Risk and Compliance Manager

iOCO, one of South Africa's leading technology groups, is seeking an experienced Risk and Compliance Manager to lead and maintain our enterprise risk management and compliance frameworks. This is role will have direct engagement at Executive Committee and Audit and Risk Committee level, offering meaningful impact across a large and dynamic organisation.

What you'll do:

• Develop, implement and maintain the Group’s Enterprise Risk Management (ERM) framework in alignment with organisational strategy and risk appetite.
• Facilitate enterprise-wide risk assessments and maintain the Group Risk Register, ensuring that risks are appropriately identified, evaluated and mitigated.
• Monitor key risk indicators and emerging risks, providing proactive insights to management.
• Coordinate business continuity and crisis management planning processes and periodic testing.
• Prepare risk reports, dashboards and analysis for executive management and governance committees.

• Develop and maintain the Group Compliance Framework to ensure adherence to applicable legislation, regulatory requirements and internal policies.
• Conduct compliance risk assessments and maintain a compliance risk register.
• Develop and execute an annual compliance monitoring plan.
• Monitor regulatory developments and assess their impact on the organisation.
• Investigate compliance breaches and ensure appropriate remedial actions are implemented.
• Promote a strong compliance culture through awareness initiatives and training.

• Support the strengthening of the organisation’s governance structures and internal control environment.
• Provide risk and governance input into strategic initiatives, projects and operational decision-making.
• Collaborate with Legal, Audit, Finance, HR and other business units to ensure alignment across governance, risk and compliance processes.
• Support the organisation’s alignment with recognised governance standards and best practices, including the principles of King IV (and King V).

• Conduct periodic compliance reviews and internal control monitoring across key operational areas to ensure adherence to organisational policies and governance standards.
• Areas of monitoring include inter alia procurement processes, corporate credit card usage, fuel cards, travel expenditure, employee expense claims, leave management and variable remuneration.
• Maintain oversight of key governance policies including inter alia the procurement policy, travel policy, expense policy, leave policy, delegation of authority framework, risk management policy and compliance framework.
• Identify control weaknesses, policy breaches and areas of non-compliance, and implement appropriate corrective actions and improvements.
• Ensure policies are periodically reviewed, updated and effectively communicated across the organisation.

• Prepare periodic risk and compliance reports and dashboards for executive management and governance committees.
• Support internal and external audit processes and coordinate responses to audit findings.
• Monitor remediation of control weaknesses and track implementation of corrective actions.
• Escalate significant risk exposures, compliance breaches or control deficiencies to senior management where appropriate.

• Provide guidance and advisory support to management on risk, governance and compliance matters.
• Engage with business to embed risk management practices and strengthen the organisation’s compliance culture.
• Facilitate training and awareness initiatives to improve understanding of governance frameworks, risk management practices and organisational policies.

• A minimum 4 years’ relevant experience in risk management, compliance and governance.
• LLB or BCom degree with risk management.
• Postgraduate certification in IRMSA, Risk Compliance is advantageous.
• Proven track record in developing and implementing risk and compliance frameworks.
• Experience in engaging with executive management and regulatory authorities.
• Experience preparing reports and presentations for senior management or governance committees.
• Exposure to technology, ICT, or regulated sectors advantageous.

• Strong analytical and risk assessment capability.
• Excellent written and verbal communication skills, including report writing for senior stakeholders.
• Sound understanding of governance frameworks, internal controls and compliance management practices.
• High attention to detail and strong problem-solving ability.
• Ability to engage constructively with stakeholders across the organisation.
• Strong professional integrity and ethical judgement.

• Confident, professional, and resilient.
• Able to operate independently with minimal supervision.
• High integrity and sound ethical judgment.
• Team-oriented with strong collaboration and influencing ability.