TPRM Manager
Department: Operations
Employment Type: Permanent - Full Time
Location: UK - London
Description
CFC is building a formal Third‑Party Risk Management (TPRM) capability for the first time. Following the development of a new TPRM framework, this role will take ownership of embedding, operating, and continuously improving that framework across the organisation.
The TPRM Manager will work closely with Procurement, Risk, Compliance and other business teams to ensure third‑party risk activities are aligned with supplier onboarding, contract oversight and ongoing supplier governance. The role will also support CFC’s Operational Resilience programme, ensuring third‑party dependencies and critical suppliers are properly assessed and monitored.
This is a hands‑on, business‑facing 1st Line of Defence role requiring strong judgement, stakeholder engagement and the ability to make a new framework practical, scalable and embedded in day‑to‑day decision‑making.
About the role
This role puts you at the centre of how CFC manages, understands, and mitigates third‑party risk — a critical capability in a highly regulated, fast‑moving insurance business.
You’ll own and continuously improve CFC’s Third Party Risk Management (TPRM) framework, ensuring it remains robust, consistent, and aligned with evolving regulatory expectations from bodies such as the FCA and Lloyd’s. Working closely with Procurement, Risk, Legal, IT and the wider business, you’ll help embed clear, practical risk processes across the full supplier lifecycle — from onboarding through to renewal and exit.
A key part of the role involves leading supplier risk assessments and due diligence, coordinating inputs across operational, information security, financial, legal and regulatory domains. You’ll bring these perspectives together into clear, actionable recommendations for contract owners and senior stakeholders, helping the business make confident, informed decisions while maintaining appropriate controls and mitigations.
You’ll also play an important role in strengthening CFC’s Operational Resilience, mapping critical third‑party dependencies, identifying key suppliers linked to important business services, and tracking remediation actions where risks are identified. Your work will directly support regulatory self‑assessments, resilience documentation, and ongoing assurance activity.
Beyond day‑to‑day delivery, you’ll act as a trusted point of contact for TPRM across the organisation, providing guidance, training, and support to help teams understand their supplier risk obligations. You’ll develop insightful dashboards and reporting for senior forums, maintain strong governance and audit trails, and help evolve how we use technology — including our newly implemented TPRM system — to improve efficiency, visibility, and control.
This is a role with real visibility, influence, and impact: combining regulatory rigour with continuous improvement, stakeholder engagement, and the opportunity to shape how supplier risk is managed across CFC.
About you
- Minimum 5 years’ experience in Third Party Risk Management
- Understanding of FCA Outsourcing & Third‑Party Risk expectations.
- Experience in Financial Services, Insurance or other regulated industries
- Experience supporting or working within Operational Resilience frameworks.
- Experience conducting due diligence or supplier risk assessments across multiple risk domains.
- Familiarity with procurement processes, supplier lifecycle management or vendor governance (advantageous).
Core Values
Love what you do:
We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers.
Challenge everything:
We’re never afraid to question the way that things are done and we constantly challenge ourselves and others to makes things better.
Have fun, be good:
Insurance is a serious business, but we don’t take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.
