Job Title: Assistant Compliance Officer & ISO27001 Internal Auditor
Reporting to: Head of Risk and Compliance
Job Mission:
* Provide a Compliance and Risk service and support to both companies and employees to ensure all relevant activities adhere to all appropriate regulatory requirements.
* To support the Head of Compliance to ensure procedures and services delivered adhere to the regulations that apply to a regulated financial services business.
* Ensure all relevant regulatory requirements are met during operational practice including the FCA’s Consumer Duty, Conduct Rules and Principles.
* Engage with clients as appropriate to enhance OPAL’s service in the delivery of critical or important functions.
* Participate in and contribute to the compliance culture of the broader management group of the businesses.
* Act as OPAL ISO27001 internal auditor
Principal Job Objectives
* Provide support to Head of Compliance in AMLand Data Protection advice and guidance
* To support the Head of Compliance in ensuring all regulatory returns being completed accurately and in a timely manner as per the Governance Schedule for both companies.
* Ensure all day to day business as usual compliance breaches and complaints handling support is provided in a timely manner for both companies
* Act as a second line defence to identify and monitor risks and provide a feedback loop to Head of Compliance & Risk and the Operational Practice of both companies.
* Provide Induction and ad hoc compliance training and coaching
* To support the Head of Compliance in meeting the Compliance Monitoring Plan in order to analyse the company’s compliance with regulatory requirements including FCA obligations, Data Protection, Fraud Prevention and measures, Consumer Duty Basic Principals and anti-money laundering.
* To support the Head of Compliance in maintaining OPAL’s and SFPL Breach Register, ensuring Breaches are reported and completed to a high standard and within the agreed SLAs.
* To support the Head of Compliance with OPAL’s complaint management service including maintaining the OPAL clients Complaint Register and providing support to the Complaints Team at point of escalation.
* Analyse the root causes of regulatory and procedural breaches and ensure that practical remedial actions have been taken to mitigate against future occurrence
* To provide support to the Compliance Trainee in the operation of OPAL’s PEP and Sanctions screening tool to satisfy the regulatory requirements of OPAL’s clients.
* To support the Head of Compliance in the review and maintenance of the Compliance Manuals of both firms (OPAL and SFPL)
* To ensure all Compliance Procedures are up to date at all times.
* To support the Head of Compliance in any administrative, research and delivery from the Compliance department
* To provide support to the Head of Compliance in the SFPL Oversight function with OPAL ensuring SFPL meets its obligations to monitor and oversee OPAL’s/SFPL outsource agreement.
ISO27001
* ISO27001 Internal Auditor - function
* To manage and undertake monthly ISO27001 audits to ensure we meet our obligations under Clause: 9.2 Internal Audit; Control 5.35 Independent review of information security
* To maintain and update annually the P7 Internal Audit Procedures including Audit Schedule prior to commencing the following year.
* To work closely with the Chief Security Officer by meeting regularly to discuss findings and agree process improvements.
* To assist the Chief Security Officer by undertaking Audit checks prior to the annual audit by BSI.
* Escalate any ISO security risk within OPAL
* Implement controls, document procedures and complete risk assessment reviews as required
* Ensure that any Compliance security breaches are completed within 24 hours as per the procedures.
* To assist the Head of Risk and Compliance in reviewing the Applicable Laws attributable to OPAL and update the ISMS annually.
Essential knowledge, skills and experience required at recruitment
* Minimum of 3 years’ experience in Financial Services, preferably in the Investment and Life Protection sectors, with at least 1 year in the Compliance sector
* Good interpersonal and communication skills and able to identify and build important strategic relationships internally and externally
* Display sound and proportionate judgement
* Display a commercial outlook
* Advanced Excel skills and highly numerate.
* Experience of compliance monitoring, risk management and/or internal audit skills.
* Good inter-personal and communication skills and be a strong team player.
* Awareness of the FCA handbook and data protection
* Basic awareness of ISO27001 Standard
Additional Knowledge required to become fully competent
* Good understanding of administration and systems within the companies.
* Undertake ISO27001 Internal Auditor Training course
* Familiarisation with the Life, Protection, Investment products
* Understanding of our Client Relationships and Contractual obligations
* Proficient in use of Word, Excel, PowerPoint