Compliance and Money Laundering Reporting Officer (MLRO), Spain

CEX.IO Europe is in the process of obtaining authorisation under the EU Markets in Crypto-Assets Regulation (MiCAR) as a Crypto-Asset Service Provider (CASP) in Spain. As part of our regulatory readiness and local substance requirements, we are actively recruiting a Spain‑based Compliance & Money Laundering Reporting Officer (MLRO).

The role is a senior control function with direct accountability for Compliance and AML/CFT/PF compliance under MiCAR, Spanish AML legislation, and applicable EU financial crime frameworks. The role will be a key point of contact for Spanish competent authorities, including CNMV (MiCAR Compliance) and SEPBLAC (MLRO), and will play a central role in establishing, operating, and continuously enhancing the local Compliance & AML/CFT/PF framework.

This role represents the permanent, locally‑based appointment required for authorisation and ongoing supervision.

Key Responsibilities

Regulatory & Governance

• Act as the designated MLRO for the Spanish MiCA‑authorised entity, with full accountability for AML/CFT/PF compliance.
• Serve as the primary point of contact with Spanish competent authorities (including AML and prudential supervisors) on all compliance & financial crime matters.
• Ensure compliance with MiCAR AML‑related obligations applicable to CASPs, including governance, risk management, and internal control expectations and MiCAR reporting.
• Prepare and submit all required AML‑related regulatory filings, suspicious activity reports, and periodic reports in accordance with Spanish law and SEPBLAC guidance.
• Prepare and present the annual AML/CTF/PF report to the Board of Directors, including risk assessments, control effectiveness, incidents, and remediation plans.
• Monitor regulatory developments under MiCAR, ESMA, and EBA’s guidance, AMLA guidance, and Spanish AML updates, ensuring timely implementation.
• Advise senior management and the Board on Compliance & AML/CFT/PF risks, regulatory developments, and supervisory expectations.

AML/CFT Framework & Risk Management

• Design, implement, and maintain a robust AML/CFT/PF framework
• Develop and maintain the enterprise‑wide and Spain‑specific AML/CFT/PF risk assessment, ensuring alignment with risk‑based requirements.
• Ensure appropriate Compliance & AML/CFT/PF risk classification of the business, customers, products, delivery channels, and geographies.
• Identify emerging financial crime risks related to crypto‑assets, DeFi exposure, cross‑border activity, and new product launches.

Operational Oversight

• Oversee and advise on day‑to‑day Compliance & AML operations, including quality assurance of onboarding, alerts, investigations, and reporting.
• Ensure AML systems, transaction monitoring tools, and blockchain analytics solutions are appropriately calibrated and effective.
• Review and approve high‑risk customer cases, escalations, and complex investigations.
• Ensure timely and accurate filing of suspicious transaction/activity reports with CNMV/SEPBLAC in Spain.
• Coordinate with group‑level compliance, risk, and product teams to ensure consistency while maintaining local regulatory ownership.

Policies, Procedures & Training

• Draft, maintain, and continuously update AML/CFT/PF policies, procedures, and controls in line with MiCAR, Spanish AML law, and EU guidance. Ensure policies are embedded operationally and reflect actual business practices.
• Ensure AML/CTF/PF training is aligned and contains local-specific requirements, including tailored training for senior management and high‑risk functions. 
• Support internal, external, l and regulatory audits, inspections, and information requests.

Risk Remediation & Continuous Improvement

• Identify control gaps, weaknesses, or regulatory findings and design remediation plans.
• Track remediation actions to completion and report progress to senior management and the Board.
• Protect and enhance the reputation of CEX.IO Europe through a strong compliance culture and proactive regulatory engagement.
• Provide regular updates to the Board of Directors regarding Compliance & AML/CFT/PF risks, regulatory developments, and supervisory expectations 
  
  

Required Experience & Qualifications

• Spanish residency is a mandatory requirement for this role.
• Minimum 5-7 years of experience in Compliance & AML/CFT/PF compliance within a regulated financial services or FinTech environment, and direct interaction with regulators.
• Prior experience acting as MLRO or Deputy MLRO is strongly preferred.
• International Compliance Association (ICA) / Association of Certified Anti-Money Laundering Specialists (ACAMS) qualification or equivalent.
• Strong understanding of EU AML/CFT/PF frameworks and hands‑on familiarity with MiCAR requirements for CASPs.
• Solid knowledge of Spanish AML legislation and regulatory expectations.
• Experience working with crypto‑asset businesses, virtual asset service providers, or financial institutions exposed to digital assets.
• Proven experience conducting AML risk assessments and managing financial crime controls.
  
  

Skills & Competencies

• Fit & Proper Criteria: Must meet the suitability requirements of the Banco de España / CNMV and SEPBLAC, demonstrating both professional competence and commercial honourability.
• Maintain a clean criminal and professional record, free from any sanctions or active proceedings related to financial crimes, fraud, or administrative breaches.
• Ability to act as the primary, resident point of contact for Spanish authorities.
• Strong regulatory judgement and ability to apply risk‑based decision‑making.
• High level of integrity, independence, and professional scepticism.
• Excellent analytical and organisational skills, with strong attention to detail.
• Ability to operate effectively in a fast‑moving, regulated crypto‑asset environment.
• Confident communicator, able to engage credibly with regulators, senior management, and operational teams.
• Ability to work independently while collaborating with international, remote teams.