Director of Compliance & Legal

Job Description

Position: Director of Compliance & Legal

Department: Compliance & Legal

Key Responsibilities

1. Compliance & Regulatory Oversight

• Establish and oversee enterprise-wide compliance policies, strategies, and governance frameworks in alignment with applicable laws, regulations, and regulatory expectations.
• Ensure full compliance with requirements of relevant regulatory authorities, including but not limited to the Bank of Thailand, Securities and Exchange Commission, Office of Insurance Commission, and other applicable regulators.
• Monitor, analyze, and assess the impact of new laws, regulations, and regulatory changes on business operations, products, and strategic initiatives.
• Act as a trusted advisor to senior management and business units on compliance and regulatory matters.

2. Data Protection & PDPA Compliance

• Lead and be fully accountable for the organization's Personal Data Protection Act (PDPA) compliance as a critical and standalone responsibility.
• Establish, implement, and maintain PDPA policies, procedures, standards, and internal controls across the organization.
• Oversee data governance, consent management, data lifecycle management, and data subject rights handling.
• Lead data breach response, investigation, remediation, and regulatory notification processes in accordance with PDPA requirements.
• Serve as the primary point of contact with regulators and relevant stakeholders on PDPA and data protection matters.

3. Legal Management

• Provide comprehensive legal advice and support to all business functions within the organization.
• Review, draft, negotiate, and provide legal opinions on contracts, agreements, and legal documentation.
• Manage legal disputes, claims, and litigation in coordination with external legal counsel.
• Oversee legal risk identification, assessment, and mitigation strategies to protect the organization's legal and business interests.
• Ensure legal practices are aligned with regulatory and compliance requirements.

4. Compliance Training & Compliance-Led Culture

• Promote and embed a compliance-led culture across the organization, emphasizing regulatory adherence, PDPA awareness, and ethical conduct.
• Design, develop, and deliver compliance-focused training programs covering regulatory requirements, PDPA, and compliance obligations for employees at all levels.
• Ensure effective communication, implementation, and enforcement of compliance and PDPA policies and procedures throughout the organization.

5. Governance, Risk & Stakeholder Management

• Support and enhance corporate governance practices and ethical standards in alignment with compliance and legal requirements.
• Collaborate with Risk Management and Internal Audit functions to strengthen risk controls and internal control systems.
• Report material compliance, PDPA, and legal risks, issues, and key developments to senior management and the Board of Directors.
• Lead, manage, and develop the Compliance & Legal team.
• Liaise with regulators, auditors, and external advisors, and represent the organization in external engagements related to compliance and legal matters.

Qualifications & Experience

Mandatory Qualifications

• Bachelor's degree in Law (LL.B.).
• Must hold a valid Thai Attorney-at-Law license ().

Experience & Professional Background

• Minimum of 10+ years of experience in compliance, legal, and/or regulatory roles, preferably within regulated industries (e.g. financial services, insurance, securities).
• Strong hands-on experience in regulatory compliance and PDPA implementation.
• Proven ability to engage with regulators, senior management, and external stakeholders.
• Strong leadership, analytical, and risk management skills.