General Counsel-Risk and Compliance

Description

Company Description

We are a technology-driven company. We built our business with the purpose of empowering people and improving their organizations, one payment at a time. We started our journey by providing smart and simple payment processing tools and products but haven't stopped there. We are backed by a team of world-class experts and the best technology talent, and we are committed to helping more new businesses get started, increase the revenues of our customers, and bridge the gap between online merchants and payment solutions. Our mission is to give companies the tools they need to change the future of their business.

Job Summary

Payarc is seeking an experienced General Counsel - Risk and Compliance to serve as the company's senior legal authority and trusted advisor to executive leadership. This role is responsible for all legal, regulatory compliance, and risk management functions across the organization. The General Counsel will lead efforts related to PCI DSS compliance, SOC 2 Type II readiness, high-risk merchant program governance, and regulatory oversight within the fintech and payment processing industry. The ideal candidate combines deep legal expertise with a practical, business-forward mindset and thrives in a fast-paced, high-growth environment. This role reports directly to the CEO and is a key member of Payarc's executive leadership team.

Requirements

Legal Leadership & Corporate Governance

• Serve as the primary legal advisor to the CEO, President, and executive leadership team on all legal, regulatory, and compliance matters.
• Draft, review, and negotiate a wide variety of contracts including partner agreements, ISV and ISO agreements, vendor contracts, SaaS agreements, and employment-related documents.
• Manage all corporate governance activities including entity maintenance, board documentation, and corporate records.
• Oversee and manage outside counsel relationships and legal spend across litigation, regulatory, and transactional matters.
• Support M&A activities, due diligence, and any capital-related transactions as needed.

Regulatory Compliance & Risk Management

• Lead and manage all compliance obligations across PCI DSS, SOC 2 Type II, AML, KYC, OFAC, and applicable state and federal financial regulations.
• Serve as the company's primary point of accountability for regulatory examinations, audits, and inquiries from card brands (Visa, Mastercard, Discover, Amex), sponsor banks, and regulatory bodies.
• Develop and maintain a comprehensive compliance framework, including policies, procedures, controls, and internal audit functions.
• Monitor evolving regulations applicable to payment processing, merchant acquiring, and fintech, and proactively implement necessary compliance updates.
• Partner with the Risk Operations, Underwriting, and Finance teams to manage high-risk merchant programs and ensure appropriate legal safeguards are in place.
• Oversee response strategies for chargebacks, fraud-related legal matters, and sponsor bank compliance requirements.

Data Privacy & Information Security Legal

• Oversee compliance with data privacy laws including GDPR, CCPA, and other applicable state privacy regulations.
• Partner with the VP of Information Security to ensure legal alignment on data handling, breach response, and cybersecurity governance.
• Draft and maintain privacy policies, data processing agreements, and vendor data security addenda.

Litigation & Dispute Management

• Manage all litigation, regulatory proceedings, and dispute resolution activities, including coordination with outside counsel.
• Assess legal risk across business operations and develop proactive strategies to minimize exposure.
• Serve as a decision-maker on escalated merchant, partner, and agent disputes with legal implications.
• Other duties as assigned.

Skills / Competencies

• Deep knowledge of payment processing regulatory frameworks including PCI DSS, card brand rules, and sponsor bank compliance requirements.
• Strong understanding of fintech, merchant acquiring, and high-risk merchant industry dynamics.
• Exceptional contract drafting, negotiation, and legal writing skills.
• Ability to translate complex legal and regulatory requirements into practical business guidance.
• Strong leadership, executive presence, and cross-functional collaboration skills.
• Strategic thinker with a hands-on, solutions-oriented approach.
• High degree of integrity, discretion, and sound judgment.
• Excellent verbal and written communication skills.

Qualifications / Experience Required

• Juris Doctor (J.D.) degree from an accredited law school; active bar admission required.
• 8–12+ years of legal experience with a meaningful portion in fintech, financial services, payment processing, or a similarly regulated industry.
• Demonstrated experience managing PCI DSS compliance programs and SOC 2 Type II assessments.
• Prior in-house counsel experience required; general counsel experience strongly preferred.
• Experience advising on high-risk merchant programs, card brand rules, and sponsor bank regulatory requirements.
• Strong background in contract law, commercial transactions, and corporate governance.
• Experience managing outside counsel relationships and legal budgets.
• Familiarity with employment law across multiple U.S. jurisdictions.
• Experience with data privacy regulations (GDPR, CCPA) and information security legal frameworks preferred.

Education Requirements

• J.D. from an ABA-accredited law school required.
• Active bar admission in Connecticut and/or New York required (or eligibility for in-house registration).
• Relevant certifications such as CIPP/US, CIPP/E, or CAMS are a plus.

Physical Requirements

• Prolonged periods of sitting at a desk and working on a computer.
• Ability to participate in virtual and in-person meetings.
• Occasional travel to industry events, regulatory meetings, or other company locations as needed.

PM22