Risk and Compliance Manager

ABC is seeking a talented and motivated Manager – Risk & Compliance to join our dynamic team. The successful candidate will lead the development, implementation, and oversight of ABC’s enterprise-wide risk management and compliance framework, with a strong emphasis on IT governance, cybersecurity, and operational resilience while also ensuring robust regulatory, operational, financial, legal, and reputational risk oversight.

Qualifications and Experience

• Bachelor’s degree in IT, Computer Science, Risk Management, Law, Finance, or related field.
  
• Professional certifications such as CISA, CISM, CRISC, ISO 27001 Lead Implementer/Auditor, CISSP, CPA, CIA, CAMS are an added advantage.
  
• Minimum of 5 years’ experience in risk, compliance, or audit roles in financial services or fintech, with at least 2 years in a senior role.
  
• Strong knowledge of payment systems, fintech operations, regulatory compliance, and enterprise risk management.
  
• Proven experience in regulatory engagement and Board-level reporting.
  

Enterprise Risk Management

• Develop, implement, and maintain the Enterprise Risk Management (ERM) framework covering operational, IT, financial, regulatory, strategic, legal, and reputational risks.
  
• Maintain the corporate risk register, ensuring risks are identified, assessed, mitigated, monitored, and reported.
  
• Embed risk management into decision-making across all departments - IT, Finance, Operations, Administration, and Business Development.
  
• Lead risk assessments for new products, services, partnerships, and projects.
  

IT & Cybersecurity Risk & Compliance (Heavy Emphasis)

• Oversee compliance with Bank of Uganda’s NPS regulations, the Data Protection & Privacy Act, and other applicable laws.
  
• Ensure adherence to PCI-DSS, ISO 27001, and other relevant IT security frameworks.
  
• Lead vulnerability assessments, penetration tests, and remediation tracking.
  
• Oversee cybersecurity incident detection, response, and recovery processes.
  
• Ensure secure systems design and implementation in collaboration with IT teams, including change management and vendor controls.
  

Operational Risk & Compliance

• Monitor and assess risks in agent network management, service delivery, reconciliation, and customer support.
  
• Ensure adequate controls for fraud prevention, transaction monitoring, and dispute resolution.
  
• Oversee compliance with service level agreements (SLAs) and internal operational procedures.
  

Financial & Procurement Risk & Compliance

• Ensure compliance with financial regulations, tax obligations, and anti-money laundering (AML/CFT) requirements.
  
• Oversee controls for financial reporting, asset management, and expense approvals.
  
• Ensure procurement processes are transparent, competitive, and compliant with policy.
  
• Monitor risks related to payments, reconciliations, and treasury operations.
  

Human Resources, Legal & Governance Compliance

• Ensure HR policies comply with labour laws, employee data privacy requirements, and ethical standards.
  
• Oversee whistleblowing, grievance, and disciplinary processes to ensure fairness and legal compliance.
  
• Ensure corporate governance practices meet regulatory and Board expectations.
  
• Monitor legal risks, oversee contract reviews, and track compliance with contractual obligations.
  

Business Continuity & Operational Resilience

• Lead the design, testing, and improvement of Business Continuity Plans (BCP) and Disaster Recovery (DR) strategies.
  
• Coordinate simulations and post-incident reviews to strengthen resilience.
  
• Integrate resilience measures into vendor and third-party agreements.
  

Regulatory Engagement & Reporting

• Liaise with regulators, auditors, and industry associations on compliance matters.
  
• Prepare and present quarterly risk and compliance reports to the Board Audit & Risk Committee.
  
• Ensure timely and accurate submission of all required regulatory returns.