Risk, Compliance, Data Protection and Internal Controls Officer job at eShandi
New
Today
Linkedid Twitter Share on facebook
Risk, Compliance, Data Protection and Internal Controls Officer
2026-07-08T19:59:14+00:00
eShandi
https://cdn.greatzambiajobs.com/jsjobsdata/data/employer/comp_10396/logo/ESHANDI%20ZAMBIA.png
FULL_TIME
Lusaka
Lusaka
10101
Zambia
Professional Services
Management,Accounting & Finance,Business Operations,Legal
ZMW
MONTH
2026-07-20T17:00:00+00:00
8

RISK, COMPLIANCE, DATA PROTECTION & INTERNAL CONTROLS OFFICER 

eShandi is one of Africa's fastest-growing fintech companies, leveraging technology to expand financial inclusion through digital lending, embedded finance, digital payments, agency banking and innovative financial services. Our mission is to provide accessible, affordable and intelligent financial solutions that empower individuals and businesses across Africa.

As a regulated financial services provider, we are committed to the highest standards of governance, integrity, risk management, regulatory compliance and data protection. We are seeking an exceptional Risk, Compliance, Data Protection & Internal Controls Officer to help strengthen our governance framework and support the sustainable growth of our business.

Position Summary:

The Risk, Compliance, Data Protection & Internal Controls Officer will be responsible for supporting the implementation and continuous improvement of eShandi's Governance, Risk and Compliance (GRC) framework. The role will assist in identifying, assessing, monitoring and mitigating enterprise risks while ensuring compliance with applicable laws, regulations, internal policies and industry best practices.

The successful candidate will also play a key role in strengthening internal controls, promoting a culture of compliance and ethical conduct, supporting data privacy initiatives, coordinating regulatory reporting, and working closely with all departments to ensure that risk management and compliance are embedded in everyday business operations.

This position offers an excellent opportunity for an ambitious professional seeking to build a career in governance, risk management, compliance and fintech regulation.

Key Responsibilities:

Enterprise Risk Management

  • Support the implementation and continuous improvement of the Enterprise Risk Management (ERM) Framework.
  • Identify, assess, monitor, and report strategic, operational, financial, regulatory, technology, cybersecurity and reputational risks.
  • Maintain and update the corporate Risk Register.
  • Monitor the implementation of risk mitigation plans across departments.
  • Develop and monitor Key Risk Indicators (KRIs).
  • Prepare periodic risk reports for management.
  • Promote risk awareness and a strong risk culture throughout the organisation.

Regulatory Compliance

  • Monitor compliance with all applicable laws, regulations, and regulatory requirements.
  • Support compliance with requirements issued by the Bank of Zambia, Securities and Exchange Commission, Financial Intelligence Centre, Zambia Revenue Authority and other applicable regulators.
  • Monitor regulatory developments and assess their impact on the business.
  • Coordinate regulatory reporting and submissions.
  • Assist during regulatory inspections and examinations.
  • Maintain compliance registers and reporting calendars.
  • Ensure business units operate in accordance with approved policies and regulatory requirements.

Internal Controls

  • Evaluate the effectiveness of financial and operational internal controls.
  • Conduct internal control reviews across all departments.
  • Identify control weaknesses and recommend corrective actions.
  • Monitor implementation of agreed corrective actions.
  • Review approval workflows, segregation of duties, and delegated authorities.
  • Support the continuous improvement of internal control processes.

Data Protection & Privacy

  • Support compliance with the Zambia Data Protection Act, 2021, and other applicable data privacy laws in jurisdictions where eShandi operates.
  • Assist in developing, implementing, and monitoring the company's Data Protection and Privacy Framework.
  • Ensure personal and sensitive customer information is processed, stored, and shared securely and lawfully.
  • Maintain records of processing activities and other privacy documentation.
  • Conduct Data Protection Impact Assessments (DPIAs) and Privacy Impact Assessments (PIAs) where required.
  • Monitor compliance with data retention, classification, and secure disposal requirements.
  • Investigate and document data protection incidents and breaches, ensuring timely escalation and reporting.
  • Work closely with Technology and Product teams to ensure privacy-by-design principles are incorporated into systems and products.
  • Support employee awareness programmes on data protection, confidentiality, and responsible handling of customer information.

Anti-Money Laundering (AML/CFT) & Financial Crime

  • Support implementation of the company's AML, Counter Financing of Terrorism (CFT), Know Your Customer (KYC), and Customer Due Diligence (CDD) programmes.
  • Monitor compliance with AML/CFT policies and procedures.
  • Assist with transaction monitoring and sanctions screening processes.
  • Support investigations into suspicious transactions.
  • Prepare documentation required for reporting suspicious transactions where applicable.
  • Promote awareness of financial crime prevention across the organisation.

