Principal Officer – Business Integrity and Compliance
Posted:
Job Title: Principal Officer – Business Integrity and Compliance
Reports to: Senior Manager – Business Integrity and Compliance
Job Purpose
Proactively execute Safaricom’s Compliance Programmes, coordinate the implementation of the compliance framework across business functions, and carry out assurance activities to ensure compliance with laws, regulations, the Business Code of Conduct, policies, and standards using a risk-based approach.
Key Responsibilities
Health and Safety
- Uphold the company code of conduct, policies, and procedures, ensuring integrity and accountability in every aspect of your work.
- Adhere to safety, health, and wellbeing policies, guidelines, and procedures in all actions and decisions.
Implementation and Management of Business Integrity and Compliance Programme
- Anchor the compliance programme (policies, guidelines, standards, protocols, infrastructure, tools, etc.) and provide support to business units in implementing it.
- Serve as the face of compliance by addressing queries, clarifications, and ethical dilemmas from the business.
- Promote initiatives to drive and embed the compliance programme, including rolling out new policies and providing inputs to enable compliance by addressing business challenges.
- Conduct compliance risk assessments to identify and prioritize compliance risks requiring management attention.
- Carry out monitoring and assurance activities on compliance programmes on a regular basis.
- Coordinate Compliance Champions to ensure controls and a compliance culture are inculcated throughout the organization.
Internal Controls Framework Oversight
- Drive the implementation and management of the control framework, promoting a strong self-assessment culture and ownership of risks and controls by the first line.
- Promote and embed risk management and control culture within business units.
- Deliver and manage control framework activities, primarily Critical Process Assessment and Risk and Controls Self-Assessment, including reporting and tracking progress.
- Support identification of new and emerging risks through proactive process reviews.
- Provide support in identifying and resolving control issues and themes, including managing the resolution of audit and other control issues.
- Drive synergies in control framework mechanisms and identify opportunities to improve the control environment, including for new products and processes.
- Work with Enterprise Risk and Resilience and Internal Audit to ensure proper operational risk management.
- Ensure effective reporting of any noted issues, risks, and business impact of control deficiencies, and track remediation to completion.
Execution of Safaricom Code of Conduct
- Implement and enforce the Code of Conduct within the organization through training and education, monitoring and reporting mechanisms, and consistent enforcement and consequences for violations.
- Deliver training and awareness to staff on:
- Establishing a solid foundation of ethical principles.
- Addressing specific ethical difficulties.
- Exercising ethical decision-making.
- Fostering diversity and inclusion.
- Providing ongoing training.
- Emphasizing compliance with laws and regulations.
- Safeguarding the company’s reputation and guaranteeing safety.
- Support investigations by monitoring timelines and ensuring adherence to the investigation protocol as per the Safaricom Code of Conduct and Breach Management Standards.
Governance
- Provide strategic oversight and leadership in tracking, monitoring, and closing control issues and audit findings arising from Combined Assurance Reviews across the business.
- Own the policy governance architecture, lifecycle, and compliance reporting.
- Drive accountability and timely resolution of all risk and control-related actions, ensuring alignment with regulatory expectations and internal governance standards.
- Lead root cause analysis initiatives, ensuring lessons learned are embedded into business processes and control frameworks to prevent recurrence.
- Drive the Control Environment review and reporting processes for Safaricom, ensuring consistency, accuracy, and timely delivery.
- Champion integration and synergy across control mechanisms, identifying opportunities to streamline processes and enhance the overall control environment.
Core Competencies, Knowledge and Experience
Business Competencies
- Strong networking skills with internal and external stakeholders.
- Good communication skills and the ability to persuade.
- A self-starter who is self-driven in understanding business needs and compliance role expectations.
- Ability to gather insights and translate them into education material.
- Eye for detail and strong analytical mind for interpreting facts and circumstances.
- Sensitivity towards confidentiality, right to privacy, and discretion in communication.
- Intuitive skills with an understanding of human psychology in conducting investigations.
- High-calibre interpersonal and intrapersonal skills.
Risk Management
- Directly manage and develop a high-performing team of Cluster Control Champions and partners, providing direction, support, and coaching as required.
- Champion governance, risk, and control best practices, developing an appropriate risk culture across the business.
- Promote a culture of sound conduct and service excellence in all dealings with internal and external parties.
Innovation
- Create psychological safety so everyone can have an impact.
- Fuel innovative ideas from others and test them to enable growth.
- Explore successes and failures with curiosity and resilience, fearlessly recognizing lessons learned.
- Share ongoing learning and personal purpose with others.
- Learn fast from digital adoption, using learnings to drive simplicity, scale, and efficiency.
Collaboration
- Articulate your team’s role in making our strategy happen, prioritizing and aligning resources with current and future needs.
- Actively collaborate to break silos and hold your team accountable to do the same.
- Develop others to make the most of their talents and coach them to take ownership to get things done.
- Create an inclusive environment ensuring the safety and wellbeing of others.
- Live our Purpose and demonstrate the highest standard of integrity.
Qualifications
- A graduate degree in Business, Law, Accounting, Engineering, or IT.
- Professional certification in Risk Management and Information Systems (e.g., CISA or CPA(K) or equivalent).
- Audit background is preferable.
- At least 8 years of proven experience (most in management positions) in risk analysis, ideally in a telecommunications environment.
- Good knowledge of ISO 37001.
- Ability to analyze significant amounts of data and information, distilling key points for risk analysis.
- Highly developed interpersonal and communication skills to work with various internal and external stakeholders.
- Strong background in auditing, accounting, or the legal field.
- Detailed knowledge of GSM, Financial Services, and Fintech environments, business models, and processes.
CV Job Description Matcher See how well your CV matches this job and get tips to improve your chances AI Tool
This tool helps you see how closely your CV matches a job description. It also gives you simple suggestions on what to improve so you have a better chance of getting shortlisted.
Never pay anyone for job applications, interview tests, or job interviews. A genuine employer will never ask you for payment under any circumstances.
