Risk & Compliance Manager

Job Description:

DATA PROTECTION

1. Serve as the main/first point of contact between the Group and all relevant data protection authorities/ regulators.
2. Ensure the Group’s policy is in line with the General Data Protection Regulation (GDPR) and code of practice.
3. Evaluate, review and enhance the existing framework, ensuring its relevance with the Group’s businesses in consultation with key stakeholders.
4. Proactively conduct regular internal security audits to ensure compliance, address potential issues and submit monthly reports for management’s review.
5. Provide guidance, and support, and act as the subject matter expert to Management and fellow colleagues.
6. Conceptualise, and translate ideas and regulations into an effective training package; train and conduct workshops for internal staff members.
7. Train and guide members of staff involved in processing data on all the key salient points for compliance.
8. Follow up with changes in law and provide suggestions to ensure compliance with GDPR.
9. Foster a data protection culture amongst employees and communicate personal data protection policies to stakeholders.
10. Manage personal data protection-related queries and complaints.
11. Alert management of any risks that might arise with regard to personal data management.
12. Liaise with PDPC on data protection matters.

OTHER RISK AND COMPLIANCE DUTIES

1. Creating and implementing an effective compliance program, statutory and operationally.
2. Ensuring that the compliance program effectively prevents and/or detects violations of law, regulations, organization policies, or the code of conduct.
3. Regularly reviewing the compliance program and recommending appropriate revisions and modifications, including advising the Senior Management of potential compliance risk areas.
4. Conducting yearly compliance refresher training.
5. Process owner for the following policies:
1. Anti-bribery policy
2. Gifts and hospitality
3. Whistleblowing policy
6. Spearhead the implementation of Enterprise Risk Management and maintain the risk register for the Group.

Job Requirement:

1. Minimum degree from accredited universities with 5 years of relevant experience.
2. Critical and strategic thinking, ability to provide sound judgements in challenging situations and be assertive as needed.
3. Experience in legal, audit, and/or risk management roles will be an added advantage.
4. Good interpersonal skills and ability to work independently, objectively, and constructively.
5. Strong interpersonal, negotiation, organisational and report-writing skills.
6. Team player with project management skills.
7. Excellent communication and presentation skills.
8. Ability to work under pressure, hands-on experience in audit, investigation, training, policy development and process improvement.