Job title: Business Unit Risk Officer – (Sit within Shared Services)
Location: Potters Bar
Job type: Permanent
Who we are
Canada Life UK looks after the retirement, investment and protection needs of individuals, families and companies. We help to build better futures for our customers, our intermediaries and our employees by operating as a modern, agile and welcoming organisation. Part of our parent company Great-West Lifeco, Canada Life UK has operated in the United Kingdom since 1903. We have hundreds of respected and supported employees committed to doing the right thing for our customers and colleagues. Canada Life UK is transforming to create a more customer-focused business by providing our customers with expertise on financial and tax planning, offering home finance and annuities propositions, and providing collective fund solutions to third party customers.
What we're building
We now need a Business Unit Risk Officer (working with our colleagues in Shared Services to support the transformation and the future growth of the business within the Risk & Compliance function. The Risk and Compliance Functions (part of the 2nd Line of Defence) will be responsible for overseeing and monitoring the activities of the 1st Line of Defence, and providing consistent and technically accurate regulatory advice to the Business. The function will also be responsible for effectively balancing delivery of strong regulatory compliance along with sound commercial implementation.
With direct guidance from the Risk Business Partner, provide Shared Services with expert and value-adding risk advice in a business focused and pragmatic way, facilitating effective and appropriate risk management across the business, encouraging an appropriate risk culture and delivering fair outcomes within risk appetite. Co-located in the 1st Line and working under the direction of the Risk Business Partner, act as a bridge and facilitate an effective and balanced relationship between the 1st Line Business and 2nd Line Risk Function. Using the framework, tools and training provided by the Risk Function, maintain an in-depth business insight and sufficient authority to support Shared Services on risk related matters, providing robust challenge and making a 'value add' contribution to both Lines 1 and 2.
What you'll do
1. Advice and Oversight – Champion the 3 Lines of Defence model for risk management across Shared Services and support the Risk Business Partner in providing independent risk oversight and governance to the 1st Line Business on risk-related activities and issues in respect of business as usual activities, as well as from forthcoming business changes/project (including product developments, new/amended business processes and IT systems). Work closely with Shared Services to understand their strategic objectives, and, with guidance from the Risk Business Partner, provide practical risk insights and expertise to ensure business objectives are met and services are delivered to a high standard and all appropriate risk governance assessments completed.
2. Risk and Control Self-Assessment (RCSA) - Responsible for supporting the 2nd Line of defence aspects of key risk identification, monitoring and reporting activities for Shared Services providing comfort that their Risk Profile is managed within agreed Risk Appetite limits and tolerances. This includes the following activities:
Support the 1st Line Business by making sure that all material risks & key controls are recorded and assessed using a Risk System provided by the 2nd Line Risk Function. This should cover all risk categories (within CL UK's Risk Universe), as well as emerging and reputational risks, and risks arising from change activities or key initiatives. Ensure risks outside tolerance and weak or deficient controls are managed appropriately, have documented action plans in place and appropriate governance as defined within supporting Standards.
Ensure risk indicators (Key Risk Indicators (KRIs) and Risk Indicators (RIs)) and associated tolerances (to help monitor and manage 1st Line Business risks) are in place, agreed with Shared Services Management and the 2nd Line Risk Function, and maintained within the Risk System to ensure timely escalation and reporting (frequency varies from monthly to quarterly). Ensure monitoring of exposures against Level 1 to 3 risk limits (as appropriate) are in place and provide challenge on the 1st Line as to how these exposures are being managed, with support from the 2nd Line Risk Function as required. Provide confirmation that key risks identified in RCSA reporting are monitored through aligned KRIs and control assessments, ensuring that the business are guided and challenged on remedial activities and reporting/escalation processes.
Support Shared Services in formally completing (every 6 months at a minimum) an RCSA report, signed-off by Shared Services Management and the Risk Business Partner.
