Head of Risk and Compliance
Apply NowAbout OdinODIN is the global leader in Australian mortgage broking and tax services for Australian expats and overseas investors. We operate an ACL-regulated, TPB-registered multi-practice model spanning mortgages, tax, and conveyancing, with offices in Hong Kong, Singapore, Nepal, and Australia. Our loan book sits at AU$640M and growing. Our clients are high-income Australian expats making some of the most consequential financial decisions of their lives — we take the trust that implies seriously.
Our ValuesAt Odin, we operate with high ownership, deep accountability, and an obsession with delivering exceptional customer experiences. We don’t wait to be told what to do. We act like owners, improve every day, and deliver WOW moments for clients and partners. If this resonates with how you approach your work, we’d love to hear from you.
Why Join OdinThis is not a traditional compliance role — it’s a chance to build a future-ready risk and compliance function inside a fast-scaling, multi-jurisdiction financial services business. At Odin, we operate across mortgages, tax, and conveyancing, supporting Australian expats making high-stakes financial decisions. With increasing regulatory scrutiny (ACL, TPB, privacy, cross-border data), the cost of getting compliance wrong is high — and we’re choosing to lead, not react. If you’re someone who wants to move from “monitoring compliance” to designing how compliance should work in a modern, tech-enabled business, this role gives you that platform.
About the RoleThe Head of Risk & Compliance is responsible for end-to-end ownership of Odin’s risk and compliance ecosystem across mortgages, tax, conveyancing, and operational infrastructure. This role is highly operational and hands-on — you will not sit outside the business. You will embed yourself into teams, workflows, and systems to ensure compliance is built into execution, not checked after the fact. Key Responsibilities:• Regulatory, Licensing & External Compliance • Own end-to-end ACL obligations, including responsible lending (NCCP), Best Interests Duty, credit assistance disclosures, lender accreditation, and expat-specific policy disclosure boundaries. • Own TPB compliance across the tax practice and legal compliance across the conveyancing arm, including conflict-of-interest management in the integrated service model.
• Manage the Finsure audit and lender accreditation relationships, drive audit pass rates to sustained best-practice levels. • Liaise with ASIC, TPB, lenders, aggregators, and external counsel on regulatory matters, filings, and material incidents
• Incident Management & Risk Operations (Core System) • Design and operate the compliance incident management system, including taxonomy, SLAs, logging, triage, remediation, and root-cause analysis — as the central nervous system of the risk function. • Establish incident management as the central operating system for risk identification, escalation, and prevention • Embed compliance controls and training directly into Nepal operations, owning offshore data-access audits and remediation of incident root causes at source.
• Privacy, Data & Cyber Risk • Lead privacy, data, and cyber risk: Australian Privacy Principles, cross-border data flows (AU–HK–SG–Nepal), SOC 2 readiness, vendor and AI tooling risk assessment, and breach response.
• Marketing Conduct & AI-Enabled Compliance • Hold final sign-off authority on marketing and conduct risk, ensuring compliance with ASIC RG 234, Spam Act requirements, testimonial rules, and AI-generated content governance
• Design, deploy, and supervise an AI-augmented compliance stack (automated file sampling, policy drift detection, marketing pre-flight checks, regulatory change monitoring) in partnership with the technical team.
• Risk Governance & Leadership • Maintain and evolve the risk register, compliance calendar, and board-level risk dashboard; advise the co-founder group on emerging regulatory exposure and mitigation strategy.