Richard Williams

Broadgate has been retained to lead the executive search for a Chief Risk Officer with a leading UK wealth management group. This pivotal appointment will play a key role in shaping the firm’s risk and compliance strategy at an executive level, supporting continued growth and ensuring best-in-class governance across the organisation. Chief Risk Officer (SMF4) Location: London Sector: Wealth & Asset Management Reports to: Chief Executive Officer Function: Executive Committee Type: Permanent, Full-time Our client is a fast-growing UK wealth management group, backed by institutional investors and recognised for its exceptional client service, regional presence, and acquisition-led growth strategy. As the business continues to scale, it seeks to appoint a Chief Risk Officer (SMF4) to join the Executive Committee and lead the Group’s Risk and Compliance functions. This newly defined leadership role will be central to shaping the firm’s governance, regulatory, and risk culture—ensuring that growth is underpinned by best-in-class risk management and robust compliance oversight. Role Purpose The Chief Risk Officer will lead the design and delivery of the Group’s enterprise risk management framework, ensuring that risk, compliance, and financial crime controls are effectively embedded across the organisation. Acting as a key strategic advisor to the CEO and Board, the CRO will provide proactive insight and challenge, enabling the business to pursue its commercial ambitions within a disciplined and well-managed risk environment. The role will also play a critical part in supporting the integration of newly acquired businesses, embedding a consistent risk framework across the Group. Key Responsibilities Leadership & StrategyServe as a member of the Executive Committee, providing strategic counsel to the CEO and Board.Define and implement the Group’s risk strategy, ensuring alignment with commercial priorities and risk appetite.Lead, develop, and mentor a high-performing Risk and Compliance team, including the Head of Compliance and Senior Risk Manager.Promote a culture of transparency, accountability, and risk awareness throughout the organisation.Partner with senior executives to develop and deliver regular risk and compliance board reporting.Risk ManagementEstablish and maintain a comprehensive risk management framework encompassing operational, regulatory, conduct, and financial risks.Oversee the Group’s risk appetite framework, policies, and control self-assessment processes.Act as the primary liaison with regulatory bodies on risk-related matters.Develop and maintain risk registers and management information for Boards and Committees.Support the ICARA process, ensuring risk identification and quantification are robust and effective.Embed risk management into business decision-making and ensure timely escalation of material risks.Compliance & Financial CrimeProvide oversight of the compliance function, ensuring adherence to all FCA regulatory requirements.Oversee the development of compliance and financial crime policies, ensuring they are well understood and consistently applied across the business.Monitor regulatory developments and lead the implementation of relevant changes.Oversee the incident and breach management process, ensuring appropriate reporting and remediation.Governance & SMCRHold Senior Management Function 4 (SMF4) responsibility under the FCA’s SM&CR regime.Ensure effective systems and controls are in place across all areas of responsibility.Promote a culture of individual accountability and ethical conduct aligned with the firm’s values and regulatory obligations.Candidate ProfileExtensive experience in a senior risk and/or compliance leadership role within a regulated wealth or asset management business.Strong understanding of the FCA Handbook, including CASS, ICARA, AML/KYC, and Consumer Duty requirements.Demonstrated ability to design and implement enterprise risk frameworks.Experience engaging with Boards, Committees, and regulatory bodies.Strategic thinker with excellent communication and influencing skills.Proven leader who can inspire teams and embed a risk-aware, collaborative culture.If you are interested in discussing this role, then please forward your profile across and we can arrange a conversation.

