• Develop a strong understanding of key business processes and internal controls, including those supported by technology or automation • Continuously rationalize and refine the SOX program relative to company changes and emerging risks • Conduct annual SOX risk assessment, financial statement line item mapping, and materiality determination • Partner with and educate business process and technology leads around the design, implementation and documentation of key processes controls • Lead the external co-sourced team across all aspects of the SOX program, including walkthroughs, testing and reviewing controls, and remediation guidance • Assist in the selection, assessment and implementation of internal and external tools to enhance SOX program management and testing • Act as a liaison with the external auditors during all phases of their audit • Prepare materials and present updates on SOX program to the SOX Steering Committee and Audit Committee

• Execute system documentation for legacy and archival data systems • Perform standard system crawling and metadata capture activities • Validate metadata accuracy and completeness against established quality standards • Coordinate with Data Owners and Stewards to gather and verify metadata attributes • Document data lineage, business definitions, and technical specifications • Maintain metadata records in interim repository systems • Support SME validation sessions by preparing materials and capturing outputs • Perform data quality assessments using established rule frameworks • Support final validation activities and enterprise catalog ingest preparation • Contribute to usability testing and user acceptance testing (UAT) sessions • Maintain compliance with documentation standards and processes

• Define and execute Circle’s global fraud risk strategy, aligned with enterprise risk appetite, regulatory standards, and local licensing requirements (e.g., money transmission, e-money, payment services, and virtual asset regulations) • Develop and maintain the enterprise fraud risk framework, policies, and controls, covering threats such as synthetic identity fraud, account takeovers, authorized push payment fraud, internal misconduct, social engineering, scams, and emerging typologies (e.g., deepfakes, AI-driven impersonation, mule networks) • Lead the design and maintenance of Circle’s documented Fraud Risk Management Program, addressing both internal and external fraud consistent with Circle’s regulatory obligations across jurisdictions • Lead or partner with relevant stakeholders (e.g., Compliance, Legal, Finance, Talent, Security) to investigate suspected or actual internal wrongdoing, ensuring timely incident reporting to the NYDFS, or other regulatory requirements and maintenance of complete records for regulator review • Oversee or support investigations into suspected or actual internal or external fraud, escalation protocols, and retention of comprehensive case documentation in line with regulatory expectations • Oversee a comprehensive fraud risk management program that demonstrates compliance with regulatory expectations, including those from FinCEN, OCC, FCA, MAS, AMF, ACPR, and other key global regulators • Lead fraud analytics and oversee detection systems and AI-driven tools to identify emerging patterns while minimizing false positives and customer friction • Ensure fraud risk management is embedded across Circle’s control environment, including financial crime compliance (AML/CTF), cybersecurity, product risk, and operational resilience programs • Conduct fraud risk assessments across products, customer segments, channels, and geographies, ensuring risks are identified, mitigated, and reported to senior management and regulators where required • Define and monitor key fraud metrics (KPIs and KRIs) to assess performance, support enterprise risk reporting, and evidence compliance with ongoing regulatory obligations • Serve as a key liaison with regulators, law enforcement, and industry partners, representing Circle in fraud-related matters and ensuring Circle meets its regulatory disclosure, escalation, and remediation duties • Ensure the fraud program remains dynamic and continuously evolving, with regular effectiveness reviews, testing, and updates to reflect emerging threats, operational changes, and evolving regulatory expectations globally • Drive continuous improvement through root-cause analysis of incidents, technology innovation, and process optimization.

• Analyze data sensitivities, business requirements, and regulatory data protection requirements which apply to company data assets. • Develop and maintain frameworks and processes to ensure appropriate data access for users. • Partner with Security, Identity and Access Management (IAM), and Development teams to implement tools to manage approval processes. • Perform on-going audits of data access privileges, and respond to needs of external auditors. • Educate data owners and data stewards on best practices for Access Management and Data Governance. • Coordinate with Legal, Privacy, Compliance, Security, and IT to develop a holistic administrative governance program for the selected data assets.