Greater Brisbane Area
Senior risk manager with 14+ years financial services experience driving enterprise-wide risk transformation across first-line functions. Proven ability to lead cross-functional teams, shape risk culture from the C-suite to the frontline and strengthen governance frameworks to support sustainable growth. Skilled in the implementation of regulatory change initiatives and complex incident investigation within APRA/ASIC-regulated environments. A trusted advisor to executives and Boards, known for enhancing risk maturity whilst enabling operational performance.
As part of the Risk Maturity Uplift Program, I work across the enterprise to design and implement improved risk practices that lift organisational risk maturity and strengthen governance. I lead the coordination of risk transformation initiatives, partnering closely with stakeholders to drive accountability, continuous improvement, and sustainable change.
As head of the first line risk and compliance advisory function, I oversaw cross-functional teams who provided support to insurance executives and managers in the application of risk management frameworks. In addition to BAU, my role heavily focused on design, implementation and embedment of multiple risk transformation workstreams to uplift risk maturity across the business. My remit encompassed regulatory change monitoring and impact analysis; response to regulatory requests for information; control testing assurance; risk and compliance advice and assessment; incident management oversight; risk profile and KRI reporting; obligations registers; CPS230 implementation; policy governance and risk committee reporting.
I led the development, implementation and continuous enhancement of robust risk management and internal audit frameworks across multiple business units and product lines. I oversaw the creation of enterprise‑wide risk methodologies, policies and procedures, maintained divisional risk profiles, and ensured alignment with legislative, regulatory and contractual obligations. I developed and delivered the annual risk‑based internal audit program, consulting with internal and external stakeholders to shape audit scopes, review findings and drive timely completion of action plans. I was regarded as a trusted advisor to senior leadership and external clients, providing clear, objective and influential guidance on risk, compliance and control effectiveness. My responsibilities included regulatory compliance oversight, preparation for external audits, review of management responses, and ensuring effective implementation of remediation actions. I also provided governance and challenge through incident management oversight, supporting teams to identify root causes, strengthen controls and embed consistent, repeatable processes. Through a disciplined and collaborative approach, I helped strengthen organisational governance, enhance operational resilience and embed a strong risk‑aware culture.
I was responsible for complex incident investigation across general insurance operations where a potential regulatory breach had occurred. This involved data validation and evidence gathering to conduct root cause analysis, determine customer remediation requirements, procedural enhancements, systemic instances and assessment of control effectiveness. In this role I was experienced in the interpretation and application of the following regulations to form a recommendation of potential breach to report to regulator: AFSL obligations including CHAAFS, General Insurance Code of Practice, Privacy Act 1998, Corporations Act 2001, ASIC Act 2001, Insurance Contracts Act 1984, APRA Prudential & Reporting Standards for General Insurance, ASIC Reg Guides including RG271: IDR, RG38: Anti-Hawking, RG78: Breach Reporting, RG277 Consumer Remediation. I also acted as Risk and Compliance SME as a key project member in the design, creation and implementation of the Customer Remediation Framework, ensuring compliance with ASIC RG277 Consumer Remediation. This involved liaising with internal stakeholders to design and build remediation system, creation of policies and procedures ensuring compliance with regulations and delivering training to teams.
I managed regulatory change activities across multiple general insurance business units, including conducting comprehensive gap analyses to assess compliance with the revised General Insurance Code of Practice (2021). I supported General Managers in uplifting controls and procedures, and developed key policies and training materials relating to Domestic Violence and Financial Hardship. I also planned and executed end‑to‑end internal audits across diverse product lines, assessing design and operating effectiveness of controls, reviewing governance frameworks, and ensuring compliance with state‑based legislation covering self‑insurance, workers compensation and general insurance portfolios. Additionally, I led the national ISO27001 Information Security Management internal audit across seven office locations in preparation for external certification. I provided external audit facilitation and advisory support to senior leaders, attending entry and exit meetings, preparing due diligence responses and monitoring the completion of remediation activities. As the company lead and subject matter expert for Business Continuity and Resilience, I was responsible for organisational compliance with national and international business continuity and crisis management standards, reporting directly to the Board. I was a trusted advisor to operational leaders on all matters relating to risk, compliance and audit, and regularly presented insights and updates through key governance forums including the Information Security Assessment Committee, Risk Management Committee and Compliance & Audit Committee.
In this role I advanced the development, implementation and maintenance of risk and compliance methodologies, policies and procedures, corporate governance, fraud and corruption controls and business continuity measures. I was responsible for preparation of quarterly reports and secretariat duties for the Risk Management Committee and Compliance and Audit Committee. My remit included maintenance of the national risk register, ensuring all identified risks were recorded in a consistent manner; remedial actions implemented as a result of audit findings; and coordination of processes for the identification, assessment, reporting, monitoring and mitigation of operational, contractual and strategic risks across all business units.
In this role I provided executive administration and office management support to multiple executives including coordination of internal requests for time and information in order to manage interruptive influences and achieve required outcomes. My remit also included preparation of correspondence, emails, reports, presentations, analysis and papers on behalf of the CFO whilst managing complex, confidential and sensitive information. I maintained diaries, organised travel arrangements and business appointments, prepared expense reconciliations and produced detailed committee and board meeting minutes. I developed a working knowledge of risk management through the production of monthly risk and incident exception reports for the Executive Team, and quarterly reports for Risk Management Committee and Compliance & Audit Committees.