Lead, Internal Control at Credit Direct Limited

The Internal Control Lead is responsible for coordinating and managing the day-to-day execution of the Company’s internal control frameworks and programmes. The role provides supervisory oversight of the Internal Control Function, drives the implementation of the risk-based control testing plan, and ensures that operational activities, financial transactions, and business processes comply with established policies, procedures, strategic objectives and regulatory requirements.

Job Details

Internal Control Framework Execution & Ownership

• Revise and implement a comprehensive internal control framework covering all key operational, financial, and compliance risk domains across Credit Direct. 
• Develop and institutionalise the internal control charter, policy suite, testing methodology, and standards in alignment with CBN regulatory expectations and global best practice (e.g. COSO 2013). 
• Define and maintain the risk and control matrix (RCM) across all business processes, ensuring each identified risk is mapped to an appropriate and tested control. 
• Conduct an organisation-wide control environment assessment to identify gaps, weaknesses, and areas requiring immediate remediation, and propose structured action plans. 
• Establish repeatable, documented work programmes and testing templates that will underpin all internal control activity, enabling future scale and team build-out. 
• Serve as the primary internal champion and subject matter expert for all matters relating to internal controls, proactively educating business units on their control responsibilities. 
• Develop and maintain a controls library, ensuring all key controls are inventoried, classified by type (preventive, detective, corrective), and assigned to accountable process owners.

Risk-Based Controls Testing & Assurance

• Develop and execute a risk-based internal controls testing plan and programme on a quarterly and annual basis, prioritizing high-risk processes, products, and operational areas.
• Perform end-to-end walkthroughs of business processes to assess design adequacy and operating effectiveness of controls.
• Conduct transaction testing, reconciliation reviews, and sample-based testing across financial reporting, loan operations, collections, treasury, and customer onboarding processes. 
• Identify and document control deficiencies, root causes, and associated risk exposures, and escalate material weaknesses to the Managing Director and relevant process owners. 
• Prepare clear and well-evidenced internal control testing reports with actionable recommendations, timelines, and accountable owners for remediation. 
• Track and independently verify the closure and effectiveness of remediation actions arising from prior control findings, re-testing where necessary. 
• Conduct pre-implementation control reviews for new products, systems, and processes to identify and resolve control gaps before operational launch.

Financial & Operational Controls Oversight

• Review and assess the adequacy of controls over financial reporting processes, including the completeness, accuracy, and timeliness of financial data and period-end close activities. 
• Monitor controls over credit origination, loan disbursement, repayment processing, and portfolio management workflows to identify unauthorised or irregular transactions. 
• Review segregation of duties configurations across systems and processes, flagging and resolving conflicts that create fraud or error risk. 
• Assess controls over cash management, payment processing, and treasury operations, ensuring appropriate authorisation matrices and dual-control requirements are in place. 
• Conduct periodic surprise checks and targeted operational reviews in high risk functions such as agent operations, branch cash handling, and vendor payment processing. 
• Evaluate the control environment within third-party and outsourced service providers relevant to Credit Direct's operations, and report material gaps. 
• Support the development and periodic review of delegation of authority limits, approval matrices, and system access control policies.

Fraud Risk Management & Investigation Support

• Proactively identify fraud risk indicators and design detective controls to surface potential fraud, collusion, and unauthorised activity within the organisation. 
• Investigate control exceptions, red flags, and irregular transactions, documenting findings and presenting outcomes with recommendations to the Managing Director. 
• Maintain a fraud incident register, tracking all reported or identified incidents, investigation status, and remediation outcomes. 
• Conduct periodic fraud risk assessments across high exposure functions and recommend targeted control enhancements to mitigate identified risks. 
• Collaborate with relevant internal stakeholders (Finance, Operations, People Management, IT) and external parties where necessary during fraud investigations. 
• Develop and disseminate fraud awareness materials and guidelines to staff, promoting a culture of integrity and prompt escalation of concerns.

