MAIN PURPOSE OF ROLE
The Head of Risk & Internal Audit, has overall responsibility for the Risk & Internal Audit function including IT risk. The position is responsible for ensuring the function is closely aligned with industry best practices in executing their responsibilities across PayPoint's business and financial operations. The position ensures roles, responsibilities and results are efficiently coordinated and collectively optimise the effectiveness of risk management, controls and governance for the Group.
- Lead PayPoint's Risk and Internal Audit function by implementing action plans related to risk assessment and audit annual planning, audit execution, audit reporting, staff recruiting and development
- Lead PayPoint's annual risk and controls assessment and ongoing enterprise risk assessments, liaising and agreeing position with senior management and presenting results to the Audit Committee
- Develop and implement a risks and controls framework that meets the new UK requirements and provides appropriate reporting to the Audit Committee
- Support the Head of IT Risk with the identification of IT security, business continuity, change management and data protection risks and controls to minimize PayPoint's risk and ensure continued PCI, LINK and IS027001 certification for all applicable group entities.
- Develop and present the audit plan and ensure it is aligned with the risk profile of the organisation.
- Execute individual audits defined in the audit plan ensuring the area is providing the highest level of service quality and client satisfaction as well as assuring technical, reporting, controls and policy compliance
- Issue all internal audit reports ensuring the reports are clear, concise, identify root causes with practical solutions, and ultimately provide value to management. Manage the process to track, follow-up, and ultimately close all open audit issues leveraging the Audit Committee, if necessary.
- Ensure that Internal Audit is performing its work in accordance with established professional standards and remain abreast of emerging trends and best practices that can be incorporated into the function.
- Meet regularly with the Audit Committee to report the status of Risk & Internal Audit's ongoing monitoring activities, educate/inform the committee of emerging risks and/or exposures (whether internal or external to the company) that should be considered, and serve as a "thought leader" with respect to risk management and internal control best practices.
- Proactively inform senior management of significant risks or exposures related to internal controls, compliance, and/or governance requiring prompt attention.
- Perform internal controls assessments of newly acquired companies and lead efforts to mitigate identified control deficiencies.
- Actively participate in executive management meetings and/or committees to ensure that Risk & Internal Audit is well-informed of key business developments that could have an impact on audit priorities and/or plans.
- Oversee Risk & Internal Audit's participation in critical business and technology initiatives, acquisitions and projects ensuring that audit's perspective is effectively voiced and appropriate controls are designed and implemented on a proactive basis.
- Build, develop and lead a small team of high-performing professionals who possess strong knowledge, experience, ethics, and integrity. Team consists of 7, Internal Audit 2, IT risk 3, Fraud & Police 1 and Risk & Controls 1.
- Liaise with external auditors, supporting where appropriate and explain the work performed and results produced from Risk & Internal Audit's work.
- Manage the Groups annual insurance renewal programme, working with brokers to ensure appropriate coverage and understand trends and developments
- Perform ad-hoc investigations on risks and controls
Knowledge and Skills:
- In depth knowledge of Internal Audit practices (COSO, IIA etc.)
- Strong risk assessment and analytical skills
- Able to identify effective problem-solving solutions
- Good knowledge of accounting and finance principles and practices
- Strong affinity with IT systems and practices
- Proficient business partnering skills with ability to influence stakeholders at all levels
- Confident verbal and written communication skills
- Effective planning, time management and people management skills
- Independently minded and willing to challenge existing business practice
- Tenacity, integrity, discretion and professionalism
- Technology proficient (excel, word, powerpoint, ability to learn new software)
- Able to roll their sleeves up and get involved at detailed level whilst still maintaining a strategic perspective
Experience and Education:
- Degree educated
- Accounting qualification
- Worked in a financial services or technology environment
- Experience in a regulated business and exposure to compliance is helpful
- Strong track-record with proven experience of delivering and successfully managing similar roles including line management experience.