As Deloitte UK's reliance on third parties increases, so does the potential for these relationships to cause financial and operational loss to the firm. Increasing levels of interest and scrutiny mean regulators and clients are requesting that the firm's third parties also meet regulatory and policy requirements.
An opportunity has arisen for an individual to play a key role in Deloitte's second line of defence against its enterprise risks, by overseeing, assessing and managing Deloitte's Third Party Risk Management (TPRM) capability. This helps the firm mitigate and manage the risks, which arise when Deloitte procures or uses goods or services, to support the operations of the firm or to support the delivery of client engagements.
Join us and you can apply your expertise in third party risk to oversee the effective implementation of TPRM, to give our business the confidence to make informed decisions about our third parties and better manage the associated risks.
National Quality and Risk Management (NQRM) is a centralised group within Deloitte's second line of defence risk function - Quality, Risk and Security (QRS). The Head of Third Party Risk Management will report directly to the UK Head of NQRM.
The Quality, Risk and Security (QRS) community is an overarching identity for all of the professionals who manage quality and risk for Deloitte. It comprises: Deloitte Business Security (DBS), National Quality and Risk Management (NQRM), Quality & Risk Operations (QR Ops), and Service Line Quality and Risk Management teams, and is led by a dedicated partner who sits on the firm's Executive Committee.
The Head of TPRM will be responsible for overseeing the effective implementation of the TPRM policy, framework, and programme of activities. Working alongside a number of governance committees and stakeholders sitting within the first line of defence, this role will contribute to the firm's second line of defence to protect the firm against risks arising from third party relationships, to ensure firm-wide compliance with the TPRM programme and the effectiveness of the TPRM framework.
The successful candidate will have exposure to developing, implementing and operating risk management functions in global organisations, with robust knowledge of related tools and technology. Prior experience working with third parties in some capacity is a must. Experience working across countries is desirable, as the scope for TPRM across Deloitte may expand and develop regionally and globally.
This is an exciting and highly challenging role that requires strong leadership, clear vision and the development and maintenance of excellent stakeholder relations.
- Lead TPRM across Deloitte UK (and potentially elsewhere in the future).
- Own the TPRM Policy and Framework.
- Govern and chair the TPRM Steering Group to monitor third party risk and firm-wide compliance with policy requirements.
- Act as the primary point of contact for senior stakeholders across the firm for any matters related to TPRM.
- Act as the customer / client of the TPRM Managed Service, the first line of defence function that supports Deloitte colleagues to execute their TPRM responsibilities.
- Have oversight of all TPRM related Technology.
- Oversee all aspects of TPRM in Deloitte, ensuring TPRM is delivered in a consistent manner in line with the TPRM Policy and Framework.
- Liaise with senior stakeholders across the firm to ensure the TPRM programme and policies align with the business strategy, objectives and other policies.
- Be the main point of contact on TPRM with other Deloitte member firms.
- Ensure adherence to new and existing regulatory guidelines on third party risk.
- Produce and own the communication and awareness strategies relating specifically to third party risk management.
- Issue regular updates and reports to the Head of NQRM and the QRS Executive Committee.
- Managing diverse teams within an inclusive team culture where people are recognised for their contribution
Your work, your choice
At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk. We carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. Please speak to your recruiter about the working pattern that works best for you.
Location: Deloitte's risk management function is predominantly based in Cardiff or London. Successful applicants could also potentially work out of one of Deloitte's regional hubs, with travel to London or Cardiff as required.
Work pattern: This is a permanent contract opportunity. The role can be worked on a full time basis. Our team members work a variety of agile working patterns. Tell us what arrangement works for you and we'll try to accommodate.
Your professional experience
Successful candidates should possess the following attributes:
For a full job description please visit our online Deloitte Careers portal.
- Experience in a management role and in working with international businesses.
- Deep knowledge and experience in implementing and running TPRM programmes, and of cross-industry TPRM good practice.
- Experience of risk management in business with an understanding of working in regulated environments.
- Excellent knowledge of information and data security, financial crime, business continuity, and contract risk.
- Demonstrable understanding of project and stakeholder management, with experience of working closely with senior management.
- Exceptional project management and leadership skills evidenced by a track record of implementing risk frameworks.