Director - Governance, Risk & Compliance (GRC) | Dubai, UAE

About Moove

About The Role

What You’ll Be Doing

• The role exists to ensure Moove has a robust, enterprise‑wide GRC framework that provides effective oversight, clear accountability and proactive management of risks and compliance obligations across all markets.
• Critical outcomes for the next 6–12 months include:
• Roll out core GRC initiatives across all markets, with clear emphasis on governance, internal controls and policy frameworks.
• Establish and embed an enterprise governance framework with defined forums (e.g. GRC SteerCo), roles and accountabilities across Board, executive leadership and operational management.
• Implement and operationalise a global enterprise risk management approach, including group‑wide risk assessments, reporting and remediation tracking.
• Stand up a global compliance program (anti‑bribery & corruption, sanctions, AML/CTF, third‑party due diligence, Speak‑Up, training) with clear ownership, processes and KPIs.

• Governance (Enterprise Oversight & Control Environment)

• Establish and maintain the enterprise governance framework, ensuring clear accountability across Board, executive leadership, and operational management.
• Design and oversee the internal control environment, embedding ownership of controls within business functions and ensuring alignment with strategic objectives.
• Lead executive-level governance forums, driving visibility of key issues, decision-making, and accountability for remediation.
• Define and implement policy governance structures, including development, approval, communication, and lifecycle management of all core policies and standards.
• Build feedback loops and continuous improvement mechanisms to strengthen governance maturity through lessons learned, incident analysis, and control enhancements.
• Risk (Enterprise Risk & Operational Exposure Management)
• Identify, assess, and manage enterprise and operational risks, ensuring material risks are visible, prioritized, and actively mitigated across all markets.
• Embed a risk-based approach to decision‑making, integrating risk considerations into business operations, expansion and strategic initiatives.
• Oversee the development of risk assessment methodologies, including periodic risk reviews across key domains (financial, operational, regulatory, reputational).
• Drive root cause analysis and corrective action frameworks for incidents, ensuring sustainable fixes rather than surface-level remediation.
• Monitor and report on risk trends, emerging threats, and systemic vulnerabilities, providing actionable insights to executive leadership.
• Align risk management practices with global standards and frameworks (e.g., ISO 31000, Three Lines Model), adapted pragmatically to Moove’s maturity and risk profile.

• Compliance (Regulatory & Ethical Adherence)

• Develop and implement a global compliance program aligned with applicable laws and regulations (e.g., FCPA, UK Bribery Act, AML/CTF, sanctions regimes including UN, FATF, EU, HMT, OFAC).
• Oversee third-party due diligence frameworks, ensuring robust onboarding, monitoring, and risk mitigation for partners, vendors, and intermediaries.
• Lead regulatory compliance across jurisdictions, ensuring adherence to local legal requirements while maintaining global standards and consistent controls.
• Design and deliver compliance training and awareness programs, embedding a culture of integrity across all levels of the organization.
• Manage whistleblowing and Speak-Up mechanisms, ensuring confidential reporting, proper investigation, and protection against retaliation.
• Ensure independence and integrity of investigations, including oversight of disciplinary processes, escalation protocols, and reporting to senior leadership.
• Ensure books and records integrity, supporting accurate financial reporting and compliance with anti-fraud and anti-corruption requirements.

• Leadership & Team

• Provide strategic leadership to the GRC function, including day-to-day direction to junior support resources across all GRC fronts.
• Act as a trusted advisor to the executive leadership and country heads on governance, risk and compliance topics.
• Partner with Legal, Finance, Operations, People, Technology and Market leadership to integrate GRC into business processes and decision‑making.

What You Will Need For This Position

• Significant post-qualification experience in Governance, Risk and Compliance (or closely related fields such as Internal Audit, Ethics & Compliance, Risk Management) in a fast‑paced, multi‑jurisdictional environment, ideally in fintech, financial services, mobility or technology.
• Demonstrable track record in designing and running enterprise‑wide governance frameworks, internal control environments and GRC operating models.
• Strong experience in enterprise risk management, including risk identification, assessment, reporting and remediation.
• Deep knowledge of anti‑bribery & corruption, sanctions, AML/CTF and related regulatory regimes (e.g., FCPA, UK Bribery Act, OFAC, UN, EU, FATF, HMT).
• Proven experience working with Boards and executive leadership, including preparation of materials and leading SteerCo or similar forums.
• Strong strategic thinking and ability to translate complex regulatory and risk topics into clear business decisions.
• Excellent stakeholder management, communication and influencing skills, including at C‑suite and Board level.
• High degree of integrity and sound judgment, particularly in handling sensitive investigations, speak‑up cases and disciplinary processes.
• Strong analytical and problem‑solving skills, with experience in root cause analysis and designing sustainable remediation.
• Ability to work in a fast-paced, dynamic environment with aggressive timelines and multiple competing priorities.

Key Metrics

• Implementation and adoption of an enterprise governance framework across all relevant forums and markets (e.g.
• GRC SteerCo, policy governance, control owners in place).
• Timely completion of group-wide risk assessments and regular risk reporting to executive leadership and the Board.
• Effectiveness of compliance program: coverage of training, completion rates, number and resolution time of Speak‑Up cases, quality of investigations and remediation.
• Reduction in repeat or high‑severity incidents through robust root cause analysis and sustained control enhancements.
• Positive external outcomes: regulatory compliance record, quality of interactions with regulators and external parties, and absence of material enforcement actions.

Who You'll Be Working with

About The Team

Pre-hiring Notice

EEO Statement