Governance & Policy Management

  • Assist in developing, reviewing, and updating company policies and procedures.
  • Ensure policies remain aligned with regulatory requirements and industry best practices.
  • Support implementation of governance frameworks.
  • Maintain policy registers and governance documentation.
  • Promote ethical business conduct and good corporate governance.

Audit Coordination

  • Coordinate management responses to internal and external audit findings.
  • Track implementation of audit recommendations.
  • Prepare audit schedules and supporting documentation.
  • Liaise with auditors during audit engagements.
  • Monitor closure of audit action plans.

Operational Risk & Business Continuity

  • Monitor operational incidents and recommend corrective actions.
  • Support implementation of Business Continuity and Disaster Recovery plans.
  • Participate in operational resilience initiatives.
  • Analyse operational losses and identify root causes.
  • Recommend improvements to strengthen operational resilience.

Training & Compliance Awareness

  • Conduct compliance, ethics, and risk awareness training for employees.
  • Develop awareness materials and compliance communications.
  • Promote a culture of accountability, integrity, and responsible risk management throughout the organisation.

Cross-Functional Collaboration

  • Work closely with Finance, Operations, Technology, Product, Customer Experience, Legal, Human Resources, and Executive Management to embed governance and compliance into business processes.
  • Provide advice on governance and compliance considerations for new products, partnerships, and strategic initiatives.

Qualifications & Experience

  • Bachelor's degree in Risk Management, Finance, Accounting, Law, Banking, Information Systems, or a related discipline.
  • Minimum of 2 years' relevant experience in risk management, compliance, internal controls, audit, governance, banking, fintech, or financial services.
  • Experience within a regulated financial institution or fintech environment will be an added advantage.

Professional Qualifications (Advantageous)

Candidates holding any of the following will have an added advantage:

  • ZICA
  • ACCA
  • CIMA
  • CPA
  • Certified Anti-Money Laundering Specialist (CAMS)
  • Certified Internal Auditor (CIA)
  • Certification in Risk Management Assurance (CRMA)
  • Certified Information Systems Auditor (CISA)
  • Data Protection or Privacy certifications

Technical Competencies

The successful candidate should demonstrate knowledge or experience in:

  • Enterprise Risk Management
  • Internal Controls
  • Corporate Governance
  • Regulatory Compliance
  • AML/CFT & KYC requirements
  • Data Protection and Privacy
  • Financial Services Regulations
  • Risk Assessments and Control Testing
  • Policy Development
  • Audit Coordination
  • Operational Risk Management
  • Business Continuity Planning
  • Microsoft Excel and Microsoft Office Suite
  • Risk, Compliance, or Governance Management Systems (advantage)
  • Information Security principles (advantage)

Behavioural Competencies

We are looking for an individual who demonstrates:

  • High integrity and ethical standards.
  • Excellent analytical and critical thinking skills.
  • Strong attention to detail.
  • Sound judgement and decision-making ability.
  • Excellent written and verbal communication skills.
  • Strong report-writing and presentation skills.
  • Ability to maintain confidentiality and handle sensitive information.
  • Strong planning and organisational skills.
  • Ability to work independently and collaboratively.
  • Proactive problem-solving ability.
  • Commitment to continuous learning and professional development.

Why Join eShandi?

At eShandi, you will become part of a purpose-driven organisation that is redefining financial inclusion through technology. You will work alongside a passionate team dedicated to building innovative financial solutions while upholding the highest standards of governance, compliance, and customer trust.

We offer a dynamic, collaborative, and innovative work environment where your ideas matter and your professional growth is supported.

