Job title: Business Unit Risk & Compliance Officer – (sits within the Annuities division)
Location: Potters Bar
Job type: Permanent
Who we are
Canada Life UK looks after the retirement, investment and protection needs of individuals, families and companies. We help to build better futures for our customers, our intermediaries and our employees by operating as a modern, agile and welcoming organisation. Part of our parent company Great-West Lifeco, Canada Life UK has operated in the United Kingdom since 1903. We have hundreds of respected and supported employees committed to doing the right thing for our customers and colleagues. Canada Life UK is transforming to create a more customer-focused business by providing our customers with expertise on financial and tax planning, offering home finance and annuities propositions, and providing collective fund solutions to third party customers.
What we're building
We now need a Business Unit Risk & Compliance Officer – (Annuities) to support the transformation and the future growth of the business within the Risk & Compliance function. The Risk function (as a 2nd line of defence) will provide independent risk oversight and a governance framework for all risk related activities across Canada Life UK. In doing so, it will partner with the Business to understand their strategic objectives and offer practical and value-added risk insights in order to optimise both short and long term decisions taken by the Business.
The compliance function (part of the 2nd line of defence) will be responsible for overseeing and monitoring the activities of the 1st line of Defence, and providing consistent and technically accurate regulatory advice to the Business. The function will also be responsible for effectively balancing delivery of strong regulatory compliance along with sound commercial implementation.
Co-located in the 1st Line and reporting to the 2nd Line Risk and Compliance Business Partners, act as a bridge and facilitate an effective and balanced relationship between the 1st Line Business and 2nd Line Risk & Compliance Functions. Using the framework, tools and training provided by the Risk and Compliance Functions, maintain an in-depth business insight and sufficient authority to support the assigned Business/Functional Unit on risk and compliance related matters, providing robust challenge and making a 'value add' contribution to both Lines 1 and 2.
What you'll do
1. Advice and Oversight – Support the Risk and Compliance Business Partners in providing 2nd Line risk and regulatory compliance oversight of 1st Line Business (on business as usual activities, forthcoming changes to regulations and/or significant business changes/projects). Also support the Compliance Business Partners in the sign-off and oversight of relevant product, customer or distributor related materials. Work closely with the business to understand their strategic objectives, and, with guidance from the Risk and Compliance Business Partners, provide practical and value-adding risk insights and high quality conduct and compliance advice to ensure business objectives and regulatory obligations are met and services are delivered to a high standard.
2. Risk/Compliance Framework – Using the framework, training and tools made available by the 2nd Line Risk & Compliance Functions, provide comfort to the 1st Line Business Management that regulatory obligations are being met, key business/governance controls are reviewed/challenged, Risk Profile is managed within agreed Risk Appetite limits and tolerances and poor customer outcomes are avoided. Responsible for the following activities:
Lead the preparation with 1st Line Business Management and 2nd Line Compliance Function of an Annual Business Unit Compliance Monitoring Plan. Conduct independent risk-based monitoring and testing in line with the 1st Line Business Unit Compliance Plan and ensure there are effective actions addressing the underlying causes of any problems identified.
On a quarterly basis, as defined within the Risk and Control Self-Assessment (RCSA) Template & Business Unit Risk Officer Standard, review the 1st Line Business Unit's adherence to key process requirements and governance controls, escalating issues as required. Support the 1st Line Business by making sure that all material risks & key controls are recorded and assessed using a Risk System provided by the 2nd Line Risk Function. This should cover all risk categories (within CL UK's Risk Universe), as well as emerging and reputational risks, and risks arising from change activities or key initiatives. Ensure risks outside tolerance and weak or deficient controls are managed appropriately, have documented action plans in place and appropriate governance as defined within supporting Standards.
Provide assurance, through monitoring BU specific limits and the RCSA process that the 1st Line Business risks are monitored and managed within appetite and associated Key Risk Indicators (KRIs) embedded within business reporting. Ensure monitoring of exposures against Level 1 to 3 risk limits (as appropriate) are in place and provide challenge on the 1st Line as to how these exposures are being managed, with support from the 2nd Line Risk Function as required. Provide assurance that action plans are followed-up and that the business is considering control performance in stressed conditions through Operational Risk Scenarios ensuring that an appropriate suite of severe yet plausible scenarios is maintained by the 1st Line Business.
Support the preparation and delivery of the planned 2nd Line Risk Reviews (Deep Dive), ensuring that 1st Line Business Management is appropriately engaged in the process. Provide information, as required, to planned 2nd Line Compliance Assessments and Internal Audit Independent Assurance reviews.
