Role Profile

Page 1 of 3

Key responsibilities and accountabilities

• Compliance Advice: Provide collaborative advice, challenge and guidance to our business partners and

colleagues in relation to all matters of regulatory compliance, in particular consumer credit, consumer duty and the FCA Handbook

• Solutions-based compliance support: Championing an effective compliance culture, support on queries pertaining to and provide guidance on Consumer Credit Act 1974 (and subordinated legislations), Consumer Rights Act 2015, Customer Complaints, Vendor Contracts and pending vehicle disputes.

• Trusted Advisor: Act as Trusted Adviser to our business colleagues and key stakeholders by ensuring that commercially sensitive, pragmatic and practical compliance advice is provided in a cost-effective manner.

• Lead on regulatory change implementation, providing critical compliance advice on required changes and impacts of regulatory change; working with the business to identify impacts and devise appropriate policies and procedures to maintain compliance.

• Support the upkeep and maintenance of all compliance policies and provide 2LOD advisory support on the mapping of regulatory requirements to 1LOD Policies.

• Develop, update and deliver in-person compliance risk training on regulatory change and compliance risk (in consultation with the Chief Compliance Officer)

• Regulatory Horizon Planning – support the tracking, delivery and implementation of regulatory changes advising on key impacts to the business and required changes. Deliver training in support of key changes.

• Escalate issues and matters of compliance risk to senior management in a timely manner to reduce risk and losses as much as possible.

• To act as an advocate for compliance with all legal, regulatory and company standards and promote a positive risk culture within the first line of defence where transparency, action and rigor are evident – particularly in relation to customer outcomes.

• To frequently liaise with first line business areas to ensure understanding of key processes and how controls support the achievement of compliance, identifying gaps and weaknesses that need to be addressed – particularly in relation to Arrears Management, Vulnerable Customer Management, Complaints Handling, ensuring good customer outcome is at the heart of everything we do at Blue.

Role details

POSITION: Senior Compliance Advisor DEPARTMENT: Compliance

REPORTS TO: Chief Compliance Officer DIRECT REPORTS: 0

LOCATION: Head Office, Sundridge (hybrid) DATE: May 2025

Compliance at Blue

The Compliance Function is organised around five principal risks (Regulatory Risk, Operational Risk, Financial Crime, Data Protection, and Advisory) and is led by our Chief Compliance Officer (SMF16/17). The Department operates independently as a second line of defence and works collaboratively with first line areas across the business to provide oversight, challenge, advice, and assurance, in relation to the key business objectives, and in line with the Blue Motor Finance ‘beliefs’ (values).

Overall purpose of the role

Reporting to the Chief Compliance Officer, the focus of this role is to support on all matters of compliance advisory, provide solutions based advisory support to our business colleagues, support and advice on regulatory matters. Provide an appropriate balance of support, guidance, and challenge to achieve regulatory compliance and good customer outcomes in all matters of compliance advice.

Role Profile

Page 2 of 3

• To maintain an up-to-date knowledge of the FCA Handbook and key regulatory requirements (e.g., “CONC”, “DISP”, “SMCR”, and the “CCA”) and apply these to all solutions-based advice.

• To provide regulatory guidance around key business activities, including EXCO objectives and key projects.

• Proactively identify, investigate and analyse current and future regulatory risks, monitor the regulatory horizon to maintain an up-to-date view of regulatory developments that could impact Blue Motor Finance and support in the communication of Regulatory updates to the business.

• Support the Chief Compliance Officer in the communication of regulatory developments and regulatory risk reporting to Blue’s stakeholders (internal and external), including training delivery to first line business functions.

• Observe and champion Blue’s code of conduct and the FCA’s Conduct rules including demonstrating the expected behaviours to deliver good outcomes for customers.

• Provide oversight around the requirements set out in the firm’s policies and procedures.

Person specification

• 6 years plus compliance experience in an FCA regulated environment – consumer credit preferable.

• Sound understanding of Consumer Credit legislation and Consumer Duty principles.

• Demonstrated ability to effectively analyse risk and apply sound judgement in a timely manner.

• Proven ability to write detailed policies and procedures, regulatory updates for publishing across the business, and breach reports.

