At OakNorth, we’re on a mission to empower the UK’s most ambitious businesses. Since 2015, we’ve lent over $21 billion across the UK and US, helped create more than 58,000 new homes and 36,000 new jobs, and supported hundreds of thousands of personal savers — all while fuelling the UK economy.
We are seeking an independent Head of Internal Audit to lead the Bank’s Internal Audit function and act as the primary owner of the third line of defence. The role is responsible for providing independent assurance to the Board and and Audit Committee regarding the effectiveness of the Bank’s governance, risk management, and internal control frameworks. In addition, the role supports leadership of the Assurance Centre of Excellence to deliver the combines assurance plan which integrates the work of our risk and compliance assurance activity and the activity of the Internal Audit team.
The Head of Internal Audit will develop and deliver the Audit Risk Assessment and Internal Audit plan, oversee the execution of risk-based audits and advisory work across the organisation. The role will help to ensure compliance with relevant regulatory frameworks, including PRA/ FCA expectations and Federal Reserve and NYDFS expectations for our NY Rep Office
Given the bank is a cloud native fintech the Head of Audit needs to have a good understanding of data and technology required for a digital first international bank. In addition to this, the Head of Audit should have a good understanding of the emerging risks around AI models, agentic processes and technology platforms. The other critical area for the Bank is credit, and the successful individual should understand the credit cycle and risks arising from SME lending.
Key Responsibilities
• Lead and manage OakNorth’s the Bank’s Internal Audit function as the third line of defence, providing independent assurance to senior management and the Board internationally. This covers OakNorth Bank, ONGPL and ON’s US holdings. .
• Maintain a strong understanding of the key current and emerging risks affecting the Bank, including credit, operational, technology, regulatory, conduct and AI-related risks.
• Have a continuous improvement mindset and lead the team to continuously assess and improve their approach and methodologies. This includes a focus on efficient use of tooling, data and AI.
• Provide independent oversight of the effectiveness of risk management, governance processes, and internal controls across the organisation.
• Ensure the Internal Audit function maintains sufficient expertise to assess technology, data, and AI-related risks across the Bank.
• Build strong relationships with senior stakeholders while maintaining independence and objectivity.
• Work closely with the CRO and second line teams Assurance CoE in the execution of the combined assurance plan.
• Lead the audit planning process, including scoping, logistics, staffing, and audit programme definition.
• Coordinate the timely execution of audits, utilising internal resources as well as co-sourced or third-party providers where appropriate.
• Ensure adequate audit coverage of all risk types with a focus on credit, prudential, regulatory, technology platforms, AI models, data governance, cyber security, and model risk management frameworks.
• Oversee audits across the Bank to ensure appropriate coverage of key risk areas and regulatory requirements.
• Ensure audit activities demonstrate the firm’s compliance with SYSC 6.2, US requirements for Internal Audit in Financial Services (e.g. OCC Comptroller Handbook for Internal Audit), and other applicable regulatory frameworks Global Internal Audit Standards and the Financial Services Internal Audit Code.
• Provide practical and meaningful recommendations to address control weaknesses and improve risk management practices.
• Track audit findings and ensure timely remediation of identified issues.
• Maintain strong engagement with the Audit Committee, regulators, and senior leadership, ensuring transparency and effective communication.
• Ensure the Internal Audit function operates in line with PRA F and FCA, and for the US operations Federal Reserve and NYDFS expectations, relevant professional standards, and evolving regulatory guidance on AI governance and technology risk.
• Oversee the effective use of external audit specialists, particularly in areas such as technology, cyber security, and AI auditing.
• Ensure budgets for co-sourced or outsourced services are appropriately managed.
Experience & Skills
• Strong understanding of UK banking regulation, PRA/FCA expectations, and SYSC requirements. Some knowledge of US regulations and/or the expectations of the Federal Reserve and NYDFS would be useful.
• Experience delivering risk-based audit programmes across credit, operational, technology, and regulatory risk areas.
• Familiarity with AI governance, model risk management, data governance, and technology risk frameworks.
• Experience managing co-sourced or outsourced audit relationships.
• Strong analytical and problem-solving capabilities, with the ability to assess complex risk environments.
• Strong communication skills with the ability to present clearly to senior management and Board-level committees.
• Strategic thinker with the ability to identify emerging risks and adapt audit coverage accordingly.
• Collaborative leadership style with the ability to influence senior stakeholders while maintaining audit independence.
• Tech forward approach with ability to leverage analytics and AI to improve the audit process.
OakNorth London, England Office
57 Broadwick Street, London, United Kingdom, W1F9QS
