Compliance / Data Protection Officer job at CIC General Insurance | Apply Now

• Develop an appropriate Compliance Management framework, methodology and process to ensure compliance with all the set-up regulations.

• Provide high quality Compliance advice to Business and Support functions on applicable internal policies, laws and regulations

• Provide advice regarding Anti-money laundering compliance especially; client due diligence, KYC standards, internal policies and local regulations

• Performing real time surveillance and support to prevent misconduct, promoting ethical standards, and monitoring and advising on rules, within the overall objective of reducing noncompliance risk to the business

• Provide in depth analysis on changes to regulations and provide support to the Business on implementation

• Carry out compliance monitoring and perform ad hoc investigations into matters or issues that are escalated to Compliance

• Prepare draft operational policies to assist in compliance with laws and regulation for management approval.

• Coordinate submissi of regulatory returns

• Prepare compliance reports for Management and the Board.

Data Protection Duties

• Establishing the Data Protection framework and implementation plan, and development of policies including developing templates for data collection and assisting with data mapping.

• Guiding the various subsidiaries and departments on the implementation of the Data Privacy requirements and supporting them to ensure compliance with the Data Protection Act (including how to deal with privacy breaches)

• Creating and maintaining a register on comprehensive records of all data processing activities conducted by the company, including the purposes of all processing activities which must be made public on request.

• Training stakeholders involved in data collection/processing, updating the training requirements as well as conducting specific trainings for particular processing requirements.

• Conducting reviews to ensure compliance, accountability and to address potential issues proactively.

• Ensuring that IT systems and procedures comply with all relevant data privacy and protection law, regulation and policy (including in relation to the retention and destruction of data).

• Support the business in preparation of privacy statements for each processing operation, and ensuring processes are put in place to ensure that the privacy statement is provided to the data subjects on all company forms and/or literature, websites and other communication or data collection mediums.

• Collaborating with the Information Security function to maintain records of all data assets and exports, and maintaining a data security incident management plan to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications, and responding to subject access requests (SARs).

• Create Information Base: Create an intranet page for data protection in the institution which includes privacy statements, Data Protection guidelines/instructions of the institution/body, quality assurance reports, Data Protection periodic reports, and any other elements which may be helpful to the controllers and the staff of the organization.

• Serving as the point of contact between the company and the Regulatory Authorities and co-operating with them during inspections by answering any complaints or queries raised.

• Interfacing with data controllers and data subjects to inform them about the use of their data, their data protection rights, obligations, responsibilities, the measures the company has put in place to protect their personal information and to raise awareness on the above.

• Providing quarterly status updates to senior and middle management and drawing immediate attention to any failure to comply with the applicable data protection rules.

• Prepare an annual work programme at the beginning of each year for sign off.

Legal & Company Secretarial Duties

• Provide technical support to the Company Secretary including organizing Board & management meetings, circulation of Board papers and minutes taking as and when required.

• Drafting correspondences, prepare reports and proof-read documents as assigned.

• Coordinate with external Counsel in availing required documentation and support with respect to Court Cases handled on behalf of the Company

• Represent the Company in legal matters before Courts of Law where required

• Conduct and review Agreements, Contracts, and other legal documents as and when assigned.

• Carry out legal research and provide reasoned legal opinion.

• Continuous sensitization of staff of the policies, regulations and standards to be complied with.

• Attend and actively participate in periodic meetings of the Legal Department, and take actions arising from the meetings.