Compliance & GRC Quality Assurance Specialist

The Compliance, Quality Assurance & GRC Specialist is responsible for ensuring the organization's full compliance with applicable regulatory frameworks, industry standards, and internal policies. This role integrates governance, risk, and compliance (GRC) with robust quality assurance practices to safeguard business integrity, regulatory standing, and operational resilience. The specialist will collaborate cross-functionally with Legal, Risk, IT, Operations, and Product teams to implement controls, oversee audits, and enforce high-quality standards across all business processes, particularly within the Electronic Money Issuer (EMI) and Financial Technology (FinTech) environment.

Core Functions

• Regulatory Compliance: Ensure strict adherence to all applicable laws, regulations, and licensing requirements governing EMI and FinTech operations.
• Governance & Risk Management: Develop and maintain GRC frameworks that align with corporate governance, risk appetite, and compliance obligations.
• Quality Assurance: Establish and enforce QA methodologies, conduct process audits, and monitor business activities to maintain high-quality operational standards.
• Audit & Control: Lead internal compliance testing, vendor assessments, and support external regulatory audits.
• Policy Management: Draft, review, and implement compliance policies, risk registers, and operational SOPs.

Key Responsibilities

• Compliance Oversight & Monitoring
• Monitor and evaluate changes in EMI and FinTech regulatory requirements (e.g., AMLA, Data Privacy, BSP, SEC, AMLC, and international standards).
• Conduct compliance risk assessments and implement corrective action plans.
• Serve as a key contact for regulatory inquiries, inspections, and reporting requirements.
• Governance, Risk & Controls
• Develop enterprise-wide GRC frameworks to ensure proactive risk identification, mitigation, and control testing.
• Facilitate risk and control self-assessments (RCSA) across departments.
• Monitor third-party/vendor compliance with service-level agreements and security requirements.
• Quality Assurance & Continuous Improvement
• Implement QA frameworks and methodologies to measure effectiveness of internal processes.
• Conduct testing, sampling, and validation of workflows, transactions, and system outputs.
• Recommend process improvements to enhance compliance efficiency, product quality, and risk resilience.
• Audit Management
• Prepare and manage audit documentation for internal and external reviews.
• Track audit findings, ensure timely resolution of gaps, and validate remediation.
• Coordinate with internal audit, external auditors, and regulators on compliance and QA matters.
• Training & Awareness
• Develop and deliver compliance, QA, and GRC training modules to staff.
• Promote a culture of compliance, risk awareness, and operational excellence across the organization.

Qualifications

• Education: Bachelor's degree in Business, Finance, Law, Accountancy, Risk Management, or related field. A Master's degree or professional certification (e.g., CPA, CISA, CISM, CRISC, CAMS, ISO Auditor, PCI DSS, CISSP) is an advantage.
• Experience: Minimum of 5 years in compliance, quality assurance, governance, risk, and control within EMI, FinTech, banking, payments, or financial services industries.
• Knowledge:
• Regulatory frameworks such as BSP circulars, SEC rules, AMLA, Data Privacy Act, ISO standards, PCI-DSS, GDPR.
• Quality assurance methodologies and testing frameworks.
• GRC systems, enterprise risk management (ERM), and audit procedures.
• Skills:
• Strong analytical, documentation, and problem-solving skills.
• Excellent knowledge of risk management tools and control testing.
• High ethical standards, strong communication, and stakeholder management skills.

Key Competencies

• Strategic Compliance & Risk Mindset – ability to align GRC and QA with business objectives.
• Attention to Detail & Rigor – ensures accuracy, completeness, and adherence to regulatory standards.
• Cross-Functional Collaboration – works effectively with legal, risk, IT, operations, and executive leadership.
• Change Leadership – ability to influence organizational culture towards compliance excellence and risk resilience.

Job Type: Full-time

Pay: Php25, Php30,000.00 per month

Work Location: In person