Job Description We’re recruiting for a Risk and Controls Assurance Analyst to join us. In this role, you will monitor and report on the performance of Retirement Income processes and services for ongoing accuracy and compliance, whilst protecting the business from potential risks of fraud or poor practice. You will also oversee the control environment, performing regular testing of its ongoing effectiveness. Additionally, you will execute pre-audit control testing and assurance that trends from risk events and previous audit actions remain in place. What you'll be doing: Creating and managing auditing requirements for annuitant payments across IPS Working with Head of Operations, Head of Customer Payroll, Risk, Operational Governance, and Operational Tax representatives to create, monitor, and report on health of payrolls from a transactional process, compliance, and risk perspective for leadership team and control framework sign-off Ongoing review of all procedural documentation relating to processes and services across Retirement Income to ensure they remain up-to-date and accurate Ensuring all risks and their associated key controls are operational within the OSX system Performing ongoing Quality Assurance for items such as bank account (including Citi processes), address change, payment method, E2E new business set up including underwriting, off-system payments, and amendments to values to monitor data accuracy, SLA/timeliness, process compliance, fraud, and identifying training needs Monitoring suspensions, gone aways, overpayment recoveries and write-offs for process compliance and timeliness of both action and follow-up activities, reporting on agreed SLA breaches and overpayment trends Monitoring suspicious customer behaviour activity such as frequency of bank changes, pay date changes enabling tax fraud and/or money laundering Monitoring suspicious staff behaviour activity such as requestor/authoriser patterns, out-of-hours access and changes, appropriate use of system markers, unusual activity (unknown overtime/non-standard work patterns), and same requester/authoriser on a repeated or frequent basis Performing periodic reviews of individual staff system access levels to ensure appropriate systems permissions are in place, including: read or write access authorisation limits correct level of access permissions in line with business area repeat/duplicate logins timeliness of requests (starters/changes/leavers) Ensuring principles of Conduct Risk are embedded into day-to-day operations to deliver good customer outcomes at all times Ensuring all business processes and internal controls within LGRR are performed in a way that delivers good customer outcomes and demonstrates effective management of Conduct Risk