Senior Executive, Compliance (Data Protection)

About Income

Income Insurance Limited ("Income") is one of the leading composite insurers in Singapore, offering life, health and general insurance.

Established in 1970 as the only insurance co-operative in Singapore to plug a social need for insurance, Income is now a public non-listed company limited by shares, which continues to serve the protection, savings and investment needs of individuals, families and businesses today.

Its lifestyle-centric and data-driven approach to insurance and financial planning puts Income at the forefront of innovative solutions that empowers better financial well-being for all.

Income also extends true care to Singaporeans through diverse social causes.

The Income Compliance team is a strategic partner and trusted business advisor to Income. The Compliance team holds the responsibility of ensuring that Income adheres to regulatory requirements within the constantly dynamic and evolving regulatory landscape. The Compliance team works closely with internal stakeholders and Business Units ("BUs") to navigate and assess regulatory risks. This involves developing effective and feasible solutions as well as actively shaping and promoting a strong Compliance culture in Income.

This role reports to the Team Lead of Regulatory Compliance. The Regulatory Compliance Section is part of the wider Compliance Department at Income which also includes the Market Conduct Compliance Section and AML Compliance Section. The Compliance Department reports to the Head of Compliance. The candidate will have the opportunity to work closely with other BUs and stakeholders, including the Head of Compliance and Senior Management, in relation to all compliance matters.
The candidate will be involved in Regulatory Compliance work specialising in Personal Data Protection matters.
The candidate should be familiar with compliance functions in the financial industry and be capable of executing the following responsibilities:

• Monitor and support compliance with the Company’s personal data protection policies and practices in line with the PDPA. Assist in identifying risks related to the collection, use, disclosure, and storage of personal data, assess their impact, and recommend measures to mitigate these risks.
• Maintain documentation such as records of processing activities, privacy checklists, data mapping, legitimate interest assessments, and Data Privacy Impact Assessments (DPIA) to ensure risks are identified and addressed based on business functions and processes.
• Conduct periodic reviews and audits, analyse findings, and work with stakeholders to implement corrective actions for identified gaps.
• Serve as a contact point for data subjects and internal teams on data privacy and security matters, including handling personal data protection-related queries and complaints.
• Support awareness and training initiatives by preparing materials, conducting sharing sessions, and promoting best practices to foster a culture of compliance within the Company.
• Assist in implementing and maintaining data protection policies, procedures, and controls, ensuring they remain effective and up to date.
• Coordinate data breach and incident management, including documentation, reporting, and submission to the PDPC within prescribed timelines.
• Support compliance and personal data programs by monitoring regulatory requirements, identifying areas of non-compliance, and assisting in the development of action plans.
• Provide guidance and training on PDPA and other relevant regulatory requirements, policies, and professional standards.
• Assist with other regulatory and compliance matters as required by Section Head or Team Lead of Regulatory Compliance.

• Competitive salary and benefits package.
• Learning and training opportunities to expand your knowledge and skill set for personal development.
• Focus on career planning and following your passions.
• Flexible work policies.
• Professional development or growth and leadership opportunities.

• At least a Bachelor's degree or above in a relevant discipline

• Any relevant professional qualification or certification will be an added advantage.

• At least 5-6 years of work knowledge and experience in compliance.
• Proficient in compliance advisory on regulations, policies and standards, including knowledge in area of data protection compliance area, privacy management.

• Must be proficient in MS Office and its applications.