Director, Risk and Compliance
About the role
DIGITAL COMMERCE GROUP
Location: Calgary, Alberta (on-site) Reports to: Chief Risk & Compliance Officer (CRO/CCO)
- Position Summary The Director, Risk and Compliance is a middle-management leadership role based in Calgary, Alberta. Reporting directly to the Chief Risk & Compliance Officer (CRO/CCO) of Digital Commerce Group, the Director supports the management of the Group's Enterprise Risk Management, Regulatory Compliance Management, Operational Risk, Third-Party Risk Management, and Retail Payment Activities Act (RPAA) compliance programs across Digital Commerce Bank (a federally regulated Schedule I bank), Pateno Payments Inc., and Digital Commerce Payments. The position is based on-site at the Group's head office in Calgary.
The Director is responsible for the day-to-day execution of the Group's risk and compliance programs: coordinating regulatory examinations and information requests, supporting internal audit and independent reviews, facilitating risk assessments and compliance monitoring, and maintaining effective risk and compliance reporting.
- Key Responsibilities The Director coordinates the operational delivery of the Group's risk and compliance programs across the following domains:
2.1 Regulatory Examinations and Supervisory Reviews Acts as the operational coordinator for supervisory engagements across the Group's regulators. Serve as the primary coordinator for regulatory examinations, reviews, information requests, and supervisory engagements. Coordinate responses to requests from OSFI, FCAC, CDIC, the Bank of Canada, FINTRAC, payment networks, and other applicable authorities. Maintain centralized tracking of regulatory requests, findings, commitments, and remediation plans. Ensure regulatory responses are complete, accurate, appropriately reviewed, and submitted within required timelines. Support the preparation of briefing materials, presentations, and meeting packages for regulatory engagements.
2.2 Enterprise Risk Management Administers the Group's ERM framework and risk appetite day-to-day across the bank and payment entities. Coordinate the day-to-day administration and implementation of the Group's Enterprise Risk Management Framework. Coordinate enterprise-wide risk assessments, Risk and Control Self-Assessments (RCSAs), and emerging risk reviews. Coordinate the development, monitoring, and reporting of Key Risk Indicators (KRIs) and risk appetite metrics. Conduct research and analysis to identify emerging risks, trends, exposures, and mitigation opportunities. Coordinate and support the annual ICAAP process and other risk management initiatives. Support periodic reviews and updates of risk frameworks, policies, procedures, and related governance documents.
2.3 Regulatory Compliance Management Operates the Group's Regulatory Compliance Management System (RCMS) day-to-day. Coordinate the day-to-day operation and maintenance of the Group's Regulatory Compliance Management System (RCMS). Maintain the compliance obligations inventory and ensure regulatory and internal policy requirements are mapped, assessed, monitored, and tested. Coordinate and perform compliance monitoring, compliance testing, and policy compliance assessments across the Group. Monitor regulatory developments and prepare impact assessments and implementation recommendations. Assist with the development, review, and updating of policies, procedures, and compliance documentation. Track compliance findings, regulatory commitments, action plans, and remediation activities through to completion.
2.4 Internal Audit and Independent Reviews Track audit recommendations, management action plans, and remediation commitments through to timely completion. Coordinate independent compliance reviews, effectiveness reviews, regulatory assurance engagements, and other third-party assessments.
2.5 Retail Payment Activities Act (RPAA) Compliance Administers RPAA compliance programs for the Group's registered payment service provider entities. Coordinate the day-to-day administration of the Group's RPAA compliance programs for registered payment service provider entities. Coordinate compliance activities relating to the Operational Risk and Incident Response Framework and Safeguarding of Funds Framework. Support the preparation of regulatory submissions, annual reports, notifications, attestations, and information requests from the Bank of Canada. Coordinate compliance monitoring and testing to assess adherence to RPAA requirements and internal controls. Maintain RPAA-related policies, procedures, risk assessments, and supporting documentation. Coordinate incident reporting, remediation tracking, and post-incident reviews in accordance with regulatory requirements. Support examinations, reviews, and supervisory engagements relating to RPAA compliance.