  • Support the implementation and continuous improvement of the Enterprise Risk Management (ERM) Framework.
  • Identify, assess, monitor, and report strategic, operational, financial, regulatory, technology, cybersecurity and reputational risks.
  • Maintain and update the corporate Risk Register.
  • Monitor the implementation of risk mitigation plans across departments.
  • Develop and monitor Key Risk Indicators (KRIs).
  • Prepare periodic risk reports for management.
  • Promote risk awareness and a strong risk culture throughout the organisation.
  • Monitor compliance with all applicable laws, regulations, and regulatory requirements.
  • Support compliance with requirements issued by the Bank of Zambia, Securities and Exchange Commission, Financial Intelligence Centre, Zambia Revenue Authority and other applicable regulators.
  • Monitor regulatory developments and assess their impact on the business.
  • Coordinate regulatory reporting and submissions.
  • Assist during regulatory inspections and examinations.
  • Maintain compliance registers and reporting calendars.
  • Ensure business units operate in accordance with approved policies and regulatory requirements.
  • Evaluate the effectiveness of financial and operational internal controls.
  • Conduct internal control reviews across all departments.
  • Identify control weaknesses and recommend corrective actions.
  • Monitor implementation of agreed corrective actions.
  • Review approval workflows, segregation of duties, and delegated authorities.
  • Support the continuous improvement of internal control processes.
  • Support compliance with the Zambia Data Protection Act, 2021, and other applicable data privacy laws in jurisdictions where eShandi operates.
  • Assist in developing, implementing, and monitoring the company's Data Protection and Privacy Framework.
  • Ensure personal and sensitive customer information is processed, stored, and shared securely and lawfully.
  • Maintain records of processing activities and other privacy documentation.
  • Conduct Data Protection Impact Assessments (DPIAs) and Privacy Impact Assessments (PIAs) where required.
  • Monitor compliance with data retention, classification, and secure disposal requirements.
  • Investigate and document data protection incidents and breaches, ensuring timely escalation and reporting.
  • Work closely with Technology and Product teams to ensure privacy-by-design principles are incorporated into systems and products.
  • Support employee awareness programmes on data protection, confidentiality, and responsible handling of customer information.
  • Support implementation of the company's AML, Counter Financing of Terrorism (CFT), Know Your Customer (KYC), and Customer Due Diligence (CDD) programmes.
  • Monitor compliance with AML/CFT policies and procedures.
  • Assist with transaction monitoring and sanctions screening processes.
  • Support investigations into suspicious transactions.
  • Prepare documentation required for reporting suspicious transactions where applicable.
  • Promote awareness of financial crime prevention across the organisation.
  • Assist in developing, reviewing, and updating company policies and procedures.
  • Ensure policies remain aligned with regulatory requirements and industry best practices.
  • Support implementation of governance frameworks.
  • Maintain policy registers and governance documentation.
  • Promote ethical business conduct and good corporate governance.
  • Coordinate management responses to internal and external audit findings.
  • Track implementation of audit recommendations.
  • Prepare audit schedules and supporting documentation.
  • Liaise with auditors during audit engagements.
  • Monitor closure of audit action plans.
  • Monitor operational incidents and recommend corrective actions.
  • Support implementation of Business Continuity and Disaster Recovery plans.
  • Participate in operational resilience initiatives.
  • Analyse operational losses and identify root causes.
  • Recommend improvements to strengthen operational resilience.
  • Conduct compliance, ethics, and risk awareness training for employees.
  • Develop awareness materials and compliance communications.
  • Promote a culture of accountability, integrity, and responsible risk management throughout the organisation.
  • Work closely with Finance, Operations, Technology, Product, Customer Experience, Legal, Human Resources, and Executive Management to embed governance and compliance into business processes.
  • Provide advice on governance and compliance considerations for new products, partnerships, and strategic initiatives.
  • Enterprise Risk Management
  • Internal Controls
  • Corporate Governance
  • Regulatory Compliance
  • AML/CFT & KYC requirements
  • Data Protection and Privacy
  • Financial Services Regulations
  • Risk Assessments and Control Testing
  • Policy Development
  • Audit Coordination
  • Operational Risk Management
  • Business Continuity Planning
  • Microsoft Excel and Microsoft Office Suite
  • Risk, Compliance, or Governance Management Systems (advantage)
  • Information Security principles (advantage)
  • High integrity and ethical standards.
  • Excellent analytical and critical thinking skills.
  • Strong attention to detail.
  • Sound judgement and decision-making ability.
  • Excellent written and verbal communication skills.
  • Strong report-writing and presentation skills.
  • Ability to maintain confidentiality and handle sensitive information.
  • Strong planning and organisational skills.
  • Ability to work independently and collaboratively.
  • Proactive problem-solving ability.
  • Commitment to continuous learning and professional development.
  • Bachelor's degree in Risk Management, Finance, Accounting, Law, Banking, Information Systems, or a related discipline.
  • Minimum of 2 years' relevant experience in risk management, compliance, internal controls, audit, governance, banking, fintech, or financial services.
  • Experience within a regulated financial institution or fintech environment will be an added advantage.
  • ZICA
  • ACCA
  • CIMA
  • CPA
  • Certified Anti-Money Laundering Specialist (CAMS)
  • Certified Internal Auditor (CIA)
  • Certification in Risk Management Assurance (CRMA)
  • Certified Information Systems Auditor (CISA)
  • Data Protection or Privacy certifications
bachelor degree
24
JOB-6a4eac1227831

