Agenda 2022
Agenda 2022
OpRisk North America Agenda
13:00 – 14:00
Best practices in Risk and Control Self-Assessment
Financial Institutions are required to demonstrate an in-depth understanding of their most pressing operational risks and be able to clearly evidence what activities they are undertaking to manage, control and mitigate them. Risk and Control Self-Assessment processes are a popular approach and are actively used by banks, insurers and asset managers, to identify and assess their operational risks in an efficient way. Few organisations have been able to fully realise the potential of carrying out RCSAs. Join this interactive workshop to better understand:
- How you can better benefit from your RCSAs and identify any existing gaps
- How to effectively assess if your RCSAs are up to date
- How you can make your RCSAs are as informative as possible
Ariane Chapelle is an honorary reader at University College London (UCL) and is an internationally recognised trainer and consultant in risk. She teaches Operational risk measurement for financial institutions and is a fellow of the Institute of Operational Risk..
Chapelle founded and runs her adivsory and training practice in risk management, serving financial organisations and international institutions of all sizes, including central banks and UN agencies. She is a former holder of the chair of international finance at the University of Brussels with backgrounds in internal audit, credit risk and investment risk. She has been active in operational risk management since 2000 and was formerly head of operational risk management at ING Group and Lloyds Banking Group.
07:45 – 08:50
Registration, coffee and networking
Grab a coffee, croissant and chat with your peers. A light breakfast will be served.
Breakfast briefings start from 8 am.
08:00 – 08:50
The great resignation: the new kid on the block keeping us awake at night breakfast briefing
The pandemic changed so many things, from the way people work to key priorities. Emerging from this period, many are rethinking work, family and the day-to-day grind. The great resignation is real and the financial services industry has not escaped unscathed. How are leading firms dealing with high turn-over, a skills shortage and weaning interest from new graduates?
Join industry leaders as they explore
- Strategies to retain talent and acquire new graduates
- Encouraging employee engagement
- Developing inclusivity
- Creating interest around current vacancies
- Planning for the future workforce
- Improving leadership management skills
Shelly, in her role as VP Operational Risk at Daily Pay, is responsible to establish an operational risk framework from ground up, evaluate and mitigate emerging risks, and create a risk informed culture in a hyper growth business. Daily Pay is a leader in the On Demand Pay industry and Shelly is enabling business growth by continually improving its operational processes and Institutionalizing risk management by design. Prior to DailyPay, Shelly spent 10 years at American Express in various first and second line roles. In her last role at Amex, she led global operational risk for Travel Lifestyle Services (TLS) business in 22 markets, responsible to evaluate and mitigate business risks and risk oversight functions like Compliance Risk Assessment, Process Risk Self Assessment, Third Party Lifecycle management, Business Self Testing etc. She also spearheaded the build of control framework, oversight in emerging markets like China and Manila, and Global Business Travel, an AXP critical joint venture. She also had solid experience in Privacy Laws having worked in Privacy organization and partnering closely with Privacy, compliance and Legal on a regular basis. Shelly has a Technology background and is hands on to work with technology in assessing technology processes for risks or working on enhancements to risk management processes and programs.
Shelly likes to volunteer her time at St Joseph’s Center and Community Food Bank of NJ. She also volunteers to teach elementary kids math and coding.
09:00 – 09:30
5 key priorities for op risk professionals today
Join US regulatory and supervisory bodies as they explore their top priorities from operational, cyber, concentration and cloud risk through to failovers
Prior to joining Risk, he reported on the futures and foreign exchange industries for Dow Jones' Financial News and the Euromoney group of publications. Osborn holds a bachelor's degree in English literature from the University of Warwick.
Arthur Lindo (Art)
Deputy director for policy
Federal Reserve Board's Division of Supervision and Regulation
Arthur Lindo (Art) is the Deputy Director for Policy in the Federal Reserve Board’s Division of Supervision and Regulation. His principal responsibilities include overseeing the development and assessment of the effectiveness of Board regulations and policies affecting the financial services sector and coordinating the Board’s domestic and international regulatory programs. He also advises the Board on emerging policy matters that have implications for the supervision and regulation of the financial services sector. Art is an active participant in various committees in the Federal Reserve System and is the Chairman of the Basel Committee’s Operational Resiliency Working Group.
Art has a BA in Accounting from the Catholic University of America and a MBA in Finance from the George Washington University.
Kevin Greenfield is the Deputy Comptroller for Operational Risk at the Office of the Comptroller of the Currency (OCC).
In this role, Mr. Greenfield oversees development of policy and examination procedures addressing operational risk, bank information technology, cybersecurity, critical infrastructure resilience, payments systems, and corporate and risk governance. He assumed these responsibilities in November 2019.