• Good team player, pragmatic and flexible, able to work on own initiative, whilst recognising where support is required.

• Strong interpersonal skills, able to establish effective working relationships at all levels.

• Appreciates the importance of accuracy, attention to detail and professionalism.

• Demonstrates a sense of urgency, strong delivery ethos and good work ethic.

• Ability to work with competing deadlines and priorities.

• Resilient, not derailed by a setback and returns to a high level of performance quickly.

• Excellent internal customer service skills.

• Comfortable and competent with MS Office.

• Comfortable identifying and raising issues, even with senior colleagues, particularly where providing constructive advice and driving good outcomes for customers.

• The role holder must carry out their role in a way that is aligned to the Purpose, Mission and Beliefs at Blue.

Additional requirements

• This document is neither contractual nor exhaustive and may be amended to meet the needs of the business. Where possible this will be done in consultation with the job holder.

• From time to time, and within reason, you may be required to carry out tasks that fall outside of your position’s remit.

• From time to time, and within reason, you may be required to work outside of your standard contracted hours.

• As part of your on-going development, you may be required to undertake training to meet the requirements of your role.

• Due to our remote location and lack of public transport it is suggested that you are a driver and are able to get to our offices in Sundridge, Sevenoaks albeit hybrid working is in place.

Role Profile

Page 3 of 3

Conduct Rules:

• You must act with integrity.

• You must act with due skill, care and diligence.

• You must be open and cooperative with the FCA and other regulators.

• You must pay due regard to the interests of customers and treat them fairly.

• You must observe proper standards of market conduct.

• You must act to deliver good outcomes for retail customers.

Confidential C

• Act as the Financial Crime expert for Mobilize FS and RCI Bank and deputise the

role of the firm’s Nominated Officer. Will be responsible for liaising with internal

and external stakeholders (to include external agencies, the law enforcements,

and the regulators).

• Assist with the enhancement and development of the financial crime assurance

framework, supporting the development and implementation of Line 2 oversight

activities, quality assurance and thematic assurance testing of 1st Line activities.

• Support the development of the firm’s Financial Crime Risk framework, drafting

and developing appropriate policies, procedures, and processes to manage all

Financial Crime Risks (AML/CFT/CPF, Internal/External Fraud, AB&C, Sanctions,

Tax evasion).

• Support the Head of Financial Crime & MLRO with the annual firm wide financial

crime risk assessment and preparation for the annual MLRO report.

• Provide fraud and financial crime SME input to the firm’s program management

process to support new products and initiatives, ensuring that relevant risks are

identified and mitigated, and the firm meets its policy and regulatory

requirements.

• Design and facilitate the FC risk assessment including an assessment of control

effectiveness.

• Undertake investigations regarding potential cases of suspected money

laundering, fraud, financial crime as and when required. Report to the FUI on

behalf of the MLRO/Nominated Officer as needed.

• Lead on the design and delivery of internal MI reporting and support external

regulatory reporting requirements.

• Support Transaction monitoring and act as an escalation point for the payments

subject to enhanced monitoring

• Provide oversight and challenge to the business unit/team Risk and Control Self

Assessment’s to ensure fraud and financial crime risks and controls are

appropriately identified and evaluated.

• Provide regulatory and technical expertise into current and future Financial

Crime technology solutions, their implementation and configurations.

• Support with 2ND Line oversight of 3rd parties as per outsourcing requirements.

• Provide advice and guidance to 1st Line stakeholders and colleagues in relation

to Customer Due Diligence throughout the customers’ journey and

assesses/review clients risk factors.

• Provide Fraud subject matter expertise to support the enhancing of the firm’s

fraud management capabilities

• Establish and maintain the Financial Crime frameworks, including policies and

procedures, reporting, record-keeping, risk assessment, management and

control systems, to comply with the MLRs, UK sanctions laws, regulatory

guidance and best practice

• Assist with the design and delivery of FC Training content and provision. Monitor

and report on staff FC training requirements.

• Conduct horizon scanning for regulatory change and maintaining a view of

industry best practices.

