Advanced), Italian (Elementary) .

Q: How many years of experience does Michael have?

Michael has at least 36 years of experience. During this time, Michael has worked in at least 11 different roles and for 15 different companies . The average length of individual experience is 2 years and 3 months . Note that Michael may not have shared all experience and actually has more experience.

Q: What companies has Michael worked for in recent years?

In recent years, Michael has worked for Bank-Verlag , Stuttgarter Versicherung , Zurich Insurance Europe AG , Fondsdepotbank , and ING Diba AG .

Q: Which industries is Michael most experienced in?

Michael is most experienced in industries like Banking and Finance , Information Technology (IT) , and Energy . Michael also has some experience in Insurance and Professional Services .

Q: Which business areas is Michael most experienced in?

Michael is most experienced in business areas like Information Technology (IT) , Project Management , and Finance . Michael also has some experience in Operations , Accounting , and Legal and Compliance .

Q: Which industries has Michael worked in recently?

Michael has recently worked in industries like Banking and Finance , Information Technology (IT) , and Energy .

Q: Which business areas has Michael worked in recently?

Michael has recently worked in business areas like Information Technology (IT) , Audit , and Business Intelligence .

Q: What is Michael's education?

Michael attended education in Business Administration .

Recommended expert

Mainz, Germany

Experience

Sep 2024 - Present

1 year 6 months

Bank-Verlag

Set up outsourcing management
Created a new SfO strategy, policy and work instruction
Built information outsourcing register and defined critical functions and critical vendors
Created SLA definitions and KPIs
Established vendor management and conducted external audits
Set up conflicts of interest register
Set up due diligence and risk assessments
Developed cloud strategy and AI strategy
Set up data protection coordinator and created SfO for data protection
Conducted DSFA and data protection audits
Created TOM, AVV and managed VVT and VVT-AV

Sep 2024 - Dec 2024

4 months

Stuttgarter Versicherung

Created the information register
Expanded contracts and defined critical functions and vendors
Developed strategy, policy and process description for third-party vendor management
Implemented third-party vendor management
Set up risk assessment processes and due diligence process
Created the role description "Third-Party Vendor Manager"
Conducted contract reviews and added minimum contract contents as per DORA
Developed exit planning and exit strategy
Handled ICT incidents

Nov 2023 - May 2024

7 months

Compliance Consultant

Zurich Insurance Europe AG

Advised on setting up the property insurer in compliance with and implementation of VAIT/DORA requirements
Conducted a gap analysis and fully developed the SfO
Created guidelines/policies for all VAIT/DORA topics
Prepared the determination of the information network
Created policies for IAM, information risk management, information security management and IDV
Developed strategy, governance and policies for critical infrastructure as well as outsourcing IT services and third-party vendor management
Adjusted contracts for outsourcing
Built risk reporting and control and risk mitigation
Developed IT emergency management and BCM policies with work instructions and process descriptions
Provided expert support in building Artemeon as central information register
Conducted initial review of the outsourcing register and checked the completeness of the contract database with initial assessment
Introduced a tool for capturing processes in outsourcing management
Created the information register, risk assessment and evaluation and due diligence
Implemented the SfO in outsourcing vendor management

Oct 2022 - Oct 2023

1 year 1 month

Project Manager, IAM Architect

Fondsdepotbank

Introduced and relaunched an IAM software (ORG by FSP) with project oversight and control (10 team members)
Managed stakeholders at C-level and developed implementation strategy
Created a new document framework and actively implemented as business analyst in IT emergency management, outsourcing of IT services, contract management and risk evaluation as well as information risk management
Defined the information network and set up the IDV process
Handled contract negotiations and tenders
Provided expertise for building a central asset register under ServiceNow
Optimized and updated BCM due to DORA
Managed information security management, critical infrastructures, protection needs analysis, IT inventory, IT operations and operational information security
Oversaw the technical implementation while considering dependencies

Jan 2022 - Sep 2022

9 months

Business Analyst

ING Diba AG

Supported migration to One Identity
Performed data migration from ServiceNow/Ramon to One Identity
Set up roles and individual permissions
Supported HPU accounts and set up ICS and monitoring in IAM and IT operations

