Head of Non-Financial Risk
The Head of Non‑Financial Risk leads the organisation's oversight of operational, technology, cyber, resilience and conduct risks, ensuring robust governance across high‑value payment platforms. This role acts as a key interface with European oversight bodies, strengthens organisational resilience, and drives a consistent, forward‑looking non‑financial risk culture across all business areas.
Key Responsibilities
Risk Framework & Governance
Maintain and enhance the organisation's non‑financial risk framework, covering operational, technology, cyber, resilience, third‑party and conduct risks.
Ensure alignment with European regulatory and oversight expectations for non‑financial risk.
Regulatory & Oversight Interaction
Act as a key counterpart for supervisory bodies on NFR topics, ensuring transparent and well‑prepared engagement.
Leadership & Culture
Lead and develop the Non‑Financial Risk team, ensuring strong technical capability and proactive challenge.
Embed a consistent risk culture across all business units, promoting high-quality risk practices and awareness.
Advisory & Business Partnership
Provide clear, independent challenge and expert advice to senior management on NFR issues.
Support strategic decision‑making with high‑quality risk analysis and insights.
Resilience & Emerging Risks
Oversee operational resilience, business continuity and crisis‑management frameworks.
Monitor developments in payments, regulation, cyber, technology and the broader financial ecosystem to anticipate emerging NFR risks.
Key Requirements
Master's degree in Risk, Finance, Economics, Computer Science, Law or a related field; professional certifications welcome.
10+ years' experience in non‑financial risk roles within payments, financial market infrastructures, central banking or major financial institutions.
Strong knowledge of European non‑financial risk expectations (e.g., DORA, CROE operational resilience, cyber and operational‑risk frameworks).
Technical grounding in cyber‑resilience, operational resilience, technology risk, third‑party risk, and relevant industry standards (e.g., ISO 20022, where applicable to operations).
Demonstrated ability to lead multi‑jurisdictional teams and operate within complex, regulated environments.
Strong systems thinking, with the ability to connect operational issues to broader strategic or systemic impacts.
Skilled stakeholder management, including engagement with regulators, governance bodies and shareholder institutions.
Composed, structured leadership during incidents or periods of pressure, with a high level of integrity and accountability.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your resume and details on file so when we see similar roles or see skillsets that drive growth in organizations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your resume so you can be considered for roles that have yet to be created.
Yes, we help with resume and interview preparation. From customized support on how to optimize your resume to interview preparation and compensation negotiations, we advocate for you throughout your next career move.