Corporate Governance at Admiral encompasses five departments: Audit, Compliance, Data Protection, Legal, and Risk. Find out more about them below.


Internal Audit makes sure the business is well-controlled across the board, providing an independent view on the appropriate identification and mitigation of risks across all categories. The work of Internal Audit provides assurance to the business that risks are adequately controlled and that governance processes are suitably robust. Along with this, Internal Audit are charged with identifying areas of added value that can improve the business.

Working in this team requires a systematic, disciplined and professional approach. Coverage is broad, involving audits of key risk areas, operations and associated application systems across the Group and key subsidiaries.  Because any risks identified need to be effectively reported and managed, the team require excellent written and verbal communication skills, and the ability to build strong working relationships with Senior Executives, the Audit Committee and Management of all levels.


The Compliance department is central to everything we do and manages the compliance risk of the business and completes the agreed annual compliance monitoring plan, which is both forward-looking and reactive to regulatory developments.

Working in Compliance will require you to work across the business, ensuring our processes are fully compliant and up-to-date. You’ll offer guidance and advice on FCA regulations and policies, and when it’s needed, you’ll help change the way we do things. Interpersonal and networking skills are extremely important as you’ll be communicating with all levels of staff and helping them understand our regulatory environment.

Reviewing our internal work, you’ll prepare and produce regulatory papers for key groups within Admiral – issuing reports to the Audit Committee, Risk Management Committee, as well as for the Board.

Compliance also assesses financial promotions and marketing messages, signing them off or amending details as needed. Additionally, it’s important to be prepared to face the challenges of any upcoming changes to the regulatory environment.

Generally we look for people with a working knowledge of FCA regulations and from a financial services background. 

Data Protection

Data Protection is an area that is under ever increasing scrutiny both within the UK and in Europe. Regulation is updated frequently and it is the Data Protection team’s job to educate all levels of staff on UK and European privacy legislation and the rules they must comply with.

The Data Protection team must understand operational processes and controls and assess their effectiveness in mitigating data protection risks faced by the Group.

The team also manages Subject Access Requests (SAR), ensuring that records are kept in orderly fashion and that there is evidence that legal requirements have been met, and carries out Privacy Impact Assessments on new products and projects.

Another important function of the Data Protection team is to provide legal and technical knowledge and expertise, in the areas of privacy and data protection, to staff members across the organization, so it’s important to develop and maintain good communication lines across the Group.

The team also contributes to improvements in the functioning of the organisation’s risk management and control systems.


Apart from our two legal firms, Admiral Law and BDE Law, we also have an in-house legal team, which is made up of 4 solicitors, 1 trainee solicitor (on secondment from BDE Law) and one legal assistant.

Our legal team looks after all commercial and corporate legal matters, company secretary matters and manages the Admiral Group share schemes.

Examples of the work of the legal team are: contract negotiation, mergers and acquisitions, managing the Group’s intellectual property portfolio, commercial litigation, administering board meetings, managing share schemes.

Legal is an interesting department that provides advice, guidance and support to all areas of our business across every jurisdiction.

However, as a small team, we rarely recruit in this area of corporate governance.


The main function of the Risk department is to liaise with other parts of the business to capture, assess and log appropriate risk and near-miss events in an efficient, appropriate fashion ensuring that the impact on customers and any financial losses are captured. By reviewing and monitoring risk and controls the team supports and develops the Operational Risk Framework and ensures current processes remain appropriate and identifies improvement opportunities.

The team also reviews the risk event log for common causes/themes and provides reports to other departments, as well as producing analysis on the risk and control environment and providing recommendations.

The department also scans and reviews for potential external emerging risks and provides an analysis of impacts to the business, as well as producing reports and recommendations on these. Further to this, the team keeps up to date on current industry practices and implements change when needed.

It’s also important for the team to provide consultancy and support managers in managing risk within their areas via education and awareness sessions as well as deal with and/or refer any risk management queries that are generated by the organisation. Therefore the department must develop and maintain key stakeholder relationships across the Group.