Job Description
Position: Director of Compliance & Legal
Department: Compliance & Legal
Key Responsibilities
1. Compliance & Regulatory Oversight
- Establish and oversee enterprise-wide compliance policies, strategies, and governance frameworks in alignment with applicable laws, regulations, and regulatory expectations.
- Ensure full compliance with requirements of relevant regulatory authorities, including but not limited to the Bank of Thailand, Securities and Exchange Commission, Office of Insurance Commission, and other applicable regulators.
- Monitor, analyze, and assess the impact of new laws, regulations, and regulatory changes on business operations, products, and strategic initiatives.
- Act as a trusted advisor to senior management and business units on compliance and regulatory matters.
2. Data Protection & PDPA Compliance
- Lead and be fully accountable for the organization's Personal Data Protection Act (PDPA) compliance as a critical and standalone responsibility.
- Establish, implement, and maintain PDPA policies, procedures, standards, and internal controls across the organization.
- Oversee data governance, consent management, data lifecycle management, and data subject rights handling.
- Lead data breach response, investigation, remediation, and regulatory notification processes in accordance with PDPA requirements.
- Serve as the primary point of contact with regulators and relevant stakeholders on PDPA and data protection matters.
3. Legal Management
- Provide comprehensive legal advice and support to all business functions within the organization.
- Review, draft, negotiate, and provide legal opinions on contracts, agreements, and legal documentation.
- Manage legal disputes, claims, and litigation in coordination with external legal counsel.
- Oversee legal risk identification, assessment, and mitigation strategies to protect the organization's legal and business interests.
- Ensure legal practices are aligned with regulatory and compliance requirements.
4. Compliance Training & Compliance-Led Culture
- Promote and embed a compliance-led culture across the organization, emphasizing regulatory adherence, PDPA awareness, and ethical conduct.
- Design, develop, and deliver compliance-focused training programs covering regulatory requirements, PDPA, and compliance obligations for employees at all levels.
- Ensure effective communication, implementation, and enforcement of compliance and PDPA policies and procedures throughout the organization.
5. Governance, Risk & Stakeholder Management
- Support and enhance corporate governance practices and ethical standards in alignment with compliance and legal requirements.
- Collaborate with Risk Management and Internal Audit functions to strengthen risk controls and internal control systems.
- Report material compliance, PDPA, and legal risks, issues, and key developments to senior management and the Board of Directors.
- Lead, manage, and develop the Compliance & Legal team.
- Liaise with regulators, auditors, and external advisors, and represent the organization in external engagements related to compliance and legal matters.
Qualifications & Experience
Mandatory Qualifications
- Bachelor's degree in Law (LL.B.).
- Must hold a valid Thai Attorney-at-Law license ().
Experience & Professional Background
- Minimum of 10+ years of experience in compliance, legal, and/or regulatory roles, preferably within regulated industries (e.g. financial services, insurance, securities).
- Strong hands-on experience in regulatory compliance and PDPA implementation.
- Proven ability to engage with regulators, senior management, and external stakeholders.
- Strong leadership, analytical, and risk management skills.