Job Title

Senior Internal Financial Controls Analyst

Back to jobs
Market Related
Sector: Financial / Accounting Services
Posted: 15 March 2024

Job Details

Who are we?
The Sanlam Life and Savings cluster is responsible for Sanlam’s retail business in South Africa.Sanlam Life and Savings provides clients across different market segments (entry-level, middle-income, affluent, professional market and business owners) with a comprehensive range ofappropriate and competitive financial solutions. These include traditional life insurance risk andsavings products, investment, retirement, health and fiduciary services. Designed to facilitatelong-term wealth creation, protection and niche financing, these solutions are engineered aroundclient needs.

We believe in creating and cultivating a positive, energised working environment that gives youevery opportunity to achieve success. Sanlam is committed to transformation and embracingdiversity. This commitment is what drives us to achieve a diverse workplace with employmentequity as a key goal to create an inclusive workforce, representative of the demographics of oursociety as well as people with disabilities.
The Finance Services function is responsible for delivering the following services to SLS, as wellas other Clusters within Sanlam that make use of SAP S/4 HANA and related finance systems:

  • The execution of shared financial transactions through the Finance Shared ServicesCentre.
  • Drive operational excellence and efficiency through finance process and technologyoptimisation.
  • Delivering an efficient financial control and compliance environment for SAP S/4HANAand related finance systems.
  • Delivering on the consolidated financial reporting requirements for SLS.

What will you do?

  • The GRC Senior Analyst role will be responsible for supporting the Head of the Governance riskand controls centre of excellence (GRC CoE) in managing and delivering an efficient financialcontrol and compliance environment for SAP S/4HANA and related finance systems, with a focuson centralisation, standardisation, automation, and optimisation of financial control complianceprocesses.
  • The GRC CoE acts as a second line of defence in support of Business Units’ own financial controland compliance environments.
  • The incumbent will partner with the Head of GRC and Business Unit Heads to promoteadherence to agree upon financial control compliance processes. This role will furthermore be tosupport for the identification and reporting of non-compliance and recommendations on how thiscan be addressed.

The key performance areas of this role include the following:

  • GRC Strategy Development for Sanlam
  • Support the Head of GRC CoE in the development of the GRC strategy for SLS toensure greater compliance to required standards.
  • Support various strategic initiatives ensuring greater compliance and awareness insupport of realising the GRC strategy.
  • Financial Risk and Controls Support
  • Act as second line of defence in the design, implementation and management ofcontrol processes and documentation by:
  • Supporting management in the identification, design and implementation of financialrisk and controls through normal business as usual (BAU) operations andtransformation initiatives (change in people/process/technology).
  • Documenting identified financial risks and controls in a risk and control matrix.
  • Defining and maintaining standards used to document financial risks and controls.
  • Assist control owners and control performers in business and IT with walkthroughs ofcontrols
  • Maintaining the SAP Access Control ruleset to reflect the key access controls identifiedby business.
  • Performing tests of effectiveness for key controls
  • Creation of test plans for key controls
  • Preparation of IFC monthly report which entails capturing all control deficiencies andremediation plans. Distribution of report to governance stakeholders, being CFO’s andheads of finance and IT executives.
  • Optimisation
  • Continue to identify, design and implement optimisation opportunities in the financialcontrol and compliance environment through innovation and automation.
  • Support SAP GRC Solution
  • Support the management and delivery of financial controls through SAP AccessControl 12 and Process Control 12 applications:
  • Schedule SOD Review workflows to risk owners
  • Maintain User Access review process in SAP Access Control
  • Maintenance of Access Control custom ruleset at conceptual and permission/actionlevel
  • Run and interpret Access Risk Analysis reports and provide assistance to identifyremedial actions
  • Document and maintain the risks, controls and control owners in the repository(Process Control)
  • Defining and documenting manual control procedure steps
  • Regular review of access (UAR) and mitigations against the access risk ruleset(periodic) with root cause analysis
  • Following up on escalation workflows for configuration control changes
  • Creation/testing of new automated business rules and assignment to controls
  • Monitor dashboards by GRC CoE on PC and investigate control exceptions
  • Actively monitor control deficiencies and remediation plans providing assistance tocontrol owners
  • Provide Internal Team Training
  • Provide training for control performer and control owners in SAP Process Control
  • Stakeholder Integration
  • Support the Head of GRC CoE to operate as liaison between Business Unitmanagement (first line of defence) and key stakeholders that include Internal Audit(3rd line of defence) and External Audit (4th line of defence).

Qualification and Experience

  • Bachelor’s degree in risk and compliance management, finance, audit or relevant fieldfrom a recognised institution.
  • Professionally accredited from a recognised industry body as a Certified InformationSystems Auditor (CISA) or a Certified Internal Auditor (CIA) or Chartered Accountant(CA) is an added advantage.
  • SAP certification is an added advantage.
  • 5 years of functional experience in Finance or Risk Management.
  • 5 years comprehensive experience of internal audit, risk assessments, related methodology and terminology.
  • 5 years in-depth knowledge of Risk and Compliance processes and controls.
  • Functional experience in SAP Access Control, and SAP Process Control will be an added advantage
  • Audit or internal financial controls experience in SAP environment (S/4HANA) is an added advantage

Knowledge and Skills

  • Functional and basic technical understanding of SAP Fiori is an added advantage.
  • Functional and basic technical knowledge and understanding of S/4HANA Security isan added advantage.
  • Must be tech savvy
  • Must be able to coach junior team members

Behavioral Competencies

  • Must be able to perform well in a team.
  • Must have the ability to communicate effectively.
  • Should ensure accountability from all teams and stakeholders.

Core Competencies

  • Cultivates innovation – Contributing through others
  • Customer focus – Contributing through others
  • Drives results – Contributing through others
  • Collaborates – Contributing through others
  • Being resilient – Contributing through others