Risk Control Manager

Job Summary: The Risk Control Manager will be instrumental in developing, implementing, and overseeing a robust risk management framework to identify, assess, monitor, and mitigate all types of risks associated with crypto exchange operations, products, and services. This role requires a deep understanding of the cryptocurrency landscape, financial market risks, regulatory requirements, and the ability to collaborate effectively across various teams to foster a strong risk-aware culture.

Key Responsibilities:

• Risk Framework Development & Implementation:
  Design, implement, and maintain a comprehensive enterprise-wide risk management framework, policies, and procedures tailored to the unique risks of a cryptocurrency exchange.
  Develop and manage Risk Appetite Statements and Key Risk Indicators (KRIs), defining clear thresholds and establishing reporting mechanisms.
  Lead and coordinate Risk & Control Self-Assessments (RCSAs), Product Risk Assessments, and Enterprise Risk Assessments to identify and address key risk areas.
• Risk Identification & Assessment:
  Proactively identify, analyze, and assess various types of risks, including but not limited to:
  Operational Risk: System failures, human error, process breakdowns, fraud, cyber security risks, business continuity, disaster recovery.
  Market Risk: Volatility, liquidity risk, price manipulation, unexpected market movements.
  Credit/Counterparty Risk: Risks associated with institutional clients, lending, or decentralized finance (DeFi) protocols.
  Regulatory & Compliance Risk: Evolving AML/CFT regulations, licensing requirements, data privacy, and other local/international crypto-specific regulations.
  Technology Risk: Smart contract vulnerabilities, blockchain network issues, platform security, data integrity.
  Product Risk: Risks inherent in new crypto products (e.g., derivatives, staking, NFTs).
  Conduct targeted data-driven risk assessments and develop risk management reporting using data visualization tools.
• Risk Monitoring & Mitigation:
  Implement and oversee control measures to mitigate identified risks effectively.
  Monitor key risk metrics and dashboards for proactive risk detection and incident management.
  Manage crypto-related risk incidents and issues, collaborating with stakeholders for timely resolution and effective remediation.
  Develop and implement tools and systems for real-time fraud detection, suspicious activity alerts, and anti-abuse mechanisms.
  Regularly review and question hedging positions, diversification, and exposure risk.
• Compliance & Governance:
  Ensure alignment of risk management practices with regulatory requirements and industry best practices.
  Collaborate with legal, compliance, and audit teams to address regulatory inquiries, close gaps, and ensure adherence to evolving regulations (e.g., MiCA, travel rule, local DPT regulations).
  Participate in risk committees and forums, escalating issues and updating crypto risk policies and procedures.
  Prepare and present regular and ad-hoc risk reports to internal committees, senior management, and boards.
• Stakeholder Collaboration & Culture:
  Collaborate closely with cross-functional teams, including Product, Engineering, Trading, Operations, Legal, and Compliance, to integrate risk management into business processes and new product development.
  Provide risk guidance and training to employees to raise awareness of risk obligations and promote a strong risk-aware culture within the organization.
  Liaise with regulatory authorities and external auditors as needed.

Required Qualifications:

• Bachelor's degree in Finance, Economics, Business, Risk Management, Law, or a related quantitative field. Advanced degree (Master's, MBA) or professional certifications (FRM, CFA, CAMS) are a significant plus.
• 5+ years of proven experience in risk management, internal audit, or risk and controls, with a strong preference for experience within the cryptocurrency, FinTech, or financial services industry (e.g., investment banking, asset management).
• Strong knowledge of cryptocurrency products, blockchain technology, and the associated risks and infrastructure.
• Familiarity with relevant regulatory frameworks and compliance requirements for virtual asset service providers (VASPs).
• Hands-on experience with risk programs such as KRIs, risk assessments, control testing, and business continuity planning.
• Excellent analytical, problem-solving, and decision-making skills with a keen eye for detail.
• Strong communication, presentation, and interpersonal skills, with the ability to effectively engage and influence stakeholders at all levels.
• Ability to work independently, manage multiple priorities, and thrive in a fast-paced, dynamic, and evolving environment.
• Proficiency in risk management tools and software applications; experience with GRC systems (e.g., Archer) is a plus.
• SQL and Python programming experience for data analysis and automation is highly desirable.

Preferred Qualifications:

• Prior experience building and scaling fraud or risk detection systems from scratch.
• Experience with blockchain analytics tools.
• Exposure to derivatives and spot trading in crypto markets.
• Experience working in a global organization with diverse teams.