Head of Compliance and Governance

Healix Health Limited is a leading Healthtrust and Clinical Administration provider, supporting access to private healthcare delivery through robust operational, administrative, and clinical governance frameworks. With a team of over 150 dedicated professionals, we are committed to excellence, integrity, and patient‑centred service.

The Head of Compliance and Governance will lead the development, implementation, and oversight of the organisation's compliance, risk, and governance frameworks. This includes ensuring compliance with healthcare regulations, financial services obligations (where applicable), and ethical standards. The role is pivotal in safeguarding the organisation's reputation, ensuring regulatory alignment, and fostering a culture of accountability and transparency.

• Strong knowledge of UK healthcare regulations and financial services compliance (FCA/PRA).
• Proven experience in a senior leadership compliance or governance role within financial services (FCA/PRA). Experience in a healthcare or a regulated environment and SME environment are preferable.
• Experience managing audits, inspections, and board‑level reporting.
• Proven experience of managing an Information Security Management System (ISMS), including ISO 27001 certification.
• Degree in Law, Business, Healthcare Management, or related field.
• Excellent stakeholder management skills, with the ability to build relationships across all levels of the organisation.
• Strong negotiation skills to influence decisions and achieve positive outcomes.
• Strong commercial acumen, with the ability to balance risk oversight with business agility and growth priorities.

• Professional qualifications (e.g. ICA, ICSA, IRM, FCA authorised compliance officer)
• Experience with NHS Provider Licence, SMCR, or FCA authorisation processes.
• Familiarity with digital health compliance and financial crime prevention.

• Ensure compliance with the Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) where the organisation handles insurance‑related services, financial transactions on behalf of third parties, and patient funds and/or instalment payments.
• Maintain awareness of obligations under the Financial Services and Markets Act 2000 (FSMA) and ensure appropriate authorisations or exemptions are in place.
• Oversee systems and controls to prevent financial crime, including anti‑money laundering (AML), fraud, and bribery.
• Ensure compliance with FCA Conduct Rules and the Senior Managers and Certification Regime (SMCR), where applicable.
• Liaise with external legal and regulatory advisors to manage FCA authorisation processes or appointed representative arrangements, if relevant.

• Ensure compliance with Care Inspectorate of Wales (CIW), NHS England, CQC, ICO, GDPR, MHRA, and other healthcare‑specific regulations.
• Maintain the NHS Provider Licence and ensure adherence to continuity of service (CoS) conditions.
• Lead internal audits, inspections, and regulatory reporting for healthcare operations.
• Oversee board governance, committee structures, and assurance frameworks.

• Lead the enterprise risk management (ERM) process, including financial, operational, and reputational risks.
• Maintain the organisation's risk register and ensure timely escalation of key risks.
• Chair the Risk and Compliance Committee and report to the Board on risk exposure.

• Promote a culture of compliance, integrity, and ethical behaviour across the organisation.
• Deliver training on healthcare and financial regulatory obligations, including non‑financial misconduct standards.
• Ensure the organisation meets FCA expectations around workplace culture, diversity, and psychological safety.

All around the world, Healix safeguards people's health and wellbeing.

• Strong knowledge of UK financial services compliance (FCA/PRA) and healthcare regulations.
• Proven experience in a senior leadership compliance or governance role within financial services (FCA/PRA).
• Experience managing audits, inspections, and board‑level reporting.
• Proven experience of managing an Information Security Management System (ISMS), including ISO 27001 certification.

• Professional qualifications (e.g. ICA, ICSA, IRM, FCA authorised compliance officer).
• Experience with NHS Provider Licence, SMCR, or FCA authorisation processes.