Risk Management - Operations Risk & Outsourcing Risk

About the Role: We are seeking an experienced Risk Management professional to lead and strengthen the organisation's Operational Risk and Outsourcing Risk Management framework. The role will be responsible for identifying, assessing, monitoring, and mitigating operational and third-party risks across payment products, merchant acquiring, cross-border payments, and outsourced business operations. The incumbent will work closely with business, operations, compliance, technology, audit, and leadership teams to ensure adherence to regulatory requirements, network guidelines, and internal risk policies. Key Responsibilities: Operational Risk Management Develop, implement, and enhance the Operational Risk Management (ORM) framework, including Risk and Control Self-Assessments (RCSAs), across the organisation. Identify, assess, monitor, and mitigate operational risks arising from payment operations, merchant onboarding, transaction processing, and customer servicing. Drive corrective action plans arising from RCSA findings and control gaps. Monitor Key Risk Indicators (KRIs), operational losses, incidents, and control effectiveness. Lead root cause analysis and remediation for operational risk events. Own SOP and policy lifecycle management including drafting, versioning, and periodic review — for all operational risk policies and procedures Outsourcing Risk Management Manage end-to-end outsourcing risk governance for third-party vendors involved in KYC verification, PAN validation, customer onboarding, payment processing, and other critical functions. Maintain and operate a vendor categorisation framework (IT/Non-IT, critical/non-critical outsourcing) and ensure risk assessments are calibrated to vendor tier and exposure. Ensure compliance with RBI Outsourcing Guidelines, PA Master Directions 2025, and all applicable regulatory requirements. Conduct vendor due diligence, risk assessments, performance reviews, and periodic audits. Monitor SLA adherence, control effectiveness, and vendor risk exposure across the vendor portfolio. Coordinate with the Information Security function on vendor security assessments, infosec control reviews, and technology risk evaluations for outsourced arrangements. Coordinate with internal and external auditors during outsourcing and regulatory audits. Payments & Network Compliance Oversee risk controls related to merchant onboarding and merchant portfolio management. Ensure compliance with card network rules, payment network requirements, and regulatory obligations under the PA Master Directions 2025. Review and monitor Merchant Category Code (MCC) classification and associated risk controls. Assess risks associated with cross-border payment operations and merchant activities. Manage transaction monitoring, risk limits, thresholds, and exception management frameworks. Governance & Program Management Drive enterprise-wide risk initiatives and strategic programs in collaboration with senior leadership and executive office teams. Prepare risk dashboards, board reports, management updates, and regulatory submissions. Partner with Compliance, Legal, Product, Technology, Operations, and Business teams to implement robust controls and governance mechanisms. Lead regulatory inspections, internal audits, and external audits. Desired Candidate Profile 10+ years of experience in Operational Risk, Outsourcing Risk, Enterprise Risk, Audit, or Risk Governance. Strong experience within Banks, Payment Aggregators, Payment Gateways, or Fintechs. Deep understanding of RBI regulations including PA Master Directions 2025, outsourcing guidelines, payment ecosystem controls, and audit frameworks. Experience managing risks related to KYC, merchant onboarding, PAN validation, and third-party service providers. Strong knowledge of Merchant Category Codes (MCC), network compliance requirements, transaction risk controls, and cross-border payments. Familiarity with SQL and/or Python for analytics and risk reporting (preferred). Proven stakeholder management and program management experience, including engagement with senior leadership and executive office teams. Excellent analytical, problem-solving, communication, and governance skills.