2.6 Third-Party Risk Management Operationalizes third-party and outsourcing risk management consistent with OSFI Guideline B-10. Coordinate due diligence, risk assessments, onboarding, and ongoing monitoring of third-party service providers in line with OSFI Guideline B-10. Maintain third-party inventories, risk assessments, due diligence documentation, and monitoring records. Monitor critical and high-risk service providers and escalate material issues as appropriate. Support contract reviews from a risk and compliance perspective. Coordinate periodic reviews and reporting relating to third-party risk management activities.
- Qualifications and Experience Education University degree in business, finance, risk management, law, accounting, economics, or a related discipline. A relevant professional designation is preferred (e.g., CRM, CRMA, CIA, CPA, CFA, FRM, PRM, CISA, CAMS, CRCM, or equivalent). Post-graduate qualifications (e.g., MBA) are an asset.
Experience Minimum 7–10 years of progressive experience in risk management, regulatory compliance, internal audit, regulatory supervision, or a related field within a financial institution, fintech, payment service provider, consulting firm, or regulatory agency. Experience coordinating regulatory examinations, audits, independent reviews, and remediation programs. Experience preparing reports and presentations for Senior Management. Experience working with enterprise risk management and regulatory compliance management programs. Experience managing multiple projects and regulatory initiatives simultaneously.
Regulatory Exposure Direct working experience under one or more of OSFI, FCAC, CDIC, Bank of Canada (RPAA), FINTRAC, and payment network frameworks. Familiarity operating across both banking and payments business models is strongly preferred.
Not the right fit? Search for Director, Risk and Compliance jobs in Calgary, Alberta, Canada
About Digital Commerce Group
Whether you're a financial services provider or a fintech innovator, our tech-driven products are designed to elevate your business with modern solutions. In a world of evolving payment needs, DC Group is your innovation partner. Our versatile platform and cutting-edge payments technology keep you ahead of the curve, empowering you to offer the latest in payment options.
Founded in 2007, our enterprise-grade payment and banking technology outpaces traditional financial services in speed, transparency, and cost. Our customers leverage our tech-forward solutions to access advanced payment technology, facilitate instant transactions, add fresh revenue streams, reduce capital requirements, and connect with new audiences
Similar Jobs
Director, Risk and Compliance
About the role
DIGITAL COMMERCE GROUP
Location: Calgary, Alberta (on-site) Reports to: Chief Risk & Compliance Officer (CRO/CCO)
- Position Summary The Director, Risk and Compliance is a middle-management leadership role based in Calgary, Alberta. Reporting directly to the Chief Risk & Compliance Officer (CRO/CCO) of Digital Commerce Group, the Director supports the management of the Group's Enterprise Risk Management, Regulatory Compliance Management, Operational Risk, Third-Party Risk Management, and Retail Payment Activities Act (RPAA) compliance programs across Digital Commerce Bank (a federally regulated Schedule I bank), Pateno Payments Inc., and Digital Commerce Payments. The position is based on-site at the Group's head office in Calgary.
The Director is responsible for the day-to-day execution of the Group's risk and compliance programs: coordinating regulatory examinations and information requests, supporting internal audit and independent reviews, facilitating risk assessments and compliance monitoring, and maintaining effective risk and compliance reporting.
- Key Responsibilities The Director coordinates the operational delivery of the Group's risk and compliance programs across the following domains:
2.1 Regulatory Examinations and Supervisory Reviews Acts as the operational coordinator for supervisory engagements across the Group's regulators. Serve as the primary coordinator for regulatory examinations, reviews, information requests, and supervisory engagements. Coordinate responses to requests from OSFI, FCAC, CDIC, the Bank of Canada, FINTRAC, payment networks, and other applicable authorities. Maintain centralized tracking of regulatory requests, findings, commitments, and remediation plans. Ensure regulatory responses are complete, accurate, appropriately reviewed, and submitted within required timelines. Support the preparation of briefing materials, presentations, and meeting packages for regulatory engagements.
2.2 Enterprise Risk Management Administers the Group's ERM framework and risk appetite day-to-day across the bank and payment entities. Coordinate the day-to-day administration and implementation of the Group's Enterprise Risk Management Framework. Coordinate enterprise-wide risk assessments, Risk and Control Self-Assessments (RCSAs), and emerging risk reviews. Coordinate the development, monitoring, and reporting of Key Risk Indicators (KRIs) and risk appetite metrics. Conduct research and analysis to identify emerging risks, trends, exposures, and mitigation opportunities. Coordinate and support the annual ICAAP process and other risk management initiatives. Support periodic reviews and updates of risk frameworks, policies, procedures, and related governance documents.
