Hi Thu. How did you step into your role at Finoa? 

I joined Finoa in January 2022 as the Head of Outsourcing Risk. After seven months, I accepted the opportunity to also lead the AML Unit.

What sparked your interest in the outsourcing field initially?

Some might say this field is boring because it's all about regulations. But what fascinates me is the process of interpreting and applying these regulations in a smart and compliant way. It's about finding the right balance between being in business and managing risks within our risk appetite. We don't want to be slowed down by regulations but rather use them to our advantage and maintain a steady operating speed as a fintech.

How do outsourcing and AML (anti-money laundering) risks intersect?

There is some intersection because as an Outsourcing Officer, I oversee all our external contracts with important partners and make sure that we know what they're doing, how they're performing, and that the contracts are in place. On the other hand, for AML, we also have external suppliers supporting us in our AML processes. So, in this case, as the head of AML, I am responsible for overseeing these external suppliers. It's like I'm chasing myself to make sure the right contracts are in place and that outsourcing control measures are implemented.

What led you to start working in the crypto industry, and ultimately, join Finoa?

In the summer of 2021 Michael Heinks, Finoa’s MD, called me. I knew Michael from our time working together, where he was also my direct board member. He called me and asked, “Hey, are you interested to terminate your contract with your current employer and start working for a crazy two-year-old Fintech in the crypto industry?”

And I thought, “I still have to work for around 20 years, so, YEAH why not?" 

I realized that this opportunity would be far outside of my comfort zone and that I would need to learn a lot because it’s a different working environment and business. And that's exactly why I got so excited and decided to join Finoa. The fact that I already knew and trusted Michael mattered a lot, and on top of that – it's crypto. After all, I still have 20 years to go.

Could you walk us through a typical day in your work week?

Usually, I am a very structured person. I used to plan around 70% of my daily workload, leaving the remaining 30% to changing priorities and new tasks that come up. However, the situation has changed completely, and now I rather plan around 40% so that I can allocate more time to unpredictable requests (which often happens).

As the head of two departments, my first priority is to ensure that both departments are up and running and that operational daily work is completed on time. Currently, we are very busy preparing for upcoming regulations. Most of our time is spent thinking about processes and how we can comply with the new regulations, as well as improving existing ways of working to build a solid foundation. This way we can be ready for the future and for what the new regulations are bringing.

In a fast-paced industry like crypto, how do you go about cultivating a culture of compliance within the company?

Compliance is not too sexy for many people, but we need to try to make it sound exciting by explaining that we’re like the backbone of the company. It is all about communication. For example, we did during our last winter summit a session where all Finoans can be an AML Analyst for a day and try to find red flags to win a prize. With this interactive session, people can get a better feeling of what it means to balance between serving the departments, but also to protect the company from inside and outside attacks. 

I used to say that as long as Finoa doesn't experience any attacks or get fined by the regulator, then we have done a good job because we are working in the background to keep everything up and running. 

If you could give a piece of advice to someone starting a career in risk, what would it be?

Risk Management has a lot to do with regulations so you need a passion for regulations and a passion for finding the gaps, the so-to-say “discretionary scope”. It's like being a detective: you search for the gaps to make it happen but are compliant at the same time.

Finally, what's one thing that you wish more people understood about risk management?

We do not do it because we are funny and want to bother you. We do this due to regulations and to ensure that the company is protected. We all need a second line of defenseanti-money laundering.