Dec 2021 - Mar 2022

4 months

Financial Statement Auditor

PWC

Carrying out audit procedures for the annual financial statements
Auditing in the areas of IT strategy, IT governance, information risk management and information security management
Auditing operational information security, identity and access management, as well as IT projects and application development
Auditing IT operations, outsourcing management and third-party sourcing, and IDP

Oct 2021 - Oct 2024

3 years 1 month

Business Analyst

FI-TS

Support in performing internal controls as part of the ECB program and updating the SfO to new processes and requirements
Defining and coordinating KPI reporting with stakeholders
Optimizing and documenting authorization processes as well as reviewing and updating authorization concepts
Verifying the completeness of connected components and their documentation, as well as the integration in Garancy
Checking SoD conflicts and monitoring the exception and documentation process for SoD conflicts
Assisting with the introduction of new SoD requirements into the FI-TS structure based on industry recommendations
Supporting external audits and special tasks
Implementing Garancy and integrating as well as extending the ITAB tool (LUY) into the access management processes
Supporting and preparing audits (financial audit, §44 KWG, internal audit, PS951, TÜV and data protection audits)
Implementing the findings from the above audits

Apr 2021 - May 2021

2 months

Project Manager

Internationale Anwaltskanzlei Hengeler und Müller

Feasibility study for implementing an access management system
Creating an RfP and analyzing the role model to be implemented (RBAC or ABAC)
Decision for ABAC

Nov 2020 - Mar 2021

5 months

IT Auditor for Banks in Frankfurt

PWC

Carrying out audit procedures for the annual financial statements
Auditing in the areas of IT strategy, IT governance, information risk management and information security management
Auditing operational information security, identity and access management, as well as IT projects and application development
Auditing IT operations, outsourcing management and third-party sourcing, and IDP

Jan 2020 - Sep 2021

1 year 9 months

Business Analyst

EEX Leipzig

Specifying and implementing a custom IAM solution in compliance with regulatory and supervisory requirements and with a high degree of automation
Reviewing and adapting authorization concepts of all relevant applications to supervisory requirements (role model)
Implementing an RBAC role model
Defining guidelines for SoD and introducing a monitoring process for SoD violations as well as setting up processes for remediation or acceptance of SoD violations
Agile project execution with Scrum and Kanban
Updating the audit process and the SfO
Optimizing and supporting the recertification, provisioning, J-M-L and SoD processes
Implementing, operating securely and continuously improving the IAM service
Integrating applications into the IAM landscape
Designing, implementing and operating interfaces to other systems
Identifying improvement needs regarding regulatory requirements and developing solution options for continuous improvement
Defining and implementing the operating model with service providers
Basic work for introducing One Identity and migrating data from the legacy system
Supporting internal and external auditors during audits
Creating the protection requirements analysis and BIA as well as deriving further resilience measures

Dec 2018 - Dec 2019

1 year 1 month

Stuttgart, Germany

Business Analyst/Subproject Lead

LBBW

Built a new access management system under the Garancy system in the "Access Management-IAM" project
Created functional specifications for role and IT profile creation and customized them
Defined the enterprise role and prepared for the rollout of the UR (modified RBAC-ABAC role model, variable decision matrix)
Specified the "Joiner, Mover, Leaver" process and set up the order process
Developed and quality-assured the access concepts
Established a segregation of duties (SoD) check and resolved SoD conflicts
Supported recertifications
Analyzed data from directory services to be integrated and assessed the connection of OSPlus, Kondor, LDAP, Profis, IDV, organizational and project drives
Assisted with system integration and test execution
Analyzed ECB findings and developed an implementation plan to resolve them
Supported ECB audit preparations

Feb 2018 - Nov 2018

10 months

Bonn, Germany

IT Architect Treasury

Postbank System

Designed the new IT architecture for ES Treasury as part of integrating Postbank into the Deutsche Bank Group
Focused on architecture in ALM and issuance

