Compliance lead

Compliance Lead

📍 London - Hybrid | 💰 £75,000 - £80,000

Why this role exists

Onsi operates in a highly regulated environment where trust, security, and regulatory integrity are foundational to our growth. As we scale our enterprise partnerships and insurance operations across markets, maintaining a robust, scalable compliance and risk framework is critical—not just to meet regulatory expectations, but to enable the business to move with confidence.

This role exists to own enterprise risk, compliance, and legal governance across the business; ensuring we remain compliant, audit-ready, and resilient as we grow across markets.

Why this role matters

As Compliance Lead, you will be a senior steward of Onsi’s regulatory posture. You’ll provide governance, oversight, and assurance—ensuring that compliance, security and legal-related requirements are consistently met across the organisation.

Reporting to the COO, you will partner closely with Engineering, Product (financial and digital), Operations, Information Security, and leadership teams while maintaining independent oversight and challenge. Your focus is not day‑to‑day delivery, but ensuring that what Onsi builds, sells, and operates stands up to regulatory scrutiny and best practice—particularly across financial service regulation, data protection, cybersecurity and operational risk.

Why Onsi, why now

With strategic backing from Zurich Insurance and investors behind Deliveroo, Zoopla, and Delivery Hero, Onsi is entering its next phase of growth. As we scale, we’re intentionally building small, high-impact teams that own real problems end‑to‑end.

Reporting line & team

* Reports to: COO
* Line management: 1 direct report (Compliance Specialist)
* Operating model: You set strategy, priorities, governance and assurance; your Compliance Specialist runs day‑to‑day programme execution (e.g., control testing coordination, evidence collection, documentation maintenance, audit preparation support), working cross‑functionally with Product, Engineering, Ops and InfoSec.

Key Responsibilities

* Enterprise Risk and Compliance Framework
o Own and evolve a group‑wide compliance and risk framework that supports regulatory compliance, operational resilience, and scale.
o Define risk appetite/thresholds (where appropriate), maintain the enterprise risk register, and ensure clear escalation and decision‑making pathways.
* Regulatory Engagement & Horizon Scanning (FCA, AFM, DFSA)
o Act as Onsi's primary compliance interface with regulators (e.g., UK FCA, Dutch AFM and Danish FSA), as appropriate to our operating model and permissions.
o Lead horizon scanning, regulatory change management, and early response to new or evolving obligations- translating requirements into practical controls and delivery expectations.
* Policy, Controls & Governance Oversight
o Ensure clear, practical compliance, legal, and security policies are in place, understood, and operating effectively across the business.
o Establish a governance cadence (forums, reporting, attestations) that provides leadership with clear visibility of compliance posture and issues.
* Audit, Assurance & Due Diligence (Carriers / Lloyd’s / Enterprise / Regulatory)
o Own readiness for audits and reviews by insurance carriers and Lloyd’s, and support other assurance activity (enterprise security reviews, regulatory reviews, customer due diligence).
o Set the standard for documentation quality and evidence expectations; ensure controls are demonstrably operating and issues are remediated with pace and rigour.
o Oversee third‑party and partner risk governance from a compliance, cyber, and legal risk perspective (including outsourced service considerations).
* Insurance Operations Governance
o Oversee compliance standards, governance protocols, and regulatory obligations relating to insurance operations and partners.
o Ensure partner expectations and delegated requirements (where applicable) are met and evidenced.
* Delivery Compliance & KYC Oversight
o Provide oversight of KYC, onboarding, and delivery‑side compliance requirements, ensuring proportionate controls without slowing execution.
o Ensure ownership is clear across teams and that compliance requirements are embedded early in delivery, not bolted on at the end.
* GDPR & Data Protection Governance
o Own oversight of GDPR compliance, ensuring appropriate governance around privacy‑by‑design, DPIAs/assessments where required, incident readiness, and third‑party processing risk.
o Partner with Product, Engineering, and InfoSec to ensure privacy and security controls remain effective and auditable.
* ISO 27001 Oversight & Certification Maintenance
o Provide senior ownership of ISO 27001 certification maintenance and audit readiness, ensuring governance, internal assurance, management review inputs, and corrective actions are operating effectively.
o Work closely with InfoSec and Engineering while maintaining independence of oversight and assurance.
* Team Leadership & Capability Building
o Line manage and develop the Compliance Specialist, setting priorities, coaching on execution, and ensuring high‑quality programme outputs.
o Build scalable ways of working—tooling, templates, playbooks, and reporting—that reduce friction and improve consistency over time.
* Compliance Training & Culture
o Set direction for compliance training and promote a practical, values‑led compliance culture across Onsi.
o Enable teams to understand requirements and make good decisions without creating bottlenecks.

The successful candidate is expected to follow all Onsi security policies and procedures.

