Risk and Compliance Manager - Cracow, Poland

Job Description:

The Risk and Compliance Manager will be responsible for developing, implementing, and administering all aspects of AMLRS's Information Technology, Risk, and Governance framework. This includes managing policies, procedures, relevant guidelines, training, and enterprise-wide reporting. The role requires ensuring alignment with other internal policies, such as those from Human Resources and Operations, while adhering to industry-standard practices. Successful execution will involve partnering with internal teams and collaborating with senior leadership.

The Risk and Compliance Manager will identify and drive initiatives to establish and document standards, which ensure compliance activities across the organization are effective and efficient. This may include direct communication with our clients, who are evaluating or auditing our compliance program.

The role also entails documenting and maintaining risk and control matrices to hold control owners accountable for proper execution of controls they are responsible for. Additional responsibilities include the ongoing facilitation of meetings, capturing artifacts, producing reports and metrics, and generating recommendations to mitigate risk.

Primary Responsibilities

• Manage a team of risk and compliance professionals focused on achieving team goals.
• Provide coaching, feedback and performance reviews for team members according to established processes and timelines.
• Identify, prioritize, and execute initiatives to improve the risk and compliance posture of the organization.
• Act as the primary point of contact with our appointed Data Privacy Officer (DPO).
• Develop the AML RightSource GRC policy and procedure framework to include annual review timelines, reviews to determine potential gaps and assessments of such, including plans to remediate and/or enhance documents.
• Improve and manage the Policy and Procedure framework.
• Develop training materials in relation to new or changed policies, procedures, guidelines, and protocol.
• Organize and maintain centralized repositories for relevant documents and manage published documents made accessible to AMLRS employees.
• Provide guidance to executives, staff, and employees on compliance policies, procedures, and requirements.
• Utilize exceptional writing skills in policies, presentations, trainings, communications, and reporting related to policies and governance.
• Facilitate risk assessments of AML RightSource operations and lead development of an enterprise risk management program designed to identify significant risks and mitigating factors, and determine/develop any pertinent documentation.
• Assess the business impact of new and evolving legal and regulatory requirements and developments to evolve AML Rightsource compliance and risk framework and strategy.
• Participate in a multifaceted educational awareness and training program that focuses on the elements of the compliance program, policies, and procedures.
• Maintain records and report on status and effectiveness of compliance policies and procedures to senior management.
• Maintain and effectively communicate the AML RightSource General Control matrix to ensure effective execution of controls and compliance during external audits.
• Establish and maintain effective communication channels with external stakeholders, including regulators and clients, to support compliance objectives.
• Conduct periodic audits to verify proper control execution.
• Perform software license audits and produce unit cost analyses.
• Facilitate the creation and publication of IT metrics.
• Lead/assist with the coordination of the Annual SOC2 assessment as well as conduct a mid-year pre-assessment to ensure controls are functioning.
• Oversee compliance activities such as Business Continuity/Disaster Recovery exercises, risk matrix reviews, incident response tabletops, etc..
• Coordinate with AML RightSource Legal department to review key client contracts and develop annual audit calendar ensuring compliance with client contractual requirements.
• Develop and oversee an annual corporate compliance calendar in collaboration with internal Legal department and external Counsel.
• Assist with generating responses to Client Due Diligence requests.

Required Qualifications

• Bachelor’s degree in related field

• Working Knowledge of GDPR, CCPA, SOC2 and ISO27001 & ISO27002

• At least five years of related work experience, including leadership experience

Preferred Qualifications

• Six or more years of related work experience

• Understanding of BSA/AML regulations

• Working knowledge of the COBIT, ITIL and GRC frameworks

• Specific knowledge of key law, regulations, guidance, and industry-standard practices including but not limited to: OCC, FINCEN, GLBA, FCRA, PCI-DS

AML RightSource is committed to fostering a diverse work environment and is proud to be an equal opportunity employer. We provide equal employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.  

All the information concerning breaches of law during the recruitment process should be reported at pl.whistleblowing@amlrightsource.com. Upon request, you will be provided with Internal procedure for reporting and following up on breaches of law, adopted by the Company based on the Whistleblower Protection Act.