COMPLIANCE & RISK MANAGER

Job Overview:

The Risk & Compliance Manager is a key professional responsible for identifying, assessing, and managing potential risks that could impact an organization's financial stability, reputation, or operational efficiency. In addition to traditional risk management duties, this role includes overseeing incident reporting, ensuring operations team compliance with standard operating procedures, monitoring service level agreements, managing various reporting and compliance responsibilities, overseeing the periodic reporting of cybersecurity threats, and additional responsibilities related to IT risk policies and ISO certifications.

Key Responsibilities:

Development of ERM Policy and Framework

Develop, implement and manage the organization's compliance and risk management policies and framework to deploy effective strategies.

Establish a sustainable Enterprise Risk Management Policies and Framework and Risk Rating Matrix to identify, assess, evaluate, measure and monitor key material risks.

Develop strategies to mitigate risks and ensure compliance of relevant laws and regulations.

Fostering a culture of risks and compliance and integrate risk management into the Organization's culture, operational activities and decision-making processes.

Review and update Standard Operating Procedures to adhere to compliance and risks parameters.

Risk Identification:

Conduct comprehensive risk assessments to identify potential threats and vulnerabilities that could impact the organization's business, operations, finances, technology, human resources or reputation.

Analyze internal and external factors that may affect the organization's objectives.

Risk Assessment:

Evaluate the likelihood and potential impact of identified risks.

Prioritize risks based on their severity and potential consequences.

Risk Mitigation Strategies:

Develop and implement risk mitigation plans to reduce the impact of identified risks.

Collaborate with relevant departments to establish effective control measures.

Incident Reporting:

Manage and oversee the generation of incident reports.

Ensure timely and accurate reporting of incidents, and coordinate appropriate responses.

Compliance Management:

Monitor and enforce compliance with standard operating procedures across the operations team.

Work closely with teams to address any deviations from established procedures.

Service Level Agreement (SLA) Monitoring:

Establish and maintain service level agreements for key operational processes.

Monitor the extent to which the company meets service levels and address any deviations.

Reporting to Management and Risk Management Committee:

Oversee the quarterly reporting to the Management.

Prepare and present risk assessments to the Group's Risk Management Committee.

Customer Service Level Reporting:

Oversee the periodic reporting of service level performance to customers.

Ensure accurate and timely communication of service level achievements and improvements.

License Compliance Management:

Manage compliance with all matters pertaining to licenses.

Administer applications for licenses and ensure adherence to regulatory requirements.

Cybersecurity Threat Reporting:

Oversee the periodic reporting of cybersecurity threats from the cybersecurity team.

Work closely with the cybersecurity team to ensure that the cybersecurity team performs prompt assessments to address potential cyber threats.

IT Risk Policies and Regulations:

Oversee compliance with IT risk policies and regulations relevant to the nature of the organization's business.

Collaborate with the IT team to ensure adherence to established IT risk management standards.

ISO Certification Compliance:

Manage the Group's compliance with ISO certifications.

Facilitate the renewal process for ISO certifications and ensure continued adherence to ISO standards.

Insurance Management:

Work with the procurement manager to engage with insurance providers to secure appropriate coverage for identified risks.

Manage insurance policies and claims processes.

Monitoring and Reporting:

Regularly monitor and assess the effectiveness of risk mitigation measures.

Prepare and present comprehensive reports to senior management, stakeholders, and relevant committees.

Crisis Management:

Develop and implement crisis management plans to respond to and recover from unexpected events, including business continuity plans of the Group

Coordinate with relevant teams during crisis situations to minimize impact.

Training and Education:

Conduct training sessions to educate employees on risk management principles, incident reporting procedures, and standard operating procedures.

Foster a risk-aware culture within the organization.

Qualifications:

Bachelor's degree in business, finance, law, or a related field (Master's degree preferred).

Professional certification in compliance (e.g., Certified Compliance and Ethics Professional, Certified Risk Manager) is a plus.

10 years of experience in compliance, risk management, or a related field, with X+ years in a leadership or managerial role.

Strong knowledge of relevant laws and regulations in the industry.

Excellent communication, analytical, and problem-solving skills.

Ability to work collaboratively across departments and with external stakeholders.

Attention to detail and a commitment to upholding the highest ethical standards.