About the job

The Third-Party Risk Manager will oversee and evolve PayU GPO’s Third Party Risk and Merchant Credit Risk Management frameworks, focusing on identifying, assessing, and mitigating risks posed by third-party relationships. The role requires expertise in managing a robust risk management program in a financially regulated global environment and a strong understanding of the payment ecosystem.

What you will do

Manage and mature a strategic, comprehensive and compliant third-party risk management program that defines, maintains and implements policies and processes that enable consistent and effective risk management for PayU GPO in relation to its suppliers
Manage and mature a strategic and pragmatic credit risk management program that defines, maintains and implements policies and processes that enable consistent and effective management of merchant credit risk for PayU GPO
Lead the due diligence process for evaluating new third-party and creditworthiness of merchants and assess ongoing risks associated with existing third parties
Develop and maintain risk assessment methodologies, including evaluating financial stability, operational resilience, fraud exposure, cybersecurity, and legal/regulatory compliance of third parties
Continuously monitor and review the credit risk of existing merchant relationships, conducting regular reviews to ensure credit exposure remains within PayU GPO’s risk appetite
Monitor and assess risk events, breaches, and incidents that involve third parties and merchants, taking appropriate corrective actions
Work closely with other teams such as Procurement, Legal, Compliance, Security and operational teams to ensure risk management practices are integrated into third-party contracts
Work closely with Legal, Operations, Commercial and other business teams to design risk mitigation tools (e.g., letters of credit, reserves, performance bonds)
Support PayU GPO functions in identifying and mitigating third-party and merchant credit risks
Develop a collaborative and effective partnership with key business stakeholders within the organization to build cross-organisational support for key initiatives in the third-party risk and merchant credit risk domains
Coordinate merchant credit risk approval processes and own the merchant risk reporting to PayU GPO Merchant Credit Risk and Credit Risk Committees
Provide timely and comprehensive risk reporting to senior management, identifying trends, emerging risks, and areas for improvement
Provide advice to the business, including PayU GPO and regional leadership teams and relevant boards, in relation to risk taking in the areas of merchant credit risk and third-party risk
Coordinate regular training and awareness programs for internal stakeholders to build a strong risk culture
Act as the subject matter expert for third-party and merchant credit risk management and provide guidance to internal teams, including project management, vendor management, and operational staff
Respond to third party-related incidents or crises, coordinating with relevant stakeholders to mitigate the impact and support business continuity
Develop and regularly test third-party risk contingency plans to ensure the organization is prepared to address significant disruptions caused by third-party failures
Monitor and advise on regulatory developments and in the fields of third-party risk and merchant credit risk
Drive continuous improvements to and automation of third-party risk and merchant credit risk processes

Qualifications and work experience

+7 years of hands-on experience in a third-party risk management, vendor risk management, credit risk management or operational audit role
Hands-on experience with building and managing third-party risk and credit risk programs
Proven ability to identify risk, to communicate it effectively to the organisation and senior leadership and to facilitate pragmatic risk mitigation
Proven experience with driving adoption of change in risk programs and related processes
In-depth knowledge of Polish and EU relevant regulations, as well as understanding of the regulatory and legal environments in the jurisdictions in which PayU GPO is active
Strong understanding of the payment ecosystem, including merchant operations, payment processing, and financial risk
Strong analytical skills and the ability to assess complex risks in a dynamic, global environment
Deep understanding of financial statement analysis, credit scoring models, and risk mitigation strategies
Strong project management skills with the ability to lead cross-functional teams
Excellent communication and interpersonal skills, with the ability to influence stakeholders and drive change
Excellent written and verbal communication skills in English
Relevant certification(s) (e.g. Certified Third-Party Risk Professional, Certified Credit Professional) and/or membership in recognized compliance organizations is an advantage
Experience in working with global third-party risk management programs across multiple jurisdictions is an advantage
Experience in a third-party risk and/or credit risk role in a financially regulated company (especially payments organisations) or an acquirer or a payment network is an advantage
Experience of working with regulatory bodies, specifically in Poland and EU, is an advantage

Soft skills

Strong interpersonal skills with a solution-oriented "can-do" attitude and ability to drive change
Ability to function in a dynamic environment with changing priorities
Ability to manage a distributed structure
Excellent communication skills and formulating conclusions and recommendations
Comfortable with senior stakeholder engagement
Confidence in decision making

Third Party Risk Manager

PayU

Responsibilities

What you will do

Qualifications and work experience

Soft skills

Required skills