Compliance & Risk Manager
6 - 10 years
Williamsville, NY
$110k - $125k/year
Full-time
Hybrid
1 month ago
About the role
About the Company : Since 1998, Asset Compliant Solutions (ACS) has partnered with lenders across the U.S. to mitigate risk, minimize losses, and improve portfolio performance. That longevity isn't accidental—it’s built on the expertise and commitment of the people who work here. We're a compliance-driven collections and recovery firm where your work directly impacts client outcomes. You won't be a cog in a machine. You'll be part of a team that values what you know, invests in your growth, and treats collaboration and respect as non-negotiables. If you're looking for a place where you can build real expertise and see the results of your contributions, we'd like to meet you.
About the Role : The Compliance & Risk Manager is responsible for overseeing and maintaining ACS’s regulatory, contractual, and internal compliance programs. This role ensures the organization operates in accordance with federal, state, and client-specific requirements while maintaining strong internal controls and audit readiness. The Compliance & Risk Manager works cross-functionally with Operations, Client Experience, Accounting, and Vendor Management to support regulatory licensing, client audit preparation, vendor credential verification, complaint resolution, and internal quality control processes. This position also leads documentation and oversight of company policies, incident response procedures, and compliance frameworks such as SOC audits. This role provides second-line oversight across key compliance and risk domains, supporting leadership by identifying emerging risks, maintaining compliance documentation and evidence, and ensuring ACS remains audit-ready as regulatory and client expectations evolve. The ideal candidate is highly detail-oriented, organized, and experienced working in regulated environments where documentation, audit readiness, and risk mitigation are critical.
Responsibilities :
Qualifications :
About the Role : The Compliance & Risk Manager is responsible for overseeing and maintaining ACS’s regulatory, contractual, and internal compliance programs. This role ensures the organization operates in accordance with federal, state, and client-specific requirements while maintaining strong internal controls and audit readiness. The Compliance & Risk Manager works cross-functionally with Operations, Client Experience, Accounting, and Vendor Management to support regulatory licensing, client audit preparation, vendor credential verification, complaint resolution, and internal quality control processes. This position also leads documentation and oversight of company policies, incident response procedures, and compliance frameworks such as SOC audits. This role provides second-line oversight across key compliance and risk domains, supporting leadership by identifying emerging risks, maintaining compliance documentation and evidence, and ensuring ACS remains audit-ready as regulatory and client expectations evolve. The ideal candidate is highly detail-oriented, organized, and experienced working in regulated environments where documentation, audit readiness, and risk mitigation are critical.
Responsibilities :
- Regulatory Licensing & State Compliance
- Manage all required state licensing for ACS and ensure timely renewals
- Monitor regulatory requirements across jurisdictions where ACS operates
- Coordinate responses to state regulatory audits and information requests
- Maintain documentation required for regulatory filings and licensing
- Maintain a regulatory change management process to identify, assess, and document the impact of new or revised laws on ACS operations
- Coordinate policy updates, operational changes, and internal communications resulting from regulatory change
- Client Compliance & Audit Management
- Coordinate client audits and information requests
- Maintain documentation required for client vendor onboarding and compliance reviews
- Ensure adherence to client contractual requirements and service level agreements (SLAs)
- Support internal teams in meeting client-specific reporting and compliance obligations
- Maintain standardized responses and supporting documentation for recurring client compliance questionnaires and audits
- Vendor Compliance Management
- Oversee vendor credential verification including insurance, licensing, and operational capabilities
- Maintain vendor documentation and renewal tracking
- Partner with Vendor Management to ensure agents and vendors meet ACS and client compliance standards
- Support ongoing monitoring of repossession agents and third parties, including periodic reviews, issue escalation, and corrective action tracking
- Complaint Management
- Track, document, and investigate consumer or client complaints
- Ensure timely response and resolution in accordance with regulatory requirements
- Maintain complaint logs and reporting documentation
- Internal Audit & Quality Control
- Conduct internal compliance reviews to ensure operational processes meet regulatory and company standards
- Identify gaps, risks, or process improvements related to compliance
- Support leadership in implementing corrective actions and process improvements
- Assist with documentation of findings, remediation plans, and follow-up testing to ensure issues are resolved in a timely manner
- Incident Response & Risk Management
- Coordinate response to compliance-related incidents, including documentation and investigation
- Maintain incident response procedures and reporting protocols
- Work with leadership to mitigate operational and compliance risks
- Maintain a compliance risk register documenting identified risks, mitigation strategies, and remediation status
- Prepare periodic compliance and risk updates for leadership
- Information Security and Data Governance
- Provide compliance oversight for information security, data protection, and access management practices
- Partner with IT and leadership to validate adherence to documented security controls and client security requirements
- Support data classification, confidentiality, and retention practices aligned with regulatory and client expectations
- Participate in security risk assessments and control reviews supporting SOC and client audit readiness
- Policy & Procedure Management
- Develop, maintain, and update company policies and procedures
- Ensure policies remain aligned with regulatory requirements and operational practices
- Maintain organized documentation of all compliance policies and internal standards
- Manage version control, review cadence, and evidence linkage for compliance policies and procedures
- Compliance Frameworks & External Audits
- Coordinate and support external audits including SOC compliance reviews
- Prepare and maintain documentation required for audit readiness
- Partner with internal teams and external advisors during compliance reviews
- Act as a primary coordinator for audit evidence requests, sampling support, and auditor communications
- Training & Compliance Awareness
- Coordinate compliance-related training programs, including onboarding and periodic refresher training
- Maintain training records and employee compliance attestations for audit and regulatory purposes
- Support development of role-based compliance guidance and communications
Qualifications :
- 3–7 years of experience in compliance, regulatory oversight, risk management, or audit roles
- Experience working in regulated industries such as financial services, collections, recovery, or lending preferred
- Strong understanding of regulatory compliance frameworks and audit processes
- Experience managing licensing, audits, or regulatory documentation
- Exceptional attention to detail
Skills
Financial Services