Head of Compliance & Data Protection

  • Location


  • Discipline:


  • Job type:


  • Salary:

    £60,000 - £75,000

  • Consultant:


  • Email:


  • Job ref:


  • Published:

    about 2 years ago


Responsible for providing oversight, advice, guidance and leadership across the company on all aspects of Data Protection and regulatory compliance risks including FCA, OFCOM, OFGEM.  The role holder will be expected to lead the strategic development of all data protection and regulatory compliance arrangements for the firm, providing assurance and oversight of risks and issues to the Board of Directors.


FCA Compliance:

  • Provide a range of FCA compliance services to the business
  • Annual RMAR reporting
  • Approved person’s administration
  • Oversight of systems and controls including annual review of compliance policies
  • Horizon scanning, and communication of regulatory change and requirements
  • Lead implementation of regulatory changes such as SMCR
  • Identify and escalate regulatory risks to the Board

Data Protection: Provide subject matter expertise for all data protection related activities:

  • Data Protection Impact Assessments
  • Responsible for ensuring appropriate Data Sharing contractual agreements with clients and suppliers
  • Support the tender and on-boarding of new clients by providing assurance regarding the firm’s data protection arrangements
  • Work with key stakeholders responsible for management of data protection risks
  • Maintain a record of all data processing activities and categories of data
  • Support the delivery of an effective Information Security Management System, ensuring ongoing compliance with the ISO 27001 standard


  • Devise and maintain an enterprise level risk identification and assessment process and embed this within the business
  • Work with the exec team to define business risk appetite
  • Facilitate regular review and update of risks and control with all risk owners 
  • Chair exec team risk review meetings, providing effective reporting of risks over appetite and tracking actions to ensure risk treatment and mitigation activities are effective 
  • Define and develop group level reporting of strategic risks

Experience Required:

  • Extensive experience of Data Protection and FCA compliance in the consumer lending sector
  • Experience leading key second or third line of defence assurance activities across Risk and Audit Assurance activities
  • Significant experience distilling complex regulation into key requirements for the business and senior leaders, and leading projects to deliver regulatory changes

Please note, should feedback not be received within 28 days due to the large volume of applications, unfortunately your application has been unsuccessful. However, we may be in touch with similar relevant opportunities.