A regulated financial services entity in the UAE is seeking an experienced and strategic Head of Risk to establish and lead the enterprise-wide risk management framework for its RPS Category II business covering Payment Account Issuance, Payment Instrument Issuance, Acquiring & Processing, and Domestic & Cross-Border Transfers.
The role will be responsible for building and maintaining a robust risk governance structure aligned with CBUAE regulations, board-approved risk appetite, and international best practices across operational, financial, compliance, cyber, and reputational risk domains.
This is a senior leadership role requiring strong regulatory engagement experience, deep payments risk expertise, and the ability to work closely with executive management, control functions, and regulators.
Key Responsibilities
Risk Governance & Enterprise Risk Management
- Establish and maintain the Enterprise Risk Management (ERM) framework aligned with applicable CBUAE regulations and industry best practices.
- Define and monitor risk appetite statements, KRIs, and governance reporting frameworks.
- Lead implementation of:
- Risk & Control Self-Assessments (RCSA)
- ICAAP / stress testing frameworks
- Operational risk and incident management processes
- Ensure independence and effectiveness of the risk management function across the organization.
- Support Board Risk Management Committee (BRMC) governance and reporting requirements.
Regulatory & Compliance Oversight
- Ensure ongoing compliance with CBUAE regulatory expectations applicable to RPS Category II entities.
- Act as the primary point of coordination for regulatory inspections, audits, and supervisory reviews.
- Partner with Compliance, Internal Audit, and Legal teams on regulatory remediation and control enhancements.
- Support submission of risk-related regulatory reporting and management information.
Operational, Fraud & Technology Risk
- Oversee risk controls across:
- Merchant onboarding
- KYC/KYB processes
- Transaction monitoring
- Fraud prevention and chargeback management
- Work closely with Information Security and Technology teams on:
- Cybersecurity governance
- PCI-DSS compliance
- Data protection controls
- Business Continuity Planning (BCP)
- Disaster Recovery (DR) frameworks
- Evaluate operational resilience risks across payment systems and infrastructure.
Financial & Counterparty Risk
- Monitor counterparty exposure, liquidity risks, and safeguarding mechanisms for customer funds.
- Assess financial soundness and risk exposure associated with wallets, payment instruments, and partner institutions.
- Support treasury and finance teams on risk assessments relating to settlement and operational funding flows.
Reporting & Risk Analytics
- Deliver regular risk dashboards and MIS reporting to senior management and governance committees.
- Conduct enterprise-wide risk assessments and stress testing exercises.
- Escalate breaches of risk appetite and material incidents in a timely manner.
- Track remediation plans and ensure closure of audit and regulatory findings
Risk Culture & Advisory
- Promote a strong risk culture across business and operational teams.
- Provide guidance and mentorship to risk and control teams.
- Advise management on emerging risks including:
- AI/ML risks
- ESG considerations
- Cross-border payment risks
- Digital and fintech ecosystem risks
Experience Requirements
- Minimum 8–10 years of experience within risk management in:
- Financial services
- Banking
- Payments / fintech environments
- Minimum 3–5 years in a senior risk leadership role such as:
- Head of Risk
- Deputy CRO
- Equivalent senior risk management function
Demonstrated Experience In:
- Regulatory engagement with central banks and financial regulators.
- Payment ecosystem risk management including:
- Merchant acquiring
- Wallets
- PSP / TPP environments
- Basel frameworks, ICAAP, stress testing, operational risk, and cyber risk management.
- Enterprise governance within regulated financial institutions.
