Compliance and Risk Officer (CRO)

Under the direction and supervision of the Chief Financial Officer, the CRO develops and executes INM’s compliance and risk programme including GDPR. The CRO must be driven by a strong vision and the ability to influence senior executives to commit resources and time to the governance programme and annual plans for compliance and risk. The role supports the Board, the Senior Executive Team and management by ‘keeping them on track’ in areas such as GDPR, internal audit, compliance, risk and governance.Roles and Responsibilities COMPLIANCE • Ensure the Board and Senior Executive Team understands and adheres to the identified and mandated boundaries (laws and regulations).• Internal Audit function should be used to independently validate compliance prioritising areas of higher risk. The role will also involve ensuring all outstanding Internal Audit next steps are complete and updating the Audit and Risk Committee at quarterly meetings.GDPR • Each business area is responsible for ensuring their compliance with GDPR regulation, however the CRO and the GDPR team will support the business areas to achieve consistent levels of compliance and provide advice as required.• Areas of support will include completion of ROPs, management of DPAs, addressing concerns as highlighted by the DPO, issuing Privacy notices, management of Data Breaches and DSARs etc. Key areas are included in the INM 8 point activity plan as prepared by Mazars.RISK • Risk Register: Maintain a risk register based on the identified applicable laws and regulations, fraud schemes, and (insert compliance & risk systems/policies etc) and considerations.• Controls Catalogue: Based on review of procedures and walkthroughs, maintain an inventory of internal controls and map to key risk areas.• Issues Management: Track the progress of remediation of control weaknesses identified by Internal Audit, self-testing, or controls assessment.• Risk Assessment: Assist in the execution of the corporate compliance, fraud, and risk assessments by identifying the key risks and assessing mitigating controls to determine the risk profile for INM.• Risk Monitoring: Assist in the development and monitoring of key risk indicators (KRIs) that are mapped to various risks to determine elevations in risk and proactively implement risk mitigation measures.• Emerging Risks: Identify emerging risks that present new regulatory, governance or fraud risks. These include risks associated with new products and services, customer types, geographies, and commercial verticals/channels.• Data Analytics: Coordinate the collection of risk information from source systems, departments, and reporting. Analyse the data and apply to various key risk areas to update the risk profile.Policy and Procedure Maintenance: Provide assistance to in developing and updating policies and procedures by enforcing document standards.Manage Document Library: Manage the publication, dissemination, and availability of compliance and risk policies and procedures.GOVERNANCE Establishment and ongoing review of the processes across the organisation that is reflected in the organisations structure, how it is managed and ultimately leads towards the achievement of its plans and objectives in a compliant and risk free environment.Experience and Qualifications •Strong working knowledge of governance, GDPR risk and control frameworks coupled with the ability to design and evaluate the effectiveness of controls embedded within business processes.• Good working knowledge in the area of IT, systems, development of spreadsheets and in analysing large volumes of data.• 7-10 years of experience working in the corporate governance/risk areas at a senior manager level and in complex matrixed organisation.• Must possess a degree in Business Administration, Accounting, Finance or equivalent. MBA or MS a plus.If you have any questions on this role please contact HR@independent.ie.