The Manager, Regulatory Compliance plays a pivotal role in ensuring the Company鈥檚 compliance with the Personal Data Protection Act (PDPA) 2024 and other applicable regulations, policies, and frameworks. While this role serves as the appointed Data Protection Officer (DPO), the scope also extends to broader compliance areas such as anti bribery and corruption, whistleblowing, codes of conduct, and corporate governance policies.
The position is responsible for advising departments, conducting risk and compliance assessments, managing data breaches, leading audits, monitoring adherence to regulations, and delivering training and awareness programs. The role ensures that a strong culture of data protection, ethics, and compliance is embedded across the Company.
Your responsibilities as Manager, Regulatory Compliance will include, but not be limited to:
Regulatory Compliance & Data Protection
- Serve as a trusted advisor to departments on interpreting and applying the PDPA 2024
- Lead and coordinate the execution of Data Protection Impact Assessments (DPIAs)
- Review new products, services, systems, and processes for data privacy risks, providing recommendations and mitigations
- Support the Line Manager in developing, maintaining, and strengthening the Group鈥檚 compliance framework, policies, and procedures
- Conduct internal audits and assessments of data processing activities and compliance practices
- Investigate and manage suspected or actual personal data breaches, including breach notifications and recordkeeping
- Maintain compliance registers (e.g., data breaches, conflict of interest, anti-bribery & corruption declarations)
Training & Awareness
- Partner with Training & Development to design and deliver data protection, ethics, and compliance training programs
- Lead awareness campaigns to embed a strong compliance and integrity culture throughout the Company
Risk & Compliance Monitoring
- Track regulatory developments and assess their impact on the Group鈥檚 operations
- Conduct periodic compliance reviews and submit reports to management and regulators
- Evaluate business activities and third-party engagements for potential compliance risks
Stakeholder Engagement
- Act as a liaison with regulators, auditors, and external stakeholders on data protection and compliance matters
- Provide guidance to internal teams on Data Subject Access Requests (DSARs) and rights under PDPA 2024
- Collaborate cross-functionally to support compliance in business processes, contracts, and third-party relationships
Other Responsibilities
- Handle ad hoc tasks and projects as assigned by Line Manager or/and Management
- Lead or support compliance initiatives and projects beyond data protection, such as corporate governance reviews and regulatory filings