Head of Compliance & Risk Management

Location: Metro Manila, HybridEmployment Type: Full-time, Senior Mid-LevelCompany DescriptionVBank is a digital-centric rural bank on a mission to bring secure, inclusive, and modern financial services to Filipino consumers and MSMEs. VBank is envisioned to become a digital-centric platform for inclusive finance—bridging the gap between everyday consumers, entrepreneurs, and digitally enabled businesses through secure, scalable, and innovative financial services.Role OverviewThe Head of Compliance & Risk Management serves as VBank’s principal steward for regulatory compliance and conduct risk. The role ensures independent, enterprise-wide compliance, strong governance, and effective liaison with regulators. The position reports functionally to the Board (Compliance/Corporate Governance Committee) and administratively to the CEO, preserving independence while enabling day-to-day execution across the Bank. This role is an interim and will transition to Head of Regulatory and Compliance once the Head of Risk Management is in place. Key ResponsibilitiesA. Compliance Governance & FrameworkOwn and continuously improve the Compliance Management System aligned to BSP regulations (MORB) and applicable laws.Establish the annual Compliance Plan, Compliance Universe, and risk-based monitoring program.Define and maintain the policy & manual architecture (policies, standards, procedures, guidelines) and drive timely reviews/approvals.B. Regulatory Affairs & ExaminationsServe as primary liaison with BSP, AMLC, PDIC, and other regulators; manage regulatory correspondence and commitments.Lead readiness for BSP onsite/offsite examinations; coordinate management responses and monitor remediation to closure.Ensure timely and accurate regulatory reporting and disclosures.C. AML/CTF & Sanctions (with independence of the function)Oversee AML/CTF compliance in coordination with the AML Team; ensure robust CDD/KYC, EDD, screening, transaction monitoring, STR/CTR filings, and ongoing AML training.Champion a risk-based approach across onboarding and the high-risk customer lifecycle.D. Conduct, Consumer Protection & ComplaintsOperationalize Financial Consumer Protection requirements (fair treatment, transparency, suitability, privacy, redress).Oversee complaints management, root-cause analysis, and remediation; embed conduct risk KRIs in business scorecards.E. Technology, Information Security & ICT Risk (2nd line oversight)Provide independent compliance oversight for Information Security, Cyber/Technology Risk, BCP/DR, and major incident reporting obligations.Ensure alignment with BSP technology & cyber risk expectations and industry standards (e.g., ISO 27001/NIST) and coordinate with Data Privacy.F. Enterprise Risk & Product GovernancePartner with Risk (2nd line) to align compliance KRIs/KCIs with the ERM and RCSA programs.Participate in Product & Change Approval forums to ensure regulatory requirements are embedded from design through rollout (including outsourcing/third-party risk).G. Third-Party/OutsourcingSet compliance requirements for outsourcing and partner arrangements; ensure due diligence, SLA/OLA, monitoring, and exit strategies.H. Training, Culture & CommunicationDeliver bank-wide compliance and conduct training; run targeted modules for high-risk roles.Promote a speak-up culture; publish clear guidance, FAQs, and decision memos. (Plain English over legalese—Tagalog welcome.)I. Reporting & Board EngagementProvide regular dashboards to the Board/Committees and senior management on compliance health, incidents, issues, and trends.Maintain independence while being a pragmatic, solutions-oriented partner to the business.Metrics to Monitor (KPIs/KRIs)Regulatory Timeliness & QualityExamination/Audit Health:AML/CTF EffectivenessPolicy HygieneTraining & CultureConsumer ProtectionTech/Cyber/ICT Oversight (2nd line)Partner & Outsourcing ComplianceRequired Skills & QualificationsExtensive banking experience (5–10+ years) with at least 5 years in a senior Compliance/Regulatory role within a BSP-regulated institution, including direct management of BSP exams.Expert policy & manual craftsmanship: proven track record designing and maintaining end-to-end policy frameworks (policy → standard → SOP → controls → testing → reporting).Deep command of Philippine regulatory frameworks: BSP MORB, AMLA/AMLC rules, Financial Consumer Protection, Data Privacy Act, outsourcing/third-party risk, tech/cyber/ICT risk, and payments regulation and guidance.Risk Management & Information Security literacy: understands ERM/RCSA, KRIs/KCIs, issue management, and 2nd-line oversight of ISO 27001/NIST-aligned controls, BCP/DR, incident reporting.Regulatory engagement: confident, credible communicator with regulators; experienced in drafting responses, commitments, and remediation plans.Leadership & influence: builds and leads high-performing teams; influences senior stakeholders; balances independence with practical problem-solving.Communication: exceptional written and verbal skills; can translate regulation into simple, actionable guidance for business teams.Start-up mindset & collaboration: builder mentality (0→1 and 1→N), low-ego, highly collaborative, and easy to work with across product, operations, technology, and business units.Education: Bachelor’s degree in Law, Accountancy, Finance, Business, Economics, or related field; advanced degree preferred.Nice to HaveExperience in digital banking and fintech partnerships, and in data-driven compliance tooling (GRC platforms, analytics, workflow automation).Background in consumer protection design, UX disclosures, and product-led compliance.Why VBankMission-driven, tech-forward bank with a mandate for financial inclusion.Board-backed independence, direct line to decision-makers, and a build-what-matters culture.Chance to design a modern compliance function that’s both regulator-ready and business-savvy.