Company Description

Our client, InvestEd, is the Philippines’ most sustainable and inclusive student loan company. Offers success loans to students from ALL socio-economic classes and believe that the opportunity to succeed should always be paid forward to those who don’t have it. There are 18 million learners in the Philippines who don’t have access to bank credit.InvestEd exists to change this unfair reality. InvestEd is the leading company in the region solving financial inclusion for unbanked youth.

There are 18 million learners in the Philippines who don’t have access to bank credit.

InvestEd exists to change this unfair reality.

InvestEd is the leading company in the region solving financial inclusion for unbanked youth.

• Employment: Fulltime, for regularization
• The role will report directly to the Chief of Staff.

KEY RESPONSIBILITIES

The Compliance and Data Protection Officer (DPO) is responsible for ensuring the company adheres to

all regulatory, data protection, and privacy requirements while maintaining an effective compliance

framework. This role requires close collaboration with various internal teams, legal partners, and third-party service providers to ensure all compliance and data privacy policies and guidelines are properly

implemented and monitored.

Regulatory Compliance

• Ensure compliance with all relevant regulations, including but not limited to SEC, AMLC, BIR, CIC, DOLE, IPO, LGU
• Maintain a zero-incident track record for non-compliance or delays in regulatory reporting
• Manage and coordinate the timely submission of regulatory reports, while actively working with the responsible business units to resolve any delays or compliance issues
• Evaluate, negotiate, and authorize compliance-related clauses with service providers

Internal Compliance

• Define, enforce, audit, and resolve compliance policies, standards, guidelines, and violations
• Offer compliance guidance to various teams
• Ensure that company requirements from the partner law firm are completed on time and meet quality standards.
• Ensure the timely and high-quality delivery of internal compliance projects as they arise.
• Provide monthly updates on the status of regulatory and internal compliance to the Board's Credit and Risk Committee.

Data Privacy Compliance

• Ensure 100% on-time submission of all reportorial requirements mandated by the Data Privacy Act of 2012, including data breach notifications, annual privacy reports, and other required filings.
• Ensure effective implementation and adherence to the organization’s data privacy policies and program. Regularly monitor the integration of these policies into daily operations.
• Provide compliance and data privacy guidance to different teams
• Review, negotiate, and approve compliance and data protection/privacy-related clauses of service providers
• Conduct Data Protection Impact Assessments and provide sign-off before project launch or engaging a new service provider
• Participate in internal and third-party service provider data protection/privacy audits
• Develop and execute a monthly training plan on data privacy and security, ensuring 100% of planned sessions are conducted.

QUALIFICATIONS:

• Minimum of 3 years of work experience in compliance, data protection, and privacy
• Experience in formulating and implementing policies in compliance, data protection, and data privacy
• Must be a Data Protection Officer (DPO) certified
• Ability to manage projects (within scope, timeline, and budget) with minimal supervision
• Knowledge and application of relevant Philippine laws and legal concepts
• Experience working with legal teams and external law firms, especially in areas concerning compliance and data privacy.
• Preferably someone with experience working with a startup company or with a lending, banking, or fintech industry

Please refer to job description.