Ashurst is a leading progressive global law firm with a rich history, celebrating it's bicentenary in 2022. We are proud of our history and future-focused, having expanded into new technologies through our NewLaw division, Ashurst Advance, and our consulting arm. Our in-depth understanding of our clients and commitment to providing excellent standards of service have seen us become a trusted adviser to local and global corporates, financial institutions and governments in all areas of commercial law. To find out more please visit www.ashurst.com .
In order to comply with regulatory and client requirements, Ashurst will undertake appropriate vetting of staff. When applicants accept a job offer, Ashurst, alongside a specialist provider, will undertake professional verification and background checks. These checks are only undertaken with consent, and in accordance with our legal and regulatory obligations.
This role involves responding to client third party risk assessments ("Client Audits") and any associated remediation activities globally. This role involves liaising with a number of functions across the Firm to ensure all necessary input is obtained. The candidate will also be involved in strategic projects relevant to the Risk & Compliance function to ensure risk management considerations and client commitments are captured in the design and delivery of such projects.
The role is key to help drive the strategy and delivery of global services in line with the business plan of the Firm. The position is by its nature a global role; it will also involve working to local regulatory requirements as required.
The Risk & Compliance function is commercially minded and focuses on adding value to the business as well as the clients.
The successful candidate will:
- successfully plan, prepare and respond to Client Audits;
- coordinate (and, where applicable, carry out) any associated remediation activities to ensure such activities are actioned as required;
- work closely with the Client Audits Lead to assist in developing and improving the client audit process for the Firm;
- be able to communicate technical jargon (particularly common in relation to information security) to non-technical stakeholders (partners, clients and other business functions);
- be tasked to further develop relationships with our stakeholders on a continuous basis; and
- be involved in risk management and client commitment aspects of new projects.
Business as usual:
- Respond to Client Audits being undertaken on the Firm with the input of other required functions. This may be an onsite assessment, a remote assessment or a combination of both.
- Ensure all aspects of responding to a Client Audit are dealt with in a timely manner. This includes completing any questionnaires, obtaining any evidence necessary and ensuring this is prepared in an agreed way for evidence validation sessions with the client.
- Work closely with other departments of the Firm, in particular IT and information security, to understand how Ashurst functions as a business and how our infrastructure is set-up. Ensure such knowledge is provided to clients without relaying sensitive information.
- Liaise with a range of other departments to ensure that they understand what is required of them when responding to Client Audits, including when engaging with a client directly as part of an audit.
- Be the Firm contact point for any Client Audits undertaken. This includes coordinating schedules and agendas with the client and everyone at the Firm involved in the Client Audit.
- Build good working relationships with and work on an ongoing basis with counterparts at client firms to bring Client Audits to a successful and satisfactory conclusion.
- Work closely with client relationship partners at Ashurst to keep them up to date about any developments before, during and after audits. Provide them with talking points and further insights where necessary. Lead discussions with them about remediation items that will impact their working practices.
- Take the lead on any Client Audit remediation items that need to be addressed. These can involve being part of projects of strategic importance to the Firm, assisting with the set-up of inhouse systems or ensuring that those working for a client adhere to internal policies.
- Keep the other members of the Client Commitments team informed about any discussions on Client Audit findings to enable them to ensure this is considered in contracts with the client.
- Assist in the establishment and development of best practices, governance and standards with respect to the Client Audit process and complying with agreed client commitments.
- Work collaboratively across legal and business services team to improve the procedure, efficiency and communication with respect to the Client Audit process.
- Work collaboratively across legal and business services teams to improve service, commercial impact and efficiency of teams, particularly in relation to overlapping areas/responsibilities.
- Report on the work undertaken with ensuring the issues affecting the Firm's global strategy are communicated in a clear, transparent and effective manner at the right time.
- Advise the partnership on whether any new projects are right and fit for purpose for the legal business and ensure that the project fits within the Firm's commercial strategy.
- Assist with transformational projects involving the Risk & Compliance function as required (e.g. roll-out of new systems, updates on case law and regulations in all Ashurst's jurisdictions, updates on business intelligence, etc.).
- Liaise with other functions as required to ensure business readiness for any technology roll outs and compliance changes to processes and practices, including compliance to clients commitments and consistency of approach with Clients Audit responses and remediation.
- Seek opportunities for regular and consistent engagement both within the Risk & Compliance function and the wider business.
- Assist in 'lessons learned' post project implementation to ensure any risk issues/trends discovered or tackled are understood and factored in future project considerations.
Risk and Control: Ensure that all activities and duties are carried out in full compliance with our regulatory requirements and internal policies.
Essential skills and experience:
- Proven experience in a role involving information security concepts and requirements and how to comply with them coupled with an appreciation for business factors and Firm strategies that might impact on implementing them.
- Ideally experienced in third party/supplier risk management either supporting supplier assessments/audits or involvement in any remediations with the relevant risk owners.
- Ability to manage large volumes of information and transferring this to a required format.
- Strong written and oral communication skills with the ability to put a position forward in a clear, articulate way to different stakeholders.
- Ability to execute tasks and meet deadlines whilst working in a high pressure environment.
- Ability to work flexibly in a new and evolving team, which requires the ability to adapt to new situations, processes and technology.
- Ability to work with attention to detail whilst staying focused on ultimate objectives.
- Demonstrated background of strategic decision making and negotiation.
- An understanding of a wide range of risk management issues faced by global international (law) firms.
- Discrete and professional in handling sensitive and confidential situations.
- Strong interpersonal skills, able to liaise effectively at all levels across the Firm and offices.
- Commitment to supporting the team as a global function and ability to strengthen those connections globally.
Desired skills and experience:
- Previous experience responding to Client Audits or being involved in third party risk management.
- Working knowledge and ability to use compliance databases.
- Understanding of the partnership model and the challenges faced by today's legal industry.