Compliance Analyst

About PayJoy

PayJoy is a mission-first financial service provider dedicated to helping under-served customers in emerging markets to achieve financial stability and success. We lend through our patented technology that turns a smartphone into digital collateral, and our cutting-edge machine learning, data science, and anti-fraud AI allow us to offer the lowest cost and qualify the most customers in the industry. As of 2024 we have brought billions of dollars in credit to 12 million customers, doubling in the last two years while remaining strongly profitable and sustainable for the long term.

This role

The compliance analyst role at PayJoy exists to ensure the company operates within the boundaries of data protection laws and industry regulations, particularly in regions with strict privacy laws like Brazil. This specialist is responsible for implementing robust compliance frameworks, managing data privacy policies, and mitigating risks related to data breaches or regulatory penalties. By ensuring adherence to legal standards, this role directly contributes to protecting PayJoy from potential litigation, safeguarding customer trust, and enabling secure, compliant business operations, which is critical in maintaining the company’s reputation and continuity, especially in markets that rely on sensitive customer data for device locking services and credit.

A successful candidate for the compliance analyst role at PayJoy should possess a strong understanding of data protection laws and regulatory compliance, particularly in regulated fields. They must have excellent analytical and problem-solving skills to assess risks, develop policies, and implement effective compliance programs. Attention to detail and the ability to stay up-to-date with evolving regulations are essential. The ideal candidate should also have strong communication skills to collaborate with cross-functional teams and provide clear guidance on compliance matters. Experience in managing audits, privacy impact assessments, and ensuring data security will be crucial, alongside the ability to work independently and drive a culture of compliance within the organization.

Responsibilities:

• Ensure Regulatory Compliance What: Monitor and ensure adherence to all applicable data privacy laws and regulations. How: Regularly review and update company policies to align with local and international privacy laws (e.g., LGPD, GDPR). Why: To avoid legal penalties and ensure the company's operations remain lawful and secure.
• Develop and Implement Privacy Policies: What: Create and maintain comprehensive data privacy and protection policies. How: Collaborate with legal, IT, and business teams to build policies that cover data handling, retention, and security practices. Why: To safeguard customer information and ensure compliance with legal and contractual obligations.
• Conduct Privacy Audits and Assessments: What: Perform regular internal audits and privacy impact assessments (PIAs) to identify vulnerabilities. How: Analyze data workflows, systems, and procedures to ensure compliance and security. Why: To proactively address risks and demonstrate accountability to regulators and stakeholders.
• Manage Data Breaches and Incident Response: What: Lead the investigation and resolution of data breaches or privacy incidents. How: Develop and implement an incident response plan and ensure quick, effective communication and resolution. Why: To minimize reputational damage and legal exposure, and to comply with breach notification requirements.
• Provide Training and Education: What: Educate employees on data privacy laws, company policies, and best practices. How: Deliver training programs, workshops, and materials to raise awareness and maintain a culture of compliance. Why: To ensure all staff understand their responsibilities, reducing the risk of accidental non-compliance.
• Monitor and Adapt to Regulatory Changes: What: Stay updated on new regulations and compliance requirements. How: Continuously track regulatory developments and adjust internal processes accordingly. Why: To prevent non-compliance due to outdated practices and maintain legal conformity.
• Support Cross-functional Teams on Compliance Matters: What: Advise internal teams on data privacy issues related to product development, marketing, and customer operations. How: Provide clear, actionable guidance during the development and implementation of business initiatives. Why: To ensure all company activities involving data use are compliant with regulations and aligned with business goals.

Requirements:

• Proven Experience in Data Privacy Compliance: At least 3-5 years of hands-on experience working with data privacy regulations such as GDPR, LGPD, or CCPA in a corporate or legal setting.
• Understanding of Risk Management Principles:Knowledge of risk identification, mitigation, and management strategies in relation to data privacy and regulatory compliance.
• Ability to Develop and Implement Policies: Demonstrated experience in creating, implementing, and maintaining data privacy policies and procedures across an organization.
• Strong Organizational and Project Management Skills: Ability to manage multiple compliance projects simultaneously, ensuring that deadlines are met and standards are consistently upheld.
• Knowledge of Privacy Impact Assessments (PIA) and Audits: Experience conducting privacy audits and impact assessments, with a focus on identifying vulnerabilities and ensuring regulatory adherence.

Benefits:

• Company-funded Health and Dental Insurance for employees and immediate family members.
• Life insurance.
• Monthly benefits of meal vouchers and Home Office assistance.
• Annual benefits of Fitness ($500), Professional Development ($2,000), and International Business Travel ($2,000).
• One-off benefits of phone finance (US$500), home office equipment (US$250), and headsets (US$200).

PayJoy is proud to be an Equal Employment Opportunity employer and we welcome and encourage people of all backgrounds. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

PayJoy Principles

Finance for the next billion * Ownership * Break Through Walls * Live Communication * Transparency & Directness * Focus on Scale * Work-Life Balance * Embrace Diversity * Speed * Active Listening