About Tomás Miguel
Compliance & Risk Expert with 10+ years in regulated industries (Fintech, Agribusiness, Oil & Gas, Retail, Pharmaceuticals). Skilled in CMS, ISMS, audit frameworks, and corporate governance. Expertise in regulatory risk, process optimization, and digital transformation, ensuring compliance with ISO/PCI/Regional standards, AML/CFT, and sector mandates.
Spanish
Native or bilingual
English
Native or bilingual
Portuguese
Fluent
French
Fluent
Can work on-site
Barcelona (up to 50km)
Experience
- OneboxInformation Security, Risk & Compliance SpecialistJanuary 2025 - Today (1 year and 6 months)Led ISO 27001:2022, ISO 27701, ENS (Spain), and Omologazione (Italy) certifications, integrating information security and privacy into a unified ISMS deployed across 14 countries in LATAM and EMEA. Coordinated internal and external audits achieving on-time certification. Drove PCI DSS v4.0 compliance for ticketing payment infrastructure, managing the QSA audit process and obtaining certification as Merchant and Service Provider. Designed an enterprise-wide Compliance Management System based on the Three Lines of Defense model, defining roles, controls, and governance structures. Developed and implemented a Criminal Liability Prevention Model (MPDP), establishing risk maps, internal controls, disciplinary protocols, and reporting channels to mitigate corporate criminal exposure across all operating jurisdictions.
- NemuruOperations & Compliance CoordinatorJanuary 2020 - January 2025 (5 years)Developed and enforced AML/CFT compliance policies, including risk assessments, transaction monitoring, CDD/EDD measures, and SAR filings. Managed ISMS and ISO 27001/27701 certifications, ensuring compliance with data protection standards and achieving a 20% reduction in security incidents. Led compliance risk management by establishing RCSA matrices, conducting gap analyses, and executing remediation plans, resolving 80% of audit findings. Implemented a control framework under the Three Lines of Defense model, using a RACI matrix to define roles for risk ownership, oversight, and independent assurance across the organization.
- Ernst & Young,Strategy, Operations & Compliance ConsultantJanuary 2017 - January 2019 (2 years)Provided regulatory compliance and risk management advisory across agribusiness, retail, pharmaceuticals, and energy, ensuring adherence to sector-specific regulations, governance frameworks, and international standards. Optimized financial compliance in the agribusiness sector through transaction monitoring, supply chain due diligence, and regulatory assessments, achieving a 70% improvement in audit conformity. Automated regulatory controls in the retail industry via BPMN, enhancing workflow standardization and audit traceability, resulting in a 25% reduction in compliance deviations. Developed enterprise risk frameworks in the pharmaceuticals sector, integrating quantitative risk modeling and internal control structures to mitigate 85% of systemic compliance risks. Implemented compliance training programs across the energy industry, strengthening regulatory awareness, audit procedures, and risk mitigation strategies throughout all operating jurisdictions.
Recommendations
Be the first to recommend Tomás Miguel
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master Compliance OfficerUCM – Universidad Complutense de Madrid2025Master Compliance Officer
- Interna�onal Diploma in Sustainability and ESG AnalysisCapacitaRSE - Execu�ve Educa�on Center2018Interna�onal Diploma in Sustainability and ESG Analysis