CFOtech Australia - Technology news for CFOs & financial decision-makers
Australia
International Women’s Day
392 opinions Read now

Guides

#
artificial intelligence
#
data analytics
#
digital transformation
#
fintech
#
health technologies

Search

Mariana
#
Data Protection
#
Fintech
#
Risk & Compliance

Zepto names Mariana Paun chief business resilience lead

Wed, 25th Feb 2026
Author image
By Joseph Gabriel Lagonsin, News Editor

Australian payments company Zepto has created a new executive position, Chief Business Resilience Officer, and promoted Mariana Paun to the role.

The appointment brings Information Security, Operations, and Risk and Compliance under one executive. Zepto positioned the move as a response to shifting regulation and changing expectations around fraud prevention and payment protections across Australia's real-time payments ecosystem.

New remit

The role centralises security, operational oversight, and regulatory compliance as the sector faces increased scrutiny over scams and consumer protections. Recent changes include the rollout of the Scam Prevention Framework and evolving PayTo liability settings, which shape how responsibility is shared across banks, payment providers, merchants, and other participants.

Zepto said these developments require closer alignment between technology, operations, and risk and compliance. The company processes more than AUD $90 billion in account-to-account payments each year, according to the business.

Co-founder and CEO Matt Cheers linked the new role to Zepto's growth and the mission-critical payments it processes.

"As Zepto continues to scale and power mission-critical payments, resilience and trust are fundamental to everything we do," Cheers said.

He said the change reflects a broader approach to risk management across the organisation.

"We've created this role to ensure we continue to lead from the front - bringing together the capabilities needed to manage risk holistically, strengthen protections for businesses and their customers, and support the long-term resilience of Australia's real-time payments infrastructure," he said.

Internal promotion

Paun joined Zepto more than three and a half years ago as its first dedicated security hire. She built the security function and later expanded her remit to include Operations, covering service delivery, disputes, and incident management.

She has held senior security governance, risk, and compliance roles at Afterpay, Block, and Littlepay. Her career includes periods of rapid growth as firms scaled infrastructure and security practices across multiple markets.

Paun said resilience should be defined more broadly to include trust, operational performance, and risk controls.

"Resilience is not just about managing risk - it's about enabling innovation safely and maintaining trust with customers, partners and the broader ecosystem," she said.

She also described security and compliance as foundational to the company's operating model.

"At Zepto, security and compliance aren't just obligations - they're fundamental to how we build trust and deliver value to our customers. Strong security foundations are essential to supporting payments infrastructure and protecting the flow of client funds - and that's non-negotiable," Paun said.

Regulatory backdrop

The new role comes as policymakers and regulators push for tougher scam-prevention standards and clearer accountability when customers are defrauded. Australia has faced rising scrutiny over authorised push payment scams and identity-linked fraud, fuelling debate about reimbursement, customer warnings, and how responsibility should be allocated.

PayTo, an account-to-account payment mechanism that allows customers to authorise payments from their bank account, has its own rules and commercial arrangements. Changes to liability settings can affect how payment service providers manage disputes, monitor transactions, and work with counterparties across the payments chain.

These shifts can increase operational load for payments firms and require stronger governance, clearer controls, and more formal escalation, incident, and response processes. Bringing security, operations, and compliance under one executive can reduce handoffs when incidents span multiple functions.

Product context

Zepto operates in real-time account-to-account merchant payments. It works with merchants through an API that connects directly to customers' bank accounts.

The company also highlighted its fraud-prevention tools. Zepto Validate uses Confirmation of Payee, a name-checking approach designed to reduce mistaken or fraudulent payments by verifying details before a transfer proceeds.

Paun linked the resilience remit to broader industry changes that are bringing payment security and identity closer together.

"As payments and identity become more closely connected, resilience becomes even more critical," she said. "This role ensures we continue to embed security, risk management and operational excellence into everything we build."

Related stories
Aon pilots stablecoin premium payments with Coinbase, Paxos
Finastra adds real-time AI fraud checks to payments
RedotPay expands global crypto payments with new licences
Avalara NEXT 2026 to spotlight 'agentic' tax automation
Payoneer, FundPark launch eCommerce credit for sellers

Top stories

AI-fuelled crime drives illicit funds to $4.4 trillion
Cryptio raises USD $45m to scale digital asset ERP tools
Modern Treasury joins Mastercard crypto partner push
saas.group tops USD $100m ARR as AI drives next phase
Fairview selects Workday to modernise HR, finance, supply