Risk Management Director

ZEN.COM is a smart financial app designed for everyday life, enabling fast, secure payments, online shopping, and personal finance management. It offers cashback on purchases, spending control, purchase protection, and a multi-currency account for international use with favorable exchange rates and no hidden fees.

• Minimum 8 years of experience in risk management within regulated financial services.
• Proven senior-level experience in Electronic Money Institutions (EMIs) and/or Payment Institutions / Payment Service Providers (PSPs).
• Experience in multi-jurisdictional environment, ideally covering EU/EEA markets with passporting regimes.
• Track record of direct interaction with financial regulators and Boards of Directors on risk matters.
• Experience building or significantly developing a risk function including hiring and structuring a team.
• Comprehensive understanding of PSD2 (and PSD3 developments), EMI licensing requirements, own funds calculations, and safeguarding.
• Practical experience implementing EBA Guidelines on Internal Governance, Outsourcing Arrangements, and ICT Risk Management (DORA).
• Strong understanding of acquiring risk models, merchant risk management, chargeback frameworks, and Visa/Mastercard scheme requirements.
• Experience with operational risk event management, BCP/DR, and incident management frameworks.
• Expertise in outsourcing risk assessment, vendor due diligence, and ongoing monitoring of critical service providers.
• Ability to operate as an independent second-line function providing constructive challenge to senior management and the Board.
• Ability to balance risk management rigour with commercial pragmatism.
• Excellent written and verbal communication skills for board-ready reports, regulatory submissions, and policy documentation.
• Ability to anticipate regulatory trends and emerging risks.
• Experience managing relationships with business, regulators, auditors, card schemes, and external partners.
• Proven ability to recruit, develop, and retain talent in a lean, high-performing team.
• Openness to leveraging technology for risk management processes including automation, data analytics, and modern tooling.

• Operate and enhance the Enterprise Risk Management (ERM) framework, including Risk Management Policy, Risk Appetite Statement, and methodologies.
• Oversee the enterprise-wide risk register to identify, assess, monitor, and report all material risks.
• Provide inputs and scenarios to the annual Internal Capital Adequacy Assessment Process (ICAAP) or equivalent under EMI regulations.
• Align risk management framework with Bank of Lithuania guidelines, EBA guidelines, PSD2, and other regulations.
• Develop and maintain risk appetite metrics and key risk indicators (KRIs) with thresholds, triggers, and escalation procedures.
• Serve as primary contact with regulators and strategic stakeholders (VISA, Mastercard) on risk management.
• Prepare and present regulatory submissions, responses to supervisory findings, remediation plans, and cost-benefit analyses.
• Track and assess regulatory developments and adapt internal risk frameworks proactively.
• Prepare and deliver Board-level Risk Reports covering risk profile, key incidents, risk appetite posture, and risk maps.
• Participate in and report to Board committees and internal governance bodies.
• Ensure decision-oriented risk reporting with clear escalation and appropriate granularity.
• Advise Boards and C-level on risk implications of strategic decisions including product launches, market expansions, partnerships, and M&A.
• Oversee operational risk management framework including incident management, business continuity planning, and operational risk event reporting.
• Oversee ICT risk management framework, third-party ICT risk management, and operational resilience program.
• Ensure ICT risk governance including DORA Article 13-compliant risk assessment and reporting.
• Manage incident management and escalation process including regulatory notifications under PSD2 and DORA.
• Own third-party and outsourcing risk management framework consistent with EBA Guidelines on Outsourcing Arrangements.
• Ensure due diligence, ongoing monitoring, and risk assessment of material outsourcing arrangements.
• Manage register of outsourcing arrangements and ensure timely notifications.
• Oversee vendor assessments and counterparty risk evaluations for key service providers and partners.
• Oversee risk management for card acquiring activities including merchant risk assessment, chargeback and fraud monitoring, and card scheme compliance.
• Manage payment operations risk including transaction limit frameworks for different customer segments.
• Ensure appropriate controls for agent and distributor networks in line with PSD2 and regulatory expectations.
• Provide second-line challenge and oversight to first-line business functions on risk matters.
• Ensure effective three-lines-of-defence model understanding and operation.
• Own risk-related policy suite ensuring policies are current, Board-approved, and periodically reviewed.
• Build, lead, and develop the Risk team including hiring, performance management, and professional development.
• Foster strong risk culture through training, awareness, and engagement.
• Manage Risk function’s budget and resource allocation.