Risk Manager- Cyber & Financial Risk in London

Boku Inc. (BOKU.L) is the leading global provider of local mobile-first payments solutions. Global brands including Amazon, DAZN, Meta, Google, Microsoft, Netflix, Sony, Spotify, and Tencent rely on Boku to reach millions of new paying consumers who do not use credit cards with our purpose-built payment network of more than 300 local payment methods across 70+ countries. Every year, Boku processes over $10 billion in value for our customers. Incorporated in 2008, Boku is headquartered in London and San Francisco and has employees in over 39 countries around the world, including Brazil, China, Estonia, Germany, Ireland, Japan, Singapore, and the UAE. Boku is a truly global company that takes pride in its diversity and thriving equal opportunity workplace.

Boku is seeking an experienced Risk Manager to strengthen and enhance our global Risk Management Framework (RMF). This is a high-impact second line of defence role with a focus on FCA-regulated operations and other international regulatory environments. You will collaborate with senior stakeholders, regulated entities, and global business functions to embed robust risk management practices across the organisation.

As Risk Manager, you will lead key risk management activities including principal risk assessments, control testing, KRI monitoring, policy development, and enterprise-level reporting. You will play a pivotal role in shaping and maturing our risk framework, ensuring alignment with regulatory expectations and Board-level governance standards.

• Enterprise Risk Management & Governance

• Support the design, implementation, and continuous enhancement of the global ERM framework.
• Lead and facilitate Principal Risk Assessments and Risk & Control Self-Assessments (RCSAs).
• Maintain and enhance risk taxonomy, risk registers, and governance documentation.
• Support Risk Appetite framework development, including KRI design, calibration, and monitoring.
• Prepare high-quality Board and Committee risk reporting materials.

• Provide second-line oversight of Market, Liquidity, Credit, and Cyber risks across regulated entities.
• Analyse risk data, trends, and emerging risk themes to inform senior management decision-making.
• Ensure alignment with FCA and other relevant global regulatory expectations.

• Conduct independent control testing (design and operating effectiveness).
• Identify control weaknesses, document findings, and track remediation to closure.
• Lead thematic reviews and targeted deep dives across key risk areas.
• Drive continuous improvement of risk frameworks, policies, and methodologies.

• Draft, review, and maintain risk policies and standards across regulated jurisdictions.
• Ensure policies are aligned to FCA requirements and equivalent global regulators.
• Support regulatory submissions, reviews, and audit engagements.
• Provide risk advisory support to business initiatives, new products, and change programmes.

• Promote a strong risk culture through training, engagement sessions, and clear guidance.
• Work effectively within the three lines of defence model.
• Collaborate with Compliance, Finance, Technology, Cyber Security, and local entity leadership.

• Experience

• 7+ years’ experience in Risk Management within FCA-regulated firms (EMI, PI, banking, or equivalent) and/or other globally regulated financial institutions.
• Strong second-line experience within Enterprise Risk Management frameworks.
• Demonstrable experience in Financial Risk (Market, Liquidity, Credit) and Cyber Risk oversight.
• Experience designing and executing structured control testing programmes.
• Experience enhancing risk frameworks within growing or multi-jurisdictional organisations.
• Exposure to regulatory engagement, thematic reviews, or supervisory interactions.

• Strong understanding of FCA regulatory expectations and governance standards.
• Deep knowledge of ERM frameworks, Risk Appetite, KRIs, and three lines of defence governance.
• Experience with GRC platforms and risk register tools.
• Ability to analyse financial risk data and incident trends to derive actionable insights.

• Strong analytical and structured thinking capability.
• Clear and concise report writing suitable for senior management and Board audiences.
• High level of ownership and accountability.
• Ability to challenge constructively and influence cross-functional stakeholders.
• Comfortable operating in a dynamic, global environment with evolving regulatory expectations.

• Strong academic background (degree required).
• Professional risk qualifications (Financial Risk, Cyber Risk, ERM) are a plus.