Confidential C

•

•

•

•

Confidential C

Internal

Job Description

JOB DETAILS

Job Title: Lead Conduct Compliance Manager – Advisory and business change

Department: Business Compliance

Reports to: Chief Compliance Officer

Grade: 5

Date: December 2024

KEY PURPOSE OF THE JOB

The Business Compliance team is an independent regulatory and compliance advisory and assurance

function for Mercedes-Benz Financial Services (UK) Ltd (MBFS) and its Appointed Representative. The

role holder will also contribute to the provision of a regulatory compliance service to Mercedes-Benz

Insurance Services (UK) Ltd (MBIS).

This role acts as a primary point of contact between MBFS’ Business Compliance (second line of

defence) and MBFS’ wider business. The primary purpose of the role is lead a team of Conduct

Compliance Executives managing regulatory and conduct compliance risks by:

• Ensuring that compliance risks are identified, mitigated, remediated and reported on.

• Providing subject matter expert advice and guidance to the business on all matters relating to

regulatory and compliance risk.

• Driving engagement on the subject of regulatory compliance and conduct culture at all levels

up to and including MBFS’ Senior Leadership Team including Senior Management Function

holders.

ACCOUNTABILITIES (6-10 single sentence statements)

PERCENTAGES

You are required to maintain ethical standards in accordance with Mercedes-

Benz Mobility AG Policies and the Company's Compliance Guidelines and

Policies including Anti-Bribery and all relevant competition law. -

People Leadership:

• Lead and support a team of Compliance Executives responsible for day-to-

day advisory and ongoing business change and project delivery

• Develop the team against individual performance toolkits, their own

personal development plans, together with the MBFS business strategy.

• Ensuring outlined and clear objectives, development reviews and monthly

1-2-1 meetings and coaching sessions.

• Provide the team with access to the outcomes provided for in MBFS’

Management and Leadership Charters.

15

Regulatory advice:

• Lead a team providing specialist regulatory and compliance advice

• Promote a compliance culture throughout the business, influencing

stakeholders, including SMF holders and other senior managers, to deliver

compliant products and services which deliver good customer outcomes,

including but is not limited to:

30

Internal

• general ad-hoc advice

• reviewing and approving financial promotions and other internal and

external communications

• assessing and advising on internal regulatory breach reporting

• advising on remedial actions needed in response to 1st, 2nd and 3rd line

business assurance reporting

• supporting effective complaint root cause analysis and associated business

change

Ongoing process and policy review:

• Lead on the periodic review of MBFS policies and procedures to ensure

continuing compliance with and consistency with applicable FCA or MBM

AG requirements.

10

Horizon scanning and regulatory change:

• Lead the Conduct Compliance Team’s contribution to a monthly legal and

regulatory update to the wider MBFS business, identifying, describing and

providing relevant commentary on regulatory change relevant to MBFS.

• Lead on gap analysis and the identification and description of operational

impacts and other key risks by reviewing and interpreting consultation

papers, policy statements and other FCA publications.

• Lead on the advisory component of the MBFS business change process

prompted by those gap analyses and impact assessments.

30

Control and governance

• Improve and implement internal controls and reporting mechanisms that

support consistent service levels and quality output from the advisory

team.

10

Senior Managers & Certification Regime:

• Lead the advisory component which maintains a compliant SM&CR

framework. Advise Senior Management function holders on their

responsibilities for complying with their regulatory obligations. Assist in

managing regulatory applications and notifications ensuring regulatory

timescales are met.

• Assist in all processes aimed at ensuring the MBFS Management

Responsibilities Map is accurate and up to date.

5

TOTAL

100%

KEY SKILLS/KNOWLEDGE/EXPERIENCE

• Comprehensive working knowledge of FCA principles, rules, handbook and non-handbook

guidance, codes of practice and any other requirements and standards of the FCA’s

regulatory system relevant to MBFS’ consumer credit business.

• Working knowledge of the FCA’s requirements as they apply to general insurance distribution,

including but not limited to the ICOBS and PROD sourcebooks

• Works in a collaborative way in projects and other multi-departmental activities, providing

advice to jointly achieve effective results.

