Chief Compliance Officer

BitPay B.V. is looking for a highly motivated Chief Compliance Officer (CCO) to join our executive team and play an important role in shaping our compliance and risk management programs, regulatory strategy, and the day-to-day operations of the policies and procedures required to ensure compliance with all regulations relevant to operating as a Dutch-authorised Crypto-Asset Service Provider (“CASP”) will oversee compliance, risk governance, licensing, and regulatory relationships, ensuring BitPay B.V. remains at the forefront of compliance in the crypto space.

As a key leader, you will shape our compliance strategy in a rapidly evolving industry, working closely with regulators, external partners, and internal teams across all functions. Your leadership will be critical in fostering strong cross-functional communication, cultivating a compliance-first culture, and mentoring the compliance team to support the company’s growth.This role will be a statutory director of BitPay B.V., participating in Management Board deliberations and decisions, and contributing to the company’s overall governance and strategic development.

 Responsibilities:

CASP Compliance Operations

• Regularly review developments in regulatory requirements applicable to BitPay B.V. as an authorised CASP and maintain an understanding of potential future legislative developments.
• Develop compliance policies which are appropriate to the size and complexity of the business and which meet regulatory requirements ensuring that policies are approved by the Management Board.
• Oversee regulatory compliance across prudential standards including operational resilience and conduct of business provisions, including those relating to investment type products.
• Ensure alignment with evolving frameworks such as Crypto Asset Reporting Framework.
• Develop, implement and maintain compliance policies.
• Define and maintain efficient compliance procedures, ensuring that appropriate compliance operations can be maintained.
• Ensure that appropriate up to date compliance documentation is maintained and available to employees. 

Team Leadership 

• Lead, develop, and manage the BitPay B.V. compliance team ensuring roles, responsibilities, and goals are clearly defined and aligned with regulatory requirements and business needs.
• Provide regular coaching, performance feedback, and career development support to compliance staff.
• Plan and manage team resources, including hiring, training, and workload allocation.
• Foster a high-performing and collaborative team culture with strong internal communication and a compliance-first mindset.

Financial Crime

• Lead the development and ongoing improvements of a risk-based approach to AML and CTF arrangements carrying out regular assessments of the adequacy of systems and controls to ensure that risks are managed effectively.
• Oversee the implementation and application of appropriate AML, CTF, sanctions policies and procedures, the Travel Rule and related regulatory obligations, including the operation of the risk-based approach to AML/CTF.
• Ensure that AML and CTF requirements are considered as part of the development of new services.
• Maintain accurate documentation and records in accordance with regulatory standards and support employee training. 
• Ensure that appropriate records are retained for the required duration and in a format that facilitates retrieval without undue delay.
• Lead the process for the reporting of suspicious activity.

Compliance Monitoring

• Manage and continuously improve the Compliance Monitoring Programme (CMP).
• Conduct regular policy reviews to ensure they continue to meet regulatory requirements.
• Monitor procedural compliance, and promptly identify and address gaps or areas for improvement. 

Reporting & Regulatory Liaison 

• Prepare and deliver regulator management reports to the Management Board (inc. CASP compliance activity, AML/CTF/Sanctions, legislative developments and risk management).
• Prepare and submit periodic reports and required notifications to the AFM and DNB, as necessary, including timely payment of fees and the maintenance of correct authorisations. 
• Coordinate with BitPay group, as necessary, to ensure compliant and consistent support, including delivery of outsourced services. 

Governance and Risk Management

• Assist with the development and operation of appropriate governance arrangements and risk management practices.
• Oversee outsourced arrangements and ensure adequate controls and oversight are in place. 
• Ensure operation of an effective approach to risk management and reporting of risk information to the Management Board.
• Act as a contact point for internal audit activities and supporting the performance of external audits, as required.
• Collaborate with the BitPay group to facilitate the group’s approach to risk management.

Training

• Ensure the Management Board remains informed of the regulatory environment and BitPay B.V.’s approach to meeting regulatory requirements.
• Ensure that BitPay B.V., and employees of the BitPay group that support outsourced service provision receive detailed training, as required, to support compliant operations.
   

