Job Description
Reporting to the Managing Director of Token GmbH, this role is part of the group-wide Risk & Compliance team, supporting our pan-European business. The Risk & Compliance Manager is responsible for ensuring Token GmbH maintains its regulatory status and operates within a robust risk management framework.
Key Responsibilities
Risk & Governance Management
Develop and implement a comprehensive Risk Management Framework aligned with ZAG-MaRisk
Oversee the Payments Risk & Governance Strategy, including operational risk in payment processing, fraud prevention and transaction monitoring and business continuity and resilience planning
Maintain risk and loss registers with timely updates
Conduct risk assessments and scenario analyses to identify vulnerabilities
Regulatory Compliance & Reporting
Ensure compliance with BaFin, Bundesbank, and EU regulatory requirements
Develop and maintain Compliance Policies & Procedures
Act as the primary liaison with regulators, managing regulatory notifications and filings (BaFin, Bundesbank), onsite inspections and inquiries and annual regulatory reporting obligations
Outsourcing & Internal Control
Oversee Outsourcing Risk Management, ensuring BaFin compliance
Manage relationships with third-party service providers handling AML, Internal Audit, and Data Protection
Conduct vendor due diligence and risk assessments for outsourced services
Audit Coordination & Internal Controls
Coordinate internal audits (both in-house and outsourced)
Manage external audits related to Risk & Compliance
Implement internal controls to ensure compliance in business operations
Training & Compliance Support
Develop and implement regulatory training programs for employees
Provide advisory support on compliance and regulatory matters.
Who you are
Based in Germany, with experience in Risk & Compliance, ideally within the payments industry
At least three years’ experience in a regulated sector
Strong knowledge of PSD2, ZAG, GwG, and related regulations
Fluent in German and English (both written and verbal)
Comfortable working in fast-paced, evolving environments
Strong technical acumen, able to engage with technology specialists
Excellent interpersonal and organisational skills, with the ability to build trusted relationships across stakeholders
Confident and proactive self-starter, capable of managing multiple tasks at same time
Proficient in Google Workspace (GSuite) and Microsoft Office (Excel, Word)
Exceptional attention to detail and problem-solving skills
Basic salary plus stock options (at one years service)
30 days paid vacation plus local holidays
Company pension scheme
Hybrid/flexible working
Additional Information
Open to all
Token.io is building an open future for everyone. We don’t just accept different points of view, lived experiences and new ways of thinking — we search them out. They help us make better products, better decisions, and a better place for everyone to work. So, come as you are. We acknowledge and embrace different backgrounds, identities and abilities. Respect is our default, and empathy is our baseline. No one succeeds until we all do.
apply to this job
