Head of Risk and Regulatory Compliance
Mercuryo
full-time
Posted on:
Location Type: Hybrid
Location: Zagreb • Croatia
Visit company websiteExplore more
Job Level
Tech Stack
About the role
- Establish and maintain the organisation’s risk management framework, aligned with group policies and EU regulatory expectations
- Identify, assess, and monitor key risk categories including: operational risk, regulatory risk, ICT and cybersecurity risk, third-party and outsourcing risk, financial crime risk
- Develop and maintain the organisation’s risk appetite framework and risk monitoring processes
- Prepare regular risk reports and dashboards for senior management and the Board
- Ensure the organisation complies with all relevant regulatory requirements including: MiCA, DORA, EU AML/CFT framework, Croatian financial services regulation
- Monitor regulatory developments and ensure internal policies are updated accordingly
- Maintain and oversee the organisation’s regulatory compliance programme
- Provide guidance to management and internal teams on regulatory obligations
- Support the organisation’s CASP authorisation and ongoing regulatory supervision
- Maintaining compliance with MiCA governance, operational, and safeguarding requirements
- Supporting regulatory reporting obligations
- Ensuring operational procedures align with regulatory expectations for crypto-asset service providers
- Preparing documentation and responding to regulatory enquiries
- Supporting the implementation and oversight of the organisation’s Digital Operational Resilience (DORA) framework
- Ensuring the organisation maintains a robust ICT risk management framework
- Overseeing ICT third-party risk management and monitoring technology service providers
- Supporting the maintenance of the register of ICT service providers required under DORA
- Ensuring ICT incidents are properly classified, escalated, and reported
- Supporting resilience testing and operational continuity planning
- Maintain oversight of all outsourcing arrangements and third-party service providers
- Ensure outsourcing arrangements comply with EBA outsourcing guidelines
- Perform due diligence and risk assessments for new service providers
- Maintain the organisation’s outsourcing register and documentation
- Monitor service provider performance and risk exposure
- Develop and maintain key internal governance documents including: risk policies, compliance policies, internal control frameworks, outsourcing governance procedures
- Ensure segregation of duties and internal control mechanisms are properly implemented
- Provide risk and compliance input to new products, partnerships, and operational processes
- With the Board of Directors, act as the primary liaison with regulatory authorities in Croatia
- Coordinate regulatory inspections and supervisory reviews
- Support internal and external audits related to risk and compliance
- Prepare regulatory reporting and documentation required by supervisory authorities
Requirements
- Bachelor’s or Master’s degree in Law, Finance, Risk Management, Economics, or a related discipline
- 7+ years experience in risk management, compliance, or regulatory roles
- Experience working in regulated financial institutions, fintech, or crypto-asset businesses
- Familiarity with EU financial services regulation including MiFID, MiCA, DORA, and AML frameworks
- Experience interacting with regulatory authorities
- Relevant certifications are advantageous
- Strong understanding of regulatory frameworks for financial institutions
- Expertise in enterprise risk management and compliance governance
- Experience managing outsourcing and third-party risk
- Strong analytical and problem-solving capabilities
- Excellent policy drafting and regulatory interpretation skills
- Strong communication and stakeholder management abilities
Benefits
- Competitive market rate salary and performance-based incentives
- 22 days annual leave with an additional 6 company days, plus bank holidays
- Comprehensive health insurance plans
- Extensive Benefits program
- Flexible work schedule and remote work options
- Professional development and training opportunities
- Opportunity to shape the initiatives you’re working on
- Diverse and friendly team
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
risk managementregulatory compliancerisk appetite frameworkrisk monitoring processesregulatory reportingICT risk managementoutsourcing risk managementpolicy draftingregulatory interpretationenterprise risk management
Soft Skills
analytical skillsproblem-solvingcommunicationstakeholder managementguidanceorganizational skillscollaborationleadershipattention to detailadaptability
Certifications
Bachelor's degreeMaster's degreecertifications in risk managementcertifications in compliancecertifications in financecertifications in lawcertifications in economicsAML certificationCFAFRM