Head of Risk & Compliance – UK

About Penfold

Hi, we’re Penfold — we’re building the pension of the future! At Penfold, we’re dragging pensions out of the dark ages with a modern, tech-first platform that makes pensions engaging, accessible, and rewarding. We’re a growing team of 70+ people across London and Tallinn, backed by leading fintech investors. Having raised £20M+, we manage £1BN+ in pensions for over 100,000 savers and thousands of businesses — and we’re on track for profitability next year.

Why This Role Matters

As Head of Risk & Compliance, you’ll be responsible for building and embedding the frameworks that allow Penfold to grow quickly without losing trust — from regulators, customers, or our own teams. This is a senior, hands-on role where you’ll act as both a guardian and an enabler. You’ll ensure we meet our regulatory obligations while helping product and operational teams move fast, make confident decisions, and build compliant products from day one. You’ll hold SMF16 (Compliance Oversight) and SMF17 (MLRO) responsibilities and play a key role in shaping Penfold’s long-term approach to risk, governance, and accountability — with a clear path toward a future Chief Risk Officer role as we scale.

What You’ll Do

• Build and Embed Risk & Compliance Frameworks
  • Design, implement, and evolve Penfold’s compliance and enterprise risk management frameworks, ensuring they’re scalable, proportionate, and regulator-ready.
  • Embed clear processes across the business, supported by strong documentation, governance, and MI.
  • Clearly define first-line ownership of risk and controls, with Risk & Compliance providing effective second-line oversight, challenge, and support.
  • Champion a culture where risk and compliance are understood, owned, and embedded across all functions — not treated as a separate activity.
  • Surface and prioritise high-risk areas, supporting leaders and teams to put robust, workable mitigations in place.
  • Proactively identify gaps or weaknesses and address them before they become issues.
• Hands-On Oversight & Assurance
  • Maintain direct oversight of the most critical risk and compliance activity, stepping in personally on high-impact or complex issues.
  • Support teams across the business with pragmatic, risk-based advice that enables confident, well-informed decision-making.
  • Work closely with Operations and customer-facing teams to understand real-world processes, risks, and pressures, ensuring controls are practical and embedded rather than theoretical.
  • Provide oversight and review of contractual risk, ensuring commercial and customer contracts appropriately protect the business and that material obligations and liabilities are clearly understood and managed.
  • Oversee the business’s insurance arrangements, ensuring coverage remains appropriate and aligned to Penfold’s evolving risk profile.
  • Develop and evolve risk and compliance tooling, dashboards, and automation to support scalable oversight and timely decision-making.
  • Use regulatory insight, management information, and internal data to anticipate issues before they escalate.
  • Set the standard for thoughtful, forward-looking compliance that supports Penfold’s growth and culture.
• Enable Product & Business Delivery
  • Partner closely with Product and Technology to enable rapid, compliant delivery of new features and propositions.
  • Provide early regulatory input so compliance is built in — not bolted on.
  • Collaborate with Operations and Customer Support to ensure new journeys, processes, and changes are operationally sound, well-controlled, and deliver good customer outcomes.
  • Help unblock delivery through clear, risk-based decision-making.
• Own Regulatory Oversight & SMCR
  • Act as SMF16 and/or SMF17, ensuring systems and controls meet FCA, HMRC, and TPR expectations.
  • Own Penfold’s SMCR framework, including Conduct Rules training and Senior Manager accountability.
  • Act as a primary point of contact for regulators, building open, constructive, and transparent relationships.
  • Manage regulatory reporting, audits, and correspondence.
• Lead the Risk & Compliance Function
  • Lead, coach, and develop a growing Risk & Compliance team.
  • Set clear priorities and delegate effectively while maintaining oversight.
  • Build a strong risk culture across the business through training, communication, and visible engagement with first-line teams.
• Strengthen Governance & Confidence
  • Own Penfold’s risk registers and support Board and executive risk discussions.
  • Provide oversight of the firm’s approach to incident and breach management, ensuring appropriate escalation, root cause analysis, and follow-up actions are completed and embedded.
  • Ensure operational risk themes, incidents, and near-misses captured, analysed, and translated into meaningful insight and action.
  • Deliver clear MI and insights that enable confident, evidence-based decisions.
  • Act as a trusted advisor to the CEO, COO, and Board.
  • Exercise sound judgement in ambiguous or fast-moving situations, balancing regulatory expectations, customer outcomes, and commercial priorities.

We’re working hard to create a working environment where people feel empowered to do their very best work, make a big impact, and enjoy what they do. Specifically, our benefits package includes:

• Competitive salary, regularly reviewed to ensure it reflects your impact and experience
• Meaningful share options — you’ll own a part of Penfold and share in our success
• 10% employer pension contribution, with no matching required (on top of salary)
• Private medical insurance through Vitality
• Unlimited holiday — we care about outcomes, not counting days off
• Hybrid working — we value in-person collaboration and ask London-based team members to join us in the office a couple of days a week, while trusting you to work where you’re most effective
• Great community office space near Borough Underground station, with free tea, coffee, soft drinks, and snacks
• Weekly company lunch, often from local favourites like Borough Market or Mercato Metropolitano
• Cycle to Work scheme, allowing you to buy a bike tax-free and spread the cost
• Learning & professional development — regular 360 feedback, role-based progression, and support for courses, events, and coaching
• Quarterly company socials and regular team meet-ups throughout the year

We are 100% committed to building a diverse and representative team. Whatever your race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability - we want to hear from you. If you have questions about the role or the company or the interview process, please let your recruiter know and we’re happy to answer these anonymously if that makes you feel more comfortable.

We’re all about giving every candidate the best chance to shine. If you require any reasonable adjustments to the job description, application, or selection process, just let us know — we’d be happy to help.

When it comes to hiring, we focus only on your skills, experience, and how you live our values.

As part of our hiring process, we may record your interview and use AI tools to generate notes. This helps us capture details accurately and ensures a fair review by our hiring panel. By attending an interview with Penfold, you consent to the use of recording and AI-generated notes for this purpose. If you have any concerns or would prefer not to be recorded, please let us know in advance.