Senior Compliance &Data Protection Manager - remote

Paymentology
Posted 1 year ago
The Commercial Team is looking to hire a Senior Compliance &Data Protection Manager who understands the importance of “Making It Right” and “Making It Easy” and “Making it Happen”, together. Our ideal candidate is someone who is knowledgeable and passionate about compliance and data protection whilst understanding Paymentology’s business and the industry it operates in.

We are looking for someone with strong compliance and data protection knowledge on a global scale and the ability to meaningfully apply this to our business without undue disruption. We are not looking for a person that is going to implement numerous policies and processes just for compliance's sake.

You will need to be product and operations focused - and be willing and able to learn and collaborate with other teams and acquire good knowledge of our payments platforms and any other systems that make our products work. This is essential to being able to apply your compliance and data protection knowledge to our actual products and not just generic compliance rules. The focus should be client oriented - how do we make it happen for clients while ensuring that our products are compliant and meet the necessary regulatory requirements.

You will need to guide the business to efficiently navigate the compliance and data protection landscape to make sure we can grow our business and products, in a compliant manner. You will also need to be able to speak the language of your more formal compliance counterparts in banks and other financial institutions, to be able to give them comfort that we have our compliance in order.

What you get to do:
  • Designing and maintaining a compliance framework that meets the needs of the business.
  • Working with our partner banks on any compliance related matters that the banks are raising.
  • Interpreting compliance and data protection requirements and finding solutions that meet both Paymentology’s product requirements and external party requirements.
  • Training staff internally so that they are aware of the compliance and data protection issues and have an understanding of why things are needed.
  • Research regulatory requirements in the different regions that we work in and update internal teams accordingly.
  • Manage and drive any compliance audits that external parties (e.g. audits conducted by our clients or partner banks) perform on Paymentology - this will also involve working with multiple teams within Paymentology.
  • Investigate, identify, and resolve any potential compliance and data protection breaches.
  • Manage ongoing AML, sanctions screening, KYC, and due diligence checks to align with Paymentoogy's risk appetite as well as ensure compliance with relevant laws, regulations, and rules.
  • Where appropriate, introduce new systems and processes that simplify and improve ongoing AML, sanctions screening, KYC, due diligence checks, and data protection compliance.
  • Act as a key point of contact to support the business in operating within compliance and data protection frameworks, processes, controls, and best practices.
  • Completion and ownership of any compliance related due diligence questionnaires and RFP’s.
  • Drafting and reviewing any compliance and data protection policies that are required to meet the business needs.
  • Implement monitoring plans to assess the efficiency of compliance controls and assist with the enhancement of procedures and controls
  • Conducting data protection impact assessments.
  • Assess subcontractors who may need to be added to the list of sub-processors and manage current list of sub-processors.
  • Draft, rollout and ensure compliance with a data retention policy.
  • Responding to data subject access requests.
  • Drafting and reviewing data protection agreements and clauses.

What it takes to succeed:
You should have at least 5 years of experience in a role that has given you hands-on experience in dealing directly with compliance issues, with experience at a fintech or challenger bank being a plus. As part of your compliance role, you would have also gained in-depth experience managing a business's compliance with data protection.

You need to be an excellent communicator, personable, professional (financial clients still tend to be formal and conservative), and able to empathize with external counterparts and internal teams while keeping our business front of mind. You need to want to be involved in the business and work continually with other teams to solve problems.

A legal grounding emphasizing the various laws that Banks are subject to is very important, and a mindset to learn and adapt is key. The ability to work under pressure, prioritize, take responsibility, and work to tight deadlines is key.

Good grasp of UK -GDPR, GDPR, POPI, FCA, EBA, FIC, and other laws affecting the global finance industry.
Relevant postgraduate degree, with a legal degree being advantageous.