Head of Legal, Risk and Compliance

TooMuchWifi is a leading provider of fast, reliable, and affordable internet connectivity to aspirational communities in South Africa.  We are a fast-growing company with a great culture that encapsulates our values: Accountability, Kindness, Integrity, Teamwork, and Hard Work.  

We care deeply about our dedicated and hardworking team, as well as the communities we serve.  

Our purpose, mission, and social impact drive and inspire us every day. 

Our working environment is colourful, fun, collaborative, and kind.  We have come a long way and have amazing stories to tell!  

What we offer:

• Health Insurance and Medical Aid benefits
• Comprehensive Life Cover 
• Free 24/7 Employee Assistance Program (EAP) for all our staff and their family
• Annual performance bonuses and salary increases
• Generous time off (annual leave)
• Birthday leave
• Discounted TooMuchWifi internet packages
• Casual Fridays
• Fun company events
• Staff loans (interest-free)
• Successful candidate placement referral cash bonus for staff

We are looking for a strong Executive with solid business acumen to lead the Legal, Risk  and Compliance function at an enterprise level. The role is ideal for a senior professional  with strong regulatory oversight, experience with contract management, sound  knowledge of ISP regulatory dynamics and experience administering a secretarial  function. 

The role will shape and drive the organisation’s approach to legal, regulatory and risk,  ensuring solid governance while still enabling business growth. The incumbent will be  required to build and mature a high-performing function, embed a strong risk culture and  ensure the company stays aligned with all relevant laws, regulations, and internal policies.  They will also act as a key advisor to the CEO and Executive team, helping balance risk,  compliance, and commercial priorities in a practical way.

The Executive reports to the CFO of TMWF and is responsible for navigating complex  regulatory landscapes, mitigating operational and legal risks and ensuring the company  adheres to telecommunications laws, data privacy standards, and corporate governance. The executive will establish the company’s legal, regulatory, and governance functions,  ensuring that the business operates responsibly, ethically and within the law. They act as  both a guardian against legal liability and an enabler of business growth by transforming  high-level regulations into practical internal procedures. This role requires a mix of sound  business knowledge, particularly working within an ISP, compliance experience and a  practical, process-driven mindset.

• Legal 
• Oversight of drafting, reviewing, and negotiating a wide range of legal contracts  (including supplier, outsourcing, and partnership agreements). 
• Maintaining a structured record-keeping system for all contracts, ensuring proper  tracking, renewals, and compliance with contractual obligations. 
• Compliance Management 
• Ensuring organisational compliance with applicable telecommunications  legislation and regulatory frameworks, including maintaining all required licences  and authorisations, and overseeing strategic engagement with regulatory bodies  such as ICASA. 
• Design, implementation and continuous enhancement of the organisation’s  compliance framework, policies and controls, ensuring effectiveness, scalability  and alignment with regulatory requirements and business strategy. 
• Ensure ongoing compliance with applicable legislation and regulations, including:
• POPIA (Protection of Personal Information Act) 
• ICASA and ISP-related regulatory requirements 
• Occupational Health & Safety (OHS) Act 
• Companies Act and other relevant legislation 
• Cybercrimes Act 
• Electronic Communications Act (ECA) 
• Consumer Protection Act (CPA) 
• Relevant Environmental Regulations  
• Monitoring regulatory changes in laws (e.g., cyberlaw, consumer protection) and  evaluating their impact on business strategy, management and relevant teams. 
• Data Privacy & Security: Overseeing compliance with data protection laws (e.g.,  POPIA), ensuring proper collection, processing, and storage of customer data, and  managing incident responses to data breaches. 
• Risk Management & Mitigation 
• Accountable for the development and execution of the organisation’s enterprise  risk management framework, including identification, assessment, monitoring and mitigation of strategic, operational, regulatory, cyber and third-party risks across  the business. 
• Establish and maintain a structured compliance risk assessment methodology,  ensuring risks are appropriately prioritised, escalated and addressed through  practical, business-aligned mitigation strategies. 
• Define and embed risk appetite frameworks and controls in alignment with Board  and executive direction, ensuring risks are proactively managed and clearly  reported to governance structures. 
• Oversee the preparation and submission of all required regulatory filings and  statutory reports, ensuring accuracy, completeness and compliance with  applicable regulatory requirements. 
• Provide executive-level insight and reporting on key risk exposures, emerging  regulatory risks and mitigation effectiveness to support informed decision-making  at Board and Exco level. 
• Incident Response: Investigating compliance breaches, conducting audits, and  managing relationships with regulatory bodies during inspections. 
• Company Secretarial 
• Monitoring compliance with the Companies Act and applicable corporate  governance requirements. 
• Establish and lead a fit-for-purpose company secretarial and governance function  to support the organisation and the Board. 
• Oversee the effectiveness of the Board and its subcommittees, ensuring robust  governance practices, clear mandates, and high-quality decision-making. 
• Design and implement Board and committee reporting frameworks, providing  clear, actionable insights on risk, compliance and governance matters. 
• Drive the development and embedding of policies and practices that promote a  strong culture of integrity, ethical conduct and accountability across the  organisation. 
• Ensure appropriate governance controls are in place, including oversight of  conflict of interest management and breach reporting frameworks.
• Governance & Policies 
• Accountable for the development, governance and continuous improvement of the  organisation’s internal policy and procedure framework, ensuring alignment with  legal and regulatory requirements. 
• Ensure the establishment of robust internal control frameworks, operational  standards and capability-building programmes to embed compliance into day-to day business operations. 
• Oversee adherence to the organisation’s Delegation of Authority framework,  ensuring appropriate governance, approvals and accountability for all policies and  material decisions. 
• Drive organisation-wide awareness and understanding of compliance obligations,  ethical standards and regulatory requirements through structured enablement and  communication strategies. 
• Champion and embed a strong culture of integrity, accountability and compliance  across all levels of the organisation.

• Business or Commerce Degree, Bachelor of Laws (LLB) degree is an advantage. • Admission as an attorney/advocate is advantageous. 
• 8-10 years’ experience in a business, legal or compliance role, preferably within the  telecoms, ISP, or technology sector.  
• Demonstrate experience operating at senior management or executive level, with  direct exposure to and engagement with a Board of Directors and/or Board  committees. 
• Proven track record of establishing and/or scaling Legal, Risk and Compliance  functions within a complex, regulated environment. 
• Proven experience in: 
• Building a Legal, Risk and Compliance Function 
• Establishing compliance frameworks, monitoring, and reporting. o Legal contract drafting, negotiation, and management. 
• Policy writing and implementation. 
• Relevant regulations.
• Knowledge of ICASA regulations, ISP-related frameworks, POPIA, Occupational  Health & Safety Act and the Companies Act is essential. 
• Strong record-keeping, document management, and organisational skills. • Excellent communication, analytical, and problem-solving abilities. 
• Highly organised with strong capability in managing governance systems,  documentation standards, and compliance reporting structures.