Risk & Compliance Officer

Confirmo is a global stablecoin-first payment platform trusted by market leaders. Originally founded in Prague in 2014, we now run one of the most established infrastructures in the industry. In 2025, Confirmo Limited - part of the Confirmo Group - received authorization under the EU Markets in Crypto-Assets (MiCA) framework from the Central Bank of Ireland.

Overview:

As Compliance & Risk Officer for our newly established UAE entity, you will be the cornerstone of Confirmo's regulatory and risk management framework in the region. You will be responsible for obtaining and maintaining all required licenses from the relevant UAE authorities (including VARA and/or CBUAE), building compliance programs from the ground up, and ensuring the business operates in full accordance with local and international regulations governing virtual assets and payment services. You will work alongside the MLRO, who owns the AML/CFT function, to deliver an integrated risk and compliance framework for the UAE entity. This role reports into Group Risk & Compliance and operates within Confirmo’s group governance structure. This is a founding role — you will have significant influence over how Confirmo's compliance culture and risk appetite are defined in the UAE.

Key Responsibilities:

• Manage the ongoing VARA licensing process through to approval, including responding to regulatory queries and information requests during the review phase.

• Act as the primary point of contact with VARA on licensing, governance, technology risk, and market conduct matters (AML/CFT-specific regulatory engagement sits with the MLRO).

• Maintain ongoing regulatory correspondence, reporting obligations, and licence renewals with VARA.

• Monitor regulatory developments in the UAE virtual assets and payments landscape and ensure timely adaptation of internal policies.

• Develop and maintain the entity’s risk register, covering operational, regulatory, financial, reputational, and technology risks.

• Implement and monitor the Group’s risk appetite framework locally, ensuring alignment with VARA requirements and reporting deviations to Group Risk.

• Conduct regular risk assessments, including exposure to crypto-asset market risks, counterparty risk, sanctions risk, and technology/cyber risk (per VARA Company Rulebook).

• Ensure market conduct risk and consumer protection requirements under VARA are identified, assessed, and managed.

• Lead operational resilience planning, including business continuity and incident response from a compliance and risk perspective.

• Operate within Confirmo’s group governance structure and ensuring UAE risk reporting feeds into group-level risk registers and committees.

• Partner with the MLRO to ensure a robust, integrated risk and compliance function; ensure AML/CFT risks are reflected in the entity’s risk register and reported to Group.

• Advise senior leadership and the Board on compliance risks associated with new products, partnerships, and market expansions in the MENA region Support due diligence processes for new clients, partners, and payment corridors Collaborate closely with global Compliance, Legal, Product, and Finance teams at Confirmo group.

Your Profile:

• Minimum 5 years of compliance and/or risk management experience, with at least 2 years in a virtual assets, fintech, or payments environment.

• Demonstrated experience with UAE regulatory frameworks, particularly VARA regulations.

• Hands-on experience building or maintaining enterprise risk management frameworks in a regulated financial services or crypto-asset business Experience working within a group/subsidiary governance structure, including localising group policies for a regulated local entity.

• Prior experience as a regulatory liaison with UAE authorities is strongly preferred.

• Experience with MiCA, FATF Travel Rule compliance, or other international virtual asset standards is an advantage.

• Deep understanding of VARA regulations, including the Company Rulebook and Compliance & Risk Management Rulebook.

• Understanding of UAE data protection requirements (PDPL) and their application to virtual asset businesses.

• Familiarity with operational resilience and business continuity frameworks (e.g., DORA or equivalent).

• Strong analytical and problem-solving skills with a pragmatic, business-enabling approach to compliance.

Location: This role is based in Dubai. We will only consider candidates who are already based in Dubai.

If you are interested in learning more, please submit your CV, and our recruiter, will get back to you promptly.