Agree required Shared Services Risk Management Information Reporting and Processes with the BUROs facing off to the other Business Units (e.g. Wealth Management, Insurance) and assist the Risk Business Partner in managing the Assistant BURO to meet agreed timelines.
Fostering a culture of awareness, openness and accountability, providing training as required, ensure the Risk Event Reporting process is easily available to Shared Services. The recording, assessment and escalation of all potential or actual risk events should be managed in line with the Risk Event Standard. Ensure Business Units receiving Shared Service support are immediately informed of any impacts to their business lines.
3. Risk Reviews/Deep Dives – Under the Risk Business Partner's guidance support the preparation and delivery of the planned risk reviews, ensuring that Shared Services Management is appropriately engaged in the process. Provide information, as required, to planned Internal Audit Independent Assurance reviews.
4. Operational Risk Scenarios - Using tools and training provided by the 2nd Line Risk Function, ensure that an appropriate suite of severe yet plausible scenarios is maintained by the Shared Services Management Actions are tracked as Action Plans
5. Policy Management/Attestation - Supported by the Assistant BURO, Facilitate and manage the Business Unit annual attestation to applicable policy requirements by reviewing and challenging their responses and ensuring that policy gaps with respect to changes in the Business Unit's profile/operations/strategy is communicated to the Policy Owner. Provide the Risk Business Partner with feedback/issues on compliance with any requirements, and formerly report any known policy exceptions to the Policy Owner and Risk
6. Governance - Provide updates and input, as required, to 2nd Line Risk Function reporting for CLUK Management and Board Committees. Maintain regular meetings (at least quarterly) with Shared Services SMEs to review their RCSA. Attend relevant management and business working groups, as required, and participate in Business Unit Risk Officer Forums hosted by the Risk Function.
7. Monitoring - On a quarterly basis, as defined within the RCSA Template & BURO Standard, review Shared Services' adherence to key process requirements and governance controls, escalating issues as required.
8. Communication and Training – Support Shared Services Management by delivering ongoing risk training and education to staff, enabling the business to integrate the risk culture into their day-to-day work processes. Continue to strengthen and embed risk awareness across Shared Services, and seek to reinforce knowledge where gaps are identified. Support the design and delivery of Risk Function training programmes (including online modules).
9. Skills and Knowledge - Develop and maintain a deep knowledge of Shared Services products & services as well as comprehensive technical knowledge of risk governance practices and processes (as part of a wider enterprise risk management framework) and associated regulations.
Who you are
Comprehensive knowledge of risk governance practices and processes, as part of a wider enterprise risk management framework and associated regulations, including Solvency II.
Experience in overseeing the management of risks and the various approaches to monitor and report on risks.
Experience of embedding and maintaining an enterprise risk management framework.
Experience in managing and providing risk oversight activities at a business level.
Ability to interpret the intended outcomes and drive pragmatic solutions/change by balancing regulatory requirements, cost/benefit, customer impact with business needs.
Ability to present advice in a clear, timely and focused way.
Ability to take a risk based approach to organising workloads for self to meet demanding and often changing priorities, ensuring that key deadlines are met.
Robust analytical and report writing skills.
Strong interpersonal, influencing and stakeholder management skills up to and including senior/executive management level.
Ability to develop and maintain effective working relationships with colleagues, Business Unit leadership teams and other governance functions.
Degree level qualification or recognised industry /professional qualification
What you'll like about working here
As a Canada Life UK colleague, you'll receive a competitive salary and comprehensive reward package including income protection, private medical insurance and life assurance, along with a generous pension and bonus scheme. You'll also receive the support you need with your personal and professional development.
Our focus is to have an engaged, committed and motivated work force, operating in a high performing and collaborative culture. We want to create an organisation that offers opportunities for all our people to develop their skills and talent, and build rewarding careers with us.
Diversity and inclusion
Canada Life is committed to a diverse and inclusive workplace. Our role as an employer of choice is to provide the right environment for talented people to do their best work, by respecting, understanding and valuing individual differences.