Technical Regulatory Compliance Manager (9-Month FTC)

Starling is the UK’s first and leading digital bank on a mission to fix banking! We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way.

We’re a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We’re a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,000 people across our London, Southampton, Cardiff and Manchester offices.

Our technologists are at the very heart of Starling and enjoy working in a fast-paced environment that revolves around building, creating, and disrupting to keep us on the cutting edge of the industry. Innovation and collaboration will be at the core of everything you do. We operate a flat working structure to empower you to make decisions regardless of what your primary responsibilities may be. Help is never far away either and you will find support in your team and from across the business - we are in this together!

The way to thrive and shine within Starling is to be a self-driven individual and be able to take full ownership of everything around you: from contributing code to sharing knowledge with your colleagues and making sure all processes are efficient and productive to deliver the best possible results for our customers. Our purpose is underpinned by five Starling values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.

Hybrid Working

We have a Hybrid approach to working here at Starling - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. In Technology, we're asking that you attend the office a minimum of 1 day per week.

About the role

Starling is growing our first line Information Technology Risk Management Team (ITRM) and is looking for a technical regulatory compliance manager who is passionate about making a difference in the development of the risk, control and compliance space, and has a drive to facilitate the implementation of compliant technology led solutions to our Banking services.  

As a member of our first line ITRM team, you will be responsible for ensuring Information Technology complies with the relevant industry rules and regulations, ensuring our regulatory obligations are met, and avoiding any issues which may impact the business adversely.  This role will require collaborative working with all stakeholders including second and third line to ensure compliance, operational efficiency and continuous improvement.

Reporting to the Chief IT Control Officer via the Technical Resilience Director, you will have the responsibility for the protection of Information Technology’s reputation and integrity through the coordination of first line compliance activities and the preparation for regulatory attestations and accreditations. This will enable Information Technology to contribute to the delivery of the Bank’s integrity and reputation through demonstrable compliance delivery.

What you'll get to do:

• Monitoring and the provision of evidence to support compliance with laws, regulations and internal policies
• Supporting the SMF24 and others with responsibilities under SMCR to enable the delivery of regulatory expectations; ensuring timely and accurate submission of attestations 
• Support the evolving regulatory compliance work associated with operational resilience and in Technology’s Business Continuity and Disaster Recovery planning, including the assurance of compliance across the technology supply chain
• Interpreting and communicating regulatory changes, ensuring that all findings are recorded and followed up with appropriate stakeholders / teams
• The investigation of any irregularities, breaches and non-compliance issues
• Championing compliance best practice and contributing to robust and effective compliance controls within the organisation
• The performance of risk assessments, technology led thematic reviews and internal compliance audits to understand compliance risk level, significance and scope
• IT policy development: advisory and assurance across the compliance elements / implications within the IT governance documentation suite
• Helping the business function to identify solutions to compliance issues
• The implementation of preventative and/or corrective measures to mitigate compliance risk
• Creation of a function-wide compliance culture through the education about regulation and industry best practices, with insight into the impact of non-compliance on the organisation
• The review of technical change to assure compliance with regulatory / scheme requirements
• Ensuring that the correct internal policies and procedures are in place to achieve compliance with external regulations.
• Assisting in the gathering of internal information in response to regulatory requests
• Managing voluntary best practice relating to professional standards
• Collaborating with other departments / functions / lines of defense to create a culture of compliance
• Compliance monitoring including the development and tracking of compliance metrics and ensuring adherence to internal controls
• Investigating compliance violations or irregularities
• Reporting on current compliance risks and compliance performance across Information Technology
• Highlighting / escalating areas of concern to the Information Technology departmental and team leads, risk owners and Chief IT Control Officer as required.
• Keeping up to date with the evolving regulatory environment.

• Have a comprehensive understanding and working knowledge of the UK’s regulatory environment and sourcebooks

• Be able to advise and make recommendations to the business on regulatory compliance matters
• identify opportunities for and where appropriate recommend business process improvements to ensure compliance 
• Have a pragmatic approach and be able to work collaboratively  within the compliance spaces across a technology driven environment
• Have an understanding of compliance risks across technology, information security and regulatory environments
• Have an understanding of the principles of IT Risk Management 
• Have knowledge of ISO accreditations against which to monitor compliance
• Have knowledge of industry standards such as COBIT, NIST, SOC I and SOC II, and PCI-DSS against which to monitor compliance
• Have previous knowledge of CASS, BACS, SCV, Pay UK and Swift CSP against which to monitor compliance
• Be proficient in working with external auditors
• Share knowledge and provide guidance on internal bank first line or similar related processes.
• Take responsibility and do the right thing for customers, colleagues and partners.

Experience across one or more of these areas is useful but it is not expected that you will have worked in all of these.

The following skills and experience are desirable: 

• Experience working within financial services, specifically within technology risk management.
• Experience working with key stakeholders, developing working relationships and providing insightful management reporting / information. 
• Good attention to detail as you are likely to be examining laws and regulations and checking compliance
• Working knowledge of SMCR requirements
• Ability to influence across multiple stakeholders information to technical and non-technical audiences
• Flexibility in your approach to meeting goals as part of the wider team.

• 25 days holiday (plus take your public holiday allowance whenever works best for you)
• An extra day’s holiday for your birthday
• Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off
• 16 hours paid volunteering time a year
• Salary sacrifice, company enhanced pension scheme
• Life insurance at 4x your salary & group income protection
• Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
• Generous family-friendly policies
• Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks
• Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing

About us

You may be put off applying for a role because you don't tick every box. Forget that! While we can’t accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren’t sure if you're 100% there yet, get in touch anyway. We’re on a mission to radically reshape banking – and that starts with our brilliant team. Whatever came before, we’re proud to bring together people of all backgrounds and experiences who love working together to solve problems.

Starling is an equal opportunity employer, and we’re proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice.

By submitting your application, you agree that Starling may collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we may process, where we may process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.