What you bring

* A recognised professional qualification in compliance, data protection, risk, or security governance (or equivalent senior experience delivering these outcomes in practice).
* Senior experience in compliance, risk, and/or legal governance within regulated environments (financial services, insurance, fintech, or adjacent).
* Strong working knowledge of regulatory, legal, cybersecurity, and data protection frameworks, including UK GDPR, ISO 27001, Cyber Essentials, and operational resilience expectations.
* Experience designing and operating regulatory and legal risk frameworks, including horizon scanning and regulatory change management.
* Credible experience preparing organisations for audits, regulatory reviews, enterprise due diligence, and legal scrutiny—and engaging confidently with regulators, insurers, auditors, and external stakeholders.
* Experience overseeing third‑party and partner risk, including compliance, cyber, and legal risk assessments.
* Strong judgement and communication skills, with the confidence to challenge constructively and escalat when needed, while staying pragmatic and delivery‑oriented.

Is This Role a Fit for You?

This role is a great match if you thrive on ownership, embrace ambiguity as a chance to grow, and celebrate small wins while keeping the big picture in sight. Most importantly, you believe there’s no I in Onsi — we always win as a team.

It’s probably not for you if you prefer rigid structure, narrowly defined roles, or working fully remote. We’re hands‑on generalists who adapt quickly and learn best by collaborating in person.

What will you get in return?

💰 Compensation & Financial Benefits

* 💷 Pension contributions (UK) with matching up to 7%
* 🛒 Access to Onsi ODP & Marketplace: Get hands‑on with our own product including early wage access and savings plus exclusive offers through Onsi Marketplace.
* 🚲 Cycle Schemes:
o CycleSaver subscription: → save up to 47% on shared cycles (Lime, Forest, Beryl, Dott, Voi, Santander) with flexible salary sacrifice
o Cycle to Work scheme → buy a bike or e‑bike via salary sacrifice and save on tax

🌴 Time Off & Leave

* 🏖️ 25 days annual leave + UK bank holidays (rising to 35 days with tenure)
* 🎂 Birthday day off
* 💍🏡 Up to 3 extra days for weddings or moving house
* 🗓️ 1-month paid sabbatical after 5 years of service
* 👶 Enhanced parental leave (enhanced pay + staggered return)
* 👪 Family leave: fertility treatment, appointments & growing your family

📚 Growth & Learning

* 📈 Personal development budget: £500 per year, increasing to £1,500 after 3 years to invest in your growth (courses, books, coaching)
* 🧑🏫 Learning & Development Days: 12 dedicated days each year for professional growth, training, or upskilling
* 💡 Knowledge‑sharing culture: Regular Lunch & Learns, Monthly Speaker Series, cross‑team workshops, and company offsites to expand your perspective and keep learning

❤️ Health & Wellbeing

* ⚖️ PT-Link Fitness App: Personalised training plans, nutrition guidance, and habit coaching at your fingertips
* 🩺 24/7 GP access: Virtual doctor appointments anytime, anywhere
* 🧠 Mental health support: Counselling, resources, and wellbeing check‑ins to help you

🙌 Culture & Perks

* 🏠 Hybrid working: Choose flexibility — split your time between home and our London 🇬🇧 or Amsterdam 🇳🇱 or Cape Town 🇿🇦 offices
* 🌍 Work from abroad: up to 20 days per year
* 🎉 Social culture: Regular team lunches, coffee catch‑ups, after‑work drinks, and quarterly company events to stay connected
* 🍎 Office perks: A well‑stocked kitchen with snacks, fruit, coffee, and drinks to keep you fuelled
* 👕🎁 Onsi swag: Branded gear like hoodies, notebooks, and bottles to celebrate milestones and anniversaries

Our Values:

✨ Get Onside: We recognise that we’re strongest as a team when we unite to achieve our mission. We’re committed to supporting & bringing out the best in each other. Put simply, we’re on each other’s side.

✨ Say It Like It Is: We embrace clarity, concision and transparency. Why? Because candour enables quality conversation, better decisions and greater speed.

✨ Bring Your Edge: Our creativity and innovation stems from our unique perspectives. We celebrate our diversity of thought, welcome new ideas and cultivate the talents that set us apart. We actively participate in creating an inclusive and respectful community where everyone feels valued.

✨ Make It Count: We pursue our goals with determination and a laser focus on what’s important while disregarding what’s not. We strive to succeed, accomplish and perform.

Our Commitment:

We aim to foster a diverse and inclusive workplace where differences are valued and where employees are treated fairly and supported in achieving their full potential.

Onsi is therefore fully committed to ensuring that it recruits, develops and retains employees solely on merit and that no one is treated less favourably because of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex or sexual orientation.

Thank you for considering Onsi. We’re looking for passionate individuals to help us shape the future of work. If this opportunity excites you, we’d love to hear from you! 💚

#J-18808-Ljbffr