Regulatory & Compliance Interface

• Ensure the internal control framework and testing programme is aligned with CBN regulatory requirements for finance companies, including prudential guidelines and the CBN Consumer Protection Framework.
• Support the organisation's readiness for external regulatory examinations by maintaining a well-documented controls environment and clean audit trails. 
• Coordinate with the Legal, Compliance & Governance function to ensure controls adequately address AML/CFT obligations, NDPR/NDPA data protection requirements, and other applicable regulatory mandates. 
• Prepare internal control-related inputs for board and management reporting, including control environment summaries, deficiency tracking, and remediation status updates. 
• Monitor developments in relevant regulatory guidance (e.g. CBN circulars, NDPC advisories) and proactively assess their implications for the internal control framework. 
• Liaise with external auditors during the annual audit cycle, providing documentation, facilitating walkthroughs, and coordinating responses to audit queries on internal controls.

Reporting, Documentation & Governance

• Prepare and present comprehensive internal control reports to the Managing Director on a monthly and quarterly basis, covering testing results, findings, remediation status, and overall control environment assessment. 
• Maintain a well-organised internal control repository, including work papers, testing evidence, findings reports, remediation records, and the controls library. 
• Develop and maintain a dashboard of key control indicators (KCIs) that provides management with a real-time view of the control environment. 
• Report on the status of the annual internal controls plan, including deviations from plan, resource constraints, and adjusted priorities. 
• Prepare periodic control environment updates for the Managing Director and the rest of the Management Team. 
• Document all significant process changes, system implementations, and organizational changes that have implications for the internal control environment.

Stakeholder Engagement & Control Culture

• Act as a trusted adviser and first point of contact for all business units seeking guidance on internal control requirements, process design, and risk mitigation strategies. 
• Facilitate self-assessment control (CSA) workshops with process owners across the organisation, empowering teams to take ownership of their control environments. 
• Design and deliver targeted internal control awareness programmes for staff at all levels, translating technical control concepts into practical, day-to-day guidance. 
• Champion a strong control culture across the organisation by embedding proactive risk thinking, accountability, and zero-tolerance for control overrides into business operations. 
• Build collaborative working relationships with Finance, Operations, IT, People Management, Portfolio Management, and the Legal, Compliance & Governance function. 
• Represent Credit Direct at relevant industry forums, professional networks, and training events to maintain awareness of emerging control frameworks and best practices.

Requirements

Education/ Professional Qualification:

• B.Sc. in Accounting, Finance, Economics, Business Administration, or related discipline from a recognised institution. 
• Professional certification is mandatory: ACA or ACCA (qualified or finalist), Certified Internal Auditor (CIA), Certified Fraud Examiner (CFE), or Certified Internal Controls Auditor (CICA), Certified Information Systems Auditor (CISA). 
• Additional certifications in AML/CFT, risk management (e.g. CRMA), data analytics, or financial crime compliance are desirable.

Experience:

• Minimum of 4 to 6 years of progressive, hands-on experience in internal control, internal audit, risk management, or a closely related function within a bank, finance company, fintech, or other regulated financial services institution.
• Demonstrable track record of designing or substantially building out a controls framework or audit methodology, rather than solely inheriting and executing an established programme. 
• Proven experience in end-to-end controls testing across financial reporting, credit operations, treasury, and operational processes. 
• Solid exposure to fraud risk assessment, fraud investigations, and root cause analysis in a financial services context. 
• Familiarity with CBN regulatory requirements for finance companies, including prudential guidelines, the Consumer Protection Framework, and AML/CFT/CPF regulations. 
• Experience in fintech, digital lending, or consumer finance environments is strongly preferred. 
• Prior experience engaging with external auditors, regulators, or management in a substantive role is an advantage.

Technical:

• Deep, practical understanding of internal control frameworks, particularly COSO 2013 (Internal Control - Integrated Framework), and their application in financial services contexts.
• Strong command of risk and control matrix (RCM) development, control design principles, and risk-based testing methodologies.
• Comprehensive understanding of CBN regulatory framework for finance companies: prudential guidelines, AML/CFT/CPF regulations, KYC Manual, and Consumer Protection Framework. 
• Proficiency in financial and operational process analysis, including transaction testing, reconciliation review, segregation-of-duties assessment, and exception analysis. 
• Knowledge of fraud risk indicators, investigation techniques, and forensic documentation standards. 
• Familiarity with NDPR/NDPA data protection obligations and their control implications for data-driven financial services businesses. 
• Working knowledge of CAMA 2020, EFCC Act, and other relevant Nigerian legislation applicable to finance companies. 
• Competence in Microsoft Excel (data analysis, reconciliations), Word, and PowerPoint; experience with audit management or GRC tools is an advantage.