• Design, implement, and scale Praxis’s commercial compliance program in advance of first launch, including policies, SOPs, governance, risk assessment, monitoring and training. • Establish launch-ready corporate compliance controls supporting commercial operations. • Serve as a standing MLR member, providing regulatory, legal, and compliance review of promotional materials. • Ensure alignment with FDA regulations, OPDP guidance, and company standards. • Partner with Commercial and Medical teams to enable efficient, compliant review and messaging. • Define MLR processes, timelines, precedents, and escalation pathways. • Train internal stakeholders on promotional compliance, scientific exchange, and appropriate data use. • Advise on compliant use of clinical, safety, and real-world data across promotional and non-promotional channels. • Conduct launch-focused compliance risk assessments and implement monitoring activities. • Support investigation and remediation of commercial compliance issues in partnership with Legal and HR.

• Own and continuously evolve the Company’s regulatory change management framework. • Monitor and interpret federal and state regulatory developments, guidance, and enforcement trends. • Lead and document regulatory impact assessments across origination, servicing, collections, repossession, disclosures, pricing, and privacy. • Maintain a centralized regulatory inventory and change log, driving end-to-end implementation tracking. • Partner with business owners to coordinate policy, procedure, system, and training updates. • Collect and maintain implementation evidence and deliver clear management and Board reporting. • Support and contribute to Compliance governance activities as needed. • Lead compliance diligence for new state entry and expansion initiatives. • Research and assess state-specific regulatory requirements, including licensing, rate and fee limits, disclosures, servicing, collections, repossession, and consumer protection laws. • Partner with external counsel to validate interpretations and resolve complex requirements. • Prepare state entry compliance assessments identifying key risks, gaps, and readiness requirements. • Conduct regulatory due diligence for lending partners and support onboarding activities. • Coordinate new license applications in partnership with the Licensing Compliance Analyst.

• Ensure the program’s security and operations are in support of SentinelOne, Public Sector cybersecurity, and FedRAMP program policy. • Assist in the maintenance and oversight of security controls to ensure compliance with FedRAMP and other relevant Public Sector security frameworks. • Conduct regular assessments and audits to verify the effectiveness of security controls. • Work with the teams to set and meet quality standards for vulnerability management deliverables. • Support the identification, assessment, and management of security risks associated with the information systems. • Works with other SentinelOne stakeholder organizations (engineering, site reliability engineering, and FedRAMP product management) to maintain and support our Public Sector environments in a compliant manner. • Create and maintain accurate and up-to-date security documentation, including security plans, risk assessments, Plan of Actions & Milestones (POA&M), and authorization packages. • Support the Change Control Board (CCB) by reviewing system changes for compliance implications. • Ensures quality of all Continuous Monitoring (ConMon) deliverables and timely submission to approved repositories for FedRAMP PMO and customer review. • Supports the execution and completion of FedRAMP annual assessments, including analysis and remediation of findings, support gathering/management of audit evidence, and finalization of Security Package documentation such as System Security Plan (SSP), Policies/Procedures, Security Assessment Plan (SAP), Risk Exposure Table (RET), and Security Assessment Report (SAR). • Keeping abreast of changes performed on Federal systems and providing notice of changes to FedRAMP and customers via the Significant Change Request (SCR) process. • Maintains and executes compliance related activities for public sector offerings, including user onboarding/offboarding, customer eligibility validation, regulated package access requests, and performing internal compliance audits. • Collaborate with system administrators, developers, engineers, product owners, and other stakeholders to integrate security measures into the system development life cycle. • Provide support during security incidents, including investigation, documentation, and reporting. • Identify areas of concern and provide recommendations for mitigations and/or remediation. • Stay on top of new technologies and how they can be used to help enhance the overall security posture of our offerings. • Stay current on industry best practices, emerging threats, and changes in security regulations. • Continually seek out new tools that could improve the way we work.

• Ability to be approved by relevant regulatory authorities in the United Kingdom to hold the official MLRO and/or Nominated Officer role(s) for Xapo’s UK future footprint. • Monitoring the regulatory landscape and documenting at least annually a regulatory risk assessment with recommendations based on the results (i.e. Annual Risk Assessment and MLRO’s Annual Report to the Board). • Conduct compliance reviews and analysis of new regulatory developments and maintain oversight of developments affecting business activities, and disseminating these updates to relevant parties across the business. • Maintain and update Compliance policies and procedures to ensure the implementation of appropriate controls that reflect business needs and regulatory requirements. • Drafting Annual and Monthly Compliance Reports, and other such compliance reports as may be required. • Maintaining the AFC Framework and AFC policies and procedures to ensure the implementation of appropriate controls that reflect business and regulatory requirements, supported by a robust Compliance Monitoring Program. • Facilitate risk-based Know Your Customer and Transaction Monitoring programmes to detect unusual activity and investigate and report suspicious activity in accordance to regulatory requirements, including the filing of Suspicious Activity Reports (SARs) and other such reports where appropriate. • Overseeing the operations of the AFC Compliance team, including training, capacity planning, tracking team and individual Key Performance Indicators (KPIs), and Key Risk Indicators (KRIs) for the program. • Planning, organization and execution of day-to-day operational Compliance and AFC compliance activities and working collaboratively with the business to remediate issues identified through testing and support. • Independently investigating and acting on matters related to Compliance & AFC. • Build relationships with relevant authorities, payment schemes, and regulators to ensure we operate in accordance with the latest AFC good practices. • Supporting regulatory inquiries, filings and reporting requirements, ensuring accurate responses and reporting to the Regulator and other Authorities. • Coordinating efforts related to audits, reviews, and examinations. • Work with Compliance and Business leads to provide strategic planning, organisational structure, focus areas, and quarterly goals and key results. • Work with all relevant partners, financial institution partners, card networks and regulatory authorities. • Conduct compliance review and analysis of new regulatory developments and maintain oversight of developments affecting business activities. • Providing guidance, advice, and/or training and educational programs, to improve business understanding of related laws and regulatory requirements.