Legal Manager - Compliance & Data Protection

Key Responsibilities

· Personal Data Protection & Privacy Compliance

· Manage and continuously enhance the Group’s Personal Data Protection and privacy compliance framework.

· Review, draft and advise on privacy notices, consent forms, data processing agreements, data sharing agreementsand related documentation.

· Conduct and support Data Protection Impact Assessments (DPIA), privacy risk assessmentsand compliance reviews.

· Partner with business units, HR, IT and external vendors to ensure proper collection, use, storage, transfer and disposal of personal data.

· Monitor and assess developments in privacy and data protection laws and regulations across Malaysia and relevant regional jurisdictions.

· Support the investigation, management and remediation of personal data incidents and data breach matters.

· Develop and deliver awareness programmes, communications and training initiatives relating to PDPA and data governance.

· Maintain data protection records, policies, procedures and compliance documentation.

Anti-Bribery & Corruption (ABC) Compliance

· Support the implementation, monitoring and continuous improvement of the Group’s Anti-Bribery and Corruption Compliance Programme.

· Conduct due diligence, compliance screening and risk assessments involving vendors, suppliers, business partners, landlords and employees.

· Assist in investigations relating to whistleblowing reports, fraud, misconduct, conflicts of interest and compliance violations.

· Review and strengthen internal policies, procedures, controls and governance mechanisms to mitigate compliance risks.

· Monitor developments relating to Section 17A of the Malaysian Anti-Corruption Commission (MACC) Act and other relevant regulatory requirements.

· Prepare compliance reports, presentations and updates for Senior Management, Audit & Risk Management Committee (ARMC) and Board meetings.

· Support periodic compliance reviews, audits and remediation initiatives.

Compliance, Governance & Regulatory Matters

· Support the implementation and maintenance of the Group’s compliance and governance framework.

· Provide practical, risk-based and commercially sound legal and compliance advice to business stakeholders.

· Assist in ensuring compliance with applicable laws, regulations, corporate governance requirements and internal policies.

· Coordinate compliance audits, internal assessments, regulatory reviews and follow-up action plans.

· Liaise with regulators, external legal counsel, consultants and relevant authorities on compliance matters.

· Maintain compliance registers, records, reporting documentation and governance trackers.

· Support policy management activities, including drafting, reviewing and updating compliance-related policies and procedures.

Regional Compliance Support

· Support compliance and governance initiatives across the Group’s regional and overseas operations.

· Collaborate with regional legal and compliance representatives to drive consistency in compliance practices.

· Assist in implementing and standardising Group-wide policies, frameworks and compliance controls across jurisdictions.

· Monitor regulatory developments and emerging compliance risks in relevant regional markets.

Participate in regional compliance projects and governance initiatives as required.