Head of Risk & Compliance

Head of Risk & Compliance – UK at Penfold
About Penfold

Hi, we’re Penfold — we’re building the pension of the future! 🚀

At Penfold, we’re dragging pensions out of the dark ages with a modern, tech-first platform that makes pensions engaging, accessible, and rewarding.

We’re a growing team of 70+ people across London and Tallinn, backed by leading fintech investors. Having raised £20M+, we manage £1BN+ in pensions for over 100,000 savers and thousands of businesses — and we’re on track for profitability next year.

As Head of Risk & Compliance, you’ll be responsible for building and embedding the frameworks that allow Penfold to grow quickly without losing trust — from regulators, customers, or our own teams.

This is a senior, hands‑on role where you’ll act as both a guardian and an enabler. You’ll ensure we meet our regulatory obligations while helping product and operational teams move fast, make confident decisions, and build compliant products from day one.

You’ll hold SMF
16 (Compliance Oversight) and SMF
17 (MLRO) responsibilities and play a key role in shaping Penfold’s long‑term approach to risk, governance, and accountability — with a clear path toward a future Chief Risk Officer role as we scale.

• Design, implement, and evolve Penfold’s compliance and enterprise risk management frameworks, ensuring they’re scalable, proportionate, and regulator‑ready.
• Embed clear processes across the business, supported by strong documentation, governance, and MI.
• Clearly define first‑line ownership of risk and controls, with Risk & Compliance providing effective second‑line oversight, challenge, and support.
• Champion a culture where risk and compliance are understood, owned, and embedded across all functions — not treated as a separate activity.
• Surface and prioritise high‑risk areas, supporting leaders and teams to put robust, workable mitigations in place.
• Proactively identify gaps or weaknesses and address them before they become issues.

• Maintain direct oversight of the most critical risk and compliance activity, stepping in personally on high‑impact or complex issues.
• Support teams across the business with pragmatic, risk‑based advice that enables confident, well‑informed decision‑making.
• Work closely with Operations and customer‑facing teams to understand real‑world processes, risks, and pressures, ensuring controls are practical and embedded rather than theoretical.
• Provide oversight and review of contractual risk, ensuring commercial and customer contracts appropriately protect the business and that material obligations and liabilities are clearly understood and managed.
• Oversee the business’s insurance arrangements, ensuring coverage remains appropriate and aligned to Penfold’s evolving risk profile.
• Develop and evolve risk and compliance tooling, dashboards, and automation to support scalable oversight and timely decision‑making.
• Use regulatory insight, management information, and internal data to anticipate issues before they escalate.
• Set the standard for thoughtful, forward‑looking compliance that supports Penfold’s growth and culture.

• Partner closely with Product and Technology to enable rapid, compliant delivery of new features and propositions.
• Provide early regulatory input so compliance is built in — not bolted on.
• Collaborate with Operations and Customer Support to ensure new journeys, processes, and changes are operationally sound, well‑controlled, and deliver good customer outcomes.
• Help unblock delivery through clear, risk‑based decision‑making.

• Act as SMF
  16 and/or SMF
  17, ensuring systems and controls meet FCA, HMRC, and TPR expectations.
• Own Penfold’s SMCR framework, including Conduct Rules training and Senior Manager accountability.
• Act as a primary point of contact for regulators, building open, constructive, and transparent relationships.
• Manage regulatory reporting, audits, and correspondence.

• Lead, coach, and develop a growing Risk & Compliance team.
• Set clear priorities and delegate effectively…