Our client, a specialist medical insurer operating within the APRA-regulated general insurance sector, is seeking an experienced Risk & Compliance professional to support the active embedment of its Risk Management and Compliance Frameworks across Line 1 business functions. This is a hands-on, execution-focused role requiring someone who can translate framework into practice, working directly with business units to build risk and compliance capability from within. The successful talent will bring deep technical expertise across CPS 220, CPS 230, and CPS 234, with a strong grasp of operational resilience and vendor risk. The ideal profile is a seasoned independent consultant with internal or external audit exposure and a track record of delivering in regulated financial services environments, ideally insurance.

Key Activities

• Facilitate workshops with Line 1 business units to identify risks, controls, and control gaps for documentation within the enterprise risk management (ERM) system (preferably Protecht)
• Deliver targeted training and provide ongoing support to enable business teams to embed the risk framework and conduct control testing effectively
• Respond to regulatory queries relating to CPS 230, including operational resilience and third-party/vendor risk management
• Support the embedment of the Compliance Framework, including the obligation register and associated attestation processes
• Manage and report on implementation progress across both the Risk and Compliance Frameworks
• Provide backup coverage for external communications assurance processes (sign-off) for compliance and risk matters
• Respond to ad hoc compliance, risk, and governance queries across the business
• Maintain the Financial Accountability Regime (FAR) framework

Your Background

Essential

• Minimum 5 years of risk and compliance experience within financial services, with insurance sector experience strongly preferred
• Demonstrated expertise in controls design and operating effectiveness testing
• Solid working knowledge of APRA prudential standards, specifically CPS 220, CPS 230, and CPS 234
• Experience embedding risk and compliance frameworks within Line 1 or across business units
• Proven ability to deliver training and build capability at an operational level
• Experience with enterprise risk management software (Protecht preferred)

Desirable

• Internal or external audit background, ideally within a professional services organisation
• Familiarity with the Financial Accountability Regime (FAR) and associated governance requirements
• Prior experience with obligation registers and regulatory attestation processes
• General insurance or medical indemnity sector experience