Mike Purvis

Managing Director

Mike has more than 25 years’ experience in governance, risk management, compliance management and assurance, both in practice and industry. Mike’s experience has included the design of risk and compliance management approaches, the integration of risk and compliance into the day-to-day planning and decision-making activities of the business, the simplification and optimisation of process and control environments and the transformation and operation of risk and internal audit functions to increase their relevance and impact and deliver to the demanding expectations of their stakeholders.

Mike works extensively in the financial services industry, including banking, funds and asset management and insurance, but has a wealth of experience in the real estate, and infrastructure sectors.

Major projects and accomplishments

  • Building and sustaining risk and compliance capability and culture: Supported a major Australian Bank to uplift and improve their approach to risk and compliance through the design of the risk and compliance operating model, establishment of supporting policies and procedures and their application into the business operating model. The project included specific consideration of key risk/ compliance activities, including portfolio management of incidents and issues, regulatory change initiatives, financial crime uplift and obligation assessments, that supported the build out of the bank’s capability and culture and a sustainable approach to risk and compliance.
  • Accelerating process and control improvement across the enterprise: Supported the Line 2 Process and Control team over an extended period to support their journey to become a process centric bank built on an intelligent control environment. The project leveraged a large team of resources with process, controls, obligations, and technology experience across all banking domains, including retail, business and institutional banking, and technical domains, including finance and technology. The Protiviti team were integrated into the Bank and the project delivery teams, trained in the methods/ tools/ technology supporting the project and supported the delivery of the high-quality outcomes. The partnership was built on strong relationship management, including shared objectives, quality management and service evolution, and disciplined service deliver that has both onshore and offshore resources to be utilised.
  • Driving operational efficiency and control through automation: Supported Line 1 Risk and Compliance Teams to confirm and challenge the end-to-end process (including supporting systems/ applications) and key control environment. The project included the assessment of the design and operating effectiveness of key controls and the identification of potential control gaps and associated action plans. Specifically, the project evaluated and identified opportunities to redesign and improve the operational efficiency of the end-to-end processes and controls using automation, including but not limited to controls supporting access, data validation, interfaces, re-calculations, workflows and system generated reports. 
  • Integrating risk management into the business operating model: Designed the risk operating model for a major financial institution with reference to their governance arrangements, risk appetite and risk culture and supported the integration of the risk management process into the business operations to facilitate risk-based decision making. The ‘risk operating model’ was established based on the three principles – ‘simple in design’ – to support its acceptance across all levels of the business, ‘easy to apply’ to support the efficient and effective operation in the business, and ‘agile in operation’ to support the continued evolution of the business and supported by pragmatic tools and techniques and aligned data and information.
  • Defining and delivering ‘next generation’ assurance and internal audit: Provision of strategic advice and ongoing support to assist the Internal Audit function of a major Australian Bank to realise their vison and provide the capability required by Group Audit to develop and execute their strategy and enable the function to deliver. The advice was powered by Protiviti ‘next generation’ thinking, including consideration of the strategic vision, aligned assurance, dynamic risk assessment, agile audit approach, high impact reporting, continuous monitoring, advanced analytics, and process mining.
  • Improving the compliance capability and culture: Comprehensive review of the Compliance Framework supporting the Asia Pacific operations of a major financial institution. The review evaluated the current state (including the design of the compliance framework and its operation/ integration across the business) and identified several root causes that were inhibiting the effectiveness of the Compliance Function and the compliance activities in the business. The review leveraged better practice options to design a bespoke Compliance Framework that allowed the Compliance function to focus on advice, training and monitoring through stronger integration with the business and facilitated by a strong compliance culture.

Areas of expertise

  • Corporate governance
  • Risk and compliance operating models
  • Enterprise-wide risk management
  • Operational risk management
  • Process and control optimisation and improvement
  • Compliance management and regulatory change
  • Assurance and internal audit

Industry experience

  • Banking and capital markets
  • Fund and asset management
  • General Insurance
  • Property and Real Estate
  • Infrastructure

Professional memberships and certifications

  • Institute of Chartered Accountants in England and Wales


  • Bachelor of Science (Physics and Electronics), Reading, UK