Group Compliance Director and Group Data Protection Officer

The candidate will be responsible for leading the development, strengthening and management of the compliance, regulatory, governance and data protection functions across the Group, with a key focus on assessing and enhancing the Group’s compliance capabilities and frameworks. The role is also responsible for acting as a trusted adviser to the business, Senior Management, and the Board on regulatory, governance, compliance, and data matters. This candidate will be also responsible for supervising and guiding the compliance officers within the Legal & Compliance function and will report to the Group Head of Legal & Compliance.

The Group is a diversified conglomerate operating across real estate development, asset and property management, REIT management, hospitality, and education.

Job Responsibilities:

REIT Management

• Oversee and maintain the compliance, governance, and data protection framework of the REIT management business, driving effective implementation of controls and ensuring adherence to MAS CMS licence conditions, SGX Listing Rules, Securities and Futures Act requirements, Personal Data Protection Act obligations, and REIT governance standards.

• Drive regulatory engagement and reporting obligations, ensuring accurate and timely submission of statutory filings, returns, and surveys; and serve as a contact person with the Monetary Authority of Singapore (MAS), Singapore Exchange (SGX), and other regulatory authorities to ensure effective resolution of regulatory queries and inspections.

• Oversee KYC documentation, AML/CFT controls, and related regulatory compliance processes in line with MAS requirements, ensuring effective onboarding and ongoing due diligence across the business.

• Review of compliance and governance related segments of the Annual Reports and Sustainability Reports, ensuring accuracy, transparency, and compliance with applicable corporate governance standards, SGX Listing Rules, and regulatory disclosure requirements.

• Support the maintenance, effectiveness and continuous enhancement of the enterprise risk management and internal control frameworks.

Group Compliance

• Establish, strengthen, and maintain the Group’s compliance framework across all business units, embedding consistent standards and scalable controls to support the Group’s continued growth, including insider trading, AML / CFT, and whistleblowing.

• Design and deliver Group-wide compliance training and awareness programmes.

• Monitor regulatory and legislative developments across relevant jurisdictions (including MAS, SGX and other applicable regulators), and assess their impact on the Group, recommending appropriate policy and control enhancements.

• Prepare consolidated compliance reports and dashboards for Senior Management and the Board, highlighting the status of compliance programmes, key incidents, and regulatory developments.

• Conduct Group-wide compliance risk assessments to identify control gaps and emerging risks, and drive remediation actions with relevant business units.

• Manage material compliance incidents and regulatory breaches at Group level, including escalation, root cause analysis, remediation oversight, and regulatory engagement where required.

Data Protection & Privacy Governance

• Ensure enterprise-wide compliance with applicable data protection laws and regulations, including the Personal Data Protection Act (PDPA), and provide oversight on data protection governance, risk management, and breach response across the Group.

• Establish and maintain the Group’s data protection and privacy governance framework in alignment with PDPA and other applicable privacy laws.

• Provide expert advisory to business units on personal data handling requirements, including collection, use, disclosure, retention, and cross-border transfer.

• Oversee and coordinate the management of personal data breach incidents, including investigation oversight, regulatory notifications, and remediation governance.

• Oversee privacy impact assessments, compliance assurance reviews, and organisation-wide training and awareness programmes.

• Serve as a point of engagement with Senior Management, regulators, auditors, and external advisers on data protection and privacy matters.

• Drive continuous enhancement of data protection governance standards and maturity across the Group.

Job Requirements:

• Degree in Law, Accounting, Finance, Business or equivalent from an established university.

• Minimum 12 years’ experience in REIT compliance, MAS/SGX regulatory roles, internal or external audit, or related governance functions within a regulated or listed environment.

• Strong knowledge of SGX Listing Rules, Securities and Futures Act, MAS regulations, PDPA requirements, and corporate governance frameworks.

• Proven experience implementing and managing compliance frameworks across listed and/or multi-entity organisations, including AML/CFT, insider trading, whistleblowing, and data protection obligations.

• Proven experience in data protection and privacy compliance (PDPA), including acting in a DPO or equivalent advisory capacity, given that the role carries the Group Data Protection Officer designation.

• Strong analytical skills with ability to independently interpret and apply regulatory requirements across business operations.

• Proficient in written and spoken English.

• Strong stakeholder management skills with experience in engaging senior management, boards (on Board papers, compliance reports, and governance-related materials), regulators, and auditors.