Head of Internal Audit

Responsibilities:

• Lead the development and execution of a risk-based internal audit strategy aligned with CCUK’s regulatory obligations, operational priorities, and evolving risk landscape.
• Drive independent assurance across trading operations, technology, AML and financial crime controls, outsourcing arrangements, conduct risk, and regulatory compliance, helping the business scale with confidence.
• Shape the hybrid internal audit framework by combining internal capability with specialist co-sourced expertise, ensuring audit coverage remains scalable, credible, and proportionate to business risk.
• Partner with the Audit Committee, senior leadership, Compliance, Risk, and Finance teams to provide clear challenge, practical insight, and transparent reporting on material risks and control effectiveness.
• Ensure audit methodologies, working practices, and reporting standards remain aligned with FCA expectations, IIA standards, and broader industry best practice.
• Identify emerging risks across areas such as operational resilience, AI and model risk, digital assets, and platform technology, proactively adapting audit coverage as the business evolves.
• Oversee co-sourced audit providers by defining engagement standards, reviewing quality of delivery, and maintaining independence and consistency across all audit outputs.
• Monitor remediation progress for audit findings, driving accountability and timely resolution of control gaps across the organisation.
• Support major business initiatives, regulatory change programmes, and new product activity through independent review and constructive challenge before implementation.
• Build and develop a high-performing audit capability through coaching, hiring, succession planning, and knowledge-sharing across the wider group.
• Maintain strong governance, documentation, and evidence management practices to support regulatory scrutiny and Board-level oversight.

Requirements:

Industry Knowledge

• You have significant internal audit or assurance experience within a UK-regulated investment firm, broker, fintech, or financial services business.

• You understand the UK regulatory environment deeply, including FCA requirements across MIFIDPRU, SYSC, COBS, Consumer Duty, AML/CTF, and operational resilience.

• You have experience auditing trading platforms, technology environments, financial crime controls, outsourced providers, and customer outcomes within complex regulated businesses.

• You are confident operating within hybrid or co-sourced audit models and understand how to maintain quality, independence, and accountability across multiple delivery channels.

• You hold a recognised professional qualification such as CIA, ACA, ACCA, CPA, or CISA.

Problem-Solving

• You can assess complex control environments, identify root causes, and translate findings into practical, commercially realistic recommendations.

• You know how to prioritise risk effectively in fast-moving businesses where regulation, technology, and product development evolve simultaneously.

• You are comfortable working through ambiguity and adapting audit approaches as new risks emerge.

Collaboration & Influence

• You build credibility quickly with Boards, regulators, senior executives, and cross-functional stakeholders.

• You communicate clearly and directly, balancing independence with constructive partnership.

• You can challenge effectively while maintaining trust and alignment across the organisation.

Mindset & Style

• You take ownership and operate with strong integrity, objectivity, and professional judgement.

• You are proactive, resilient, and comfortable making decisions in a high-growth, highly regulated environment.

• You bring curiosity and commercial awareness, with the ability to balance regulatory expectations against business realities.

• You are motivated by building scalable, modern assurance functions that evolve alongside ambitious global businesses.