Risk and Controls Analyst - FTC
The risk and compliance directorate comprises the enterprise risk team and the compliance team. It delivers numerous change projects across regulatory compliance, reporting on risk and management of regulatory risk and the relationship with our principal regulators, the Pensions Regulator.
The Risk function is accountable for the development, implementation and on-going maintenance of the risk management framework across the business and oversight of the management of key risks.
The Risk Controls Analyst will report to the Director of Compliance and other second line teams to enable the organisation to deliver the remedial action outlined in the deliverables.
Scope & deliverables
- Lead the changes to the businesses risk related controls relating to key data to preserve integrity and increase reliability
- Design, manage and oversee the first lines' delivery of a programme of changes to first line controls that provides a robust data governance framework
- Improved checking and sign off process at all levels before 'key data' is published or used by creating a process for 'owners' and 'issuers' of data whereby accuracy is checked by the owner before being used and when data is handed off, there is a process within the recipient team to check that the data is correctly interpreted, not altered and not used out of context
- Work with the first line to define 'key data', applying a risk based criteria
- Create a catalogue of controls within the existing risk framework as an additional tool for the second line (risk & compliance) to evidence application of our policies
- Roll out and train the purpose and maintenance of controls, reinforcing responsibilities with the first line for checking accuracy of data
- Review and update incident management process to include management and designation of Executive sponsor (that will be dependent on the event) and obtain Executive approval
- Train incident managers who will ensure engagement and co-ordination of the incident as soon as an incident is identified
- Update the process to provide for an early creation of a strategy including assessment of scale and materiality and the use of external resources as appropriate, establishing SME opinion and collective experience of the severity of the incident that enables an agreed 'line' on our assessment of the issue and reputational risk to avoid speculation to be maintained.
The employee will be able to demonstrate the following experience and technical skills:
- previous experience in previous experience gained in a role that demonstrates commercial acumen and the application of logical judgement. This could come from financial services, infrastructure, project management, commerce and industry or the public sector;
- significant experience in design and creation of risk and control frameworks
- previous experience of successfully leading analytical projects through to conclusion, including influencing senior people through reasoned argument in order to achieve consensus on complex issues;
- experience of delivering high-quality analysis, gaining insight from that analysis and using this to form evidence-based conclusions and recommendations;
- previous experience and good technical drafting and procedure writing skills.
Personal attributes required
The role will require someone with the following personal attributes:
- a demonstrable interest in risk and control frameworks and best practice and methodologies;
- excellent analytical skills;
- organisational and time management skills including the ability to manage and prioritise conflicting workloads;
- good communication, listening and questioning skills;
- attention to detail and an appreciation and commitment to the maintenance of accurate, accessible and organised documentation.