Reporting to the Head of Compliance & Data Protection which oversees both the Group Compliance Unit (GCU) and Group Data Protection Office (GDPO).
You will be responsible to provide critical support to both the GCU and the GDPO in strategising, planning, and implementing programmes and/or initiatives under the purview of the Head of Compliance and Data Protection as the Group Data Protection Officer (DPO) and ultimately under the Group Chief Risk Officer (GCRO) as the Head of Department for the Group Risk Management and Compliance Department (GRMCD).
Key Accountabilities:
- Assist with the overall organisation and administration of both the GCU and GDPO in the administration setup, the organization and management of the data protection office, including gaining the necessary knowledge on data protection processes and procedures.
- Understand all group-wide compliance relating to data protection initiatives and assist in coordinating the implementation of these initiatives within the group and operating divisions.
- Understand group/operating division-specific compliance and data protection policies and help to ensure compliance by following established guidelines under the purview of GCU/GDPO including but not limited:
- Formulation and implementation of policies owned or supported by GCU/GDPO including but not limited to anti-bribery and anti-corruption (ABC), anti-money laundering and counter financing of terrorism, sanctions, insider trading, corporate governance, conflict of interest, personal data/data privacy and others
- Ensuring data protection by design and default
- Advising on compliance and data protection obligations
- Monitoring internal compliance relating to ABC and data privacy/data protection
- Investigating potential compliance and data breaches
- Implementing corrective and preventive actions
- Preparing Compliance and/or Data Protection Impact Assessments (when necessary and/or required)
Additional duties:
- Assist in managing incidents, breaches, queries and complaints, i.e. handle, coordinate, and facilitate data protection incident reporting flow and respond to queries with the Division Compliance Leads (DCLs) and/or the Division Data Protection Officers (DDPOs). Collaborate with senior team members to address issues relating to other country Divisions or Business Units (BUs).
- Keeping abreast of both compliance and data protection laws and regulations and where necessary, attend training sessions to enhance knowledge including but not limited to ABC, Personal Data Protection, Anti-Money Laundering and Counter Financing of Terrorism, Sanctions, Insider Trading, Corporate Governance etc.
- Assist in coordinating and support in promoting a compliance and data protection culture among colleagues by providing training and supporting staff on compliance and data protection, developing and delivering staff awareness programmes.
- Participate and coordinate (as and when required) in both compliance and data protection audits and risk assessments, including the identification of risk mitigation relevant to both GCU and GDPO.
- Assist in reporting progress to Senior Management by providing updates on relevant activities relating to both GCU and GDPO.
- Contribute and provide support in the development and delivery of compliance-related programmes and/or initiatives of both GCU/GDPO functions such as training, corporate communication, education and awareness campaign and assist in driving a workplace culture of integrity, transparency and accountability regarding IHH Group's policies especially those under GCU/GDPO's purview.
- Perform any other related tasks as and when required/directed.
Requirements
- Degree in relevant data protection and compliance discipline with minimum 5 to 7 years of associated working experience. Professional certification or accreditation in Compliance and Data Protection is an added advantage.
- Prior or existing experience in developing and implementing data protection policies, standard operating procedures, guidelines, frameworks, project and stakeholder management.
- Good command of English and written communication.
- Good information research skills. Adept at leveraging IT solutions in support of project implementation.
- Proficiency with the use of Microsoft Office suite including but not limited to Word, PowerPoint, and Excel.