Risk & Compliance Manager (DE)
Token
Legal
Germany · Berlin, Germany · Remote
Posted on Mar 7, 2025
Reporting to the Managing Director of Token GmbH, this role is part of the group-wide Risk & Compliance team, supporting our pan-European business. The Risk & Compliance Manager is responsible for ensuring Token GmbH maintains its regulatory status and operates within a robust risk management framework.
Key Responsibilities
- Risk & Governance Management
- Develop and implement a comprehensive Risk Management Framework aligned with ZAG-MaRisk
- Oversee the Payments Risk & Governance Strategy, including operational risk in payment processing, fraud prevention and transaction monitoring and business continuity and resilience planning
- Maintain risk and loss registers with timely updates
- Conduct risk assessments and scenario analyses to identify vulnerabilities
- Regulatory Compliance & Reporting
- Ensure compliance with BaFin, Bundesbank, and EU regulatory requirements
- Develop and maintain Compliance Policies & Procedures
- Act as the primary liaison with regulators, managing regulatory notifications and filings (BaFin, Bundesbank), onsite inspections and inquiries and annual regulatory reporting obligations
- Outsourcing & Internal Control
- Oversee Outsourcing Risk Management, ensuring BaFin compliance
- Manage relationships with third-party service providers handling AML, Internal Audit, and Data Protection
- Conduct vendor due diligence and risk assessments for outsourced services
- Audit Coordination & Internal Controls
- Coordinate internal audits (both in-house and outsourced)
- Manage external audits related to Risk & Compliance
- Implement internal controls to ensure compliance in business operations
- Training & Compliance Support
- Develop and implement regulatory training programs for employees
- Provide advisory support on compliance and regulatory matters.
Who you are
- Based in Germany, with experience in Risk & Compliance, ideally within the payments industry
- At least three years’ experience in a regulated sector
- Strong knowledge of PSD2, ZAG, GwG, and related regulations
- Fluent in German and English (both written and verbal)
- Comfortable working in fast-paced, evolving environments
- Strong technical acumen, able to engage with technology specialists
- Excellent interpersonal and organisational skills, with the ability to build trusted relationships across stakeholders
- Confident and proactive self-starter, capable of managing multiple tasks at same time
- Proficient in Google Workspace (GSuite) and Microsoft Office (Excel, Word)
- Exceptional attention to detail and problem-solving skills
Open to all
Token.io is building an open future for everyone. We don’t just accept different points of view, lived experiences and new ways of thinking — we search them out. They help us make better products, better decisions, and a better place for everyone to work. So, come as you are. We acknowledge and embrace different backgrounds, identities and abilities. Respect is our default, and empathy is our baseline. No one succeeds until we all do.