Senior Risk and Compliance Manager - Singapore - AMPLIFY HEALTH ASIA PTE. LIMITED

Description

Our Culture and Values

At Amplify Health, we believe in fostering a culture that embodies the spirit of Courageous Entrepreneurs. We are passionate and innovative individuals who continuously strive to push boundaries and think outside the box. We understand that calculated risks are essential for driving progress, and we view failures as valuable opportunities to learn and grow.

As Outstanding People, collaboration, learning, and growth are at the core of our values. We trust and rely on each other, working together as a unified team to achieve our goals. When success comes our way, we celebrate it as a collective achievement, and we are committed to improving and excelling together.

We firmly believe in the mantra of Discuss, Decide, Do. Listening is fundamental in our decision-making process, and we act promptly, ensuring accountability in everything we do. Simplicity is the key to our efficiency, and we get things done quickly and effectively while being guided by facts and understanding.

At the heart of our pursuits lies a Lasting Impact. We prioritize the needs of our customers, and we are crystal clear about the problems we are solving for them. Progress is our north star, and while we strive for excellence, we acknowledge that perfection is a journey, and we remain focused on delivering excellent products that make a tangible difference.

If you are a passionate and innovative individual who thrives in a collaborative environment, where courage is celebrated, and customer focus is paramount, we invite you to join our team. Together, we will shape the future with our unwavering commitment to excellence and the determination to make a lasting impact in the industry.

Where you would add value

As Risk and Compliance Manager, you will report to and support the Head of Risk and Compliance to drive, execute and manage the end-to-end Risk Management Framework and its effective implementation across business and in accordance with the Board and regulatory requirements.

How you would make a difference

1. Risk and Compliance Governance:

• Support the Head of Risk and Compliance to drive implementation and continuously enhance Amplify Health's Risk Management Framework as well as lead and embed Risk Management Framework by working as a second line of defence, for all categories of risk, in all parts of the business.
• Establish and assess the adequacy of internal risk controls and monitor that the Business is operating within limits and policies.

2. Strong Risk and Compliance Culture:

• Instill risk ownership amongst functional leaders to promote proactive, positive, risk culture, which is embedded and aligned with the business, and contributes to protecting company's reputation and assets.
• Work closely with the Group Compliance and Functions to deliver Compliance and ethics training and awareness activities; facilitate ethics awareness; drive risk culture enhancement programmes to foster and embed a resilient risk-aware, culture of ethics and compliance.
• Develop and implement compliance training programs to educate employees and increase their awareness of the latest legal and ethical standards that apply.

3. Risk and Compliance Management:

• Provide second line review and advice on new initiatives, key projects from risk and compliance perspectives. This includes, but is not limited to, providing information security and data controls review on major technology initiatives to ensure that the security and data protection standards and requirement are met, and risk mitigation are appropriately implemented.
• Perform the responsibilities of the organisation's Data Privacy Officer and work closely with internal stakeholders to ensure adequate information security and protection of confidential data in accordance with Personal Data Privacy Act.
• Identify and proactively manage the key risks, with the corresponding controls embedded in the respective policies & standards. Work with business functions on risk treatment plans and monitor execution status.
• Assess the impact of new/revised regulatory and conduct impact and gap analysis on the changes. Partner with functional teams on the implementation.
• Embed technology risk framework and processes for governance, risk and control, and help establish a forward looking / proactive view on emerging technology risks and opportunities.
• Conduct annual risk & controls assessment and review Amplify Health's key risks and controls within the business to ascertain their operating effectiveness. Continuously evaluate the effectiveness of the risk and compliance program by measuring and monitoring key risk and compliance activity and trends, participating in Risk and Compliance forums.
• Effective communication of risk and compliance matters including timely, complete, and accurate reporting and/or escalation in accordance with relevant protocols, including regular reporting to board and relevant management committees.
• Manage and support internal/external audit engagement. Oversee and guide business units in the development and management of action plans in response to audit findings.
• Provide oversight and support on general compliance matters/Group initiatives, including localisation of Group Compliance policies, standards and guidelines where required.
• Be involved in new initiatives/projects and provide compliance advisory to business units to address regulatory and Group requirements.
• Support Group Compliance in investigation of cases reported through "Ethics Hotline" till closure and manage any personal data protection-related queries and complaints.

What you need to be successful

• At least 8 years of relevant work experience in Technology Risk, Compliance and Data Privacy, preferably in Financial Institution or Health Care related area
• Good technology risk and compliance understanding on emerging and current standards and best practices regarding Data privacy, protection, security and technology platforms including enterprise technologies (Cloud, DevOps etc.).
• Strong knowledge of Technology Risk Standards and Industry Standards frameworks as well as relevant of regulatory requirements, e.g. Data privacy laws
• Ability to work independently as well as in a team
• Experience in a startup an advantage
• Substantial stakeholder management experience
• Relevant certifications an advantage, i.e. Certified information Privacy Professional (CIPP), Certified Information Privacy Manager (CPIM), Certified in Governance of Enterprise IT (CGEIT), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC).