Senior Director Head Of Corporate Risk

Overview

We're seeking an exceptional Head of Corporate Risk to lead the implementation and embedding of Visa's Enterprise Operational Supervisory and Third-Party Risk Management framework across Central and Eastern Europe, Middle East, and Africa (CEMEA). This is a pivotal role for a hands-on risk leader who thrives on making risk management real and actionable for the business—not just theoretical frameworks but practical tools that drive better decision-making, transparency, and mitigation.

You'll be responsible for ensuring our payments business has robust embedded risk practices that provide management with clear visibility into our risk landscape and enable proactive mitigation. This role requires someone who can translate complex regulatory requirements and risk frameworks into practical business applications while building strong collaborative relationships across the organization.

Key Responsibilities

Enterprise & Operational Risk Management

• Implement and embed the Enterprise Risk Management (ERM) framework across the region, ensuring it becomes an integral part of how the business operates.
• Drive the adoption and operationalization of the Operational Risk Framework, making risk identification, assessment, and mitigation a natural part of the business.
• Partner with business teams across all functions to define in-scope processes for Risk and Control Self-Assessments (RCSA), ensuring comprehensive coverage of key operational activities.
• Guide and enable business teams to complete RCSAs effectively, providing hands-on support, training, and quality assurance throughout the assessment process.
• Drive consistent use of risk and issue logging system (GORO) across the region, ensuring data quality and completeness.
• Establish processes that translate logged risks and issues into actionable management insights, driving awareness and appropriate response at all levels.
• Work with business owners to develop and track risk mitigation plans, ensuring accountability and progress monitoring.
• Develop comprehensive risk reporting that provides clear insights for senior management decision-making, highlighting trends, concentrations, and areas requiring attention.
• Foster a culture where business teams view RCSA and risk assessment as valuable tools for their own operations, not just compliance exercises.
• Collaborate with risk teams across other sub-regions to identify emerging risks and share best practices.

Third-Party Risk Management

• Own end-to-end third-party lifecycle management including due diligence, onboarding, approvals, and ongoing monitoring.
• Embed robust vendor risk assessment processes that balance thoroughness with business agility.
• Ensure third-party risks are properly identified, measured, and mitigated throughout the vendor relationship.
• Collaborate with global third-party risk teams on projects and initiatives, ensuring regional alignment while addressing local requirements.
• Embed and disseminate global best practices in third-party risk management across the region, adapting them appropriately for local context.
• Provide timely reporting and escalation of significant third-party risks to management and risk committees.
• Contribute regional insights and lessons learned to global third-party risk frameworks and standards.

Supervisory Risk Management

• Partner closely with Legal, Country Management, Government Engagement, and Compliance teams to ensure all regulatory requirements and changes are thoroughly understood and implemented flawlessly and on time.
• Translate regulatory requirements into practical business changes and control enhancements.
• Maintain deep understanding of the regional regulatory landscape affecting payments operations.
• Work closely with global regulatory and supervisory risk teams on cross-border projects and initiatives to ensure consistent approaches.
• Adopt and disseminate global regulatory best practices while ensuring they are appropriately tailored to regional supervisory expectations.
• Establish robust processes for timely reporting and escalation of regulatory risks, breaches, and supervisory matters to management and risk committees.
• Ensure proactive communication with global teams regarding emerging regulatory changes and their potential regional impact.

Risk Governance & Committee Management

• Lead and facilitate the regional risk committee, ensuring it serves as an effective forum for surfacing and discussing key risks with senior management.
• Drive consistent governance standards, frameworks, and reporting templates across all sub-regional risk committees to ensure quality and comparability.
• Ensure local and sub-regional risks are adequately identified, discussed, and documented in sub-regional risk committees with appropriate rigor and accountability.
• Establish clear escalation protocols and criteria to ensure material risks from sub-regional committees are escalated to the regional risk committee on a timely bas