Product Manager

About Width

Width is an AI-native compliance platform that unifies KYC, KYB, AML, fraud detection, transaction monitoring, case management and regulatory reporting into a single connected system. Built on the foundations of an award-winning RegTech platform trusted by 500+ clients across 180+ jurisdictions, Width represents the next-generation evolution: deeper AI automation, a full risk lifecycle approach, and regulator-ready auditability by design.

We serve banks, fintechs, digital asset platforms, corporate service providers and other regulated businesses across APAC and globally.

The Role

We are looking for a Product Assurance & Governance Lead to own Width's release discipline, AI governance, and certification readiness — keeping the platform defensible, audit-ready and regulator-trusted as it scales.

This is fundamentally a product design and systems-thinking role. You will build governance infrastructure from scratch: designing the logic, workflows, evidence structures and control mechanisms that make a complex AI-powered SaaS platform safe to ship at speed. If you have spent your career executing policies others designed, this is not the role. If you have designed the policies, workflows and systems themselves — we want to talk.

You will report to the Chief Product Officer and work closely with the CEO and CTO.

What You'll Do

Release Governance — Design and Operate

• Design and own the risk-tiered release gate framework (Tier 1 / 2 / 3) — including the logic for how changes are classified, what evidence is required, who signs off and how escalations flow
• Write the go/no-go checklist from first principles; ensure every release has traceable risk classification, test evidence, rollback plan and post-release monitoring hooks
• Partner with Engineering on secure SDLC integration — design governance that shifts left into the development pipeline, not bolted on at the gate
• Lead post-incident reviews: diagnose systemic root causes, redesign process to prevent recurrence

AI Model Governance — Build from Scratch

• Design and own the AI Model Inventory: registration schema, versioning logic, risk classification framework (low / medium / high-impact), intended-use documentation and retirement workflow
• Define the revalidation cadence and evaluation criteria for every production model; design drift monitoring and quality-regression frameworks in coordination with ML engineering
• Design human-in-the-loop checkpoints, guardrail specifications and failure-mode documentation for every AI-powered feature
• Define incident-response workflows for agent failures, hallucinations and model drift — including how these get escalated, contained and communicated

Regulatory & Certification Roadmap

• Maintain Width's regulatory obligation register and translate incoming regulatory changes into product-level requirements — ahead of enforcement deadlines, not after
• Drive certification roadmap: ISO 27001 (held), ISO 27701, ISO 42001, SOC 2 Type II, IMDA AI Verify, MAS FEAT — own scoping, evidence pack design, auditor liaison and remediation tracking
• Produce audit-ready evidence packs: control narratives, sample evidence, change logs and exception registers — written to a standard that external auditors and enterprise clients can rely on

What We're Looking For

Non-negotiable

• 5+ years designing governance, risk or control systems — not executing them. You have built the checklists, frameworks and workflows that others follow, not been the person following them
• Demonstrated product design instinct — able to take an abstract requirement (a regulatory standard, an audit finding, a risk scenario) and translate it into a concrete, repeatable operational system with clear logic and clean documentation
• Strong AI-governance literacy — comfortable reasoning about model risk classification, drift, bias, hallucination, prompt injection, data leakage. You understand LLM-specific failure modes at a systems level
• Hands-on ISO 27001 / SOC 2 experience — pre-audit preparation, live fieldwork, remediation — not just awareness of the standards
• Exceptional documentation discipline — your written output is precise, structured and requires minimal editing. You write PRD-grade narratives and control descriptions, not bullet-point summaries
• Stakeholder management across technical and non-technical audiences — engineering, external auditors, enterprise clients, regulators
• Fluent in written and spoken Chinese & English. Able to communicate seamlessly in Chinese with internal product and R&D teams, and conduct bilingual business interactions with external clients.

Domain knowledge

• Familiarity with APAC regulatory frameworks (MAS, HKMA, FATF) is useful context — but we care far more about how you design systems to respond to regulatory change than whether you can recite regulatory requirements
• Background in regulated financial services or enterprise SaaS is helpful; we will consider strong candidates from adjacent industries where the governance and product design fundamentals are equivalent

Nice to Have

• ISO 42001 or AI management-system implementation experience
• Secure SDLC / DevSecOps — pipeline controls, SAST/DAST, SBOM management
• Direct experience with MAS FinTech regulatory sandbox or equivalent.
• Exposure to model-risk management frameworks (SR 11-7, OCC 2011-12) adapted for ML/LLM systems
• CISSP, CISM, CIPP/E or equivalent certifications

Most people who apply will claim experience in compliance and product management. We are not looking for someone who has used compliance tools or executed compliance workflows. We are looking for someone who has designed them — the logic, the structure, the evidence requirements, the escalation paths. If you can describe a governance system or product control mechanism you built from scratch, including what problems you solved in the design, we want to hear from it.

Why Width

• Foundational role — build the governance function from the ground up, not inherit a legacy system
• Your work directly shapes how AI-powered compliance products are shipped to 500+ businesses and 3,500+ compliance professionals
• Leadership team with deep domain expertise across banking, insurance, consulting and technology
• RegTech100 (4×), MAS FinTech Award winner, Chartis FCC50 Market Disruptor, ISO/IEC 27001 certified
• High-growth, expanding across APAC — Singapore, Hong Kong, Taiwan, Korea, Japan