Risk and Compliance Manager
Permanent, Full Time (but may consider part time applicants)
About Morton Fraser
At Morton Fraser we are a different kind of law firm, independent by choice and a place where we make our own decisions and our people can have their own say. Our culture empowers all of our people to be the best they can be.
You’ll get responsibility early on and the support to make great things happen. And because we understand that hard work comes from people who are empowered to be at their best more of the time, we offer an agile working environment.
We are charting our way to become the best in our field, so if you share our ambition, come chart your best course with us.
Summary of role
To manage the firm’s risk management and compliance activities to support our approach to good governance.
We are looking for a dynamic and self-motivated individual to take responsibility for, and drive improvements in, the firm’s risk management and compliance regime. Although the role will include all areas of risk and compliance, the principal ones will be anti money laundering (AML) and data protection / information security. The individual will become a member of a wider team, supporting and being supported by key stakeholders within the firm who already have a role in risk and compliance.
We are looking for an individual to establish themselves as the “go to” person for all things risk and compliance-related. The role will involve having a thorough understanding of the legislative and professional context in which the firm operates, and of its internal policies and procedures, with a view to providing expert advice to fee earners, and implementing improvements where required.
The role may suit a qualified solicitor or compliance professional with experience of regulatory work.
- Manage the firm’s anti-money laundering regime, including maintaining the firm’s suite of policies and procedures, designing and delivering training, fielding questions / giving advice, handling internally escalated issues (e.g. suspicious activity reports), monitoring compliance to include compliance with the Law Society of Scotland’s requirements, and ensuring continual review and improvement.
- Become actively involved in managing the firm’s data protection and information security regime. This will include maintaining the firm’s Information Security Management System, providing pragmatic guidance to fee earners, delivering training, handling data protection breaches and subject access requests, and ensuring the firm is compliant with data protection law.
- Provide administrative support to the Client Relations Partner, including reviewing and updating the Complaints Register, and implementing a process whereby lessons are learnt and continual improvements made.
- Develop and maintain systems and processes to deal with conflicts of interest, and deliver induction training to new employees.
- Share knowledge on risk and compliance issues by providing updates and training to stakeholders.
- Take ownership of the firm’s Terms of Engagement, ensuring they are up to date, fit for purpose, and remain accredited by the Plain English Campaign.
- Oversee compliance with the SRA, including renewing the firm’s recognition and supporting the resolution of any English regulatory issues.
- Take responsibility for, or provide support to, other areas of risk management, such as business continuity, FCA compliance, Anti-Bribery and Corruption, and professional indemnity insurance renewals.
- Ensure compliance with any other relevant legislation, such as health and safety, the Modern Slavery Act, Criminal Finance Bill and Consumer Contracts regulation, including drafting and maintaining policies and procedures and delivering relevant training.
Qualifications and Experience
The ideal candidate will have some (if not all) of the following:
- Experience of managing compliance in a professional services firm
- Experience of developing a risk management culture in SMEs
- Experience of developing and auditing control systems
- Knowledge of AML and data protection legislation
- Good IT skills are essential
- You have excellent communication skills, you are articulate, you communicate clearly, concisely and without any jargon.
- You enjoy working within a team and autonomously on your own initiative.
- You are able to manage a busy workload and prioritise tasks effectively so that both reactive and proactive work is completed/progressed in a timely fashion.
- You are personable and good at building and developing client relationships.
- You are confident and you have a strong belief in yourself and your own ability.
- You are committed to delivering an excellent client experience and willing to put in extra time and effort when required