Head of HR Compliance

Job Type:

Fixed Term

Build a brilliant future with Hiscox
 

Head of People Compliance – 6mths Fixed Term Contract

Reporting to the People Operations Director

As Hiscox’s Head of People Compliance, you will need to ensure the right culture, processes and controls are in place and embedded to meet our regulatory requirements. And that individuals are supported in understanding and meeting their regulatory responsibilities.

That means you – working closely with the Compliance team – will be responsible for understanding, monitoring, and promoting regulatory requirements related to People Governance. You will also be responsible for implementing and enforcing the relevant processes and practices that drive compliance within the function and wider organisation.

You’re the type of person who will enjoy taking ownership for a wide range of areas critical to the successful delivery of our People Function regulatory agenda and someone who loves driving change. But you’ll also be someone who is comfortable working with ambiguity; there will be times when you will know what to do, and others when you’re not sure but happy to explore, ask, discuss, and challenge as we work to bring about real change and offer genuine support to our colleagues.

What you’ll be doing in the role

You will take ownership for a wide range of areas to deliver our People Function regulatory agenda which will include:

The Senior Managers and Certification Regime (SM&CR)

Responsible for the end-to-end SM&CR process including but not limited to:

• As a single point of contact provide ongoing guidance and support to the regulated population and monitoring any changes to roles and movements within the Regime
• Ownership of the Senior Manager Function and Certification Function processes e.g. Fit and Proper assessments, regulatory applications, inductions and updating the FCA Directory.
• Upskilling and driving awareness of SM&CR related Policies and Standards covering existing People Function processes, controls, and governance requirements
• Completion and distribution of the SM&CR Management Information (MI), including analysis of the population
• Ownership of the Conduct Rules training and delivery to the different cohorts of employees and identifying/reporting any breaches as per regulatory timescales

Material Risk Takers (MRTs)

Responsible for the end-to-end Material Risk Takers (MRT) process, including but not limited to:

• Ownership and management of the end-to-end MRT review process including preparing for the annual MRT assessment meeting
• Identification of new MRTs and movements in the population, providing guidance on the implications to the individual and maintaining the MRT population list and methodologies
• Undertaking reviews of MRT objectives set as part of the PDR process, and highlighting any areas of concern to the People Directors, as well as providing support to MRTs in conjunction with the Risk team on setting risk based objectives
• Providing input to the Remuneration Policy review and other Solvency II related attestations/reports as required

Data Privacy and Information Security

Responsible for all aspects of data privacy and supporting Information Security initiatives across all People Function locations, including but not limited to:

• Completion and assessment of the Privacy Management Framework, culminating in a plan of action for the coming year to improve the functions’ risk profile
• Ongoing maintenance on Employee Privacy Notices as required
• Ongoing management of the People Function retention schedules and associated actions
• Responsibility for project activity, examples being:
  • Supplier due diligence
  • Supporting project change and supporting the completion of Data Privacy Impact Assessments (DPIAs) as and when necessary
  • Schrems II
  • Record of Processing Activity (ROPA)
• Upskilling and awareness of data privacy issues impacting the People Function and its policies and processes
• Being a member of the Privacy Managers Forum, working alongside Privacy colleagues in all locations to ensure that there is a holistic approach to data privacy and the People Function’s requirements are known and considered
• Responsible for management of the data breach process in line with the Group policy

Insurance Distribution Directive (IDD):

Ensuring that IDD role holders are of good repute and assessed accordingly as per both EU and UK regulatory standards, including:

• Identification of roles subject to EU or UK IDD requirements and maintaining methodologies
• Ensuring that EU and UK role holders are assessed in accordance with the requirements as they apply
• Oversight and management of rescreening programs in support of the assessments and as per requirements
• Managing any exceptions and escalations accordingly

First-line Risk Management:

• Supporting the development of the People Function’s internal control monitoring processes, and supporting completion of reviews such as the Risk and Controls Self-Assessment (RCSA)
• Training the People Function team on legislative and regulatory changes
• Drafting relevant Board reports on behalf of the People Function
• Representing the People Function on internal cross-divisional teams supporting the SM&CR framework to share best practices, address issues and plan for future changes

What we are looking for:

• Experience of regulatory risk and compliance within a HR (People) function.
• Experience of managing the Senior Managers and Certification Regime (SM&CR) is highly desirable but comes third on the list after GDPR and non-UK/EU Data Privacy activities.
• Someone who can roll up their sleeves to get the job done with excellent organisation, structure, and time management skills
• Ability to influence stakeholders to drive results
• A love of driving change, leaving things better than you found them
• Experience in recent risk and compliance activity or change
• A proactive approach to manage a diverse workload and stakeholder expectations
• Excellent communication skills and attention to detail

About Hiscox

We embrace hybrid-working practices, balancing the ability to work remotely with the culture and energy we experience when we are face-to-face in our offices. Our focus on collaboration and cross- functional working is supported with virtual tools that minimise physical travel, hot-desking neighbourhoods that create a physical sense of community and Team Charters that our teams co- create to set out how they’ll work together.

This modern way of working has contributed to impressive employee engagement scores across Hiscox and means we’re delivering even better solutions for our Hiscox Colleagues.

As an international specialist insurer we are far removed from the world of mass market insurance products. Instead we are selective and focus on our key areas of expertise and strength - all of which is underpinned by a culture that encourages us to challenge convention and always look for a better way of doing things.

Diversity and flexible working at Hiscox

At Hiscox we care about our people. We hire the best people for the job and we’re committed to diversity and creating a truly inclusive culture, which we believe drives success. We also understand that working life doesn’t always have to be ‘nine to five’ and we support flexible working wherever we can. No promises, but please chat to our resourcing team about the flexibility we could offer for this role.

You can follow Hiscox on LinkedIn, Glassdoor and Instagram (@HiscoxInsurance)

#LI-AS1

#LI-Hybrid

Work with amazing people and be part of a unique culture