Return to Search

Join our mailing list

Sign up to our free mailing list to stay updated on the latest from the IRM.

Subscribe Now

Darius Mayhew, SIRM: Head of Finance Risk, Assurance & Advisory, Direct Line Group

Darius Mayhew, SIRM

Head of Finance Risk, Assurance & Advisory

Direct Line Group



How did you get your job?

Periodically I wonder what would have happened if I didn’t make the conscious decision to apply for a Business & Risk Consultant role some years ago. I had no clue what the internal audit department did and certainly didn’t know what half the things on the job spec meant. It was not long after abandoning my career in retail management to start all over again in financial services. I remember thinking at the interview that I wasn’t going to get the role – after all, I was a little out of my depth and had only been at the company for a short time. I was lucky though; my project management and system skills from the retail world got me the job because the team were introducing a new auditing system and needed someone to help implement it.

My desire to learn meant that I was able to assimilate a lot of information in a short time around risk reporting, governance, policies, and auditing. I was hooked (yes I am serious!!) My company sponsored my studies at the IRM and it wasn’t long before I started applying the theory to practice. I helped the Internal Audit department develop its internal risk management processes.

From there I jumped at the chance to move into the Finance Directorate again by applying for a Finance Risk Officer role. The job looked interesting and was project based which appealed to me. I was able to talk confidently about the Solvency II regulation in the interview due to my studies at the IRM (not to mention a few stories from the retail world which raised a few eyebrows!). I have not looked back since. My work in rolling out different aspects of the Enterprise Risk Framework to the Finance Directorate meant that I was able to change jobs a couple of times in this team to be where I am today.

What’s a typical day like as the Head of Finance Risk, Assurance & Advisory?

Sometimes I do wish I could come to work knowing exactly how the day would unfold. The reality is that each day is different. There are structured elements such as the projects, emerging regulations like GDPR or writing Audit Committee papers. The uncertainty derives from the people element. Sometimes the simplest of conversations could be riddled with unforeseen complexity – changing all the things you had planned for the day.

Being reactive or proactive – it’s difficult getting the balance every day. Sometimes you have to react to the situations that arise (failed controls, risk events etc), and in doing so, it means there is less time spent on the proactive elements to stop such events occurring in the in the first place!

Thankfully, overall there is a good balance. Stepping back to look at the broader strategic picture; visualising how all the component parts should fit together; devising frameworks to plug gaps; supporting my team in delivering against our objectives; and providing proactive risk advisory services are the interesting things that move the function forward.

What do you enjoy most about your job?

Change. It is what I love. Change brings risk, it brings new complexities, new processes, new ways of thinking, and it will bring the need for our team to stand back and think about the implications, the control frameworks needed or think about how to integrate into existing ways of working. It is what makes risk interesting – constant learning and an on-going need to evolve.

What are the challenges?

People and technology. We all make mistakes or the wrong decisions. This coupled with the complexity of technology is essentially a nesting ground for risk. Organisations cope with a mixture of people, legacy systems, the need to integrate various processes, interfaces, and not least, the vulnerabilities in these applications to the ever-growing cyber risk.

In what way are your IRM qualifications relevant?

My IRM qualification provided me with theoretical concepts about risk and risk management. I use this every day in advising management about different ways of applying the risk management model to their everyday activities or problems. It also provided me with practical approaches in how to design and implement risk management frameworks, and how to unpick regulations in order to build the component parts of a control framework. I have been lucky enough to have the opportunity to translate these practical approaches to my work environment in transformation programmes, off-shoring, regulatory changes and financial reporting oversight.

What would you say to others thinking about joining IRM as a member/studying with us?

Risk is inherent in everything we do and in all different types of work. If you are sure about a career in risk management, then the IRM will give you a good foundation to develop to where you want to be. If you are not sure, it’s still worth exploring because you will be able to bring an alternative perspective and think about things differently in whatever environment you choose.

What are your career ambitions? Has being linked to the IRM helped?

I hope to move into banking in the future and being part of the IRM has helped me to stay abreast of the regulatory requirements that banks need to deal with every day. This is mainly through my committee work as part of the Enterprise Risk Management in Banking & Financial Services Special Interest Group at the IRM. We research and deliver much debated topics which impact Financial Services. I have learnt a lot about the banking world through this forum.

Top tips

Don’t specialise too early. It’s also ok to do sideways movements to learn what different areas do. Projects, Audit, Investments and Compliance are all areas that will further your career in risk management along with your qualification, and will allow you to specialise if you wanted when you get more experience.

Never stop studying or learning. The risks organisations spend the most amount of time worrying about changes depending on how they assess them. It can range from being a new regulation one year to changing socio, economic or technologic trends another. By staying up to speed with all the emerging challenges you can develop your risk management capability.