• Ability to carry out multiple tasks and prioritise challenging workloads to plan and deliver

work effectively.

• Able to work within policies and procedures to deliver allocated departmental objectives.

• Excellent communication skills and an ability to engage with a range of stakeholders including

members of MBFS’ Senior Leadership team.

Internal

• Strong analytical skills which are applied to assist in drawing conclusion from complex data.

• Engage with and understand MBFS’ commercial objectives and to assist the business to

understand the conduct and compliance context to influence decision making in the interests

of the business and its customers.

• Able to provide technical support and coaching to colleagues.

ORGANISATION CHART/DEPARTMENTAL STRUCTURE

ADDITIONAL INFORMATION

This role reports to the Chief Compliance Officer.

DIMENSIONS (Use only those applicable) This section covers measurable items such as staff reports and income generated. It should only be

used if appropriate i.e.: “5 direct reports, 3 indirect reports”. Direct Budget is defined as being

responsible for setting and managing a departmental budget; Indirect Budget includes, for example,

supporting a department’s budget/having discretion over trading allowances/helping to achieve

Warranty Budget.

Number of Direct Reports: 2 – (Two) Direct Budget: £ n/a

Indirect Staff Reports: 0 – (none) Indirect Budget: £ n/a

Job Description

JOB DETAILS

Job Title: Conduct Compliance Executive

Department: Business Compliance

Reports to: Lead Conduct Compliance Manager

Grade: 6

Date: April 2024

KEY PURPOSE OF THE JOB

The Business Compliance team is an independent regulatory and compliance advisory and assurance

function for Mercedes-Benz Financial Services (UK) Ltd (MBFS) and its Appointed Representative. The

role holder will also contribute to the provision of a regulatory compliance service to Mercedes-Benz

Insurance Services (UK) Ltd (MBIS).

This role acts as a primary point of contact between MBFS’ Business Compliance (second line of

defence) and MBFS’ wider business. The primary purpose of the role is to manage regulatory and

conduct compliance risks by:

• Identifying forthcoming changes to the regulatory framework relevant to MBFS or MBIS

• Ensuring compliance risks are identified, mitigated, remediated and reported on.

• Providing subject matter expert advice and guidance on all matters relating to regulatory and

compliance risk.

• Co-ordinating the completion of regulatory and other returns and information requests across

the business as requested by the Financial Conduct Authority (FCA) and where necessary,

with Mercedes-Benz Mobility AG.

• Driving engagement on the subject of regulatory compliance and conduct culture at all levels

up to and including MBFS’ Senior Leadership Team including Senior Management Function

holders.

ACCOUNTABILITIES (6-10 single sentence statements)

PERCENTAGES

You are required to maintain ethical standards in accordance with Mercedes-

Benz Mobility AG Policies and the Company's Compliance Guidelines and

Policies including Anti-Bribery and all relevant competition law. -

Regulatory advice and support:

• Provide specialist regulatory and compliance advice and promote a

compliance culture throughout the business, influencing stakeholders,

including SMF holders and other senior managers, to deliver compliant

products and services which deliver good customer outcomes.

• Manage regulatory risk by working with business areas to cultivate and

maintain key relationships to enable the provision of proportionate and

appropriate advice on relevant regulations and business policies and

processes whilst supporting commercial strategy. This includes but is not

limited to general query advice, reviewing and approving financial

promotions, assessing regulatory breaches and incidents and supporting

key business projects.

30

Monitoring and review:

• Assist in the design, establishment and implementation of the Compliance

Monitoring plan, to oversee the first line of defense controls in line with the

regulatory risk cycle. Assist in updating and maintaining the MBFS conduct

risk assessment matrix, taking into consideration existing and emerging

regulatory risks and developments.

• Where required, conduct allocated compliance monitoring reviews in line

with the Compliance Monitoring Review framework including collaborating

with stakeholders to gather information for analysis, testing, producing

reports on the findings of monitoring activity and developing a plan to

mitigate identified risks. Lead on engagement with business management

to discuss findings, recommendations and where needed actions that drive

improvement.

30

Ongoing process and policy review:

• Assist in the periodic review of MBFS policies and procedures to ensure

continuing compliance with and consistency with applicable FCA or MBM

AG requirements.

