Senior Executive, Compliance (Data Protection)

This role reports to the Team Lead of Regulatory Compliance. The Regulatory Compliance Section is part of the wider Compliance Department at Income which also includes the Market Conduct Compliance Section and AML Compliance Section. The Compliance Department reports to the Head of Compliance. The candidate will have the opportunity to work closely with other BUs and stakeholders, including the Head of Compliance and Senior Management, in relation to all compliance matters.

The candidate will be involved in Regulatory Compliance work specialising in Personal Data Protection matters. The candidate should be familiar with compliance functions in the financial industry and be capable of executing the following responsibilities:

• Monitor and support compliance with the Company’s personal data protection policies and practices in line with the PDPA. Assist in identifying risks related to the collection, use, disclosure, and storage of personal data, assess their impact, and recommend measures to mitigate these risks.
• Maintain documentation such as records of processing activities, privacy checklists, data mapping, legitimate interest assessments, and Data Privacy Impact Assessments (DPIA) to ensure risks are identified and addressed based on business functions and processes.
• Conduct periodic reviews and audits, analyse findings, and work with stakeholders to implement corrective actions for identified gaps.
• Serve as a contact point for data subjects and internal teams on data privacy and security matters, including handling personal data protection-related queries and complaints.
• Support awareness and training initiatives by preparing materials, conducting sharing sessions, and promoting best practices to foster a culture of compliance within the Company.
• Assist in implementing and maintaining data protection policies, procedures, and controls, ensuring they remain effective and up to date.
• Coordinate data breach and incident management, including documentation, reporting, and submission to the PDPC within prescribed timelines.
• Support compliance and personal data programs by monitoring regulatory requirements, identifying areas of non-compliance, and assisting in the development of action plans.
• Provide guidance and training on PDPA and other relevant regulatory requirements, policies, and professional standards.
• Assist with other regulatory and compliance matters as required by Section Head or Team Lead of Regulatory Compliance.

• At least a Bachelor's degree or above in a relevant discipline
• Any relevant professional qualification or certification will be an advantage.
• At least 3-6 years of work knowledge and experience in compliance.
• Proficient in compliance advisory on regulations, policies and standards, including knowledge in area of data protection compliance area, privacy management.
• Must be proficient in MS Office and its applications.