We are seeking an visionary Head of Third-Party Risk Management (TRPM) to establish and lead an outstanding TRPM function. This is a critical leadership role in ensuring that our third-party engagements align with our business objectives, risk appetite, and regulatory requirements. You will shape and implement a strategic governance framework that enhances our third-party risk capabilities, supports sustainable growth, and drives operational excellence.
What will you be doing?
1. Strategic Leadership:
- Develop, implement, and refine a global Third-Party Risk Management (TRPM) strategy aligned with the company's growth objectives and risk appetite.
- Foster a culture of proactive risk management and accountability across the organisation.
- Collaborate with senior leadership to identify strategic third-party risks and mitigation opportunities.
2. Framework Development:
- Design and establish a comprehensive TRPM governance framework, including policies, standards, and procedures, ensuring compliance with industry regulations and best practices.
- Develop scalable processes for third-party risk assessments, onboarding, monitoring, and termination.
- Introduce robust metrics and Key Risk Indicators (KRIs) to track and report on third-party risk performance.
3. Risk Oversight and Operations:
- Build and lead a team responsible for conducting risk assessments of third-party vendors, contractors, and partners across key risk domains (e.g., operational, cybersecurity, financial, regulatory, and reputational).
- Build processes to identify, assess, and respond to emerging third-party risks across global markets.
- Monitor third-party performance to ensure compliance with contractual obligations, service levels, and risk expectations.
4. Governance and Reporting:
- Establish a clear governance structure for third-party risk management, ensuring cross-functional collaboration across legal, procurement, IT, and business units.
- Provide regular reports to executive leadership and the board on third-party risk exposure, trends, and remediation activities.
- Ensure timely communication and escalation of significant third-party risks or incidents.
5. Capability Building and Continuous Improvement:
- Drive process optimisation and automation to enhance the efficiency and effectiveness of TRPM activities.
- Lead the implementation of third-party risk management tools and technologies to improve visibility and control.
- Develop training programmes to increase TRPM awareness and capabilities across the organisation.
- Benchmark TRPM practices against industry standards and identify opportunities for continuous improvement.
Skills and Experience
Essential:
- Proven experience in risk management, compliance, or procurement, with a focus on third-party or vendor risk.
- Consistent track record of designing and scaling TRPM frameworks in a global organisation, preferably in financial services or insurance.
- Deep understanding of third-party risk domains, including regulatory compliance, cybersecurity, data privacy, and operational resilience.
- Strong leadership skills with the ability to influence and engage stakeholders at all organisational levels.
- Experience with implementing third-party risk management technologies (e.g., GRC platforms, vendor management systems).
- Exceptional analytical, problem-solving, and decision-making skills.
- Excellent communication skills, including the ability to present complex concepts to executive stakeholders.
Desirable:
- Knowledge of insurance regulations and standards (e.g., Solvency II, GDPR).
- Professional certifications such as Certified Third Party Risk Professional (CTPRP), Certified Information Systems Auditor (CISA), or Certified Risk Manager (CRM).
- Global experience working with culturally diverse teams and markets.