10

Horizon scanning and regulatory change:

• Contribute to a monthly legal and regulatory update to the wider MBFS

business, identifying, describing and providing relevant commentary on

regulatory change relevant to MBFS.

• Assist on identifying operational and describing operational impacts and

other key risks by reviewing and interpreting consultation papers, policy

statements and other publications

• Assist in appropriate gap analysis and any other work necessary to timely

and effective implementation.

10

Regulatory and internal reporting:

• Manage all regular reporting requests from the FCA and any internal Audit

requests. Collaborate with colleagues across business to co-ordinate

requests and responses to compile comprehensive responses are

submitted in line with deadlines.

• Lead on FCA information requests; collaborating with and overseeing the

business to ensure comprehensive responses are provided within

deadlines and that the Local Management Board is kept informed about

any requests made and any implications/risks arising.

• Contribute to the production of the Business Compliance Conduct Risk

Dashboard and any other internal reporting as necessary.

10

Senior Managers & Certification Regime:

• Contribute to the maintenance of a compliant SM&CR framework. Advise

Senior Management function holders on their responsibilities for complying

with their regulatory obligations. Assist in managing regulatory applications

and notifications ensuring regulatory timescales are met.

• Assist in all processes aimed at ensuring the MBFS Management

Responsibilities Map is accurate and up to date.

10

TOTAL

100%

KEY SKILLS/KNOWLEDGE/EXPERIENCE

• Strong working knowledge of FCA principles, rules, handbook and non-handbook guidance,

codes of practice and any other requirements and standards of the FCA’s regulatory system

relevant to MBFS’ business.

• Working knowledge of the FCA’s requirements as they apply to general insurance distribution,

including but not limited to the ICOBS and PROD sourcebooks

• Capacity for collaborative multi-departmental working, providing advice to jointly achieve

effective results.

• Ability to carry out multiple tasks and prioritise challenging workloads to plan and deliver

work effectively.

• Ability to work within policies and procedures to deliver allocated departmental objectives.

• Excellent communication skills and an ability to engage with a range of stakeholders including

members of MBFS’ Senior Leadership team.

• Strong analytical skills which are applied to assist in drawing conclusion from complex data.

• Engage with and understand MBFS’ commercial objectives and to assist the business to

understand the conduct and compliance context to influence decision making in the interests

of the business and its customers.

• Able to provide technical support and coaching to colleagues.

ORGANISATION CHART/DEPARTMENTAL STRUCTURE

ADDITIONAL INFORMATION

This role reports to the Lead Conduct Compliance Manager.

DIMENSIONS (Use only those applicable) This section covers measurable items such as staff reports and income generated. It should only be

used if appropriate i.e.: “5 direct reports, 3 indirect reports”. Direct Budget is defined as being

responsible for setting and managing a departmental budget; Indirect Budget includes, for example,

supporting a department’s budget/having discretion over trading allowances/helping to achieve

Warranty Budget.

Number of Direct Reports: 0 – (none) Direct Budget: £ n/a

Indirect Staff Reports: 0 – (none) Indirect Budget: £ n/a

Role Profile

Page 1 of 2

Key responsibilities and accountabilities • Develop, monitor and maintain policies and standards applicable to the business and in compliance

with the DPA 2018 and relevant national legislation. • Work with internal stakeholders in the review of projects and related data to ensure compliance with

data privacy laws, conducting, advising on and monitoring data protection privacy impact assessments. • Serving as the primary point of contact for data protection related matters under the DPA 2018, , GDPR

compliance, escalating matters and risks to the DPO where appropriate. • Reviewing vendor contracts (including EU model clauses) needed to implement projects in partnership

with the firm’s Compliance and IT functions. • Managing and conducting ongoing reviews of Blue’s privacy governance framework and reporting on

data privacy compliance within the organisation. • Implement measures to manage data use in compliance with the DPA 2018, including developing

templates for data collection, assisting with data mapping, and vendor management reviews. • Management and oversight of Data Rights Requests and complaints within 1LOD • Responsible for data breach and security incident Management, ensuring escalation to the DPO where