Risk Appetite monitoring and reporting together with ongoing compliance monitoring activities facilitate and contribute to 2nd Line Risk and Compliance oversight and help inform a 2nd Line view.
3. Risk Events/Regulatory Breaches – Ensure the Risk Event reporting process is easily accessible available to the 1st Line Business, and enables timely recording and escalation. Support and facilitate the investigation and assessment of event impacts and root cause analysis. Provide comfort to Risk and Compliance Business Partners (based on in-depth business insight) that potential or actual risk events (including conduct risk events) and regulatory compliance breaches are investigated, acted on in a timely manner and reported/escalated as appropriate
4. Policy Management/Attestation -Facilitate and manage the annual attestation process in respect of CLUK owned operating policies and Compliance Function owned operating policies by reviewing and challenging responses from the 1st Line Business, and ensuring the policies meet business requirements and regulatory expectations. Support the business in understanding their policy related requirements and the Compliance Policy related requirements, ensuring these are adequately reflected in relevant processes and procedures. Provide feedback on overall compliance with applicable policy requirements and formally report any known policy exceptions to the Policy Owner and Risk and Compliance Business Partners
5. Financial Crime Management – In conjunction with the Financial Crime Team in 2nd Line Compliance Function, assist the 2nd Line regulatory compliance oversight of 1st Line Business activities relating to financial crime prevention by helping the Business in resolving relevant Sanctions/PEP screening matches, managing Gifts and Hospitality requirements and carrying out AML checks.
6. Data Privacy Management – Fostering a culture of awareness and accountability and encouraging necessary training, co-ordinate the reporting of all BU data protection (DP) breaches/events, ensuring material Data Protection events are escalated to the Head of Data Privacy and Data Protection (in 2nd Line Compliance Function). Working with the 1st Line Business, project managers and 2nd Line Compliance Function, provide intermediate data privacy guidance on business as usual activities and where changes to products, services or business processes may impact any privacy obligations. Perform clear desk checks, reporting findings and any related breaches.
7. Governance - Provide updates and input, as required, to 2nd Line Risk and Compliance Functions reporting for CLUK Management and Board Committees. Attend relevant business management meetings/groups and support the RCSA reporting by providing input, review and challenge to risks (including regulatory/conduct risks), controls and risk indicators.
8. Communication and Training – Support the 1st Line Business Management in designing and delivering ongoing risk education to staff and training on relevant regulatory compliance obligations. Support the design and delivery of 2nd Line Risk and Compliance training programmes and the embedding of risk and compliance awareness/knowledge across the business.
9. Skills and Knowledge - Develop and maintain a deep knowledge of the Business Units' products & services as well as comprehensive technical knowledge of risk governance practices and processes (as part of a wider enterprise risk management framework) and compliance technical knowledge in respect of the FCA Handbook and any other key regulatory requirements.
Who you are
Comprehensive knowledge of risk governance practices and processes, as part of a wider enterprise risk management framework and associated regulations, including Solvency II.
Breadth of knowledge across multiple areas of regulation required (including FCA Handbook, Conduct Risk, Financial Crime and Data Protection).
Experience of embedding and maintaining an enterprise risk management framework.
Experience in providing risk and/or compliance oversight at a business level, including compliance monitoring and undertaking compliance reviews with minimal supervision.
Ability to present advice in a clear, timely and focused way.
Ability to interpret the intended outcomes and drive pragmatic solutions/change by balancing regulatory requirements, cost/benefit, customer impact with business needs.
Ability to take a risk based approach to organising workloads for self to meet demanding and often changing priorities, ensuring that key deadlines are met.
Robust analytical and report writing skills.
Strong interpersonal, influencing and stakeholder management skills up to and including senior/executive management level.
Ability to develop and maintain effective working relationships with colleagues, Business Unit leadership teams and other governance functions.
Degree level qualification or recognised industry /professional qualification
What you'll like about working here
As a Canada Life UK colleague, you'll receive a competitive salary and comprehensive reward package including income protection, private medical insurance and life assurance, along with a generous pension and bonus scheme. You'll also receive the support you need with your personal and professional development. Our focus is to have an engaged, committed and motivated work force, operating in a high performing and collaborative culture. We want to create an organisation that offers opportunities for all our people to develop their skills and talent, and build rewarding careers with us.
Diversity and inclusion
Canada Life is committed to a diverse and inclusive workplace. Our role as an employer of choice is to provide the right environment for talented people to do their best work, by respecting, understanding and valuing individual differences.