Regional Compliance & Privacy Officer (Director) – EMEA

Department: Legal

Employment Type: Full Time

Location: EMEA-Switzerland-HQ

Description

Key Responsibilities

• Lead Regional Compliance Program: Serve as the primary owner of the Compliance & Ethics program in EMEA, ensuring that global policies (Global Code of Conduct, Anti-Bribery/Anti-Corruption, HCP Interactions, Privacy, AI Governance, etc.) are effectively operationalized locally. You will translate global strategies into region-specific initiatives that account for local laws, cultural nuances, and business realities. Establish and chair a regional Compliance Committee with cross-functional leaders to drive program oversight and decision-making.
• Privacy and Data Governance: Oversee the implementation of the company’s data protection and privacy program in EMEA, including compliance with local regulations and laws. Serve as the regional champion for data governance best practices, ensuring that personal data is handled in accordance with our global privacy standards and local requirements. Provide guidance on privacy impact assessments, data subject requests, and incident response in coordination with the Global Privacy team. 
• AI Ethics & Governance: Act as the point person in EMEA for our emerging AI governance framework, ensuring that the use of AI and machine learning in our business complies with evolving laws and ethical standards. Monitor regional developments in AI regulations, advise the business on trustworthy AI practices, and help implement controls or training related to AI (in line with global AI policies).
• Regulatory Compliance & Risk Management: Monitor and ensure compliance with all applicable laws and regulations in the region, including anti-corruption laws (e.g. FCPA, UK Bribery Act), healthcare and medical device regulations, competition laws, and industry codes of conduct (e.g. AdvaMed, MedTech Europe). Proactively identify compliance risks by conducting regular risk assessments and audits. Develop and execute mitigation plans to address identified risks, and report significant risks and progress on mitigations to both regional and global leadership.
• Policies, Procedures and Controls: Adapt and implement global compliance policies to reflect EMEA’s legal requirements and business operations. Draft supplemental regional SOPs or guidance where needed to address local regulatory needs (for example, guidelines on interactions with healthcare professionals, third-party due diligence requirements, etc.). Ensure effective internal controls are in place and documented, including pre-approval processes for high-risk activities, due diligence on third parties, and record-keeping for compliance activities.
• Training and Communication: Develop and deliver effective training programs and communications to embed a culture of ethics and compliance. This includes onboarding training for new employees, periodic refresher training on key compliance topics (anti-bribery, privacy, AI ethics, etc.), and targeted training for high-risk roles (e.g. sales, healthcare-facing teams). Use creative methods (interactive sessions, newsletters, internal social platforms) to keep compliance top-of-mind.
• Advice and Business Partnership: Act as a trusted advisor to the business in EMEA. Provide day-to-day guidance to management and employees on questions related to ethics, company policies, and interpretation of laws/regulations. Be a proactive partner in business planning – for example, reviewing new business models, marketing strategies, or partnerships for compliance implications. The goal is to enable the business to achieve its commercial objectives in a compliant manner by finding solutions and giving practical, risk-based advice.
• Investigations and Enforcement: In coordination with the Global Compliance Office, lead investigations into alleged violations of the Code of Conduct or other policies in EMEA. This includes triaging incoming reports (e.g. from the helpline), conducting or overseeing investigative steps, documenting findings, and recommending disciplinary or corrective actions. Champion the company’s Speak Up culture by making it safe and encouraged for employees to raise concerns without fear.
• Reporting and Metrics: Provide regular reports on the status of the regional compliance program to both the regional executive team and the Global CPO. This includes reporting on training completion, open investigations, risk assessment results, key compliance KPIs, and ongoing improvement initiatives. Utilize data to demonstrate program effectiveness and to identify trends or areas needing attention. Prepare materials for quarterly Compliance Committee meetings and contribute regional updates for Compliance Committee reports, as requested by the Global CCO.
• Continuous Improvement: Identify opportunities to enhance the compliance and privacy program in EMEA – be it through new controls, process improvements, or tech solutions. Innovate on how we manage compliance: for example, suggest ways to use data analytics or AI to improve monitoring, or streamline due diligence processes. Stay up-to-date on industry best practices and evolving compliance risk areas (e.g. new digital health regulations, AI ethics guidelines). Share insights and benchmark data with global peers to continuously elevate our program.
• External Engagement: Serve as the company’s compliance representative in EMEA as needed. This could involve engaging with external regulators or auditors during inspections, participating in industry compliance networks or conferences to keep abreast of developments, and benchmarking our program against peers. Build relationships with compliance professionals at partner companies or industry groups to share knowledge and gather emerging best practices.
• Ethical Leadership: Above all, model integrity and ethical leadership in all actions. Gain the trust of employees as an approachable, fair, and reliable leader on compliance matters. Champion our values and “do the right thing” philosophy, ensuring that business leaders in EMEA likewise embrace these principles and drive them into their teams’ daily activities.

