Head of Compliance

Wrisk is reinventing insurance for today's digital consumer based on a vision that insurance ought to be simple, transparent and personal. The insurance platform developed by Wrisk combines the best customer experience, modern technology, insurance know-how and a unique distribution strategy for the automotive sector. Having already created differentiated insurance experiences in the EU and the UK for brands like BMW, MINI, Volvo, Toyota, Landrover, Wrisk is now expanding platform capability and intermediation to target more EU markets, initiatives and territories.

The purpose of this role is to define and direct the regulatory strategy and integrity framework for Wrisk’s regulatory subsidiaries in the UK. This function is critical to ensuring that all bespoke insurance products and distribution channels are fully compliant with all Financial Conduct Authority (FCA) and other regulatory and legal requirements, maintaining the firm's reputation with insurance providers and guaranteeing fair outcomes for all customers.

Key responsibilities within this purpose include:

• Mandating and owning the overall Compliance Monitoring Plan, including setting the strategic direction for risk evaluation and mitigation across the firm.
• Ensuring Wrisk regulated UK subsidiaries adheres to all relevant regulatory requirements, specifically those mandated by the FCA and the Data Protection Act (DPA).
• Providing the Board with timely and comprehensive information regarding regulatory updates and all potential risks facing the business.
• Designing and embedding a best-in-class regulatory and risk control framework that directly supports the Board and Senior Management in discharging their statutory obligations.
• Overseeing and managing the regulatory calendar and incorporating corresponding operational standards.
• Acting as an exemplar and advocate for high standards of conduct, driving the firm’s compliance framework across the entire business and among all third-party suppliers.
• This role is designated as a Senior Manager regulatory role under the Senior Managers & Certification Regime (SM&CR).
  

Accountabilities

• SMF Responsibility: Formally holding and executing the responsibilities of SMF16 (Compliance Oversight) for Wrisk Transfer Ltd.

• Regulatory Interface: Lead and own the firm’s relationship with the FCA and other regulatory organisations, acting as the primary point of contact for all regulatory engagement, queries, thematic reviews, managing all necessary reporting, notifications, and maintenance of Threshold Conditions.
• Risk and Compliance Framework: Maintaining a robust framework aligned with the firm's principles and culture. This includes:
• Providing compliance leadership to navigate regulatory rules and manage WTL’s firm-wide risk and compliance systems.
• Advising the Board on risk and compliance matters, including identifying, recording, and reporting on breaches, risks, and conflicts of interest.
• Overseeing the preparation of monthly risk and compliance reports for the Board, highlighting issues and recommending resolutions.
• Reporting: Meeting reporting obligations for the FCA, Information Commissioner's Office (ICO), Companies House, Insurers, and any other external or internal party as required.
• Product Oversight and Governance:
• Chair the Product Governance Committee and approving all new products in line with the product approval process, ensuring adherence to PROD, Consumer Duty and Treating Customers Fairly (TCF) principles.
• Reviewing existing products to ensure regulatory compliance and fair value assessment.
• Consumer Duty and Culture: Sponsoring, championing, and embedding the Consumer Duty framework across Wrisk. This includes ensuring that product design, price and value, and consumer support are evidenced and audited, reporting on the measurement of its application, and collaborating closely with HR to ensure regulatory conduct and competence requirements are a fundamental part of the firm's cultural and performance framework.
• Appointed Representatives (ARs): Overseeing the due diligence and ongoing monitoring of any ARs or third-party distributors to ensure they maintain standards equivalent to Wrisk's.
• Policy Management: Maintaining a comprehensive suite of internal policies (e.g., Conflicts of Interest, Vulnerable Customers, Financial Crime) that are practical and updated annually.
• Insurance Distribution: Ensuring WTL complies with all relevant regulations regarding general insurance product distribution, Consumer Duty, TCF, and the customer’s best interest rule in sales, post-sales service, and complaints.
• Financial Promotions and Marketing: Taking ownership and control of the approval process to ensure all financial promotions comply with the FCA principle of clear, fair, and not misleading, along with all applicable ASA rules.
• Training and Competence: Establishing and maintaining a framework that ensures all staff involved in regulated activities, their supervisors, and managers are appropriately skilled, trained, and evidenced as competent.
• Regulatory Knowledge: Proactively keeping abreast of all applicable regulations (including FCA, DPA 2018, financial crime, Companies House, and ASA) and ensuring the firm’s processes and procedures are updated accordingly.

Fintech & AI Regulatory Awareness (Desirable)

• Familiarity with UK open banking regulatory permissions, including Account Information Service Provider (AISP) and Payment Initiation Service Provider (PISP) models under the Financial Conduct Authority regime

• Understanding of PSD2 requirements, including Strong Customer Authentication (SCA) and explicit consent management for access to customer financial data
• Awareness of regulatory expectations when using transaction-level financial data for affordability, underwriting, or behavioural risk assessment
• Awareness of classification and obligations under the EU AI Act, particularly for high risk decisioning systems
• Understanding of regulatory expectations for automated decision making, including transparency, explainability, and customer rights under UK GDPR