Vacancy title:
Risk, Compliance, Data Protection and Internal Controls Officer

[Type: FULL_TIME, Industry: Professional Services, Category: Management,Accounting & Finance,Business Operations,Legal]

Jobs at:
eShandi

Deadline of this Job:
Monday, July 20 2026

Duty Station:
Lusaka | Lusaka

Summary
Date Posted: Wednesday, July 8 2026, Base Salary: Not Disclosed

Similar Jobs in Zambia
Learn more about eShandi
eShandi jobs in Zambia

JOB DETAILS:

RISK, COMPLIANCE, DATA PROTECTION & INTERNAL CONTROLS OFFICER 

eShandi is one of Africa's fastest-growing fintech companies, leveraging technology to expand financial inclusion through digital lending, embedded finance, digital payments, agency banking and innovative financial services. Our mission is to provide accessible, affordable and intelligent financial solutions that empower individuals and businesses across Africa.

As a regulated financial services provider, we are committed to the highest standards of governance, integrity, risk management, regulatory compliance and data protection. We are seeking an exceptional Risk, Compliance, Data Protection & Internal Controls Officer to help strengthen our governance framework and support the sustainable growth of our business.

Position Summary:

The Risk, Compliance, Data Protection & Internal Controls Officer will be responsible for supporting the implementation and continuous improvement of eShandi's Governance, Risk and Compliance (GRC) framework. The role will assist in identifying, assessing, monitoring and mitigating enterprise risks while ensuring compliance with applicable laws, regulations, internal policies and industry best practices.

The successful candidate will also play a key role in strengthening internal controls, promoting a culture of compliance and ethical conduct, supporting data privacy initiatives, coordinating regulatory reporting, and working closely with all departments to ensure that risk management and compliance are embedded in everyday business operations.

This position offers an excellent opportunity for an ambitious professional seeking to build a career in governance, risk management, compliance and fintech regulation.

Key Responsibilities:

Enterprise Risk Management

  • Support the implementation and continuous improvement of the Enterprise Risk Management (ERM) Framework.
  • Identify, assess, monitor, and report strategic, operational, financial, regulatory, technology, cybersecurity and reputational risks.
  • Maintain and update the corporate Risk Register.
  • Monitor the implementation of risk mitigation plans across departments.
  • Develop and monitor Key Risk Indicators (KRIs).
  • Prepare periodic risk reports for management.
  • Promote risk awareness and a strong risk culture throughout the organisation.

Regulatory Compliance

  • Monitor compliance with all applicable laws, regulations, and regulatory requirements.
  • Support compliance with requirements issued by the Bank of Zambia, Securities and Exchange Commission, Financial Intelligence Centre, Zambia Revenue Authority and other applicable regulators.
  • Monitor regulatory developments and assess their impact on the business.
  • Coordinate regulatory reporting and submissions.
  • Assist during regulatory inspections and examinations.
  • Maintain compliance registers and reporting calendars.
  • Ensure business units operate in accordance with approved policies and regulatory requirements.

Internal Controls

  • Evaluate the effectiveness of financial and operational internal controls.
  • Conduct internal control reviews across all departments.
  • Identify control weaknesses and recommend corrective actions.
  • Monitor implementation of agreed corrective actions.
  • Review approval workflows, segregation of duties, and delegated authorities.
  • Support the continuous improvement of internal control processes.

Data Protection & Privacy

  • Support compliance with the Zambia Data Protection Act, 2021, and other applicable data privacy laws in jurisdictions where eShandi operates.
  • Assist in developing, implementing, and monitoring the company's Data Protection and Privacy Framework.
  • Ensure personal and sensitive customer information is processed, stored, and shared securely and lawfully.
  • Maintain records of processing activities and other privacy documentation.
  • Conduct Data Protection Impact Assessments (DPIAs) and Privacy Impact Assessments (PIAs) where required.
  • Monitor compliance with data retention, classification, and secure disposal requirements.
  • Investigate and document data protection incidents and breaches, ensuring timely escalation and reporting.
  • Work closely with Technology and Product teams to ensure privacy-by-design principles are incorporated into systems and products.
  • Support employee awareness programmes on data protection, confidentiality, and responsible handling of customer information.

Anti-Money Laundering (AML/CFT) & Financial Crime

  • Support implementation of the company's AML, Counter Financing of Terrorism (CFT), Know Your Customer (KYC), and Customer Due Diligence (CDD) programmes.
  • Monitor compliance with AML/CFT policies and procedures.
  • Assist with transaction monitoring and sanctions screening processes.
  • Support investigations into suspicious transactions.
  • Prepare documentation required for reporting suspicious transactions where applicable.
  • Promote awareness of financial crime prevention across the organisation.

