GeBBS Healthcare Solutions - Director - Risk & Compliance - CA

Position: Director - Risk & Compliance

Location: Navi Mumbai

Department: Risk & Compliance

Working Hours: 1 PM to 10 PM

Education: Chartered Accountant / Inter CA / Full-Time MBA

Experience:

- Post CA: 14+ years

- Post MBA: 17+ years

- Work Mode: Work from Office

Job Responsibilities:

- Governance & Control: Manage a robust Governance and Control framework across the enterprise.

- Risk Management: Design and implement enterprise risk management frameworks, prepare and maintain RCMs (Risk and Controls Matrix), implement controls, manage residual risks, and ensure compliance with risk management standards. Handle external risk-based audits/certifications.

- Risk Awareness: Maintain deep knowledge of strategic, operational, and financial risks. Define KRIs (Key Risk Indicators) and KPIs (Key Performance Indicators) for risk mitigation and continuous monitoring.

- Team Leadership: Lead the team in conducting compliance reviews to ensure ongoing risk management.

- Organizational Insight: Understand the organization's structure, activities, and intercompany dynamics to address business needs effectively.

- Compliance: Review statutory, regulatory, and business compliance requirements across various locations and industries. Advise employees and businesses on the application of policies and procedures under relevant laws and regulations.

- Assurance: Conduct periodic checks to provide oversight on business compliance with policies, systems, contracts, and governance requirements.

- Reporting: Prepare and present reports to various Risk Committees and the Board along with the Head of the vertical/CEO/MD/CFO, as required.

- Collaboration: Build strong relationships across the business to promote a collaborative approach to Risk and Compliance, particularly with Operations teams across projects and locations.

- Training & Awareness: Assist in identifying relevant training needs and ensure employees/vendors are informed of their compliance responsibilities.

- Incident Management: Oversee alerts and incident responses, collaborating with Information Security, General Counsel, and HR.

- Risk Mitigation: Proactively highlight compliance issues and mitigate risks through vigilance and timely resolution.

- Contractual Compliance: Manage pre-signing risks and ensure compliance with signed contracts.

- Regulatory & Healthcare Laws: Develop and implement compliance programs for regulatory and healthcare laws.

- ESG & CSR: Lead and drive ESG (Environmental, Social, Governance) programs, and collaborate with the CSR committee to maintain up-to-date records on websites and social media.

- Cross-functional Committees: Manage committees related to Health & Safety, ESG, BCP (Business Continuity Planning), and Capacity Planning to monitor and mitigate risks.

- Policy Implementation: Work with HR and other departments on designing and implementing company policies and systems.

- Stakeholder Engagement: Engage with business stakeholders and team members, providing regular progress updates and obtaining buy-in on recommendations.

Requirements & Knowledge:

- Strong understanding of corporate governance, risk management, and compliance.

- Proficiency in designing risk frameworks, compliance with regulatory requirements, and industry best practices.

- Knowledge of third-party risk management and the security risks associated with it.

- Ability to communicate complex ideas to stakeholders, including top executives, through verbal, written, and visual means.

- Knowledge of risk-based decision-making, including risk analysis and mitigation.

- Strong process design, organizational, and time-management skills.

Technical Experience:

- 14 - 20+ years of experience in Risk and Compliance.

- Expertise in Stakeholder Management, including interactions with CXOs and Board members.

- People management skills, having led teams of 10-15+ members globally.

- Experience in Risk Control Management, Governance Risk and Compliance, ESG reporting, and compliance frameworks across multiple regions, including the US, Philippines, and India.

- Strong reporting and presentation skills.

- A certification in risk or information security is a plus, but not mandatory.