Risk Manager

Boku is seeking an experienced Risk Manager to strengthen and enhance our global  Risk Management Framework (RMF). This is a high‑impact second line of defence role with a focus on FCA‑regulated operations and other international regulatory environments. You will collaborate with senior stakeholders, regulated entities, and global business functions to embed robust risk management practices across the organisation.

 

As Risk Manager, you will lead key risk management activities incuding principal risk assessments, control testing, KRI monitoring, policy development, and enterprise‑level reporting. You will play a pivotal role in shaping and maturing our risk framework, ensuring alignment with regulatory expectations and Board‑level governance standards.

 

Key Responsibilities: 

Enterprise Risk Management & Governance

• Support the design, implementation, and continuous enhancement of the global ERM framework.
• Lead and facilitate Principal Risk Assessments and Risk & Control Self-Assessments (RCSAs).
• Maintain and enhance risk taxonomy, risk registers, and governance documentation.
• Support Risk Appetite framework development, including KRI design, calibration, and monitoring.
• Prepare high-quality Board and Committee risk reporting materials.

Financial & Cyber Risk Oversight

• Provide second-line oversight of Market, Liquidity, Credit, and Cyber risks across regulated entities.
• Analyse risk data, trends, and emerging risk themes to inform senior management decision-making.
• Ensure alignment with FCA and other relevant global regulatory expectations.

Control Testing & Framework Enhancement

• Conduct independent control testing (design and operating effectiveness).
• Identify control weaknesses, document findings, and track remediation to closure.
• Lead thematic reviews and targeted deep dives across key risk areas.
• Drive continuous improvement of risk frameworks, policies, and methodologies.

Policy Design & Regulatory Alignment

• Draft, review, and maintain risk policies and standards across regulated jurisdictions.
• Ensure policies are aligned to FCA requirements and equivalent global regulators.
• Support regulatory submissions, reviews, and audit engagements.
• Provide risk advisory support to business initiatives, new products, and change programmes.

Stakeholder & Culture

• Promote a strong risk culture through training, engagement sessions, and clear guidance.
• Work effectively within the three lines of defence model.
• Collaborate with Compliance, Finance, Technology, Cyber Security, and local entity leadership.

 

Key Skills, Experience and Competencies:

Experience

• 7+ years’ experience in Risk Management within FCA-regulated firms (EMI, PI, banking, or equivalent) and/or other globally regulated financial institutions.
• Strong second-line experience within Enterprise Risk Management frameworks.
• Demonstrable experience in Financial Risk (Market, Liquidity, Credit) and Cyber Risk oversight.
• Experience designing and executing structured control testing programmes.
• Experience enhancing risk frameworks within growing or multi-jurisdictional organisations.
• Exposure to regulatory engagement, thematic reviews, or supervisory interactions.

Technical Expertise

• Strong understanding of FCA regulatory expectations and governance standards.
• Deep knowledge of ERM frameworks, Risk Appetite, KRIs, and three lines of defence governance.
• Experience with GRC platforms and risk register tools.
• Ability to analyse financial risk data and incident trends to derive actionable insights.

Competencies

• Strong analytical and structured thinking capability.
• Clear and concise report writing suitable for senior management and Board audiences.
• High level of ownership and accountability.
• Ability to challenge constructively and influence cross-functional stakeholders.
• Comfortable operating in a dynamic, global environment with evolving regulatory expectations.

 

Qualifications (if required):

• Strong academic background (degree required).
• Professional risk qualifications (Financial Risk, Cyber Risk, ERM) are a plus.