Hervé - Consultant cybersécurité AML

Work Experience

December 2018 till now

Carrefour – Chief Information Security Officer - from 10-12-2018

Managing Information Security for Carrefour Banque, Carma (insurance subsidiaries of Carrefour) and Market Pay
Accountable of IS in front of board and executive committee of the 3 firms.
Defining IS Policy
Managing ISO 27001 and PCI DSS certification project
Member of the IS board of Carrefour
Reporting to Group IS Director
Managing a team of 6 people in different location

December 2017 till December 2018 Market Pay Payment Services a subsidiary of Carrefour – Head of Internal Audit – from 18-12-2017 till 7-12-2018
Define and maintain up to date the audit plan based on independent risk assessment.
Managing third party audit.
Auditing business processes and IT systems.
Reporting to the chairman of the board.
Managing ISO 27001 and ISAE3402 certification.
Supervising to of 2 to 5 consultants.

September 2014 to December 2017 PwC France – Manager Risk Advisory Services – from 15-09-2014 to 17-12-2017
Anti-Money Laundering diagnostic and remediation engagement for Bank and Insurance clients.
In charge of 20 clients for IT engagement of the statutory audit (Financial Services including the most important bank in Europe and the 5th bank worldwide (SOX procedures).
Specific reports according ISAE3402, SOC1, SOC3, ISO 27001 and SSAE16 standard (IT part of the engagement).
Business Compliance engagement for banking and insurances (governance and systems).
Data migration project review
Managing team of 5 to 10 people.


March 2009 to September 2014 Tradition Securities and Futures and TSAF OTC – Compliance Officer (Paris) / Chief Information Security Officer – from 23-03-2009 to 12-09-2014
Advisory to brokers (structured products, corporate and government bonds, equity and listed equity derivatives).
In charge of day to day monitoring, including market abuse monitoring for Equity, Equity derivatives and Fixed Incomes activity (development of and in-house software).
Involve in client onboarding and AML Monitoring.
In Charge of regulators and exchanges investigations.
Managing the IT Security policy
In charge of day to day monitoring of IT Security Policy
Team leader on the Business Continuity Plan for Europe mainland.


November 2005 to march 2009 HSBC France – CIBM Compliance department (Paris)– from 02-11-2005 to 13-03-2009
French regulator (AMF) registered compliance officer (RCSI) for HSBC Financial Products (France) SNC and HSBC Securities (France) (equity derivatives and equity trading floor of HSBC in France).
Advisory to the structured equity traders and sales.
In charge of market abuse monitoring for Equity, Equity derivatives and Fixed Incomes activity (set up of new automated process and software like Actimize).
AML Monitoring.
Responsible for takeovers reporting to AMF and UK Takeover Panel.
Involved in the MiFID new controls implementation (post trade transparency, best execution, transaction reporting).

June to September 2005 Autorite des Marches Financiers (French securities Regulator) – Mutual funds department (Paris) – from 06-06-2005 to 30-09-2005
In charge of a specific application of the prospectus directive (roughly 1000 mutual funds).
Support to asset management firm about the GECO database use. The legal database for mutual funds in France (over 500 firms).

July 2004 AVIVA Gestion d’Actifs (Asset management firm) (Paris) – from 01-08-2004 to 31-08-2004
Accountant Assistant on Mutual funds.
Support on new legislation about Mutual funds.