Startup Jobs
Post a Job
CEX.IO

Executive Director, Chief Risk Officer (CRO), Spain

full-time Remote

AI overview

Lead the enterprise-wide risk management function while shaping strategy and risk appetite on the Board, ensuring compliance and operational integrity across all crypto service offerings.

CEX.IO Europe is a Virtual Asset Service Provider (VASP) licensed by the Banco de España and is currently in the process of upgrading its authorisation under the EU Markets in Crypto-Assets Regulation (MiCAR) as a Crypto-Asset Service Provider (CASP) in Spain. As we move from the national transitional regime to the full EU MiCAR passporting framework, the Board plays a pivotal role in ensuring supervisory continuity, robust governance, and strategic resilience. 



We are seeking a seasoned Director & Chief Risk Officer (CRO) to join the Board. This is a dual-hatted role combining Board-level fiduciary duties with executive responsibility for the enterprise-wide risk management function. The successful candidate will sit on the Board to shape strategy and risk appetite while simultaneously leading the Risk Department to ensure security, compliance, and operational integrity across all crypto service offerings.

Given the convergence of crypto-asset regulations with traditional finance, in addition to those with direct crypto experience, candidates with a background in Electronic Money Institutions (EMIs) are particularly well-suited for this role. Their experience with e-money token frameworks, safeguarding regimes, and PSD2 operational resilience is directly transferable to the MiCAR requirements for Asset-Referenced Tokens (ARTs) and EMTs.

This role is subject to the joint EBA/ESMA guidelines on suitability, meaning their individual knowledge, good repute, and time commitment are conditions of the company’s license. 

 

Key Responsibilities

Board Level Duties (Second Line Oversight & Strategy)

  • Collaborate with the Board to define the company’s enterprise-wide risk appetite, covering operational, financial, cyber, and strategic risks in line with MiCAR and DORA requirements
  • General day-to-day running of the Company alongside the Board, steering the business in a strategic and compliant manner. 
  • Present and justify the Risk Management Framework to the Board Risk Committee for approval. Ensure the framework aligns with Spanish and EU regulatory standards.
  • Advise the Board on conflicts of interest regarding qualifying shareholders and shared resources. Ensuring influence is not exercised in a way that is prejudicial to the sound and prudent management of the Company.
  • Provide regular risk reports to the Board Risk Committee, highlighting any key risk indicators (KRIs) and emerging trends in the crypto-asset sector.

Executive Management Duties (First Line - Execution and Leadership)

  • Develop, implement, and maintain the comprehensive risk management framework and policies across the organisation.
  • Identify, prioritise, and assess risks across the organisation. Including emerging threats in the banking, technology, and crypto asset sectors (e.g., custody risks, settlement risks, blockchain-specific threats).
  • Act as the primary point of contact for the Banco de España and/or CNMV and external auditors regarding risk management matters and compliance with industry standards
  • Oversee the execution of business continuity and crisis management plans to ensure the Company remains calm and structured under stress, ensuring ICT response and recovery plans guarantee the continuity of crypto-asset services as per DORA.
  • Mentor and lead the risk management team, fostering a proactive culture of risk awareness and continuous improvement.


Essential Experience & Qualifications

  • Bachelor’s degree in Finance, Risk Management, Economics, Business, or Law. Advanced certifications (e.g., FRM, PRM, or CFA) are preferred.
  • 5+ Years in senior risk roles within the financial market infrastructure, payment systems, EMI’s, Crypto-assets, or major financial institutions. Deep understanding of financial, operational, and financial crime risks.
  • Deep understanding of the Spanish regulatory landscape (Banco de España, CNMV) and the EU MiCAR framework. Direct experience with EMI authorisation or oversight under PSD2/E Money Directive is desirable as it provides a foundational understanding of the safeguarding and capital requirements now applicable to CASPs under MiCAR. Knowledge of DORA and cyber resilience is beneficial.
  • Familiarity with the technical aspects of crypto-assets (DLT, custody, tokenomics, blockchain analytics).
  • Native Spanish speaker, and English proficiency is required

Knowledge & Skills

  • Strategic systems thinking: ability to connect micro risks (e.g., transaction delays) with macro systemic impacts (e.g, liquidity crunches).
  • Innovative pragmatism: balancing strict regulatory compliance with the need for technological innovation and business growth.
  • Leadership: proven track record of leading multi-jurisdictional teams and the ability to constructively challenge counterparts at the executive level.
  • Communication: fluent Spanish is required for local operations. Proficiency in English for inter-group communications and operations.
  • To ensure full compliance with MiCAR Article 68 and EBA/GL/2024/09, the successful appointee must consistently satisfy 'Fit and Proper' thresholds, which include maintaining a clean criminal record (specifically free of financial crime or money laundering convictions), committing to full-time executive dedication to CEX.IO Europe S.L., and possessing a professional profile that effectively addresses specific governance gaps identified in our Board’s collective skills matrix.

Core Competencies

  • High levels of integrity, independence, and accountability.
  • Ability to maintain structure and clarity under stress.



Success Criteria

Within the first 12 months, the Director & CRO will have:

  • Successfully assisted in the management of the Risk workstream for the complete MiCAR authorisation dossier to the CNMV and the EMI authorisation with the Banco de España.
  • Implemented the updated Risk Management Framework and Suitability policy across the organisation.
  • Established a suite of Key Risk indicators (KRIs) tailored to the crypto-asset business model.
  • Built and mentored a high-performing risk team capable of managing the firm's growth within the MiCAR framework.
  • Ensured the firm's crisis management and business continuity plans are tested and fully compliant with DORA requirements.


 CEX.IO
View all jobs
Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Executive Director Q&A's
Report this job
Apply for this job