Assurance, Risk and Compliance at Hastings Direct

We’re the team that supports, advises and challenges so that Hastings manages the various risks it faces in a controlled way. In doing this we aim to increase the chances of delivering Hastings’ plans and the Hastings 2.0 strategy.

The identification and management of risks is at the heart of what we do and through our Risk 2.0 change programme, supported by our Risk Management framework, we ensure that the many elements of risk management at Hastings is fit for purpose.

Operationally, we sit in the 2nd line of defence, and the ARC team’s collective role is to ensure that the ownership of risks and controls is understood, developed and strengthened; linking in with our accountabilities and responsibilities under SMCR (Senior Manager & Certification Regime). The vision of our Risk 2.0 initiative is to be clear, bright and ambitious. To achieve this, it is absolutely crucial that appropriate risk management is embedded into every area of Hastings, and is understood by every colleague. Appropriate consideration and management of risk is a key underpin across all of the 4Cs.

With opportunities to develop your strengths and the flexibility to build a successful and rewarding career across multiple disciplines, you’ll never be bored here. We’re passionate about risk management, assurance and compliance and we look for people who share this enthusiasm. To succeed in our team, you’ll need strong communication and influencing skills and should be comfortable in a fast-paced organisation that’s constantly changing and innovating.


Our Assurance, Risk and Compliance teams

Risk

Risk

Effective risk management enables us to deal with the uncertainty associated with risks and opportunities, enhancing our capacity to build value. We work with the business at Group level and at an Operational level to continually identify, assess and prioritise each risk, and then remediate the risk by the use of effective controls - enhancing our capacity to build value through better decision making.

Compliance

Compliance

The Compliance Advisory team work across the business to provide advice and support on regulatory issues. We do this to ensure our customers receive the best outcomes, and to protect the company from the consequences of non-compliance – such as fines or censure.

Internal Assurance

Internal Assurance

The Internal Assurance Team acts as a second line of defence by conducting audits throughout the business, including outsourcers and suppliers. This is to identify risks such as regulatory and operational risk, and to assess adherence.

Continuous Assurance

Continuous Assurance

The Continuous Assurance team undertake regular checks of a number of critical customer, commercial and regulatory processes and outcomes in live operation.

Data Protection

Data Protection

We are responsible for helping the company meet its regulatory data protection obligations. Our job is to help make sure that protecting customer data remains a top priority for the business. One of the key ways that we can achieve this is by making sure our frontline colleagues are adequately trained, constantly consider privacy and information security, and listen for people’s data rights requests.

Information Security

Information Security

Information is key to our business and we protect the confidentiality, integrity and availability of data from internal and external threats, whether accidental or intended. We play a key role in preventing security incidents by identifying any weak areas that make information systems vulnerable, assessing the effectiveness of our controls.

Business Continuity Management

Business Continuity Management

We work with all areas of the business to assess where our business as usual would be impacted if incidents occurred, and through a mixture of building in operational resilience and business continuity planning, seek to make incidents less likely to occur and when they do, easier to recover from in an organised and effective way. We also oversee crisis management and incident response.


Meet some of the Assurance, Risk and Compliance Team

Shanna
Internal Assurance Officer

I started at Hastings Direct in 2012 as I was recommended to by so many friends. I began my career in the call centre and had fantastic opportunities to progress and complete exams. The people are very supportive and put colleagues and customers at the heart of everything they do. I am extremely encouraged by line managers in my personal development and have the autonomy to manage by own workload, which during the pandemic has been particularly important. Within ARC I get to travel around the country leading reviews and even had the amazing chance to visit our colleagues in South Africa!

Neil
Information Security Manager

I joined Hastings in early 2019. Previously I had worked on a number of large scale IT projects including delivering the technology overlay designs for all of the London 2012 Olympic venues. I then led a team of security specialists working on some of the UK’s most secure systems. I very much enjoy the challenge of a fast moving company, full of great people, focused on delivering the service its customers expect. I look forward to helping Hastings achieve its objectives as securely as possible.

Josh
Risk Executive

I joined the Hastings Risk Team at the end of 2018, coming from a retail background. Since then I have been given the opportunities to develop and gain new skills working within the Risk team. I enjoy the fast paced nature of the business and how my current role gives me an insight into the wider business and help influence how decisions are made to make sure we get the right outcome for both our customers and the business.


Where our Assurance, Risk and Compliance teams are based

Not every one of our roles are available in all our Hastings Direct offices. Here are where you can find the roles you are interested in.