Head of Compliance and Governance

The Head of Compliance and Governance will lead the development, implementation, and oversight of the organisation’s compliance, risk, and governance frameworks. This includes ensuring compliance with healthcare regulations, financial services obligations (where applicable), and ethical standards. The role is pivotal in safeguarding the organisation’s reputation, ensuring regulatory alignment, and fostering a culture of accountability and transparency.

Three Temple Quay, Temple Back East

• Proven experience in a senior compliance or governance role within healthcare, financial services, or a regulated environment, preferably in an SME environment.
• Strong knowledge of UK healthcare regulations and financial services compliance (FCA/PRA).
• Experience managing audits, inspections, and board-level reporting.
• Proven experience of managing an Information Security Management System (ISMS), including ISO 27001 certification.
• Degree in Law, Business, Healthcare Management, or related field.
• Excellent stakeholder management skills, with the ability to build relationships across all levels of the organisation.
• Strong negotiation skills to influence decisions and achieve positive outcomes.
• Strong commercial acumen, with the ability to balance risk oversight with business agility and growth priorities.

• Professional qualifications (e.g. ICA, ICSA, IRM, FCA authorised compliance officer).
• Experience with NHS Provider Licence, SMCR, or FCA authorisation processes.
• Familiarity with digital health compliance and financial crime prevention.

• Ensure compliance with Care Inspectorate of Wales (CIW) and NHS England, CQC, ICO, GDPR, MHRA, and other healthcare-specific regulations.
• Maintain the NHS Provider Licence and ensure adherence to continuity of service (CoS) conditions.
• Lead internal audits, inspections, and regulatory reporting for healthcare operations.
• Oversee board governance, committee structures, and assurance frameworks.

• Ensure compliance with the Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) where the organisation handles:
• Patient funds
• Instalment payments
• Insurance-related services
• Financial transactions on behalf of third parties
• Maintain awareness of obligations under the Financial Services and Markets Act 2000 (FSMA) and ensure appropriate authorisations or exemptions are in place.
• Oversee systems and controls to prevent financial crime, including anti-money laundering (AML), fraud, and bribery.
• Ensure compliance with FCA Conduct Rules and the Senior Managers and Certification Regime (SMCR), where applicable.
• Liaise with external legal and regulatory advisors to manage FCA authorisation processes or appointed representative arrangements, if relevant.

• Lead the enterprise risk management (ERM) process, including financial, operational, and reputational risks.
• Maintain the organisation’s risk register and ensure timely escalation of key risks.
• Chair the Risk and Compliance Committee and report to the Board on risk exposure.

• Promote a culture of compliance, integrity, and ethical behaviour across the organisation.
• Deliver training on healthcare and financial regulatory obligations, including non-financial misconduct standards.
• Ensure the organisation meets FCA expectations around workplace culture, diversity, and psychological safety.

We offer UK employee healthcare benefits, and travel, medical and security assistance in every corner of the globe. Our purpose is to help people in difficult situations – whether that’s a cancer diagnosis, a need for medical assistance when they’re far from home, or being caught up in conflict or natural disaster. We talk to them, support them, and make sure they get the help they need. If necessary, we’ll pull them out and bring them home.

We’re co-ordinators and problem-solvers: experts at navigating the global health and security landscape. Our teams of doctors, nurses, travel and medical co-ordinators and security experts make sure that your people will be looked after, whatever happens supported by technology designed help individuals, not slot them into a predetermined solution.

We work with governments, broadcasters, NGOs, international corporations, major insurers and more. No two clients are the same: we adapt our services to their needs.

More importantly, we adapt to the practical and human needs of the individuals we protect. Most of us are on the front line; we keep our back office lean. We don’t use scripts, and we don’t time calls. We never lose sight of the fact that we’re dealing with real people.

Instead, we focus on ensuring our highly trained specialists have the space and time they need to be effective. We let them use their initiative to get the job done, because the situations they face often throw up unexpected challenges – and no protocol survives contact with the real world.

Our clients have thousands of employees and customers, at home and abroad, so they need a business big enough to handle any situation. But they chose Healix because they also need an organisation that’s personal enough to care.

Our people are driven to do things in the best way, not the way they have always been done. We work hard, and our efforts are rewarded with great development opportunities and a supportive team spirit.

We want to nurture this friendly and dynamic company culture so that we can continue to attract diverse talent with a breadth of knowledge and world-class skills. As a part of Healix, you can expect a range of excellent benefits and an environment where people really do care.

• Proven experience in a senior compliance or governance role within healthcare, financial services, or a regulated environment, preferably in an SME environment.
• Strong knowledge of UK healthcare regulations and financial services compliance (FCA/PRA).
• Experience managing audits, inspections, and board-level reporting.
• Proven experience of managing an Information Security Management System (ISMS), including ISO 27001 certification.

• Professional qualifications (e.g. ICA, ICSA, IRM, FCA authorised compliance officer).
• Experience with NHS Provider Licence, SMCR, or FCA authorisation processes.
• Familiarity with digital health compliance and financial crime prevention.

Tuesday 30th September, 2025

fulltime

Based on Experience