Director, Enterprise Risk & Compliance

We are seeking a highly skilled and motivated individual to join our team in the area of Enterprise Risk Management and Compliance (2nd Line of Defence – 2LOD). This role is pivotal in ensuring the integrity of audax’s operations and establishing standards on par with or better than industry in the Fintech sector. Reporting to the Chief Operations and Risk Officer (CORO) of the firm, the successful hire will:

• Oversee all aspects of various risk types (including Technology, Information and Cybersecurity, Data, Compliance and Financial Crime &
  Compliance risks) for the firm.
  
• Design and implement firm-wide frameworks, policies, and standards for a fintech that specialises in Banking Technology.
  
• Implement and oversee the maintenance of risk tools (e.G., Risk and Control Self-Assessment, risk and control indicators, regular risk management reports, product governance reviews, independent assurance reviews, etc.) while ensuring that they address the firm’s governance needs at its various stages of growth.
  
• Partner with first line of defence to ensure that identified risks and issues are resolved in an appropriate and timely manner as well as to challenge and review risk treatment measures and monitor the firm’s portfolio of risks from 2LOD point of view.
  
• Assume Executive Risk Committee Secretariat responsibilities in organising Committee meetings, defining the Committee’s Terms of Reference and its 12-month agenda, preparing, and distributing minutes of meetings and follow up on action points.
  
• Assume Data Protection Officer responsibilities in accordance with the Singapore Personal Data Protection Act and in other locations where the firm may choose to operate from (contingent upon the respective geography’s regulation).
  
• Establish and maintain robust internal control mechanisms by promoting and embedding the appropriate risk culture for the firm through training, dealings with other stakeholders and demonstrating correct personal behaviour, conduct and business practices and to deliver the implementation of ERM.
  
• Conduct annual reviews of the efficacy of the firm’s risk governance, through regular Risk portfolio assessments, monitoring and reporting (e.G., PPG, PIA, ABC, sanctions, etc.
  
• Budget and plan for risk management tools and staff training and development needs.
  
• Improve the operational efficiency and effectiveness of ERM processes and to stay abreast of relevant laws, regulations, and industry standards.
  
• Drive the initiative to secure appropriate certifications, e.G., ISO 31000
  

We are looking for someone with:

• At least 8-10 years of non-financial, operational or enterprise risk management experience (within banks or fintech companies) and out of this, atleast 3-5 years should include Information &
  Cyber Security risk management and controls.
  
• Strong understanding of technology and cyber-security landscape, e.G., cloud hosted platforms, firewall, EDR, vulnerability and threat management, access management, etc.
  
• Demonstrated strong leadership and stakeholder management skills.
  
• Exhibit a comprehensive understanding of investors' perspectives on the anticipated risk landscape and effectively implement strategies to manage and mitigate these risks within the organization.
  
• A people leader with experience in leading from the front and in making one’s own way in situations where there is no precedent.
  
• Strong understanding of the Cybersecurity landscape and forward-looking threat scenarios.
  
• Strong awareness and understanding of the regulatory environment applicable to digital platforms in the geographies that the firm operates in.
  
• Strong understanding of the regulatory and compliance framework that are applicable to banks and experience in implementing and monitoring these frameworks in the geographies where the firm’s clients are.
  
• Good understanding of technology, associated industry trends and developments that impacts the firm and its business.
  
• Excellent communication skills in English (in oral and written form) and in representing ERM in senior internal and external governance.
  
• Ability to work in a fast-paced, dynamic environment displaying a good conceptual understanding, practical thinking and implementation skills