Global Head of Third Party Risk Management

Job Description
Who we're looking for
The Global Head of Third-Party Risk Management (TPRM) is responsible for designing, implementing, and overseeing a global framework to assess, monitor, and manage risks associated with Schroders' third-party relationships. This includes vendors, outsourcing partners, service providers, and other external entities critical to the firm's operations.

The role ensures that third-party risk is embedded in business decision-making, aligned with regulatory expectations (e.g., FCA, PRA, EBA, SEC), and integrated within the wider enterprise risk management framework. The role requires cross-functional working with Risk, Compliance, Legal, and Technology to embed effective risk controls, due diligence, and supplier assurance within all stages of the procurement lifecycle.

The role will bring a continuous-improvement mindset, staying abreast of the evolving regulatory landscape to ensure Schroders' third-party risk practices remain forward-looking and fit for purpose. Based in London, the role reports to the Chief Procurement Officer, who is responsible for all Procurement activity across the organisation.

About Schroders
We're a global investment manager. We help institutions, intermediaries and individuals around the world invest money to meet their goals, fulfil their ambitions, and prepare for the future.

We have around 6,000 people on six continents. And we've been around for over 200 years but keep adapting as society and technology changes. What doesn't change is our commitment to helping our clients, and society, prosper.

The team
Group Procurement is the centre of excellence for active commercial management of all of Schroders' supply chain, enabled by great people, disciplined cost management and seamless risk and compliance. Group Procurement sits within the COO Corporate Functions, supporting the wider business on all its third-party commercial activity. The team are made up of multiple disciplines across Market Data & Operations, Technology, Corporate Services, Third Party Risk and Procurement Operations. Located across London, Horsham, Singapore, and New York.

The base
We moved into our new HQ in the City of London in 2018. We're close to our clients, in the heart of the UK's financial centre and we have everything we need to work flexibly.

What You'll Do

• Lead the development and continuous enhancement of Schroders' Third-Party Risk Management strategy and policy.
• Establish governance structures, including steering committees, reporting lines, and escalation protocols.
• Ensure alignment with regulatory standards (e.g., DORA, EBA Guidelines, UK PRA SS2/21) and Schroders' risk appetite.
• Develop and maintain a robust TPRM framework, including risk segmentation, due diligence, onboarding, monitoring, and exit processes.
• Define risk taxonomy and criticality tiers for third-party services.
• Oversee enterprise-wide risk assessments and due diligence of vendors, including financial stability, cyber resilience, and ESG risk.
• Establish ongoing monitoring mechanisms, including performance reviews, SLA adherence, and control testing.
• Implement early warning indicators and risk dashboards to track third-party exposure and performance.
• Act as the key control point to prevent the onboarding of supplier risk through data capture, review and assessment.
• Coordinate the de-centralised supplier oversight framework, supporting, advising and collaborating with Business Owners globally, maintaining oversight of supplier reviews and ensuring policy compliance.
• Work closely with 2nd line risk functions (e.g. Financial Crime, Credit Risk, Business Continuity) to ensure supplier due-diligence information is made available for SME review.
• Design and embed supplier-oversight reporting capabilities and continuously improve performance and risk-assessment governance and metrics.
• Continually monitor the global regulatory landscape to ensure policies and procedures remain compliant and fit for purpose.
• Provide guidance on all areas of the supplier lifecycle and business areas to direct reports and the wider team as required.
• Own the supplier contract management and oversight platform, ensuring supplier information is recorded, maintained and regularly reviewed.
• Maintain the Outsourcing Register, including the record of Business Owners, contracts, criticality and associated due-diligence activities.
• Partner with Legal, Risk, Compliance, Procurement, IT, and Information Security to embed third-party risk management practices.
• Engage with regulators, internal audit, and external assurance providers on third party risk matters.
• Communicate third-party risk exposures and mitigation strategies to senior management and the board.
• Lead or support implementation of TPRM systems and tools to automate workflows and reporting.
• Maintain a centralized third-party inventory and ensure quality, consistency, and completeness of vendor data.
• Support incident response and contingency planning related to third-party failures or disruptions.
• Coordinate with business continuity and resilience teams to ensure robust third-party crisis management.

The Knowledge, Experience And Qualifications You Need

• Experience in operational risk, third-party risk management, ornenterprise risk within financial services.
• Deep knowledge of regulatory requirements for outsourcing and third-party risk (FCA, PRA, EBA, DORA, etc.).
• Strong knowledge of contract risk clauses, exit terms, business continuity, and supplier classification models.
• Proven senior leadership experience managing cross-functional teams and risk frameworks in a complex global environment.
• Experience working closely with 2nd Line Risk and Assurance functions to ensure supplier due diligence is performed, monitored, and aligned to policy.
• Experience designing, owning and implementing supplier-management and oversight frameworks, including contract-database or supplier-management systems, strong understanding of information security, data privacy, business continuity, and legal/vendor contracting principles.
• Experience with third-party risk platforms (e.g., Archer, ServiceNow VRM, Aravo, Coupa, etc.) is a plus.
• Adept at leading cross-functional engagements with second line and audit teams.
• Excellent communication, influencing, and presentation skills; experience engaging with senior stakeholders and regulators.

Key competencies

• Strategic Thinking
• Supplier & Third-Party Governance Expertise
• Continuous-improvement mindset
• Risk and Control Mindset
• Regulatory Acumen
• Leadership & People Management
• Stakeholder Influence & Communication
• Analytical & Problem Solving

The Knowledge, Experience And Qualifications That'll Help

• Relevant certifications (e.g., CTPRP, CRISC, CISA, CISSP) desirable
• Degree in Risk Management, Business, Law, Finance, or related field
• Master's degree or MBA advantageous
• Professional certifications in risk or third-party management

We Recognise Potential, Whoever You Are
Our purpose is to provide excellent investment performance to clients through active management. Diversity of thought, facilitated by an inclusive culture, will allow us to make better decisions and better achieve our purpose. This is why inclusion and diversity are a strategic priority for us and why we are an equal opportunities employer. You are welcome here, regardless of your age, disability, gender identity, religious beliefs, sexual orientation, socio-economic background, or any other protected characteristic.

About Us
We're a global investment manager. We help institutions, intermediaries and individuals around the world invest money to meet their goals, fulfil their ambitions, and prepare for the future.

We have around 6,000 people on six continents. And we've been around for over 200 years, but keep adapting as society and technology changes. What doesn't change is our commitment to helping our clients, and society, prosper.