Information Risk Manager  - InsuranceLondon / but there can be some flexibility on location across the UK - office working 3 days a week.Broadgate Search have been instructed to find an information Risk Manager on behalf of our client, a leading insurer.This is a key second line of defence position, reporting to the Head of Operational Risk & Internal Control. The successful candidate will provide strategic oversight and challenge over information and technology risks — ensuring they are appropriately identified, assessed, and mitigated in line with Group and regulatory standards.The role offers an opportunity to influence senior stakeholders, contribute to strategic resilience planning, and play a pivotal role in shaping the organisation’s information risk culture and framework.Key ResponsibilitiesDevelop, implement, and embed an effective information and technology risk framework that aligns with Group and regulatory requirements.Lead the development of the operational and information risk appetite framework, including qualitative statements and quantitative indicators.Provide independent oversight and challenge to first line management on key initiatives relating to information security, technology, and data risks.Deliver second line challenge on major IT and change programmes, ensuring project risk methodologies are robust and effective.Plan and execute a risk-based oversight programme for information risk management, producing high-quality reports and actionable insights.Provide formal second line opinions on information and technology risk management practices and mitigation strategies.Support regulatory change initiatives, including operational resilience and digital operational resilience programmes, ensuring delivery to scope, time, and quality expectations.Review and challenge management information (MI) from the first line to ensure effective monitoring and escalation of technology risks.Represent the second line at key risk and governance forums, providing insight and updates to the Audit, Risk, and Compliance Committees.Contribute to the development and testing of internal controls relating to information risk, data management, and procurement processes.Advise and influence senior management and executives on technology risk and resilience matters.Maintain a strong understanding of emerging risks, regulatory developments, and industry best practice.Build and maintain strong relationships across Risk, Compliance, Internal Audit, and Group functions to ensure a coordinated approach to oversight.Develop and deliver targeted training and awareness on information and technology risk across the organisation.Experience and QualificationsProven experience within Risk or Audit functions in a regulated environment (financial services or insurance preferred).Degree-level education in computer science, information systems, or a related discipline.Experience delivering resilience-based regulatory programmes (e.g. Operational Resilience, DORA).Recognised professional qualification desirable (e.g. CISSP, CISM, CISA).Deep understanding of information and technology risk within financial services, particularly in relation to security and operational resilience.Familiarity with technology risk frameworks such as COBIT, ISF, or ISO 27001.Strong ability to develop and assess risk frameworks, controls, and risk appetite statements.Excellent report writing, analytical, and communication skills, with the ability to influence at senior levels.Confident stakeholder management skills and the ability to work effectively within a matrix structure.Knowledge of the Solvency II environment advantageous but not essential.

Information & Technology Risk Oversight Lead - InsuranceLondon / but there can be some flexibility on location across the UK - office working 3 days a week.Broadgate Search have been instructed to find an information and technology risk oversight lead on behalf of our client, a leading insurer.This is a key second line of defence position, reporting to the Head of Operational Risk & Internal Control. The successful candidate will provide strategic oversight and challenge over information and technology risks — ensuring they are appropriately identified, assessed, and mitigated in line with Group and regulatory standards.The role offers an opportunity to influence senior stakeholders, contribute to strategic resilience planning, and play a pivotal role in shaping the organisation’s information risk culture and framework.Key ResponsibilitiesDevelop, implement, and embed an effective information and technology risk framework that aligns with Group and regulatory requirements.Lead the development of the operational and information risk appetite framework, including qualitative statements and quantitative indicators.Provide independent oversight and challenge to first line management on key initiatives relating to information security, technology, and data risks.Deliver second line challenge on major IT and change programmes, ensuring project risk methodologies are robust and effective.Plan and execute a risk-based oversight programme for information risk management, producing high-quality reports and actionable insights.Provide formal second line opinions on information and technology risk management practices and mitigation strategies.Support regulatory change initiatives, including operational resilience and digital operational resilience programmes, ensuring delivery to scope, time, and quality expectations.Review and challenge management information (MI) from the first line to ensure effective monitoring and escalation of technology risks.Represent the second line at key risk and governance forums, providing insight and updates to the Audit, Risk, and Compliance Committees.Contribute to the development and testing of internal controls relating to information risk, data management, and procurement processes.Advise and influence senior management and executives on technology risk and resilience matters.Maintain a strong understanding of emerging risks, regulatory developments, and industry best practice.Build and maintain strong relationships across Risk, Compliance, Internal Audit, and Group functions to ensure a coordinated approach to oversight.Develop and deliver targeted training and awareness on information and technology risk across the organisation.Experience and QualificationsProven experience within Risk or Audit functions in a regulated environment (financial services or insurance preferred).Degree-level education in computer science, information systems, or a related discipline.Experience delivering resilience-based regulatory programmes (e.g. Operational Resilience, DORA).Recognised professional qualification desirable (e.g. CISSP, CISM, CISA).Deep understanding of information and technology risk within financial services, particularly in relation to security and operational resilience.Familiarity with technology risk frameworks such as COBIT, ISF, or ISO 27001.Strong ability to develop and assess risk frameworks, controls, and risk appetite statements.Excellent report writing, analytical, and communication skills, with the ability to influence at senior levels.Confident stakeholder management skills and the ability to work effectively within a matrix structure.Knowledge of the Solvency II environment advantageous but not essential.