Risk Management

• Engage with risk champions and the wider business to promote risk management practices and culture across their respective areas.
• Support in the management of the Risk and Compliance assessment process for circulation to relevant Committees/ governance bodies.
• Ensure the Risk and Compliance assessment processes and tools are well maintained and updated in CURA
• Monitor and update key risk and control indicators to identify and control Risks through trend analysis.
• Coordinate the Risk & Control Self-Assessment (RCSA) framework across the Business unit.
• Assist with the maintenance of the Risk and Compliance registers for all departments within the Business unit. 
• Conduct a comprehensive assessment of existing control processes and procedures and identify potential control gaps and weaknesses.
• Support in development of control solutions and strategies for moderate to high-risk areas and implement them with minimal supervision.
• Coordinate the formulation of scenarios/sensitivities to be tested as part of the Stress Testing Framework.
• Coordinate the recording and validation of the risk appetite metrics within the risk appetite dashboard for circulation to relevant committees.
• Coordinate the recording of risk incidents and carrying out of a root cause analysis
• Regularly collate the operational loss data and maintain the database
• Review third party arrangements for the business unit in line with regulatory and policy guidelines.

New Products and Projects Risk Management

• Evaluate new products and projects for potential risks through a Comprehensive Risk Assessment.
• Collaborate with cross-functional teams (e.g. project management, actuarial,  legal, IT and quality assurance teams) to gather necessary information and assess the impact of risks on project timelines, budgets, and overall success.
• Review and monitor the progress of new products and projects, identifying any emerging risks throughout the lifecycle.
• Provide recommendations and ensure that risk mitigation strategies are integrated into product development and project planning stages.
• Identify lessons learned from past product launches and projects to improve future risk management practices.

Regulatory Compliance

• Understand and implement regulatory requirements
• Implement Compliance programs that include policies, procedures, conducting monitoring reviews and training to ensure that the Business Unit is following relevant regulations and standards. Monitor and assess the effectiveness of these programs.
• Conduct, prepare and report on key outcomes from monitoring reviews as per the developed compliance monitoring program to relevant committees
• Identify Compliance risks and assess their potential impact on the Business Unit. Use compliance risk management frameworks and methodologies to prioritize and mitigate these risks.
• Identify and respond to Compliance incidents, such as violations of regulations or policies. Conduct investigations, implement corrective actions, and report incidents to relevant stakeholders.

AML Compliance

• Support the business unit on the implementation of Anti- Money Launder/ counter terrorism Financing and Proliferation financing programs (AML/CTF/CPF), processes and measures at business unit level.
• Prepare and update the AML/CTF/CPF status dashboard on an ongoing basis
• Prepare quarterly AML/CTF/CPTF returns for review with the Risk/Compliance Manager.
• Support real time transaction monitoring with line 1 management to ensure regulatory timelines and obligations are met.
• Prepare Suspicious transactions reports and suspicious activity reports for review of the Risk/compliance Manager.
• Maintain and update the Politically Exposed persons register.
• Support implementation on FATCA & CRS compliance by ensuring that various functions are informed of their responsibilities, due diligence is conducted on US & CRS indicia customers and necessary reports are filed.

Data privacy

• Support the implementation of privacy compliance controls measures at a business unit level to ensure all gaps are communicated, tracked and closed with the responsible action owners
• Support in preparation of data privacy risk and Compliance trends/ exposures to the Business and provide recommendations to minimize any emerging risks in liaison with the Group Data privacy risk office.
• Identify and respond to data privacy incidents, such as data breaches or violations of regulations or policies. Conduct investigations, implement corrective actions, and report incidents to relevant stakeholders.
• Track the progress of completion of the privacy roadmap
•  Prepare and update the privacy Dashboard on an ongoing basis
• Ensure the business privacy licence is active and renewed within the stipulated timeline.
• Ensure the privacy policy for the business is up to date and support localization processes arising from regulatory changes or group revisions on the policy.

