Compliance and Risk Officer - Web3 / Blockchain / Crypto

About CeffuCeffu is a leading institutional-grade digital asset custody platform, offering secure, compliant, and scalable solutions for enterprises, hedge funds, and financial institutions. Our mission is to provide cutting-edge security and infrastructure to support the seamless integration of blockchain technology into institutional finance.Job SummaryCeffu is seeking an experienced Compliance and Risk Officer. This critical role ensures full compliance with anti-money laundering and counter-financing of terrorism (AML/CFT) in accordance with the regulations issued by the Financial Crimes Investigation Board (MASAK) and other Turkish authorities overseeing crypto asset service providers (CASPs).In addition to the compliance function, the role is also responsible for the identification, assessment, monitoring, and reporting of all material risks—including operational, financial, compliance, strategic, and IT-related risks—affecting the business.This position plays a critical role in maintaining a robust risk management framework and ensuring regulatory compliance within the context of a rapidly evolving digital asset environment.Key ResponsibilitiesAct as the officially appointed MASAK Compliance Officer for the company under Turkish AML/CFT legislation.Maintain a direct reporting line to the Executive Board or to its designated member(s), in full alignment with regulatory expectations.Ensure the effective implementation and oversight of the company’s AML/CFT compliance program, including customer due diligence (CDD), transaction monitoring, and suspicious transaction reporting (STR).Monitor and ensure compliance with applicable Turkish laws and MASAK regulations relevant to CASP operations.Develop and maintain an adequate risk management framework including risk management policies in line with the business and regulatory requirements.File STRs (Suspicious Transaction Reports) with MASAK and coordinate any responses to official information or document requests.Lead and document compliance-related training programs for staff to promote awareness and regulatory alignment.Maintain detailed and accurate internal records and compliance documentation for audit and inspection purposes.Liaise with MASAK, the Central Bank of Turkey, and other regulatory authorities on matters related to AML/CFT obligations.Identify and assess all relevant risks across the organization, including operational, financial, compliance, IT systems, and strategic domains.Develop and implement risk assessment tools and methodologies tailored to the needs of a crypto asset service provider.Monitor and analyze risk exposures on an ongoing basis, identifying trends or emerging issues.Work cross-functionally with internal and group teams (e.g., Compliance, IT Security, Internal Audit, Operations) to ensure effective risk controls are in place.Determine appropriate risk mitigation strategies and coordinate with responsible parties for implementation.Prepare and present regular risk reports to senior management, the internal audit team, and regulatory bodies as needed.Ensure compliance with local Turkish regulations and global risk management standards.RequirementsCitizen of the Republic of TurkeyFour year’s bachelor’s degree in law, finance, economics, business administration, or a related field.Minimum 6 years of experience in AML/CFT compliance, financial crime, or legal/regulatory roles coupled with 5+ years of experience in risk management within financial services industry regulated by MASAK.Deep understanding of Turkish AML legislation, MASAK regulations, and Turkiye’s recent CA and CASP regulatory environment (e.g. SPK and MASAK regulations) and international compliance standards related to digital assetsDemonstrated experience in handling suspicious transaction monitoring and regulatory filings.Strong knowledge of risk management frameworks (e.g. ISO 31000, COSO) and regulatory requirements in Turkey.Ability to assess risks associated with IT systems, cybersecurity, digital assets, and blockchain technologies.Proven experience in preparing risk reports and presenting findings to senior stakeholders.High ethical standards, sound judgment, and excellent interpersonal skills.Fluency in Turkish and strong command of English (written and verbal).Preferred QualificationsCertified AML professional (e.g., CAMS, ICA, or equivalent).Prior experience as a MASAK liaison officer in a regulated institution (bank, payment firm, or CASP).Knowledge of blockchain transaction analysis tools (e.g., Chainalysis, TRM Labs) is a plus.