About the Compliance Guru

I’ve been in and around the financial industry since 1982. Originally on the investment side, I worked as a stock broker during the 80’s, holding the Series 7, Series 63 and Series 24 (General Securities Principal) licenses, plus life and health insurance, and variable annuities. In 1991 I left Wall Street (really just moved to the curb) and tried my hand as a Financial Planner, licensing myself as a Registered Investment Adviser. Throughout most of the early to mid-90’s I built a modest business by giving investment seminars, hosting a radio show, and teaching an occasional class at the local business college.

As the 90’s came to a close, I started to realize that my career trajectory needed a new arc. A trip to the local library (hey, the Internet was too new) and a bit of research into the hottest career paths for the new millennium lead me into computers. (I had already been fairly immersed into computers, I really just elevated an avocation to a vocation).

Computer Programming has always fascinated me (I have always been, and remain to this day, fascinated by anything that baffles me), so I enrolled in the local technical college and studied computer programming. While I took classes at night, I worked at a computer school during the day, teaching classes in WordPerfect and Lotus 1-2-3 mostly to law firm and banking personnel (both industries were early technology adopters). I earned a Computer Programming Degree in 1992, and went on to develop software for a Major League Baseball team, as well as the U.S. Senior Golf Association.

At about the same time, I started working for a community bank in South Florida as their part-time IT Coordinator. Three months after starting this position, Hurricane Andrew made his appearance in South Florida, wiping out their Homestead branch. (This was my first experience with real-live disaster recovery…there would be many more.)  The part-time position led to a full time position, which led to a series of steadily escalating IT positions in the banking industry.

In 1999 I started my own company offering IT consulting services, primarily to community banks. In 2003, baffled/fascinated by computer security, I earned a GSEC information security certification from the SANS Institute. My certification essay was related to the privacy and security elements of the newly enacted GLBA.  Over the next 6 years, I consulted with dozens of banks from Denovo to $3B+ in size, doing everything from building servers, to drafting policies and procedures. In 2006 I sold my practice and relocated from Florida to South Carolina, where I joined Safe Systems, Inc. as their account manager for the Carolinas, later becoming their Director of Compliance, and currently serving as VP of Compliance Services (and self-proclaimed Compliance Guru!).

I currently hold the  the Certified Information Systems Auditor (CISA) designation and the Certified in Risk and Information Security Controls (CRISC) designation from ISACA, the Certification in Control Self-Assessment (CCSA) and Certified in Risk Management Assurance (CRMA) designations from The Institute of Internal Auditors, the Master Business Continuity Professional (MBCP) designation from the Disaster Recovery Institute (DRI), the Certified Third-party Risk Professional (CTPRP) designation from the Shared Assessments Group.  Most recently, I was in AICPA’s inaugural class of 100 participants where I received their Cybersecurity Advisory Services Certificate. I also serve as an instructor for the Southern Operations School of Banking.

Download Tom’s speaker bio.

I’m available to answer your compliance questions. Just email me at tom@safesystems.com.

Tom Hinkel
Tom Hinkel
Order of the Sword and Shield
Cybersecurity Advisory Services Certificate