Enterprise Risk Management

• Develop, implement, and maintain an Enterprise Risk Management framework covering operational, IT, financial, regulatory, strategic, legal, and reputational risks.
• Maintain an updated corporate risk register, ensuring risks are identified, assessed, mitigated, monitored, and reported.
• Integrate risk management into decision-making across IT, Finance, Operations, Administration, and Business Development.
• Lead risk assessments for new products, services, partnerships, and projects.

Cybersecurity and IT Risk and Compliance

• Ensure compliance with Bank of Uganda’s NPS regulations, Data Protection and Privacy Act, PCI-DSS, ISO 27001, and other relevant laws.
• Oversee vulnerability assessments, penetration tests, and remediation tracking.
• Manage identification, response, and recovery for cybersecurity incidents.
• Collaborate with IT teams to ensure secure system design, change management, and vendor controls.

Operational Risk and Compliance

• Monitor and assess risks in agent network management, service delivery, account reconciliation, and customer support.
• Implement controls to prevent fraud, monitor transactions, and resolve disputes.
• Ensure compliance with service level agreements and internal operational processes.

Financial and Procurement Risk and Compliance

• Ensure adherence to AML/CFT, tax, and financial regulations.
• Manage controls for expense approvals, asset management, and financial reporting.
• Ensure transparent and compliant procurement processes.
• Monitor risks in payments, reconciliations, and treasury activities.

HR, Legal, and Governance Compliance

• Ensure HR policies comply with legal standards, protect employee privacy, and uphold ethical norms.
• Manage fair processes for whistleblowing, complaints, and disciplinary actions.
• Ensure governance practices meet regulatory and Board expectations.
• Monitor legal issues, review contracts, and track contract compliance.

Business Continuity and Operational Resilience

• Lead the design, testing, and enhancement of Business Continuity and Disaster Recovery plans.
• Conduct simulations and post-incident reviews to strengthen resilience.
• Incorporate resilience measures into vendor and third-party contracts.

Reporting and Regulatory Engagement

• Engage with regulators, auditors, and industry bodies on compliance matters.
• Prepare and submit quarterly risk and compliance reports to the Board Audit & Risk Committee.
• Ensure timely and accurate submission of mandatory regulatory returns.

Awareness and Training

• Develop and deliver company-wide training on risk management, IT security, compliance, AML/CFT, and data privacy.
• Foster a culture of rigorous compliance and risk awareness across all business units.

Qualifications and Skills

Performance Indicators

• Timely filing of all regulatory returns with no significant non-compliance issues.
• Reduction of critical IT security vulnerabilities and operational losses.
• Successful completion of BCP/DR tests and readiness objectives.
• Positive feedback from the Board and regulators on risk and compliance oversight.
• Establishment of a company-wide culture of risk and compliance.

How to Apply

Interested candidates should submit a CV and cover letter detailing their qualifications and suitability for the role to applications@agentbanking.co.ug by September 14, 2025. Include "Manager – Risk and Compliance Application" in the email subject line.