2.3 Regulatory Compliance Management Operates the Group's Regulatory Compliance Management System (RCMS) day-to-day. Coordinate the day-to-day operation and maintenance of the Group's Regulatory Compliance Management System (RCMS). Maintain the compliance obligations inventory and ensure regulatory and internal policy requirements are mapped, assessed, monitored, and tested. Coordinate and perform compliance monitoring, compliance testing, and policy compliance assessments across the Group. Monitor regulatory developments and prepare impact assessments and implementation recommendations. Assist with the development, review, and updating of policies, procedures, and compliance documentation. Track compliance findings, regulatory commitments, action plans, and remediation activities through to completion.
2.4 Internal Audit and Independent Reviews Track audit recommendations, management action plans, and remediation commitments through to timely completion. Coordinate independent compliance reviews, effectiveness reviews, regulatory assurance engagements, and other third-party assessments.
2.5 Retail Payment Activities Act (RPAA) Compliance Administers RPAA compliance programs for the Group's registered payment service provider entities. Coordinate the day-to-day administration of the Group's RPAA compliance programs for registered payment service provider entities. Coordinate compliance activities relating to the Operational Risk and Incident Response Framework and Safeguarding of Funds Framework. Support the preparation of regulatory submissions, annual reports, notifications, attestations, and information requests from the Bank of Canada. Coordinate compliance monitoring and testing to assess adherence to RPAA requirements and internal controls. Maintain RPAA-related policies, procedures, risk assessments, and supporting documentation. Coordinate incident reporting, remediation tracking, and post-incident reviews in accordance with regulatory requirements. Support examinations, reviews, and supervisory engagements relating to RPAA compliance.
2.6 Third-Party Risk Management Operationalizes third-party and outsourcing risk management consistent with OSFI Guideline B-10. Coordinate due diligence, risk assessments, onboarding, and ongoing monitoring of third-party service providers in line with OSFI Guideline B-10. Maintain third-party inventories, risk assessments, due diligence documentation, and monitoring records. Monitor critical and high-risk service providers and escalate material issues as appropriate. Support contract reviews from a risk and compliance perspective. Coordinate periodic reviews and reporting relating to third-party risk management activities.
- Qualifications and Experience Education University degree in business, finance, risk management, law, accounting, economics, or a related discipline. A relevant professional designation is preferred (e.g., CRM, CRMA, CIA, CPA, CFA, FRM, PRM, CISA, CAMS, CRCM, or equivalent). Post-graduate qualifications (e.g., MBA) are an asset.
Experience Minimum 7–10 years of progressive experience in risk management, regulatory compliance, internal audit, regulatory supervision, or a related field within a financial institution, fintech, payment service provider, consulting firm, or regulatory agency. Experience coordinating regulatory examinations, audits, independent reviews, and remediation programs. Experience preparing reports and presentations for Senior Management. Experience working with enterprise risk management and regulatory compliance management programs. Experience managing multiple projects and regulatory initiatives simultaneously.
Regulatory Exposure Direct working experience under one or more of OSFI, FCAC, CDIC, Bank of Canada (RPAA), FINTRAC, and payment network frameworks. Familiarity operating across both banking and payments business models is strongly preferred.
Not the right fit? Search for Director, Risk and Compliance jobs in Calgary, Alberta, Canada
About Digital Commerce Group
Whether you're a financial services provider or a fintech innovator, our tech-driven products are designed to elevate your business with modern solutions. In a world of evolving payment needs, DC Group is your innovation partner. Our versatile platform and cutting-edge payments technology keep you ahead of the curve, empowering you to offer the latest in payment options.
Founded in 2007, our enterprise-grade payment and banking technology outpaces traditional financial services in speed, transparency, and cost. Our customers leverage our tech-forward solutions to access advanced payment technology, facilitate instant transactions, add fresh revenue streams, reduce capital requirements, and connect with new audiences