Vacancy title:
Compliance & Data Protection Officer

[Type: FULL_TIME, Industry: Insurance, Category: Legal]

Jobs at:
Jubilee Insurance

Deadline of this Job:
Wednesday, June 18 2025

Duty Station:
Kenya | Nairobi | Kenya

Summary
Date Posted: Friday, June 13 2025, Base Salary: Not Disclosed

Similar Jobs in Kenya
Learn more about Jubilee Insurance
Jubilee Insurance jobs in Kenya

JOB DETAILS:

The Compliance & Data Protection Officer will ensure that the entity’s initiatives and departmental processes comply with applicable law and regulations. The role holder will play a vital role in promoting a strong compliance culture, identifying potential compliance risks, and implementing effective strategies to mitigate those risks. He/She will also be responsible for establishing, implementing, and enforcing a robust Compliance and Data Protection framework and systems (policies, processes, and tools), to ensure that Jubilee Health Insurance Limited (JHIL) is compliant with Insurance Act, Kenya Data Protection Act and other relevant laws and regulations.

Key Responsibilities

Strategy

• Develop, implement, and maintain compliance policies, procedures, and controls to address regulatory obligations and minimize compliance risks, inclusive of data protection risk.
• Review Company process/operational manuals and systems to ensure that they are regularly updated to meet the set regulations, policies, and all other requirements such as mandates, escalations, controls, etc. are in place and aligned.
• Identifying areas of compliance weakness and recommend remedial measures in consultation with the relevant Function Heads / Head of
• Departments, Risk & Compliance Manager, and IT Risk & Compliance Manager.
• Stay abreast of the evolving compliance landscape in the insurance sector, identifying emerging risks and opportunities to enhance the compliance program.
• Drive continuous improvement initiatives within the compliance function, leveraging technology and process enhancements.
• Collaborate with executive leadership to communicate compliance-related strategies and their impact on business operations.
• Perform horizon scanning to identify future regulatory/ compliance risks and put in place strategic risk mitigating measures.

Operational

• Implement and maintain effective internal controls to prevent and detect potential compliance violations within insurance operations.
• Work closely with all departments to ensure a cohesive approach to compliance within the company.
• Work with Internal Audit on their recommendation on compliance related issues for implementation in conjunction with first line departments.
• Preparing and presenting compliance reports to various stakeholders.
• Coordinating the Anti–Money Laundering and other regulatory activities. Providing advisory on AML/KYC queries.
• Conducting continuous assurance reviews, and enhancements of compliance on processes/ systems/documents and manuals with reference to laid down policies, regulations, laws and best practices in the line of business.
• Ensure that applicable regulation is complied with by the business lines and support functions through day-to-day monitoring/ regular review of compliance to legislation, regulations and internal policies and controls.
• Ensure that compliance risks are identified, assessed, mitigated, monitored, controlled, and enforced throughout Jubilee Health Insurance.
• Support the development and review of of policies & procedures.
• Identification and reporting of suspicious transactions to the MLRO.
• Conduct training and awareness for internal stakeholders and relevant entity third parties on Data Protection requirements, AML /CFT and applicable regulatory requirements.
• Conduct training and awareness to employees on IRA relevant guidelines, compliance requirements and data protection requirements.
• Provide timely proactive reminders to respective responsible teams to initiate their regulatory reporting obligations. Track and confirm that the regulatory reporting obligations have been done by the responsible teams.
• Follow up on closure and implementation of agreed compliance risk mitigation plans with the relevant team.
• Reviewing and updating privacy policy, privacy clauses in Data protection agreements and data privacy statements in company documents and forms.
• Classified as Public Classified as Public
• Guiding JHIL, their departments, and all support functions on implementation of Data Protection Act 209 requirements and supporting them to ensure compliance with the Act and regulation.
• Regularly training of all internal stakeholders and third parties such as agents, involved in data collection/processing, updating the training as well as conducting specific trainings for specific processing requirements.
• Serving as the Data Protection Officer and point of contact between JHIL, the Data Commissioner and other Regulatory Authorities and co-operating with them during inspections by answering any complaints or queries raised with regards to Data Protection.
• Monitoring performance and adherence to the requirements of the regulation while providing advice on the data protection impact assessment.
• Creating and maintaining a register on comprehensive records of all data processing activities conducted by the company, including the purposes of all processing activities.
• Interfacing with data controllers, data processors and data subjects to inform them about the use of data, the data protection rights, obligations, responsibilities, measures the companies and support functions have put in place to protect personal and/or sensitive
• information and raise awareness on all the above.
• Advising and recommending to the institutions/support functions and their employees on the interpretation and/or application of the
• Data Protection Act or any other applicable law or guidelines on data privacy.
• Handling queries or complaints internally or externally regarding data confidentiality and use.
• Providing status updates to the Head of Compliance, Senior and Middle Management on a regular basis (at least monthly) and drawing immediate attention to any failure to comply with the applicable data protection requirements.
• Reviewing data protection policy, standards, procedures and guidelines together with the business and support functions, carrying out
• impact assessments in processes to ensure that there is compliance with the Data Protection Act or regulation.
• Work with the relevant departments in conducting of Data Privacy Impact assessments, whilst guiding the relevant department as the subject matter expert.
• Guide and support on the creation of an information base on Data Protection and any other elements which may be helpful to the entity and the staff of the organization.
• Build a stable professional relationship with data controllers and processors providing advice where necessary and investing time and efforts in showing the benefits of data protection compliance.
• Support the business in preparation of digital and other privacy statements as may be required for the institutions and supporting functions and ensure processes are put in place for the institutions/support functions to collect consents from the relevant data subjects and partners, have relevant privacy statements provided on all company forms and/or literature, websites & communication or data collection mediums.
• Preparing an annual work program at the beginning of each year for the upcoming year on compliance and data protection activities.
• Networking with other Data Protection Officers keep up with emerging trends around data protection, change in laws and make recommendations on changes required.
• Development of Data Protection Agreements for use with third parties and review of data protection contractual clauses in contracts received from third parties for Jubilee Health Insurance execution.
• Perform horizon scanning to identify future data protection regulatory/ compliance risks and put in place strategic risk mitigating measures.
• Corporate Governance
• Monitor and interpret insurance-related regulations, and guidelines to ensure the organization's compliance.
• Conduct periodic compliance assessments and assurance checks to identify vulnerabilities and recommend appropriate mitigation measures.

