Aleksandra Płoszajska

• Providing expert guidance and hands-on support to business units in managing compliance risk, with a particular focus on IT compliance and external regulatory requirements applicable to third parties in the insurance sector.
• Identifying, analyzing, and evaluating IT compliance risks, ensuring alignment with both internal policies and external supervisory expectations, including obligations for insurance industry outsources.
• Designing, implementing, and maintaining IT compliance programs in accordance with Group-wide governance frameworks and standards.
• Acting as the primary compliance contact for a strategic client—advising during contract negotiations, reviewing proposed amendments, and supporting audits initiated by or conducted on behalf of the client.
• Collaborating closely with operational, project, and senior management teams to address IT compliance inquiries and support decision-making across functions.
• Contributing to the preparation of regulatory reports and executive-level documentation for insurance entities within the Group, to ensure consistency with outsourcing and compliance requirements.
• Supported compliance audits by gathering and organizing necessary documentation and evidence.
• Assisted in monitoring regulatory changes to ensure adherence to industry standards.

RESPONSIBILITIES

• Responding to inquiries from key clients regarding ETS service delivery—including service quality, internal standards, outsourcing framework, and regulatory matters.
• Reviewing, maintaining, and enhancing internal policies related to IT compliance.
• Designing and implementing an IT compliance management system aligned with regulatory and organizational needs.
• Collaborating with Core Compliance on shared responsibilities bridging IT and enterprise-wide compliance.
• Partnering with cross-functional teams—Risk, Legal, ISO, Data Protection, Procurement, Communications, and business units—especially in support of key clients.
• Supporting Project Managers and PMO teams in resolving compliance-related challenges arising during project execution.
• Preparing and delivering clear, structured materials and presentations on IT compliance topics.
• Leading training sessions on KNF, BaFIN, and NBB guidelines, as well as DORA implementation practices.
• Drafting compliance opinions and reviews of contracts, procedures, and internal documentation.
• Addressing IT compliance gaps across the organization—including access management, whitelisting processes, and log retention classification.
• Defining risks and corresponding controls related to compliance processes to support a robust risk management framework.

ACHIEVEMENTS – PROJECTS

• Implementation of Sanctions List Review Program - PM Role.
• SAP implementation in the organization - key user role and overall compliance oversight throughout the project.
• Governance projects - initiate and execute activities aimed at organizing [cleaning up] procedures.
• Digital Operational Resilience Act [DORA] - gap analysis along with reporting of its performance, preparation of the status of the task for the board and preparation of a plan to address the gaps.
• Participating in contract negotiations and finalizing agreements with ERGO Group clients – providing compliance insights, assessing regulatory risks, and ensuring alignment with both internal standards and external supervisory expectations.

ACHIEVEMENTS

• Development of IT compliance programs based on Group standards.
• IT Compliance Risk Analysis [the analysis of the gap according to BaFIN, NBB, UKNF is, in the opinion of the Group, the basic and most important task of IT Compliance].
• Leading the implementation of the AI Act within the organization – including regulatory analysis, risk mapping, and ensuring alignment of internal processes and AI-based solutions with the proposed EU framework.
• Managing internal whistleblowing cases, fraud suspicions, and security breaches – including coordination with relevant departments, oversight of investigation procedures, and support in corrective action planning.

• Co-developed cloud classification and contracting guidelines for Warta.
• Designed methodologies for evaluating cloud compliance of service providers and agents/brokers.
• Collaborated closely with the Management Board, Business, and IT departments.
• Provided expert advice on cloud data processing security policies, procedures, and processes.
• Conducted ongoing risk assessments of third-party suppliers (incl. contract oversight).
• Maintained continuous liaison with the Supervisory Authority.
• Delivered internal trainings on “Cloud in a Supervised Entity” to Warta employees.
• Actively contributed as a member of working groups at the Polish Chamber of Insurance.
• Led cooperation with top law firms on cloud-related legal advisory.
• Drafted and negotiated cooperation agreements with external partners.

