Risk Management Officer 

National Switch Limited (Natswitch)

Position: Risk Management Officer 
Location: Blantyre, Malawi
Company : National Switch Limited (Natswitch)
Reports to: Operations Manager

Role Overview

The Risk Management Officer will develop, implement, and maintain a comprehensive enterprise risk management (ERM) framework and internal control environment that ensures the resilience, security, integrity, and compliance of Natswitch operations. This role encompasses the identification, assessment, mitigation, and monitoring of operational, financial, compliance, strategic, and cybersecurity risks across all digital platforms, payment channels and the entire national switch ecosystem.

Key Responsibilities

Compliance & Risk Management

  • Monitor adherence to laws, regulations, policies and standards (e.g, National Payments Act, ISO 20022/ 8583, AML/ CFT, PCI DSS)
  • Conduct risk assessments and recommend mitigation strategies
  • Advise on risk implications of new products, services, and strategic initiatives

Internal Controls

  • Design, implement, and review internal control systems
  • Maintain documentation of control procedures and findings
  • Conduct audits and follow up on corrective actions undertaken by various departments

Governance & Ethics

  • Promote ethical conduct and corporate governance best practices by making timely recommendations to Management
  • Support the development and enforcement of policies

Operational & Cybersecurity Risk

  • Monitor operational and cybersecurity risks, including transaction processing, fraud detection, system downtime, and data breaches
  • Manage the scheme rules of the national switch ecosystem
  • Collaborate with IT and Security teams to implement risk mitigation measures and incident response plans
  • Conduct scenario analysis and stress testing to evaluate resilience of payment systems

Settlement & Financial Risk Oversight

  • Oversee settlement operations, including acourt setup, quidity monitoring reconciliations, and exception management
  • Ensure that risks related to settlement of interbank and non-banks payment service providers are properly assessed and mitigated
  • Liaise with management and participants to monitor systemic risk exposure

Third-Party / Vendor Risk Management

  • Assess and monitor risks associated with vendors, technology providers, and other third-party service providers
  • Conduct due diligence, service-level agreement (SLA) reviews, and periodic vendor risk audits

Strategic Risk Advisory

  • Provide input on risk considerations for business strategy, product launches, and expansion initiatives
  • Integrate risk and compliance into organizational decision-making

Quality Assurance on Projects

  • Review and monitor all projects, system upgrades, certification processes and integrations to ensure compliance with risk, security and operational standards
  • Participate in project planning and governance to provide risk-based quality assurance (QA) input before, during and after project execution
  • Ensure that project deliverables meet regulatory, technical, and internal control requirements, including settlement and cybersecurity standards
  • Conduct risk assessments and QA checks on third-party software, fintech integrations, and payment service upgrades
  • Collaborate with other teams to validate testing results, sign-off critical deployments, and ensure post-implementation reviews are completed
  • Develop and maintain QA procedures, checklists, and documentation for ongoing and future projects

Training & Awareness

  • Deliver training to both external and internal stakeholders on compliance and risk topics
  • Build awareness across departments to foster a compliance-first culture

Reporting & Documentation

  • Prepare reports for senior management and regulatory bodies
  • Maintain accurate records of compliance activities and audit trails
  • Track key performance indicators and prepare service performance reports

Qualifications & Experience

  • Academic: Bachelor’s degree in information security, Law, Risk Managerent, Finance, Accounting, Economics, or related field
  • Professional certification such as CRMA, CISA, CISM, ISO 31000 Risk Practitioner, or equivalent is an advantage
  • Minimum of five (5) years’ experience in risk management, internal audit, operational risk, or related roles, preferably in financial services or payment systems
  • Strong understanding of enterprise risk management, internal controls, cybersecurity frameworks, and payment switch operations
  • Proficiency in SLA monitoring incident tracking systems, and service performance analytics
  • High proficiency in Microsoft Office, reporting tools, and ticketing platforms
  • Sound understanding of information security principles and risk management

Skills

  • Strong risk analysis, internal control, and problem-solving skills
  • Knowledge of digital payment ecosystems and national switch operations
  • Familiarity with regulatory and compliance standards for payment systems
  • Ability to engage and influence stakeholders at all levels
  • Attention to detail, initiative, and ability to work under pressure
  • Strong analytical, problem-solving decision making and documentation abilities
  • Strong verbal and written communication skills, with the ability to prepare professional reports and presentations
  • Collaborative, proactive, and results-oriented
  • High level of integrity, independence, and professional judgment
  • Understanding of switching and payment ecosysters and payment protocols (ISO 20022 / 8583)

Personal Attributes

  • High integrity, independence and professional judgement
  • Strong sense of accountability and service excellence
  • Strong analytical, communication, and coordination skills
  • Results-oriented
  • Able to perform under pressure and manage multiple priorities
  • Commitment to continuous improvement and service excellence with focus on innovation
  • Stakeholder-focused mindset
  • Proactive and self-driven, with a strong sense of ownership and accountability
  • Attention to detail and ability to work under pressure in a dynamic environment
  • Excellent communication, report-writing and presentation skills
  • Strategic mindset with the ability to align risk management practices to national digital public infrastructure and financial inclusion goals

Application Details

Interested candidates should send their aoplications, including a detailed Curriculum Vitae, copies of certificates, plus names and addresses of three traceable referees to the address or email below not later than 1 December 2025

The Chief Executive Officer,
National Switch Limited,
Ulimi Building, 2nd Floor,
P O Box 2334,
Blantyre
Email: hr@natswitch.mw
(Clearly state the position being applied for in the email subject.)