Head of Internal Audit

Purpose of the Role

The Head of Internal Audit provides independent and objective assurance and advisory services designed to add value and improve i2c’s operations. The role is responsible for evaluating the adequacy and effectiveness of governance, risk management, and internal control processes across the organization, in alignment with the requirements of the payments, banking, and fintech industry.

The position functionally reports to i2c’s Board through the Governance, Risk & Compliance Committee (GRCC), with administrative reporting to the Global Head of Operations. The Head of Internal Audit promotes a culture of strong controls, regulatory rigor, and continuous improvement while maintaining independence from management responsibilities.

Internal Audit Leadership & Strategy

• Establish and lead a high-performing Internal Audit function aligned with i2c’s risk profile, strategic objectives, and regulatory expectations.
• Develop, maintain, and execute a dynamic, risk-based Internal Audit plan aligned with enterprise risk assessments and approved by the GRCC.
• Continuously assess and adjust audit coverage in response to business growth, new products, geographic expansion, and emerging risks.
• Maintain and periodically update the Internal Audit Charter for GRCC approval.

Audit Execution & Assurance

• Plan and execute internal audits across operational, financial, technology, information security, compliance, and third-party domains.
• Ensure audits are performed in accordance with Institute of Internal Auditors (IIA) Standards and leading industry practices.
• Deliver high-quality audit reports with clearly articulated issues, root cause analysis, risk impact, and actionable recommendations.
• Evaluate the accuracy, integrity, and timeliness of financial and operational information provided to management and stakeholders.

Risk, Governance & Control Assurance

• Provide independent assurance over governance structures and enterprise risk management processes.
• Evaluate the design and operating effectiveness of policies, SOPs, and internal controls across the organization.
• Ensure appropriate coordination with second-line risk and compliance functions while preserving Internal Audit independence.

Regulatory, External Audit & Stakeholder Engagement

• Serve as a primary liaison for regulatory examinations, including preparation, coordination, response management, and remediation tracking.
• Present audit plans, findings, risk trends, and remediation status to senior management and the GRCC.
• Provide independent challenge and assurance over regulatory and external audit remediation efforts.

Follow-up, Monitoring & Continuous Improvement

• Establish and manage audit issue tracking, validation, and reporting mechanisms.
• Ensure timely, sustainable closure of audit and regulatory findings.
• Continuously enhance audit methodologies, tools, and analytics to improve audit effectiveness and maturity.
• Lead internal and external quality assurance and improvement assessments of the Internal Audit function.

Technology, Payments & Third-Party Oversight

• Provide assurance over cloud infrastructure, API-driven platforms, and SaaS environments.
• Assess compliance with SOC 1, SOC 2, and related control frameworks.
• Evaluate end-to-end payments and issuer processing risks, including card lifecycle and settlement activities.
• Assess sponsor bank oversight, third-party risk management, and vendor due diligence processes.

People Leadership & Culture

• Lead, develop, and mentor Internal Audit team members.
• Foster a culture of integrity, accountability, and continuous improvement.
• Ensure the Internal Audit function is appropriately resourced and skilled to meet organizational needs.

Required Qualifications & Experience

• 12–15+ years of progressive audit, risk, or assurance experience, including senior leadership roles.
• Bachelor’s degree in Accounting, Finance, Information Technology, or a related field.
• ACA, FCA, or ACCA required; CIA and/or CISA strongly preferred.
• Proficiency in MS Office 365, GRC tools, Computer Assisted Audit Techniques (CAATs), and data analytics.