Head of Risk

Job Description

A regulated financial services entity in the UAE is seeking an experienced and strategic Head of Risk to establish and lead the enterprise-wide risk management framework for its RPS Category II business covering Payment Account Issuance, Payment Instrument Issuance, Acquiring & Processing, and Domestic & Cross-Border Transfers.

The role will be responsible for building and maintaining a robust risk governance structure aligned with CBUAE regulations, board-approved risk appetite, and international best practices across operational, financial, compliance, cyber, and reputational risk domains.

This is a senior leadership role requiring strong regulatory engagement experience, deep payments risk expertise, and the ability to work closely with executive management, control functions, and regulators.

Key Responsibilities

• Establish and maintain the Enterprise Risk Management (ERM) framework aligned with applicable CBUAE regulations and industry best practices.
• Define and monitor risk appetite statements, KRIs, and governance reporting frameworks.
• Lead implementation of:
• Risk & Control Self-Assessments (RCSA)
• ICAAP / stress testing frameworks
• Operational risk and incident management processes
• Ensure independence and effectiveness of the risk management function across the organization.
• Support Board Risk Management Committee (BRMC) governance and reporting requirements.

• Ensure ongoing compliance with CBUAE regulatory expectations applicable to RPS Category II entities.
• Act as the primary point of coordination for regulatory inspections, audits, and supervisory reviews.
• Partner with Compliance, Internal Audit, and Legal teams on regulatory remediation and control enhancements.
• Support submission of risk-related regulatory reporting and management information.

• Oversee risk controls across:
• Merchant onboarding
• KYC/KYB processes
• Transaction monitoring
• Fraud prevention and chargeback management
• Work closely with Information Security and Technology teams on:
• Cybersecurity governance
• PCI-DSS compliance
• Data protection controls
• Business Continuity Planning (BCP)
• Disaster Recovery (DR) frameworks
• Evaluate operational resilience risks across payment systems and infrastructure.

• Monitor counterparty exposure, liquidity risks, and safeguarding mechanisms for customer funds.
• Assess financial soundness and risk exposure associated with wallets, payment instruments, and partner institutions.
• Support treasury and finance teams on risk assessments relating to settlement and operational funding flows.

• Deliver regular risk dashboards and MIS reporting to senior management and governance committees.
• Conduct enterprise-wide risk assessments and stress testing exercises.
• Escalate breaches of risk appetite and material incidents in a timely manner.
• Track remediation plans and ensure closure of audit and regulatory findings

• Promote a strong risk culture across business and operational teams.
• Provide guidance and mentorship to risk and control teams.
• Advise management on emerging risks including:
• AI/ML risks
• ESG considerations
• Cross-border payment risks
• Digital and fintech ecosystem risks

• Minimum 8–10 years of experience within risk management in:
• Financial services
• Banking
• Payments / fintech environments
• Minimum 3–5 years in a senior risk leadership role such as:
• Head of Risk
• Deputy CRO
• Equivalent senior risk management function

Demonstrated Experience In:

• Regulatory engagement with central banks and financial regulators.
• Payment ecosystem risk management including:
• Merchant acquiring
• Wallets
• PSP / TPP environments
• Basel frameworks, ICAAP, stress testing, operational risk, and cyber risk management.
• Enterprise governance within regulated financial institutions.