Protiviti Contact

Protiviti Contact

Asa Y. Sum


Professional Experience

Asa is a Director with Protiviti’s Regulatory Risk Consulting practice. He has over 15 years of experience in the financial services industry and maintains extensive experience with advising clients ranging from de novo to top-tier financial service companies on regulatory matters. He has also advised clients ranging from large financial holding companies to diversified financial institutions including a global investment banking firm, banks, card companies, and money services businesses on regulatory compliance matters, regulatory enforcement actions, and compliance program assessment reviews. Asa also assists financial services companies with enterprise-wide compliance risk assessments, consumer protection requirements and compliance with anti-money laundering (AML) and sanctions/list-screening requirements.

Major Projects

  • AML Internal Audit Program Review and Execution: Provided AML subject matter expertise and co-sourcing support to the internal audit department for one of the largest U.S. financial institutions. Responsibilities included managing a team of compliance professionals to identify and evaluate existing AML audit program coverage for the institution’s products/services, perform and execute of various AML audits, and complete audit validation activities. Managed multiple audit project workstreams, assisted with Board/Committee reporting, and developed tailored status reports to inform audit management periodically. The efforts from these projects directly assisted a Consent Order lift and transformation/closure of regulatory letters for this client.
  • Compliance Program Integration: Managed and led the integration of two distinct, internal compliance programs at a top-tier global financial institution. Each program covered deposit products offered to retail customers and affluent clients. Project efforts included programmatic and relationship model reviews involving critical elements of a compliance program infrastructure that included, but not limited to: compliance policies and procedures, regulatory inventory and change management, training, monitoring and testing, and compliance assessments.
  • Know Your Customer Program Enhancements: Developed and implemented customer due diligence models for a large financial institution that was under Bank Secrecy Act (BSA) / AML enforcement action. Methodology and model fundamentally changed the organization’s processes for identifying, collecting, and analyzing customer data for purposes of adhering to BSA monitoring and reporting requirements. The project also consisted of performing a systems validation of automated BSA monitoring application.
  • BSA/AML and Sanctions Risk Assessments: Planned and executed enterprise-wide risk assessments for large global financial institutions. Responsibilities included scheduling and interviewing key process owners through all relevant lines of business to collect, interpret, and analyze the necessary data to evaluate inherent, control environment, and residual BSA/AML and sanctions risks.
  • Foreign Correspondent Account Review: Managed and led a team of compliance associates that developed an approach and methodology to identify whether the client – a large international financial institution-maintained foreign correspondent accounts under Section 312 of the USA PATRIOT Act. The project consisted of reviewing over 380 legal entities and evaluating relationships with foreign financial institutions to determine and assess applicability.
  • Compliance Audit Program Review & Assessment: Assisted a top-10 U.S. national bank with their efforts in strengthening their audit compliance program by managing and executing a compliance audit coverage assessment. The assessment involved the identification and mapping of over 150 banking operational, deposit, and lending laws/regulations, as they relate to over 300 unique products/services.

Areas of Expertise

  • Governance, Risk and Compliance

Industry Experience

  • Financial Institutions
  • Non-Bank Financial Institutions
  • Banking
  • Broker-Dealers


  • University of Missouri

Professional Memberships & Certifications

  • Certified Regulatory Compliance Manager (CRCM)
  • Certified Anti-Money Laundering Professional (AMLP)
  • Institute of Certified Bankers
  • Institute of Internal Auditors
  • Bank Administration Institute
  • International Association of Privacy Professionals