Mar 2015 - Jan 2018

2 years 11 months

Frankfurt, Germany

Subproject Lead/Deputy Project Manager

DZBANK

Project to migrate credit card accounts from the former WGZ to DZBANK Frankfurt
Established risk management and dependency management for the migration project
Set up the communications manager role in the organization
Supported test management (Silk and Jira) and acted as deputy project lead
Contributed to migration concepts for SAP-BCA, SAP-CML, SAP-CMS, SAP-CYT, and SAP-BP master data migration
Defined functional extension requirements for SAP-CYT
Conducted tests and go-live activities
Managed stakeholders and prepared steering committee meetings
Part of the migration team: managed all tasks in the migration cockpit with a focus on SAP applications
As test manager: set up and executed all test activities and reported to the project lead

Jan 2000 - Dec 2015

16 years

Project Manager/Multiproject Manager/Scrum Master

Deka Bank

Prepared project proposals, project plans, project management, requirements and procurement management, and integration management
Applied for and controlled budgets, status reporting, resource management, process analysis, communication and stakeholder management
Managed dependencies and risks, implemented regulatory requirements, and moderated workshops
Methods used: Scrum and agile methodologies
Worked on projects for EMIR, Dodd-Frank, MiFID, MiFIR, FATCA, BCBS239, CRR, MaRisk, LQR, CRS, OPR, market risk, FX risk, stress testing, money market statistics, access management concepts, and other regulatory requirements
Implemented a data warehouse, a new payment system (PTS), an internet FX trading platform, and a new general and subsidiary ledger
Introduced an automated margin hedge process integrating SAP-CML, SAP-CMS, and SAP-BCA
Implemented SEPA requirements, customization and integration of UBIX
Introduced new Pfandbrief legislation, FX management, and Lean Management
Set up new accounting and liquidity management with integration of all SAP applications and Front Arena
Profit and loss analysis, risk management
Established internal control system (ICS) and KPIs, control manual, training, and maturity assessment
Back-office/payment transactions, fixed-income trading, retail business, reporting, and connectivity to trading venues
Worked with auditors, BaFin and ECB
Introduced an IAM management system (Omada Identity Suite) with requirements management, role concepts, and functional specifications considering regulatory requirements
Developed implementation concepts, SoD, reconciliation, resolution of access conflicts, and supported external audits
Supported process changes, application integration, workshops, and created an article catalog in OIS
Built a change request management process and supported the creation of access concepts
IT project management: oversaw rollouts and carried out optimization measures

Jan 1998 - Dec 2000

3 years

Business Analyst

DVG

Functional specification to determine the requirements from the 6th KWG amendment in connection with the Berger & Schier application

Jan 1990 - Dec 1998

9 years

COO; CIO; Overall Program Manager; Head of Finance and Accounting

Banco di Napoli

Industries Experience

See where this freelancer has spent most of their professional time. Longer bars indicate deeper hands-on experience, while shorter ones reflect targeted or project-based work.

Experienced in Banking and Finance (36 years), Information Technology (3 years), Energy (1.5 years), Insurance (1 year), and Professional Services (0.5 years).

Banking and Finance

Information Technology

Energy

Insurance

Professional Services

Business Areas Experience

The graph below provides a cumulative view of the freelancer's experience across multiple business areas, calculated from completed and active engagements. It highlights the areas where the freelancer has most frequently contributed to planning, execution, and delivery of business outcomes.

Experienced in Information Technology (35.5 years), Project Management (30.5 years), Finance (25 years), Operations (10.5 years), Accounting (9 years), and Legal (5 years).

