We are currently seeking an experienced Risk and Controls Manager for our Douglas-based Client, a leader in fiduciary services, fund administration, and management and investment advice compliance.
The Risk and Controls Manager will work alongside the Senior Manager (Policy & Risk) to develop and maintain the organisation's enterprise risk management universe, including maintenance of supporting documents, to ensure it remains fit for purpose. As an integral part of maintaining and enhancing the risk framework, work with the Risk and Control Committee, Senior Steering Group and all Divisions to ensure key risks are suitably identified, articulated, assessed and controlled
The primary responsibilities of the role are to ensure the application of a robust and proportionate Risk and Controls environment in line with the organisation's Enterprise Risk Appetite Statement and Enterprise Risk Management Framework.Specific duties will include:
- Seek opportunities to improve the ERM Framework so that it is of value to, and fit for, the organisation
- Embed the ERM throughout the organisation through suitable promotion and communication to staff
- Work with staff across all Divisions to ensure that all Divisional and project risks are appropriately recorded and evaluated
- Contribute to the periodic review of the organisation's ERAS. Use the agreed risk appetite to assess the relative priority of risks
- Use the prioritisation to assist with the reporting of risks to the SSG and the RACC
- Regularly review and run periodic exercises to critically assess the enterprise, key and horizon risk registers to ensure they appropriately record the respective risks
- Assist in developing a control testing framework to assess the risk mitigations in place across the Authority
- Define a control testing programme for each period, assessing the resourcing requirements to deliver the programme
- Liaise with the Isle of Man Government's Audit Advisory Division to assess the level of testing to be completed by that Division and build it into the testing programme
- Following the completion of testing and review by the Chief Executive and/or RACC (as appropriate), work with the relevant Division to ensure recommended actions are addressed
- Develop and implement the control testing programme, devising appropriate tests for evaluating controls, run the relevant tests and document the findings and recommendations
- Provide guidance and feedback as to the control environment and the impact to associated risks
- Be proportionate and prioritise control testing of the greatest value to effectively mitigate risks and improve efficiencies
- Develop the Three Lines of Defence model, focusing on the implementation of control testing templates
- Report directly to the Chief Executive or RACC on the testing results, in conjunction with the Senior Manager (Policy & Risk)
The Ideal candidate for the role of Risk and Controls Manager will have:
- Hold or be willing to work towards a professional qualification relevant to risk management, internal controls or audit
- Previous experience working within a risk or controls function within a regulated financial services entity, a professional services firm or public services organisation
- Strong working knowledge of enterprise risk management, including the application and understanding of risk analysis, risk frameworks and internal controls
- Understand and apply internal control principles, frameworks and best practices, in line with regulatory and compliance requirements
- Demonstrate effective interpersonal, spoken and written communication skills
- Working knowledge of the financial services sector and associated legislation, regulations and guidance
- Proven ability to build and maintain working relationships with stakeholders at all levels including the ability to influence and negotiate
- Strong analytical skills, ability to quickly and accurately assimilate information, to consider any associated risks and to summarise the information effectively
- Ability to prepare, lead and conduct meetings with senior stakeholders both internally and externally
- Strong presentation skills to support effective dissemination of information and audience engagement