Lead, Internal Control

Internal Control Framework Execution & Ownership

i) Revise and implement a comprehensive internal control framework covering all key operational financial and compliance risk domains across Credit Direct.

ii) Develop and institutionalise the internal control charter policy suite testing methodology and standards in alignment with CBN regulatory expectations and global best practice (e.g. COSO 2013).

iii) Define and maintain the risk and control matrix (RCM) across all business processes ensuring each identified risk is mapped to an appropriate and tested control.

iv) Conduct an organisation-wide control environment assessment to identify gaps weaknesses and areas requiring immediate remediation and propose structured action plans.

v) Establish repeatable documented work programmes and testing templates that will underpin all internal control activity enabling future scale and team build-out.

vi) Serve as the primary internal champion and subject matter expert for all matters relating to internal controls proactively educating business units on their control responsibilities.

vii) Develop and maintain a controls library ensuring all key controls are inventoried classified by type (preventive detective corrective) and assigned to accountable process owners.

Risk-Based Controls Testing & Assurance

i) Develop and execute a risk-based internal controls testing plan and programme on a quarterly and annual basis prioritizing high-risk processes products and operational areas.

ii) Perform end-to-end walkthroughs of business processes to assess design adequacy and operating effectiveness of controls.

iii) Conduct transaction testing reconciliation reviews and sample-based testing across financial reporting loan operations collections treasury and customer onboarding processes.

iv) Identify and document control deficiencies root causes and associated risk exposures and escalate material weaknesses to the Managing Director and relevant process owners.

v) Prepare clear and well-evidenced internal control testing reports with actionable recommendations timelines and accountable owners for remediation.

vi) Track and independently verify the closure and effectiveness of remediation actions arising from prior control findings re-testing where necessary.

vii) Conduct pre-implementation control reviews for new products systems and processes to identify and resolve control gaps before operational launch.

Financial & Operational Controls Oversight

i) Review and assess the adequacy of controls over financial reporting processes including the completeness accuracy and timeliness of financial data and period-end close activities.

ii) Monitor controls over credit origination loan disbursement repayment processing and portfolio management workflows to identify unauthorised or irregular transactions.

iii) Review segregation of duties configurations across systems and processes flagging and resolving conflicts that create fraud or error risk.

iv) Assess controls over cash management payment processing and treasury operations ensuring appropriate authorisation matrices and dual-control requirements are in place.

v) Conduct periodic surprise checks and targeted operational reviews in high risk functions such as agent operations branch cash handling and vendor payment processing.

vi) Evaluate the control environment within third-party and outsourced service providers relevant to Credit Directs operations and report material gaps.

vii) Support the development and periodic review of delegation of authority limits approval matrices and system access control policies.

Fraud Risk Management & Investigation Support

i) Proactively identify fraud risk indicators and design detective controls to surface potential fraud collusion and unauthorised activity within the organisation.

ii) Investigate control exceptions red flags and irregular transactions documenting findings and presenting outcomes with recommendations to the Managing Director.

iii) Maintain a fraud incident register tracking all reported or identified incidents investigation status and remediation outcomes.

iv) Conduct periodic fraud risk assessments across high exposure functions and recommend targeted control enhancements to mitigate identified risks.

v) Collaborate with relevant internal stakeholders (Finance Operations People Management IT) and external parties where necessary during fraud investigations.

vi) Develop and disseminate fraud awareness materials and guidelines to staff promoting a culture of integrity and prompt escalation of concerns.

Regulatory & Compliance Interface

i) Ensure the internal control framework and testing programme is aligned with CBN regulatory requirements for finance companies including prudential guidelines and the CBN Consumer Protection Framework.

ii) Support the organisations readiness for external regulatory examinations by maintaining a well-documented controls environment and clean audit trails.

iii) Coordinate with the Legal Compliance & Governance function to ensure controls adequately address AML/CFT obligations NDPR/NDPA data protection requirements and other applicable regulatory mandates.

iv) Prepare internal control-related inputs for board and management reporting including control environment summaries deficiency tracking and remediation status updates.

v) Monitor developments in relevant regulatory guidance (e.g. CBN circulars NDPC advisories) and proactively assess their implications for the internal control framework.

vi) Liaise with external auditors during the annual audit cycle providing documentation facilitating walkthroughs and coordinating responses to audit queries on internal controls.

