Position Summary
The Head of Internal Audit will report directly to the Audit Committee of the Board of Directors and will be responsible for developing, leading, and executing a comprehensive, risk-based internal audit strategy. This critical leadership role will provide independent and objective assurance on the effectiveness of the bank&aposs governance, risk management, and internal control processes, ensuring full compliance with Bank of Thailand (BOT) regulations and international best practices.
Key Responsibilities
Strategic Audit Leadership & Planning:
- Develop and implement a dynamic, risk-based annual and strategic internal audit plan that addresses the unique risks of a virtual banking environment, including cybersecurity, data privacy, IT governance, and digital operations.
- Ensure the audit plan is aligned with the bank&aposs strategic objectives and is in full compliance with the requirements of the Bank of Thailand (BOT).
- Present the audit plan, significant findings, and progress reports to the Audit Committee and Senior Management.
Audit Execution & Oversight:
- Lead and manage the internal audit team to execute a wide range of operational, financial, compliance, and IT audits with the highest standards of quality and objectivity (in accordance with IIA standards).
- Provide strategic oversight for technology and cybersecurity audits, assessing controls over critical infrastructure, applications, and data security.
- Oversee and, when necessary, conduct special investigations into suspected fraud, misconduct, or other sensitive matters at the request of the Audit Committee or Senior Management.
Governance, Risk & Compliance (GRC) Partnership:
- Serve as a trusted advisor to the Board and Senior Management on matters of internal control and corporate governance.
- Partner closely with the Heads of Compliance, Risk Management, Corporate Governance and other control functions to champion and solidify the Three Lines of Defense (3LOD) model across the organization.
Team Development & Leadership:
- Build, mentor, and develop a high-performing internal audit team with the requisite skills to audit a modern, technology-first bank.
- Foster a culture of continuous improvement, integrity, and professional skepticism within the internal audit function.
Qualifications & Experience
- Education: Bachelors or Masters Degree in Accounting, Finance, Business Administration, or a related field.
- Experience:
- A minimum of 12 years of progressive experience in internal and/or external audit within the banking or financial services industry.
- Demonstrable experience in a senior leadership capacity, managing an audit function and reporting to an Audit Committee.
- Highly Desirable: Direct experience in auditing digital banks, fintech companies, or significant involvement in IT audit, cybersecurity, and digital transformation projects.
- Certifications:
- Professional certification such as CIA (Certified Internal Auditor) or CPA (Certified Public Accountant) is beneficial.
- Languages: Excellent command of both written and spoken English and Thai is essential for effective communication with the Board, regulators, and internal teams.
Key Skills & Attributes
- Regulatory Expertise: In-depth knowledge of Thai banking laws, particularly Bank of Thailand (BOT) regulations concerning internal audit, risk management, and IT controls.
- Technical Acumen: Strong understanding of the risks and controls inherent in a digital-native environment, including cloud computing, API-driven architecture, data analytics, and cybersecurity frameworks (e.g., NIST, ISO 27001).
- Leadership Presence: Proven ability to lead, influence, and build credibility with executive management and the Board of Directors.
- Communication Skills: Exceptional communication, presentation, and interpersonal skills, with the ability to articulate complex audit issues in a clear and concise manner.
- Integrity & Objectivity: Unquestionable personal integrity, objectivity, and ethical standards, with a strong sense of professional skepticism.
- Strategic Mindset: A strategic and analytical thinker who can see the big picture, challenge the status quo, and provide value-added recommendations that go beyond traditional compliance checking.
