SVP, Global Head of Risk

The Opportunity We’re looking for an SVP, Head of Global Risk to lead the next evolution of Flywire’s end to end risk sophistication, as we expand into new markets and products, our risk exposure across a number of areas is growing in scale, technical complexity. To support our next phase of growth, we are investing and consolidating all risk activities under a new role as Head of Global Risk role, reporting into the CFO. This leader will own the Risk Strategy, Purpose and Vision across Flywire and champion a risk-aware culture – and will play a critical role in every part of the business, from client and customers activities, to technical expertise and AI/Advanced practices, to operations, payments, product, architecture and end to end functional foundations to support Flywire’s future growth. What You Will Do: As Head of Global Risk, you will be the senior executive responsible for building and overseeing an integrated, enterprise-wide risk management function that enables informed decision-making and long-term sustainable growth across all business units, geographies, and corporate functions. You will be a key leader of a global team, inspiring, attracting and developing talent at all levels. You will balance a very strong technical expertise with the ability to influence multiple senior stakeholders and drive vision/execution across many teams. You will serve as a strategic partner to the executive leadership team, Board of Directors, and regulators, ensuring that the company’s risk posture aligns with its business objectives, regulatory obligations, and fiduciary responsibilities. Risk Identification & Assessment: Spotting and evaluating strategic, financial, compliance, operational, and reputational threats. Strategy Integration: Embedding risk considerations into major decisions (M&A, new products, investments). Risk Mitigation: Developing plans to manage and reduce risks, ensuring they stay within acceptable levels. Global InfoSec: leverage best in class technical expertise to oversee the company’s global information security program, including cybersecurity architecture, security operations, incident response, vulnerability management, and data security. Reporting: Creating and sharing risk analyses with leadership. Regulatory Compliance: Ensuring adherence to laws like Sarbanes-Oxley. Crisis Management: Leading the response to unexpected events and crises. Enterprise Risk Management (ERM) Build and continuously evolve an enterprise risk management framework across strategic, financial, operational, legal, reputational, and technology risks. Develop and lead the enterprise risk management (ERM) framework across all risk types: operational, financial, compliance, strategic, reputational, technology, and third-party. Integrating insights across the organization and anticipate future threats and strengthen enterprise resilience. Chair the Enterprise Risk Committee; serve as key liaison to the Board’s Audit and/or Risk Committee. Establish risk appetite statements and ensure alignment with corporate strategy and capital allocation decisions. Oversee the risk register and facilitate periodic enterprise risk assessments. Define and operationalize risk appetite statements aligned with business strategy and growth plans. Partner with the executive team and board to ensure risk-informed decision-making across all major investments and initiatives. Global Risk Infrastructure Implement global risk monitoring, reporting, and escalation protocols. Ensure risk coverage across all jurisdictions (e.g., NA, EMEA, APAC, LATAM). Maintain a centralized risk register and coordinate business continuity planning. Controls & Culture Drive a culture of risk awareness and accountability at all levels. Align first-line (business ownership), second-line (risk/compliance), and third-line (audit) responsibilities. Lead internal education on governance, controls, and incident response. Fraud and Credit Risk Management (Payments-Focused) Work with the Fraud and Credit Risk Leader to design and lead a global fraud risk program tailored for a complex payments and cross-border transaction environment – And lead the development of credit risk strategy, including credit policy design, underwriting frameworks, exposure monitoring, and loss mitigation Build real-time fraud detection, prevention, and response protocols using data-driven techniques and internal tooling. Partner with Product, Engineering, and Operations to continuously improve fraud analytics, rules-based systems, and behavioral models. Establish governance for external fraud (customer-facing) and internal fraud (employee/vendor-related), including escalation frameworks and incident post-mortems. Lead the development of credit risk strategy, including credit policy design, underwriting frameworks, exposure monitoring, and loss mitigation. Oversee merchant and counterparty credit evaluation, particularly for embedded finance or working capital programs. Collaborate with Finance and Treasury to assess credit provisioning, stress-testing scenarios, and capital adequacy related to credit exposure. Compliance & Regulatory Risk Work with the Compliance leadership to ensure compliance with global regulatory frameworks across all jurisdictions, including financial services licensing, AML/KYC, sanctions, data privacy, consumer protection, and ESG disclosures. Build scalable compliance monitoring programs and lead preparation for regulatory exams and audits. Partner with Legal, Product, and Operations teams to ensure controls are embedded into business workflows and product designs. Track and assess regulatory changes (e.g., SEC, OCC, FCA, MAS, GDPR) with timely impact analysis and implementation plans. Information Security, Cyber Risk & Data Protection (CISO Responsibility) Work with the CISO organization to oversee the company’s global information security program, including cybersecurity architecture, security operations, incident response, vulnerability management, and data security. Lead a technically sophisticated InfoSec team and partner with Engineering to continuously evolve cloud infrastructure security, encryption, DevSecOps practices, and SOC monitoring. Ensure security-by-design is embedded into new product development, and align with privacy, data residency, and data governance standards (e.g., GDPR, SOC2, ISO 27001). Lead internal security awareness and education programs across all staff. Prepare the company for security audits, certifications, and board-level security reviews. Cross-Functional Risk Leadership Lead and align all second-line risk and compliance functions across the company, including InfoSec risk, vendor risk, model risk, and incident response. Drive a “centralized but dedicated” support model: central governance, tools, and policy ownership, but embedded support and accountability for each business unit and function. Represent the company in board discussions, investor relations, and external engagements on risk posture and governance.