Head of Risk

Role Overview

The Head of Risk Egypt is responsible for establishing and leading the risk management function for Pay10’s Egypt entity. The role ensures full compliance with Central Bank of Egypt (CBE) regulations and oversees all risk domains relevant to the licenses Pay10 has applied for in Egypt. The role covers operational risk, fraud risk, acquiring risk, merchant risk, technology/on-prem data-center risk, regulatory/CBE risk, business continuity, outsourcing risk, and internal controls. This is a country-level strategic leadership role, reporting to the CEO Egypt and Risk Governance at the Global level.

Key Responsibilities

1. Regulatory, Licensing & Governance (CBE-Aligned)

• Implement risk frameworks and policies aligned with CBE PSP Regulations, CBE Cybersecurity Framework, CBE Governance, and CBE Outsourcing Controls.
• Ensure full compliance with all regulatory obligations tied to Pay10’s Egyptian licenses:
• Prepaid Card Issuance
• Merchant Acquiring / Acceptance
• PSP / Payment Gateway
• Inward Remittances
• Lead interactions with the Central Bank of Egypt where required, including inspections, queries, periodic reporting, and thematic reviews.
• Maintain local Risk Register, RCSA, KRIs, incident logs, CBE reporting templates, and operational resilience documentation.
• Ensure internal controls meet CBE standards for PSPs and settlement operations.

2. Fraud, Merchant Risk & Acquiring Risk

• Lead issuer/acquiring fraud operations for POS, e-commerce, MPGS, QR, wallet transactions, OTA, and card usage.
• Review & approve merchant onboarding risk assessments (KYC/KYB, site visits, MCC category checks).
• Monitor MCC-category violations, high-risk merchants, suspicious volumes, and abnormal patterns.
• Implement and manage:
• Rule-based and behavior-based fraud engines
• CPP analysis & replay pattern detection
• Chargeback controls and refund risk oversight
• Merchant exposure controls (velocity limits, settlement cycle management, reserve structures)
• Coordinate with CBE FIU & internal compliance on AML/CFT indicators related to payments and merchant activity.

3. Operational Risk & Internal Controls

• Establish and maintain operational risk frameworks: RCSA, incident management, loss tracking, root-cause reporting.
• Strengthen controls across: onboarding, settlements, reversals, payouts, reconciliations, merchant support, and customer operations.
• Lead BCP/DR planning, crisis management testing, and ensure operational resilience in accordance with CBE standards.
• Oversee Third-Party/Vendor risk assessments for partners, processors, card scheme integrations, and outsourced functions.

4. Technology Risk & On-Premise Data Center Oversight

• Oversee controls for local on-prem infrastructure, as required by CBE hosting rules.
• Access control & physical security
• Redundancy (UPS, power, cooling)
• Firewall & perimeter security
• Patch & change management
• Backup & archival compliance
• DR/Failover testing
• Ensure full alignment with CBE Cybersecurity Requirements, PCI-DSS, and data localization standards.
• Work with IT & Infosec team to track vulnerabilities, penetration test findings, and remediation.

5. Inward Cross-Border Remittances Risk Oversight

• Oversee controls for cross-border inward remittances credited to Pay10 Wallet.
• Monitor:
• incoming remittance transaction patterns
• AML/CFT flags & sanctions checks
• partner MTO risk assessments
• suspicious activity escalation
• Ensure local settlement (EGP) and reconciliation meet CBE reporting requirements.

6. Reporting, Insights & Risk Analytics

• Prepare monthly Egypt Risk Dashboard, fraud trends, KRIs, and board-level reporting.
• Submit mandatory reports to CBE: outages, fraud events, major incidents, security breaches.
• Use data analytics (Excel/Power BI etc ) to strengthen fraud & operational risk capabilities.

7. Leadership & Risk Culture

• Build and oversee the Egypt risk team (fraud, operational risk, analytics).
• Provide training on risk controls, merchant risk red flags, and CBE regulatory expectations.
• Promote a proactive culture of risk ownership across Operations, Product, IT, Sales, and Customer Support.

Qualifications & Experience

Required

• 10–15 years of experience in payments risk, fraud risk, operational risk, or PSP/acquiring risk.
• Strong working knowledge of CBE regulations for PSPs, wallets, acquirers, cards, cybersecurity & outsourcing.
• Experience with risk frameworks in payment companies, PSPs, aggregators, e-commerce, acquiring, or issuing.
• Proven track record leading fraud or risk teams in Egypt.

Preferred

• Experience with MPGS, Visa Online, MasterCard systems, fraud engines.
• Experience implementing risk controls for on-prem data centers.
• CBE/EBI certifications in Risk, AML, Cyber, Fraud, or Operations.

Skills

• Strong regulatory interpretation & policy drafting
• Fraud analytics & merchant risk expertise
• Operational resilience & DR/BCP understanding
• Stakeholder engagement with CBE, schemes, and partner banks
• Strong analytical & reporting capabilities
• Ability to lead cross-functional risk culture