Risk Business Partner – Third Party Risk Management
Listed on 2026-07-08
-
Finance & Banking
Risk Manager/Analyst, Regulatory Compliance Specialist, Financial Compliance
Role Description
The objective of the Second Line Risk team is to deliver, coordinate and continuously develop an effective Risk Management Framework that provides the tools to enable FNZ to identify, assess, control and monitor risk; and through that framework manage risk within the appetite of the business, our clients, and regulators. The Risk Business Partner brings both experience and knowledge of operational risk management tools and frameworks demonstrated through practical experience and achievements in similar roles.
This Second Line risk role will support the implementation and maintenance of the Risk Management Framework to support FNZ’s business plan and the regulatory environment it operates in. This includes provision of oversight of the application of risk management policies and procedures and working with the business to facilitate the understanding and embedding of these within FNZ.
- Provide independent Second Line oversight of the firm’s Third‑Party Risk Management framework.
- Review and challenge supplier risk assessments, due diligence activities and ongoing monitoring arrangements.
- Ensure appropriate oversight of critical, material and outsourced service providers.
- Assess third‑party risks, including operational risk, information security risk, cyber risk, data privacy risk, financial crime risk, conduct risk, business continuity and operational resilience risk, concentration risk, geographic and country risk.
- Monitor supplier risk profiles and ensure emerging risks are escalated appropriately.
- Challenge risk acceptances and remediation plans where control weaknesses are identified.
- Support oversight of supplier incidents, service failures and operational resilience events.
- Prepare risk reporting for management, executive committees and board forums.
- Represent Second‑Line Risk at appropriate FNZ governance committees.
- Provide management information and key risk metrics relating to third‑party risks; ensure material supplier risks, issues and trends are communicated to senior stakeholders.
- Support preparation of regulatory submissions and responses relating to outsourcing and supplier management where required.
- Maintain and continuously improve Third‑Party Risk Management policies, standards and procedures.
- Provide independent review and challenge of supplier onboarding, renewal and exit activities.
- Participate in thematic reviews, deep dives and assurance activities across supplier populations.
- Track and monitor remediation actions arising from audits, risk assessments and regulatory reviews.
- Facilitate risk and control assessments relating to third‑party arrangements.
- Use the Governance, Risk & Compliance system (Archer) to support the risk management oversight of third‑party arrangements.
- Build strong relationships with team and functional leadership, procurement teams and supplier managers.
- Act as a trusted adviser to the business on third‑party risk matters.
- Support delivery of risk training and awareness programmes.
- Promote a culture of effective risk management and accountability throughout the organisation.
- Monitor relevant regulatory developments impacting outsourcing and third‑party risk management.
- Provide guidance and insight on emerging third‑party risk trends, including cyber threats, concentration risk and operational resilience expectations.
- Support implementation of regulatory requirements and industry best practices.
- Collaborate with all members of the UK regional Risk & Compliance function and support the Head of Risk and UK CRO to ensure the team remains effective.
- Previous Third‑Party Risk Management oversight experience within a Second Line Risk, Operational Risk, Supplier Risk or Enterprise Risk function.
- Experience overseeing critical and material third‑party suppliers within a regulated financial services environment.
- Strong understanding of Third‑Party Risk Management lifecycle activities, including: due diligence; risk assessments; contractual risk considerations; performance monitoring; issue management; and exit planning.
- Strong critical thinking ability with the ability to challenge constructively.
- Excellent written and verbal…
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: