Risk And Compliance Manager

Key Responsibilities



A. Risk Management Responsibilities

1. Identify, assess, and prioritize financial, operational, reputational, cybersecurity, compliance, and strategic risks across the company.
2. Develop and maintain a Risk Register, documenting all identified risks, risk levels, controls, and mitigation strategies.
3. Implement and oversee the Risk Management Framework in alignment with CBUAE guidelines and global best practices.
4. Conduct risk impact analysis to evaluate potential business disruptions and financial losses.
5. Develop and implement a Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) for handling crises.
6. Perform stress testing and scenario analysis to measure resilience against economic fluctuations.
7. Identify and mitigate fraud, money laundering, terrorist financing, and financial crime risks.
8. Monitor and manage operational risks, including currency exchange transactions, cash handling, and front-office processes.
9. Assess risks associated with vendor contracts, partnerships, and third-party service providers.
10. Implement whistleblower mechanisms to detect internal fraud and unethical practices.
11. Develop Key Risk Indicators (KRIs) to monitor and measure risk exposure.
12. Prepare risk assessment reports and present them to senior management and regulatory bodies.
13. Ensure company-wide adherence to risk control measures, security protocols, and compliance standards.

B. Internal Audit Responsibilities

1. Develop and execute an annual audit plan covering financial, operational, and compliance audits.
2. Conduct internal audits across all departments (Finance, Compliance, HR, Front Office, WPS, etc.).
3. Audit cash handling processes at branches and ensure compliance with security protocols.
4. Monitor exchange rate adjustments and ensure no unauthorized modifications.
5. Review monthly and annual financial statements for accuracy and compliance.
6. Conduct WPS transaction audits to verify compliance with UAE labor laws.
7. Perform AML/CFT control audits to ensure compliance with FIU and CBUAE regulations.
8. Identify operational weaknesses and recommend process improvements.
9. Conduct surprise audits at branch locations to detect fraud or operational inefficiencies.
10. Investigate suspicious transactions, fraud allegations, and employee misconduct cases.
11. Monitor staff compliance with transaction handling policies, AML procedures, and security guidelines.
12. Assess IT security controls, ensuring data protection and prevention of unauthorized access.
13. Evaluate vendor payments, procurement transactions, and payroll processes for irregularities.
14. Verify tax compliance and regulatory filings to avoid penalties.
15. Develop corrective action plans for non-compliant departments and track their implementation.
16. Ensure compliance with international financial reporting standards (IFRS) where applicable.
17. Submit detailed internal audit reports highlighting risks, findings, and corrective measures.
18. Assist external auditors during CBUAE-mandated inspections and financial audits.
19. Train staff on internal controls, fraud detection, and financial risk management.

C. Regulatory Compliance & Reporting

1. Ensure full compliance with CBUAE, FIU, AML/CFT, and corporate governance regulations.
2. Conduct CBUAE regulatory audits and prepare documentation for periodic inspections.
3. Verify suspicious transaction reporting (STRs/SARs) requirements and ensure timely submission.
4. Maintain proper documentation of compliance activities, risk assessments, and internal audits.
5. Ensure adherence to CBUAE-mandated AML/KYC guidelines and policies.
6. Conduct real-time monitoring of high-risk transactions and investigate anomalies.
7. Stay updated on UAE banking laws and international financial regulations impacting exchange houses.
8. Serve as the point of contact for regulatory authorities regarding compliance audits and inquiries.

D. Governance, Strategy & Advisory Responsibilities

1. Establish and enforce internal control frameworks and governance policies to minimize financial risks.
2. Provide advisory support to senior management on risk mitigation strategies and policy improvements.
3. Conduct employee training programs on fraud prevention, compliance, and ethical practices.
4. Ensure company policies align with corporate governance and financial transparency standards.
5. Develop and enforce a Code of Conduct for employees, promoting ethical behavior.
6. Assess business expansion risks before launching new services, branches, or financial products.
7. Provide insights into foreign exchange market fluctuations and risk exposure.
8. Implement digital transformation risk controls while integrating new technologies.
9. Identify inefficiencies and recommend cost-saving measures without compromising risk compliance.
10. Collaborate with external consultants and auditors to enhance internal risk management frameworks.

3. Key Performance Indicators (KPIs)

• Risk Management Effectiveness: Number of identified risks mitigated vs. emerging risks.
• Audit Compliance Rate: Percentage of departments passing internal audits without significant findings.
• Fraud Detection Rate: Number of fraud cases prevented or detected before financial impact.
• Regulatory Compliance: Adherence to CBUAE, AML/CFT, FIU requirements and timely reporting.
• Operational Efficiency: Reduction in financial and operational losses due to risk exposure.
• Corrective Action Implementation: Number of audit recommendations successfully enforced.
• Staff Training Coverage: Percentage of employees trained on risk awareness and compliance.