The Head of Compliance provides independent, enterprise-wide leadership of the Compliance Function to ensure the organisation operates in line with the Banking and Financial Services Act (BFSA), Bank of Zambia (BoZ) directives and guidelines, Financial Intelligence Centre (FIC) Act requirements on AML/CFT/CPF, and internal policies. The role designs and maintains an effective Compliance Risk Management Framework (CRMF), oversees regulatory engagement, and drives a strong culture of market conduct, consumer protection, and governance in accordance with BoZ Corporate Governance Directives.
Key Responsibilities
1. Compliance Strategy, Framework & Governance
· Design, implement, and periodically update the Compliance Risk Management Framework covering compliance risk identification, assessment, controls, monitoring, reporting, and assurance, aligned to the BFSA and BoZ Corporate Governance Directives.
· Establish and maintain the Compliance Charter, policies, standards, and minimum control requirements across all business units
· Ensure the Compliance Function’s independence, authority, and resources in line with BoZ expectations on governance and oversight.
2. Regulatory Advisory & Horizon Scanning
· Interpret the BFSA (2017 as amended), the Bank of Zambia Act (2022), applicable BoZ Statutory Instruments, Directives and Circulars (e.g., customer complaints, agent banking, classification & provisioning, charges/fees), and advise management and the Board on implications for products, operations, and market conduct.
· Lead regulatory change management: track new/updated laws (e.g., capital adequacy rules/directives, market/operational risk directives), assess impact, assign owners, and verify timely implementation.
3. AML/CFT/CPF Compliance (FIC & BoZ)
· Serve as the Principal Officer/MLRO (or supervise the MLRO) responsible for ensuring robust AML/CFT/CPF controls: CDD/KYC, EDD for high‑risk/PEP clients, ongoing monitoring, sanctions screening, record‑keeping, and timely STR reporting to the FIC per the FIC Act and General Regulations.
· Oversee the AML/CFT programme’s policies, training, independent audit, and monitoring in line with FIC guidelines and BoZ AML/CFT directives.
· Where relevant (e.g., agency channels), ensure controls comply with BoZ Agent Banking Directives and that the institution remains fully accountable for agents’ actions.
4. Market Conduct, Consumer Protection & Complaints
· Embed compliant product governance, disclosure, and fair‑treatment practices consistent with BoZ consumer protection and Customer Complaints Handling & Resolution Directives; ensure timely resolution, root‑cause analysis, and remedial actions.
· Monitor fees/charges for compliance with BoZ directives prohibiting unwarranted fees and regulating specific charges.
5. Monitoring, Testing & Reporting
· Implement a risk‑based compliance monitoring plan, including thematic reviews and control testing across all lines of business; track and validate remediation of internal/external findings (Internal Audit, BoZ, FIC).
· Maintain regulatory returns and ensure quality and timeliness of submissions to BoZ/FIC; escalate breaches promptly per legal requirements and internal escalation protocols.
· Provide regular Compliance MI to Executive Management and the Board/Board Risk & Compliance Committee covering risk exposure, incidents/breaches, training completion, regulatory updates, and remediation status.
6. Regulatory Engagement & Examinations
· Act as the primary liaison with BoZ on compliance and supervisory matters; coordinate onsite/offsite inspections, responses, and implementation of supervisory findings.
· Coordinate with the FIC for STRs, guidance updates, and sector-specific reporting obligations.
7. Fit & Proper, Ethics & Speak‑Up
· Ensure the Compliance Function and key control roles meet BoZ “Fit and Proper” Guidelines (including vetting for Head of Compliance) and support Board oversight of senior appointments.
· Promote a speak‑up culture; maintain and periodically test whistleblowing channels and protections aligned to national best practice.
8. Training & Culture
· Deliver targeted compliance and AML/CFT training tailored to roles/risks; certify completion and effectiveness.
· Champion a culture of “compliance by design” across product development, digital initiatives, outsourcing/third‑party risk, payments, and information/cyber risk
10. Whistleblower Protection & Speak‑Up Governance
· Establish, maintain, and periodically review a Whistleblowing Policy and reporting channels that allow employees, contractors, agents, and third parties to report suspected breaches confidentially and without fear of retaliation, in line with BoZ corporate governance expectations and national best practice.
· Ensure reports are handled on a strict need‑to‑know basis, with processes that prevent tipping‑off in connection with suspicious transaction reports, as required by the FIC Act and reinforced in FIC guidelines/regulations.
· Implement and enforce zero‑retaliation measures, including non‑victimisation clauses, escalation to the Board Risk & Compliance Committee, and sanctions for retaliation; reflecting good‑governance standards applied across Zambia’s financial sector.
· Define service‑level timelines for acknowledgment, triage, and independent investigation (Compliance/Internal Audit/Legal), with root‑cause analysis and timely remediation; provide reporter feedback consistent with confidentiality and legal constraints.
· Integrate whistleblowing outcomes into the AML/CFT risk assessment and monitoring plan; ensure prompt filing of STRs with the FIC where indicators meet the reporting threshold.
Qualifications and Experience
· Bachelor’s degree in Law, Finance, Risk, Compliance or related field; a postgraduate qualification or professional certification (e.g., CAMS) is an advantage.
· 8–10+ years in banking/financial services with 5+ years leading compliance/AML functions within a regulated entity.
· Demonstrated experience with BFSA‑aligned compliance programmes, BoZ directives/guidelines, and FIC Act obligations (CDD/EDD, STRs, training, independent audit).
· Strong record of managing regulatory examinations, remediation, and Board‑level reporting.
Competencies
· Regulatory expertise
· Risk‑based mindset
· Stakeholder influence
· Culture builder
· Analytical & reporting