Audit Follow Ups & Closure

• Follow up  in conjunction with the control Environment  team on the adequate resolution of  Internal Audit Findings, External audit findings and Independent review findings.
• Follow up with risk owners for timely and adequate resolution of regulatory requests and regulatory inspection findings.
• Review all Internal & External Audit reports to extract relevant risk & control information for use in reporting and remediation

Advisory

• Support in preparation of Risk and Compliance trends and exposures to the Business  and provide recommendations to minimize the risk.
• Provide expert guidance and training to staff on policies and procedures compliance
• Support the establishment of the complete regulatory universe for the Business based on applicable laws, regulations, policies and related policy standards and policy guidelines, and aim at achieving 100% Compliance
• Promote the importance of having a strong internal control environment including, but not limited to, assisting in providing a clear definition and understanding throughout the Business of what constitutes risk and compliance events and support appraisal of  Business Units on various elements that impact risk and Compliance.

Policy Governance

• Coordinating annual localization of the risk policies and procedures to ensure they are fit for the Business Unit’s objections and are in compliant with the relevant regulations by working with the policy owners.
• Assess compliance with policies and procedures in the departmental units, with emphasis to controls and coordinate the development of management action arising from non-compliance to the policy requirement with policy owners and prepare a summary report.
• Update the policy and process library.
• Assist the Risk and Compliance Manager with the implementation and maintenance of the Enterprise Management framework.

Risk and Compliance Awareness.  

• Support delivery of Risk & Compliance training programs across the Business to the standards defined by the Group Risk function
• Conduct training to Risk champions as per the developed training program
• Support coordination of the senior management and board training with Company Secretary function.
• Track progress on the completion of trainings.
• Conduct onboarding inductions for specific roles within the business.
•  Support the development of the annual training plan. 

Risk reporting

• Support risk analysis in line with the Risk Framework e.g. thematic reviews, quarterly risk reviews, annual risk register reviews,
• Produce detailed risk reports that provide meaningful information to stakeholders.
• Communicate risk information effectively to relevant stakeholders.
• Provide timely Risk Management Committee pack and Minutes of Monthly RMC Meetings.

Business Continuity Management

• Support in the implementation of the BCM framework for the business unit.
• Review of program and tools to ensure they are updated.
• Ensure BCP testing is carried out as per schedule for the business unit.
• Train staff on BCM

Other Duties

• Attend to any other assigned duties that may be assigned from time to time.

Academic Qualifications:

• University graduate with a degree preferably in Actuarial Science, Statistics, Economics, Finance or Business Administration or related fields.

Professional Qualifications:

• Possess a risk related or actuarial professional qualification.
• Proficiency and experience in data analytics and statistical computer languages e.g. Python, SQL and experience with office automation tools
• Strong IT skills, IT Security skills (an added advantage)

Work Experience:

• 4 years of working experience in the insurance and financial services environment, with sound exposure to insurance Operations, Regulatory and Compliance requirements

Skills required:
Technical skills

• Knowledge of Insurance and Business Operations: Well round knowledge of the insurance operations and processes and excellent knowledge of Insurance policies and procedures.
• Risk Management: Ability to anticipate and mitigate risk by developing appropriate Risk Management Policies for the Business Unit.
• Compliance Standards and Legislations: Excellent knowledge of International Accounting and Standards, and Legislations.
• Compliance and Regulatory Framework: Good understanding of relevant regulatory requirements
• Conceptual and Analytical Skills:  Ability to quickly grasp and understand systems and keen to detail. Strong financial modelling, analytical and problem-solving skills with an emphasis on data science and risk management.

Personal attributes

• Personal Ethics: Must be honest, fair, just but firm with themself, and of high integrity.
• Negotiation Skills: Must be a good negotiator, particularly in changing behaviour and work practices but always Win/Win.
• Planning and organizing: Ability to establish priorities, plan, coordinate and monitor own work plan.
• Communication and Interpersonal Skills: well developed oral and report-writing skills, ability to work in team set-up.
• Follows procedures and policies; keeps to schedules; demonstrates commitment to the Business Unit; complies with legal obligations and safety requirements of the role
• Decisive and solution focused: Possess strong analytical skills with the ability to collect, organize and analyze significant amount of information with attention to detail and accuracy.