Enforcement Lawyer - Specialist in Data Management / Policy

The Financial Reporting Council's (FRC's) purpose is to serve the public interest and support UK economic growth by upholding high standards of corporate governance, corporate reporting, audit and actuarial work. We are the UK Competent Authority for audit. We also set the UK Corporate Governance and Stewardship Codes as well as UK standards for accounting, auditing, and actuarial work. We monitor and take enforcement action to promote the quality of corporate reporting and operate independent enforcement arrangements for accountants and actuaries. Further information about our work can be found at .

The FRC's Enforcement Division is the independent disciplinary body for the accountancy and actuarial professions in the UK. It undertakes complex professional disciplinary investigations and prosecutions in cases involving accountants, accountancy firms and actuaries which raise important issues affecting the public interest in the UK.

Many of the investigations are large, complex, and high profile and our cases regularly require liaison with other investigators including the Serious Fraud Office, the Financial Conduct Authority, the Insolvency Service, and the Pensions Regulator. Examples of our recent case outcomes can be found here.

More information on the work of the Division can be found in our Annual Enforcement Review.

• Assisting the Enforcement Division's Information Asset Owner and data management team with the provision of, and contributing your own, high quality, practical legal advice and analysis on data management and related policy considerations, within the context of supporting Case Lawyers and multi disciplinary case teams to deliver complex regulatory investigations.
• Supporting the development and implementation of the Enforcement Division's data management policy and strategy and ensure its compliance with all applicable data protection laws and regulations (including UK GDPR, the DPA, FOIA, other legislation and regulations specific to the FRC's work and the common law).
• Understanding and demonstrating best practice in complying with applicable laws, regulations and internal policies for the protection of personal, confidential and/or sensitive data.
• Supporting workstreams to implement updates to the Enforcement Division's suite of policies and procedures on data management and related topics.
• Drafting practical advice and guidance for Enforcement case teams on data management and related topics arising from new and proposed legislative changes as well as developing good practice.
• Engaging with and working alongside lawyers from the FRC's Legal Services Team and the FRC's IT experts as and when required.
• Engaging with Government Departments, other regulators and other agencies on legal and policy issues relating to data management as required.
• Preparing and delivering training and presentations to Enforcement team members.
• Supporting with instructing specialist counsel to advise on legal questions relating to data management of high complexity or risk.

You will work as part of a multi disciplinary team, alongside forensic accountants, lawyers, and legal assistants on data management and related policy issues in the context of supporting the delivery of complex regulatory investigations. The role is accountable to the Enforcement division's Information Asset Owner, the Senior Policy Lawyer and the Senior Leadership team.

The role will also involve collaboration and engagement with colleagues in many of the FRC's other Divisions including the Legal Services Team.

The post holder should be able to work flexibly to support the team's activities and also provide cover within the FRC as necessary. The FRC operates a hybrid working arrangement. This means full time employees will spend at least four days per fortnight in the office, pro rata for part time employees, and any arrangement will be agreed between the employee and their line manager.

The role may be based in either our London or Birmingham Office. Some travel to our other office location may be required from time to time.

The successful candidate must be a solicitor or barrister fully qualified to practise in England and Wales (or other Common Law jurisdiction with demonstrable, relevant experience in the UK) with proven experience (typically in excess of two years) of advising on laws and regulations for the protection of personal, confidential and/or sensitive data (including UK GDPR, the DPA, FOIA, other jurisdiction specific legislation and regulations and the common law) as well as best practice in complying with the same. They will have sound knowledge of current issues and trends in the field and experience of completing, and best practice for, data impact assessments and responding to FOIA requests and SARs.

Preferably this experience will have been gained within the context of working within a division or team carrying out law enforcement or regulatory investigations. Alternatively, it is desirable for candidates to have previous experience working or acting for a prosecuting authority, regulator or disciplinary body with an enforcement/investigation function, in addition to experience of providing legal advice in respect of applicable data protection laws and regulations.

Candidates will be expected to demonstrate the following competencies:

• Excellent legal and technical skills in the areas outlined above
• Excellent analytical skills and judgement
• Ability to support organisations in robustly evaluating and addressing data management risks in an enforcement / investigation context
• Excellent written and oral communication and interpersonal skills, including ability to communicate clearly with a range of internal and external parties and credibility to engage with senior professionals
• Ability to collaborate effectively in a multi disciplinary environment, with colleagues and stakeholders at all levels to deliver effective solutions
• Determination and self motivation to pursue matters, make well reasoned suggestions and propose solutions
• Effective project management and organisational skills including an ability to work well under pressure and to deadlines
• Strong legal research skills and excellent IT skills