Governance & Policy Management

  • Assist in developing, reviewing, and updating company policies and procedures.
  • Ensure policies remain aligned with regulatory requirements and industry best practices.
  • Support implementation of governance frameworks.
  • Maintain policy registers and governance documentation.
  • Promote ethical business conduct and good corporate governance.

Audit Coordination

  • Coordinate management responses to internal and external audit findings.
  • Track implementation of audit recommendations.
  • Prepare audit schedules and supporting documentation.
  • Liaise with auditors during audit engagements.
  • Monitor closure of audit action plans.

Operational Risk & Business Continuity

  • Monitor operational incidents and recommend corrective actions.
  • Support implementation of Business Continuity and Disaster Recovery plans.
  • Participate in operational resilience initiatives.
  • Analyse operational losses and identify root causes.
  • Recommend improvements to strengthen operational resilience.

Training & Compliance Awareness

  • Conduct compliance, ethics, and risk awareness training for employees.
  • Develop awareness materials and compliance communications.
  • Promote a culture of accountability, integrity, and responsible risk management throughout the organisation.

Cross-Functional Collaboration

  • Work closely with Finance, Operations, Technology, Product, Customer Experience, Legal, Human Resources, and Executive Management to embed governance and compliance into business processes.
  • Provide advice on governance and compliance considerations for new products, partnerships, and strategic initiatives.

Qualifications & Experience

  • Bachelor's degree in Risk Management, Finance, Accounting, Law, Banking, Information Systems, or a related discipline.
  • Minimum of 2 years' relevant experience in risk management, compliance, internal controls, audit, governance, banking, fintech, or financial services.
  • Experience within a regulated financial institution or fintech environment will be an added advantage.

Professional Qualifications (Advantageous)

Candidates holding any of the following will have an added advantage:

  • ZICA
  • ACCA
  • CIMA
  • CPA
  • Certified Anti-Money Laundering Specialist (CAMS)
  • Certified Internal Auditor (CIA)
  • Certification in Risk Management Assurance (CRMA)
  • Certified Information Systems Auditor (CISA)
  • Data Protection or Privacy certifications

Technical Competencies

The successful candidate should demonstrate knowledge or experience in:

  • Enterprise Risk Management
  • Internal Controls
  • Corporate Governance
  • Regulatory Compliance
  • AML/CFT & KYC requirements
  • Data Protection and Privacy
  • Financial Services Regulations
  • Risk Assessments and Control Testing
  • Policy Development
  • Audit Coordination
  • Operational Risk Management
  • Business Continuity Planning
  • Microsoft Excel and Microsoft Office Suite
  • Risk, Compliance, or Governance Management Systems (advantage)
  • Information Security principles (advantage)

Behavioural Competencies

We are looking for an individual who demonstrates:

  • High integrity and ethical standards.
  • Excellent analytical and critical thinking skills.
  • Strong attention to detail.
  • Sound judgement and decision-making ability.
  • Excellent written and verbal communication skills.
  • Strong report-writing and presentation skills.
  • Ability to maintain confidentiality and handle sensitive information.
  • Strong planning and organisational skills.
  • Ability to work independently and collaboratively.
  • Proactive problem-solving ability.
  • Commitment to continuous learning and professional development.

Why Join eShandi?

At eShandi, you will become part of a purpose-driven organisation that is redefining financial inclusion through technology. You will work alongside a passionate team dedicated to building innovative financial solutions while upholding the highest standards of governance, compliance, and customer trust.

We offer a dynamic, collaborative, and innovative work environment where your ideas matter and your professional growth is supported.

Work Hours: 8

Experience in Months: 24

Level of Education: bachelor degree

Job application procedure
Interested in applying for this job? Click here to submit your application now.

Interested candidates should submit a single PDF document containing their cover letter, curriculum vitae (CV), and academic and professional qualifications. Applications should be sent with the subject line:

Application – Risk, Compliance, Data Protection & Internal Controls Officer

Only shortlisted candidates will be contacted.

eShandi is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive workplace where integrity, innovation, and excellence thrive.

All Jobs | QUICK ALERT SUBSCRIPTION

Job Info
Job Category: Accounting/ Finance jobs in Zambia
Job Type: Full-time
Deadline of this Job: Monday, July 20 2026
Duty Station: Lusaka | Lusaka
Posted: 08-07-2026
No of Jobs: 1
Start Publishing: 08-07-2026
Stop Publishing (Put date of 2030): 10-10-2076
Apply Now
Notification Board

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.
UNICAF Degree