Information Technology

Project Management

Finance

Operations

Accounting

Legal

Skills

Overall Project Lead; Multi-project Lead; Project Lead; It Project Lead; Business Analyst; It Architect; Auditor Ja; It Auditor; Test Manager; Scrum Master
Finance And Accounting; Year-end Closing (Final-ready)
Securities Trading; Securities Settlement; Treasury
Regulatory Requirements; Supervisory Law; Marisk; Bait; Bsi; Psd2; Iso 20022; Iso 27001; Isae; Ps951
Access Management (Iam And Pam); Sod Processes; Authorization Concepts; Segregation Of Duties (Sod) And Sod Conflict Management
Wealth Management; Fx Risk Management; Interest Rate Risk; Market Risk; Stress Testing; Operational Risk; Liquidity Risk
Bcm; It Emergency Management; Liquidity Management
Outsourcing Management; Third-party Vendor Management; Outsourcing And Outsourcing Register; Vendor Management; Setup And Operation Of Payment Systems
Data Privacy; Dsfa; Data Protection Audits; Tom; Avv; Management And Maintenance Of Processing Activity Records (Vvt/vvt-av)
Rollout Planning; Central Steering Of It Projects; It Project Lead; Building An Ics; Building And Optimizing Control Manual And Control Matrix; Kpi Definition And Reporting
Business Process Analysis; Requirements Analysis; Business Analysis And Project Management; Creating Project Plans; Npp Processes
Year-end Auditors; It Auditors; Support Audits (E.g. Wp, §44 Kwg, Internal Audit, Ps951, Tüv, Data Privacy Audits); Implementation Of Audit Findings
Cyt; Compliance; Tenders; Contract Management; Contract Reviews; Creating Sla Definitions; Kpis; Exit Planning And Exit Strategy
Information Security Management; Information Risk Management; Critical Infrastructures; Protection Needs Analysis; It Inventory; It Operations; Operational Information Security
Iam Architecture; Introduction And Operation Of Iam Solutions (E.g. Garancy, One Identity, Omada Identity Suite, Org By Fsp); Integration Of Applications Into Iam Landscapes
Definition And Implementation Of Role Models (Rbac, Abac); Corporate Roles; Joiner-mover-leaver Processes; Recertification Processes; Ordering Processes; J-m-l Processes
Building And Operating Asset And Information Registers; Information Network; Idv Processes; Monitoring And Reporting
Building Risk Reporting And Risk Control And Mitigation
Support In The Implementation Of Dwh, Payment Systems, Fx Platforms, General And Sub-ledgers, Margin Hedge Processes
Goal Orientation
Team Orientation
Motivation Encouragement

Languages

German

Native

English

Advanced

Italian

Elementary

Education

Business Administration · Rendsburg, Germany

Apprenticeship as Bank Clerk · Bank Clerk · Rüsselsheim, Germany

Certifications & licenses

BAIT

BSI

ISAE

ISO 20022

ISO27001

MaRisk

PS951

Profile

Created

May 2025

Last Update

January 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Michael based?

Michael is based in Mainz, Germany and can operate in on-site, hybrid, and remote work models.

What languages does Michael speak?

Michael speaks the following languages: German (Native), English (Advanced), Italian (Elementary).

How many years of experience does Michael have?

Michael has at least 36 years of experience. During this time, Michael has worked in at least 11 different roles and for 15 different companies. The average length of individual experience is 2 years and 3 months. Note that Michael may not have shared all experience and actually has more experience.

What roles would Michael be best suited for?

Based on recent experience, Michael would be well-suited for roles such as: Compliance Consultant, Project Manager, IAM Architect, Business Analyst.

What companies has Michael worked for in recent years?

In recent years, Michael has worked for Bank-Verlag, Stuttgarter Versicherung, Zurich Insurance Europe AG, Fondsdepotbank, and ING Diba AG.

Which industries is Michael most experienced in?

Michael is most experienced in industries like Banking and Finance, Information Technology (IT), and Energy. Michael also has some experience in Insurance and Professional Services.

Which business areas is Michael most experienced in?

Michael is most experienced in business areas like Information Technology (IT), Project Management, and Finance. Michael also has some experience in Operations, Accounting, and Legal and Compliance.

Which industries has Michael worked in recently?

Michael has recently worked in industries like Banking and Finance, Information Technology (IT), and Energy.

Which business areas has Michael worked in recently?

Michael has recently worked in business areas like Information Technology (IT), Audit, and Business Intelligence.

What is Michael's education?

Michael attended education in Business Administration.

Does Michael have any certificates?

Michael has 7 certificates. Among them, these include: BAIT, BSI, and ISAE.

What is the availability of Michael?

Michael is immediately available full-time for suitable projects.

What is the rate of Michael?

Michael's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.