ACHIEVEMENTS — STRATEGIC CLOUD PROJECTS & CONTRACTS

• Successfully negotiated and executed several high-impact service agreements, including:
  o IT service contract (AI & cloud, image recognition),
  o Healthcare contract involving treatment abroad (services processed across 12 cloud platforms),
  o Voice bot damage-reporting solution hosted in a major public cloud,
  o Assistance services contracts with leading cloud providers,
  o OCR solution contract delivered via global cloud infrastructure,
  o Four cloud-based contracts for dehumidification services.
• 
  

ACHIEVEMENTS - PROJEKT RECOVERY DISASTER

• Acted as cloud compliance expert in a major business continuity initiative;
• Objective: data backup and migration of critical systems to cloud environments;

• Optimization and supervision of the claims handling process for Corporate and SME lines, including defining and refining workflows.
• Implementation and reporting of improvements and changes in operational procedures.
• Continuous monitoring of the regulatory and legal environment to identify and propose actionable solutions within the organization.
• Coordination of the development and updates of internal policies, procedures, methodologies, and guidelines.
• Cross-functional collaboration with various business lines and departments.
• Initiation and coordination of insurance projects in the Corporate and SME segments.
• Design and delivery of internal trainings and workshops.

ACHIEVEMENTS

• Successfully initiated and implemented system-based process solution.
• Drafted cooperation agreements with strategic external partners.

ACHIEVEMENTS - PROCESS REVIEW PROJECT FOR CORPORATE AND SME LINE [PROJECT MANAGER]

• Led the largest internal process review of its kind, in collaboration with key stakeholders.
• Identified areas for systemic and operational optimization.
• Project conducted in collaboration with McKinsey & Company.

SMART HOME BUSINESS CONCEPT PROJECT — INTERNATIONAL INITIATIVE Executed within the Talanx Group in Agile methodology (HDI Seguros: Mexico, Brazil, Chile, Uruguay; HDI Assicurazioni: Italy; HDI: Germany)

KEY OBJECTIVES & STRATEGIC SCOPE

• Developed business assumptions and assessed feasibility of offering Smart Home solutions within an ecosystem designed around home/apartment usage as a value-added insurance complement.
• Led marketing research in cooperation with one of the largest firms in Poland — the most comprehensive customer insight study in Warta’s history.
• Engaged in co-creation with start-ups and tech companies to build innovative service concepts.

RESPONSIBILITIES

• Prioritization of tasks and guiding the project through decision-making stages.
• Operational analysis: diagnosing challenges and proposing improvements.
• Preparation of complete project and group-level documentation.
• Reporting and chairing steering committee meetings.
• Continuous collaboration with IT and business stakeholders.

KEY ACHIEVEMENTS & LESSONS LEARNED

• Gained deep understanding of negotiating bilingual agreements with ICT vendors.
• Ensured full compliance with supervisory requirements, including Guidelines on the Management of IT and ICT Environment Security for General Pension Companies and UKNF’s Communication on Public and Hybrid Cloud Use in Supervised Entities.
• Strengthened skills in project risk management and mitigation strategies.
• Enhanced internal IT delivery processes and vendor performance monitoring.
• Gained valuable experience in managing IT service provision tailored to the insurance sector.
• Fostered long-term supplier relationships through shared product development and optimization.

• Evaluated and processed insurance claims, ensuring compliance with company policies and regulatory requirements.
• Collaborated with policyholders to gather necessary documentation and clarify claim circumstances.
• Analyzed complex claims data to identify potential fraud, implementing corrective measures when needed.
• Mentored junior adjusters on best practices for claims processing and customer interaction strategies.
• Managed claims under liability insurance for road carriers, freight forwarders, and cargo coverage.
• Handled yacht-related claims under shipowners' liability, hull insurance, and marine third-party liability.
• Oversaw claims related to professional liability of tax advisors and chartered accountants.
• Conducted investigations to determine insurer liability under policy terms and conditions.
• Collaborated with brokers and external stakeholders in corporate claims processes.
• Provided professional client service to both external claimants and internal business stakeholders as part of the corporate claims function.

ACHIEVEMENTS

• Maintained the portfolio of committed customers by ensuring timely and efficient process execution.
• Optimized client interactions, reducing the number of interventions, appeals, and formal complaints.
• Awarded under the “Ordinarily Extraordinary” program (December 2018) for outstanding commitment, exemplary attitude, reliability, autonomy, positive workplace influence, and exceptional openness and kindness.

• Analyzed legal documents to identify compliance issues and recommend corrective actions.
• Conducted thorough research on case law and statutory regulations to support legal strategies.
• Drafted legal memoranda and briefs for internal stakeholders, enhancing clarity and precision.
• Collaborated with attorneys to prepare for hearings, ensuring all necessary documentation was organized.
• Reviewed contracts for potential risks, providing insights to mitigate legal exposure.