Culture

• Demonstrate continued personal development within the compliance space.
• Fostering a corporate culture that promotes ethical practices and good corporate citizenship while maintaining a conducive work environment.
• Collaborate with cross-functional teams to develop initiatives that promote a positive and inclusive company culture.
• Individualized development planning: Create personalized development plans that align with your career aspirations and the organization's objectives.
• Laws, Regulations, Company Policies:
• Stay informed about applicable laws and regulations, including Insurance Act, Data Protection Act and regulations, AML/CFT laws and
• other relevant statutory requirements
• Ensure that your actions and activities align with Laws, Regulations, Company Policies & Regulatory Guidelines
• Understand and adhere to internal company policies, processes, and procedures.
• Promptly report any instances of non-compliance to management and the Manager, Risk and Compliance.
• Take proactive measures to mitigate compliance risks within your role and department.
• Participate in training programs and awareness sessions organized by the company to enhance your understanding of compliance requirements.

Key Skills and Competencies

• Expertise in data protection law and practice.
• Expertise in regulatory compliance and its management.
• A good understanding of Company IT infrastructure and systems.
• Experience and knowledge of the organization’s data processing operations and the level of data protection required for what is
• processed.
• Classified as Public Classified as Public
• Should have excellent management skills and be able to interface easily with both internal staff at all levels and outside authorities.
• Personal skills: integrity, initiative, organization, perseverance, discretion, ability to assert himself/herself in difficult circumstances,
• interest in data protection and motivation to be a Compliance and Data Protection Officer.
• Regulatory Knowledge: In-depth understanding of insurance laws, regulations, and industry compliance requirements.
• Analytical Thinking: Strong analytical skills to assess compliance risks, conduct reviews, and develop effective solutions.
• Attention to Detail: Thoroughness and accuracy in reviewing policies, procedures, and embedding regulatory requirements.
• Problem-Solving: Ability to identify and address compliance issues, violations, and breaches in a timely and effective manner.
• Communication Skills: Excellent verbal and written communication skills to provide guidance and training on compliance matters and
• interact with stakeholders at all levels.
• Collaboration: Ability to collaborate with cross-functional teams and build effective working relationships to address compliance
• challenges, with good conflict resolution capabilities.
• Ethical Conduct: Commitment to ethical conduct and high standards of integrity in all compliance-related activities.
• Continuous Learning: Proactive attitude towards staying updated on regulatory changes and industry best practices.

Academic Qualifications

• Bachelor's degree in business, finance, law, or a related field. With a preferred preference for Bachelor of Laws degree.
• Relevant certification in Compliance management, KYC & AML/CFT/CPF.
• Privacy Professional Certifications provided by the International Association of Privacy Professionals (IAPP) such as Certified Information
• Privacy Professional (CIPP), Certified Information Privacy Professional/Information Technology (CIPP/IT) or other relevant certifications.

 Relevant Experience

• Minimum of 5years’ experience working in a mid-management level in a compliance/audits environment, coupled with proven experience in
• Regulatory Compliance, AML, compliance assurance and reporting within the financial services industry preferably in the insurance or banking
• industry.

Work Hours: 8

Experience in Months: 60

Level of Education: bachelor degree

Job application procedure
Interested in applying for this job? Click here to submit your application now.

All Jobs | QUICK ALERT SUBSCRIPTION