Reporting Documentation & Governance

i) Prepare and present comprehensive internal control reports to the Managing Director on a monthly and quarterly basis covering testing results findings remediation status and overall control environment assessment.

ii) Maintain a well-organised internal control repository including work papers testing evidence findings reports remediation records and the controls library.

iii) Develop and maintain a dashboard of key control indicators (KCIs) that provides management with a real-time view of the control environment.

iv) Report on the status of the annual internal controls plan including deviations from plan resource constraints and adjusted priorities.

v) Prepare periodic control environment updates for the Managing Director and the rest of the Management Team.

vi) Document all significant process changes system implementations and organizational changes that have implications for the internal control environment.

Stakeholder Engagement & Control Culture

i) Act as a trusted adviser and first point of contact for all business units seeking guidance on internal control requirements process design and risk mitigation strategies.

ii) Facilitate self-assessment control (CSA) workshops with process owners across the organisation empowering teams to take ownership of their control environments.

iii) Design and deliver targeted internal control awareness programmes for staff at all levels translating technical control concepts into practical day-to-day guidance.

iv) Champion a strong control culture across the organisation by embedding proactive risk thinking accountability and zero-tolerance for control overrides into business operations.

v) Build collaborative working relationships with Finance Operations IT People Management Portfolio Management and the Legal Compliance & Governance function.

vi) Represent Credit Direct at relevant industry forums professional networks and training events to maintain awareness of emerging control frameworks and best practices.

Education/ Professional Qualification:

i) . in Accounting Finance Economics Business Administration or related discipline from a recognised institution.

ii) Professional certification is mandatory: ACA or ACCA (qualified or finalist) Certified Internal Auditor (CIA) Certified Fraud Examiner (CFE) or Certified Internal Controls Auditor (CICA) Certified Information Systems Auditor (CISA).

iii) Additional certifications in AML/CFT risk management (e.g. CRMA) data analytics or financial crime compliance are desirable.

Experience:

i) Minimum of 4 to 6 years of progressive hands-on experience in internal control internal audit risk management or a closely related function within a bank finance company fintech or other regulated financial services institution.

ii) Demonstrable track record of designing or substantially building out a controls framework or audit methodology rather than solely inheriting and executing an established programme.

iii) Proven experience in end-to-end controls testing across financial reporting credit operations treasury and operational processes.

iv) Solid exposure to fraud risk assessment fraud investigations and root cause analysis in a financial services context.

v) Familiarity with CBN regulatory requirements for finance companies including prudential guidelines the Consumer Protection Framework and AML/CFT/CPF regulations.

vi) Experience in fintech digital lending or consumer finance environments is strongly preferred.

vii) Prior experience engaging with external auditors regulators or management in a substantive role is an advantage.

Technical:

i) Deep practical understanding of internal control frameworks particularly COSO 2013 (Internal Control - Integrated Framework) and their application in financial services contexts.

ii) Strong command of risk and control matrix (RCM) development control design principles and risk-based testing methodologies.

iii) Comprehensive understanding of CBN regulatory framework for finance companies: prudential guidelines AML/CFT/CPF regulations KYC Manual and Consumer Protection Framework.

iv) Proficiency in financial and operational process analysis including transaction testing reconciliation review segregation-of-duties assessment and exception analysis.

v) Knowledge of fraud risk indicators investigation techniques and forensic documentation standards.

vi) Familiarity with NDPR/NDPA data protection obligations and their control implications for data-driven financial services businesses.

vii) Working knowledge of CAMA 2020 EFCC Act and other relevant Nigerian legislation applicable to finance companies.

viii) Competence in Microsoft Excel (data analysis reconciliations) Word and PowerPoint; experience with audit management or GRC tools is an advantage.

Behavioural:

Entrepreneurial Mindset

Excellence

Execution

Energy

Empathy

Evolution

Emotional Intelligence

Business Acumen

Decision-Making

Result Oriented

Communication written & verbal

Stakeholder Management

Analytical Thinking

Managing Risk

Service Orientation