appropriate • Monitoring changes to Data Protection laws and making recommendations to the DPO and Board or a

relevant committee when appropriate. • Develop and deliver privacy training to various business functions and collaborate with the IT function to

raise employee awareness of data privacy and security issues. • Ensuring that the business’ data assets and processes are up to date, effective and operational, including

data registers, LIA’s, privacy notices and key policies and procedures. • Assist the DPO in fostering and promoting a culture of data privacy across the business, developing

strategies and initiatives to ensure engagement with key internal and external stakeholders. • Coordinate, conduct and monitor data privacy audits and assurance reviews • Collaborate with the IT function to maintain records of all data assets and exports and maintaining a data

security incident management plan to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications.

• Ensuring that Blue’s IT systems and procedures comply with all relevant data privacy and protection law, regulation and policy (including in relation to the retention and destruction of data).

JOB DETAILS POSITION: Data Protection Manager DEPARTMENT: Compliance REPORTS TO: Chief Compliance Officer & DPO DIRECT REPORTS: 0 LOCATION: Sundridge, Kent DATE: April 2025

Data at Blue The Data Protection Function is part of the wider Risk & Compliance department, led by our Chief Compliance Officer. The data function is responsible for the business’ compliance with its regulatory obligations from a data protection perspective. We collaborate closely as one function and work with all other teams across Blue.

Overall purpose of the role The Data Protection Manager (DPM) will ensure Blue meets its obligations under the Data Protection Act 2018 (DPA 2018). Reporting to the Chief Compliance Officer & DPO, the DPM will monitor compliance and data practices internally to ensure that the business and its functions comply with the applicable requirements under the DPA 2018 and relevant national legislation. The DPM will be responsible for advising on, and where required, carrying out staff training, data protection impact assessments and internal audits. The DPM works across all business lines in an advisory role to help Blue maintain perspective on what constitutes “doing the right thing” objectivity, ability to challenge, commerciality and pragmatism to successfully operate across the business.

Role Profile

Page 2 of 2

Compliance and regulation Develop and maintain a full understanding of the Company’s compliance requirements (including the Financial Conduct Authority’s Conduct Rules) and act in accordance with the standards, instructions in, and the spirit of those requirements. Assume responsibility for ensuring that personal data is handled legally and fairly in accordance with the company’s data protections and policies and procedures, and act in a way that compiles with the standards, guidelines and spirit of those requirements. Act to deliver good outcomes for our customers and understand how this requirement specifically applies to your role at Blue. Person specification

• Expert knowledge of Data Protection Law and practices and able to fulfil the tasks in DPA 2018. • Hold at least one data protection and/or privacy certification, such as CIPP, CIPT, CIPM, ISEB, etc. • Minimum of 4 years’ experience within privacy and data protection compliance. • Ideally previously held a Data Protection Manager. • Ability to demonstrate leadership and project management experience. • Familiarity with privacy and security risk assessment and best practices, privacy certifications/seals and

information security standards certifications. • Experience working in an FCA regulated industry (desirable). • Experience in developing policy and compliance training. • Sufficient knowledge of information technology and data management systems required. • Strong change and project management skills, including the ability to manage time well, prioritise

effectively and handle multiple deadlines. • Ability to undertake large, long-term projects, develop alternative methods and implement solutions. • Good team player, flexible and able to work on own initiative. • Strong interpersonal skills, able to establish effective working relationships at all levels. • Appreciates the importance of confidentiality, accuracy and attention to detail. • Resilient, not derailed by a setback and returns to a high level of performance quickly. • Comfortable identifying and raising issues, particularly where driving good outcomes for customers are

concerned.

Additional requirements • This document is neither contractual nor exhaustive and may be amended to meet the needs of the

business. Where possible this will be done in consultation with the job holder • From time to time, and within reason, you may be required to carry out tasks that fall outside of your

position’s remit • From time to time, and within reason, you may be required to work outside of your standard

contracted hours • As part of your on-going development, you may be required to undertake training in order to meet the

requirements of your role. • Due to our remote location and lack of public transport it is suggested that you are a driver and are

able to get to our offices in Sundridge, Sevenoaks.