Risk Control Manager

The Risk Control Manager will be instrumental in developing, implementing, and overseeing a robust risk management framework to identify, assess, monitor, and mitigate all types of risks associated with crypto exchange operations, products, and services. This role requires a deep understanding of the cryptocurrency landscape, financial market risks, regulatory requirements, and the ability to collaborate effectively across various teams to foster a strong risk‑aware culture.

• Risk Framework Development & Implementation:

  • Design, implement, and maintain a comprehensive enterprise‑wide risk management framework, policies, and procedures tailored to the unique risks of a cryptocurrency exchange.
  • Develop and manage Risk Appetite Statements and Key Risk Indicators (KRIs), defining clear thresholds and establishing reporting mechanisms.
  • Lead and coordinate Risk & Control Self‑Assessments (RCSAs), Product Risk Assessments, and Enterprise Risk Assessments to identify and address key risk areas.

• Risk Identification & Assessment:

  • Proactively identify, analyze, and assess various types of risks, including but not limited to:
    • Operational Risk: System failures, human error, process breakdowns, fraud, cyber security risks, business continuity, disaster recovery.
    • Market Risk: Volatility, liquidity risk, price manipulation, unexpected market movements.
    • Credit/Counterparty Risk: Risks associated with institutional clients, lending, or decentralized finance (DeFi) protocols.
    • Regulatory & Compliance Risk: Evolving AML/CFT regulations, licensing requirements, data privacy, and other local/international crypto‑specific regulations.
    • Technology Risk: Smart contract vulnerabilities, blockchain network issues, platform security, data integrity.
    • Product Risk: Risks inherent in new crypto products (e.g., derivatives, staking, NFTs).
  • Conduct targeted data‑driven risk assessments and develop risk management reporting using data visualization tools.

• Risk Monitoring & Mitigation:

  • Implement and oversee control measures to mitigate identified risks effectively.
  • Monitor key risk metrics and dashboards for proactive risk detection and incident management.
  • Manage crypto‑related risk incidents and issues, collaborating with stakeholders for timely resolution and effective remediation.
  • Develop and implement tools and systems for real‑time fraud detection, suspicious activity alerts, and anti‑abuse mechanisms.
  • Regularly review and question hedging positions, diversification, and exposure risk.

• Compliance & Governance:

  • Ensure alignment of risk management practices with regulatory requirements and industry best practices.
  • Collaborate with legal, compliance, and audit teams to address regulatory inquiries, close gaps, and ensure adherence to evolving regulations (e.g., MiCA, travel rule, local DPT regulations).
  • Participate in risk committees and forums, escalating issues and updating crypto risk policies and procedures.
  • Prepare and present regular and ad‑hoc risk reports to internal committees, senior management, and boards.

• Stakeholder Collaboration & Culture:

  • Collaborate closely with cross‑functional teams, including Product, Engineering, Trading, Operations, Legal, and Compliance, to integrate risk management into business processes and new product development.
  • Provide risk guidance and training to employees to raise awareness of risk obligations and promote a strong risk‑aware culture within the organization.
  • Liaise with regulatory authorities and external auditors as needed.

• Bachelor's degree in Finance, Economics, Business, Risk Management, Law, or a related quantitative field. Advanced degree (Master's, MBA) or professional certifications (FRM, CFA, CAMS) are a significant plus.
• At least 3 years of proven experience in risk management, internal audit, or risk and controls, with a strong preference for experience within the cryptocurrency, FinTech, or financial services industry (e.g., investment banking, asset management).
• In‑depth understanding of financial risk management frameworks (e.g., COSO, ISO 31000) and methodologies.
• Strong knowledge of cryptocurrency products, blockchain technology, and the associated risks and infrastructure.
• Familiarity with relevant regulatory frameworks and compliance requirements for virtual asset service providers (VASPs).
• Hands‑on experience with risk programs such as KRIs, risk assessments, control testing, and business continuity planning.
• Excellent analytical, problem‑solving, and decision‑making skills with a keen eye for detail.
• Proficiency in risk management tools and software applications; experience with GRC systems (e.g., Archer) is a plus.
• SQL and Python programming experience for data analysis and automation is highly desirable.

• Prior experience building and scaling fraud or risk detection systems from scratch.
• Experience with blockchain analytics tools.
• Exposure to derivatives and spot trading in crypto markets.
• Experience working in a global organization with diverse teams.