Skills, Knowledge & Expertise

• Education: Bachelor’s degree required. Advanced degree strongly preferred (e.g. Juris Doctor, MBA or relevant master’s). Professional certifications (e.g. CCEP, CIPP/E, CIPM, CHC for healthcare compliance) are a plus, demonstrating commitment to the field. 
• Experience: Minimum 10+ years of professional experience, with at least 5 years in a dedicated compliance, privacy, legal, or risk management leadership role. Experience in the medical device, pharmaceutical, or healthcare industry is highly preferred, given the need for familiarity with industry-specific regulations and ethical standards. A track record of building or managing elements of a compliance program (e.g. policies, training, monitoring, investigations) is required.
• Regulatory Knowledge: Strong working knowledge of relevant laws and regulations in EMEA. This includes anti-bribery and corruption statutes (FCPA, local anti-corruption laws), healthcare compliance rules (interactions with healthcare professionals, anti-kickback laws, industry marketing codes), data protection laws (GDPR and local equivalents), and an interest in AI governance and emerging tech regulations. You should understand the “Seven Elements of an Effective Compliance Program” and how to apply them.
• Leadership & Influence: Demonstrated ability to influence senior leaders and drive change. You can effectively champion compliance initiatives to skeptical audiences by linking ethics to business success. Experience “standing up” in senior leadership meetings to present risk analyses or enforce policy is important. Skilled at building consensus and trust across diverse stakeholders (from sales reps up to GMs). Prior experience reporting to or working closely with a Board or audit/compliance committee is a plus. 
• Communication Skills: Excellent communicator, both in writing and verbally. Able to distill complex regulations into clear, actionable guidance for business teams. Comfortable delivering training sessions and town-hall presentations. Strong interpersonal skills – listens well, empathizes with employee concerns, and can handle sensitive issues with discretion and diplomacy. 
• Analytical & Problem-Solving: Sharp analytical mindset with ability to assess complex scenarios and provide pragmatic solutions. Adept at risk assessment – identifying where the company might be exposed and evaluating the significance of those risks. Detail-oriented in investigation and auditing, yet able to see the big picture of compliance strategy. Capable of making tough decisions and advising on ambiguous topics where the “right answer” is not always obvious.
• Integrity and Judgement: Unquestioned integrity, with a strong ethical compass. Willing to speak up and make hard calls to uphold compliance, even if it means challenging senior colleagues. Can maintain confidentiality and act objectively. Demonstrated sound judgment in previous roles, especially when balancing legal/ethical risks with business needs. 
• Organizational Skills: Excellent organizational and project management skills. Able to manage multiple projects and deadlines – for example, rolling out a new training across several countries while also leading an investigation and preparing a policy update. Structured and efficient in documentation and record-keeping (e.g. maintaining training records, investigation files). 
• Cultural Fluency: Experience working across different cultures and within a matrix organization. Adaptable to multicultural environments; ideally fluent in English and (for EMEA/APAC roles) one or more relevant local languages (e.g. Mandarin preferred for APAC, German/French for EMEA, etc., depending on region). Ability to travel internationally (~25% travel) to company offices and events within EMEA. 
• Continuous Learner: Proactive in staying current on compliance trends, new laws, and best practices. [Show enthusiasm for professional development – e.g. involvement with compliance associations or contributions to industry forums is valued.] We seek someone who is fundamentally curious and always looking to deepen their expertise and find innovative ways to improve compliance.