Job Description
As a Head of Compliance you will lead and oversee all compliance and data protection activities across the Group, ensuring adherence to FCA and ICO regulations. You will hold Senior Management Function 16 (Compliance Oversight) approval under the FCA’s SM&CR and act as the statutory Data Protection Officer. You will deliver strategic direction, advice and assurance to the Board and Executive Team, ensuring regulatory integrity, good customer outcomes and responsible data stewardship. This role provides independent second line of defence (2LOD) advice and assurance, as delegated by the Chief Risk Officer, and is part of the second line Group Risk Leadership team.
Responsibilities
* Lead the development and implementation of the Group’s compliance and data protection strategies and target operating model
* Engage with and provide constructive challenges to senior management and Board committees
* Manage and develop a team of compliance and data protection professionals (c9 FTE)
* Develop and maintain policies, procedures and training programmes to ensure consistent compliance and data protection standards
* Liaise with internal and external auditors, regulators and legal advisors
* Own and maintain the Group’s compliance framework, ensuring alignment with FCA Principles, SYSC, MCOB and Consumer Duty
* Develop and oversee the Compliance Monitoring Plan and Compliance Universe using risk‑based prioritisation
* Provide expert compliance advice and guidance on regulatory requirements across business activities, including new initiatives, product development, operational change and customer communications
* Conduct regulatory breach assessments
* Lead horizon scanning and impact assessment of regulatory developments, translating FCA requirements into business plans
* Act as a primary point of contact with the FCA for engagement, notifications and information requests
* Act as the Group’s designated DPO in accordance with the UK GDPR, including reference to Articles 37‑39
* Develop, implement and maintain a Data Protection Compliance Framework, including the production and review of data protection policies, procedures, standards and training
* Advise on and oversee Data Protection Impact Assessments, ensuring data protection by design and by default is embedded in all relevant projects and initiatives, and liaise with the regulator where required
* Monitor compliance with UK data protection laws and internal policies
* Lead the response to data protection incidents and personal data breaches
Qualifications
Essential:
* Proven experience as SMF16 and DPO in a FCA regulated environment, ideally in a lending environment
* Extensive knowledge and experience of the Financial Conduct Authority and its supervisory approach
* Expert understanding of UK GDPR and Data Protection Act 2018
* Strong leadership and people management skills
* CIPP/E, CIPT or CISM qualified
* Broad understanding of an enterprise risk management framework and how regulatory compliance and conduct risk operate within it
Desirable:
* CeMAP
* ICA qualifications
* Recognised Data Protection Practitioner certification
Additional Information
Together embraces diversity and inclusion, and is proud to be an equal opportunity workplace. We support reasonable adjustments during any stage of the recruitment process. All successful applicants will undergo relevant employment reference, financial and criminal record checks.
Seniority level
Mid‑Senior level
Employment type
Full‑time
Job function
Finance
Location: Cheadle, Cheshire, United Kingdom
#J-18808-Ljbffr