Requirements:

• At least 7 years in compliance related business functions covering both financial crime and prudential regulatory requirements, including a minimum of 2 years specializing in regulatory compliance within the cryptocurrency industry.
• 5+ years of proven leadership experience managing compliance teams and driving the development of internal controls, compliance monitoring, and regulatory strategy in a dynamic and regulated environment.
• Varied experience supporting different environments and teams, including both startup/small company settings and large, established companies, demonstrating adaptability and hands-on leadership.
• Strong interpersonal and leadership skills, with the ability to effectively manage and inspire a diverse compliance team, foster collaboration across departments, and build relationships with internal and external stakeholders.
• Ability to influence, motivate, and guide teams while ensuring alignment with compliance objectives.
• Strong background in compliance for consumer, payments, and business (merchant) financial products.
• Ability to work closely with executive leadership, including the Managing Director and Management Board, to align compliance strategy with broader business objectives.
• Exceptional verbal and written communication skills including fluency in english, with the ability to engage regulators, stakeholders, and clients across various levels.
• A track record of success in fast-paced, performance-driven environments, balancing risk management with business growth.
• Prior experience as a statutory director or board-level executive is highly desirable.
• This is a remote role. However, candidates must reside in and be eligible to work in the Netherlands, preferably in Utrecht.

What We Offer

• Collaborate with a team of intelligent, enthusiastic individuals.
• Thrive in a rapidly expanding crypto company with global reach, where your contributions make a tangible impact.
• Work remotely with a generous vacation policy, including the opportunity to take sabbaticals based on tenure and select your own holidays.
• Access to continuous learning and development opportunities, supported by professional development reimbursement.
• Competitive salary package with the option to receive payment in cryptocurrency, along with a crypto match program.
• Stock option awards available to all employees.
• Home office allowance, reimbursement for internet/cell expenses, and complimentary Amazon Prime and Spotify subscriptions.
   

BitPay is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Recruitment Candidate Privacy Notice

Purpose of this Document

BitPay, Inc. and BitPay, B.V.  is a “data controller.” This means we are responsible for deciding how we hold and use personal information about you. This Recruitment Candidate Privacy Notice explains:

• How and why we use your personal data during the recruitment process (whether you apply as an employee, worker, or contractor)
• How long we retain your data
• Your rights under data protection law
   

When we refer to “Data Protection Legislation,” this includes the General Data Protection Regulation (GDPR), the UK GDPR (if applicable), the Privacy and Electronic Communications (EC Directive) Regulations 2003, and related laws.

BitPay is registered with the Chamber of Commerce in the Netherlands under number 58655891.

Data Protection Principles

We will comply with data protection laws and ensure your personal data is:

• Used lawfully, fairly, and transparently
• Collected only for specified, explicit, and legitimate purposes
• Used in ways that are compatible with those purposes
• Accurate and kept up to date
• Retained only as long as necessary
• Kept securely
   

Personal Data We Collect

During the recruitment process, we may collect, store, and use the following types of personal information:

• Information from your application form, CV, cover letter, and any email communications
• Interview notes and your responses
• Assessment or test results (if applicable)
• Evaluation scores based on personal and professional attributes
• Sensitive personal data about your health or medical conditions, if you disclose this during the process
   

How We Collect Personal Information

We collect personal data from:

• You (directly, via application forms, emails, interviews)
• Recruitment agencies or job boards (e.g., LinkedIn, JazzHR)
• Third-party services (e.g., Occupational Health assessments — with your prior knowledge)
   

If You Fail to Provide Information

If you do not provide necessary information (e.g., certifications or references), we may be unable to process your application.

Processing of Sensitive Personal Data

We may collect and process sensitive personal data (e.g., health-related information) for the following reasons:

• To make reasonable adjustments during the recruitment process
• To comply with employment, social security, and social protection law obligations
   

This processing is lawful under Article 9(2)(b) and/or Article 9(2)(a) of the GDPR.

Sensitive information will be stored securely in access-restricted digital folders.

Automated Decision-Making

You will not be subject to recruitment decisions based solely on automated processing.

Data Sharing

If you apply via a third-party recruitment platform, your data may also be processed by them as a separate controller. Their privacy policies are available on their respective websites.

If you apply directly to BitPay, your data will be processed only by BitPay. If you would like us to evaluate your application outside of the platform through which you applied, please let us know in your cover email.

Data Security

We implement appropriate security measures to:

• Prevent unauthorized access, loss, alteration, or disclosure
• Ensure only staff with a business need-to-know can access your data
• Respond swiftly to any suspected data breaches
   

Data Retention

We will retain your personal data for 6 months after we communicate our recruitment decision. This allows us to demonstrate compliance with employment and anti-discrimination laws.

After 6 months, your data will be securely deleted unless:

• We request your consent to retain your data longer for future opportunities
• You explicitly agree in writing to such retention

Your Data Rights

Under data protection laws, you have the right to:

• Access your personal data
• Correct inaccurate or incomplete data
• Request erasure where there is no lawful reason to retain it
• Object to processing based on legitimate interests
• Restrict processing in certain circumstances
• Request data portability to another party
• To exercise any of these rights, please contact us in writing at: [email protected]

Complaints

You have the right to lodge a complaint with the relevant data protection supervisory authority.

Last updated: January 7, 2025