Prior to this role, Mr. Greenfield served as the Director for Bank Information Technology for the Operational Risk Division where he managed a team responsible for developing, communicating, and interpreting policies for the OCC's supervision of technology operations at financial institutions. He represented the OCC on several interagency groups that focus on coordination and development of information technology risk management supervisory guidance for such topics as information security, resiliency, technology operations, corporate governance, and independent risk management.
Prior to being named Director for Bank Information Technology in 2014, Mr. Greenfield spent 14 years with the OCC's Large Bank Supervision Department, where he gained experience examining large and complex technology operations at several of the largest U.S. financial institutions. In this role, he held various technology supervision roles at large financial institutions based in Pittsburgh, Charlotte, and New York City.
Mr. Greenfield is a graduate of the University of Dayton and holds the Certified Information Systems Auditor professional certification.
09:30 – 10:00
Lost in (digital) transformation: how risk, resilience, and digital are converging
Sponsored by:
Transformations are inevitable and success is not optional. There are many factors that drive changes and transformations, but all are reacting to existing risks and all present new risks, perhaps more now than ever before. The traditional approach has relied heavily on managing financial risks and project risks, including change management, but the pace of change and the cost of failure are too great to rely on analog transformation techniques. In this session, you’ll learn how digital disruptors are employing a resilience-first mindset by:
- Collaborating across first and second-line teams to understand risk, compliance, and control implications holistically
- Driving end-to-end solutioning that stretches beyond teams, businesses, groups, and lines of defense
- Gaining greater visibility of control effectiveness and changes in risk levels while reducing operating costs
Laurén Robbins To is the General Manager of ServiceNow’s Financial Services business unit. Named by IBM and FinTech Magazine as a 2020 “Top 100 Women in FinTech,” Laurén is responsible for co-creating industry solutions through strategic design partnerships with customers and bringing those solutions to market. Under her leadership, ServiceNow launched the Financial Services Operations industry product, which has driven business transformation for top financial institutions. Prior to ServiceNow, Laurén built and led the Corporate & Investment Banking vertical at Salesforce. She began her career as a banker in both the Investment Banking and Debt Capital Markets organizations at Deutsche Bank. Laurén is based in New York City and holds a bachelor’s degree from the University of Pennsylvania in Economics and Mathematics.
Bob Rose
Group business continuity implementation officer- wealth and investment management
Wells Fargo
Greg Kanevski, is the Global Head of Banking for ServiceNow serving as the company’s subject matter expert and leading the strategic plan for products within the Retail and Commercial Banking sector.
Prior to ServiceNow, Greg lead a centralized group of experienced professionals managing risk for a diverse number of business lines including Technology, Corporate Security and Data Management. His team was accountable for the first line risk responsibilities including assurance, risk assessments, program governance & execution as well as quantification analysis. Prior to this role, Greg managed a team of more than 300 security and technical professionals with an annual budget of $40M and a capital budget of approximately $65M that were focused on identity, data management and infrastructure security. Greg quickly earned respect by rebuilding the function in less than one year, as well as embarking on a modernization effort focused on an end-to-end integration & automation that reduced expenses. Prior to joining Citizens bank, Greg spent more than 20
With 14 years of Financial Services industry experience, Rob currently leads the Internal and External Loss Data team within Operational Risk Management at PNC. Rob has developed new risk frameworks and identifies and provides risk management and control solutions to address high profile and complex problems. Rob has overseen acquisition duties including integration of enterprise-wide risk data. Prior to joining PNC, Rob spent 7 years at BNY Mellon with positions in Asset Servicing and Global Markets. Rob has a keen eye for process improvements and automation using technology in the risk management and data analysis space.
Rob has held leadership roles at both PNC and BNY Mellon and holds a BSBA with a concentration in Economics from Robert Morris University and an MBA with a concentration in Management Information Systems from Point Park University.
10:00 – 10:40
How are leading FIs keeping pace with operational resilience expectations? Empirical insights from practitioners panel
Sponsored by:
Over the past decade, the financial services industry has faced an evolving landscape, with growing threats to operations, IT systems, offices and workforce. From the prevalence of third party risks through to natural or man-made crises, the emphasis on preparedness and response has never been so crucial to sector wide resilience and maintaining public confidence.
- Macro: How we can develop more robust operational resilience in the banking industry
- Complying with regulatory mandates: how do you recover from physical events?
- Process improvement and management: reviewing to consider current threats
- End to end mapping of underlying assets
- Developing a risk tolerance statement: when would you start feeling the pinch?
- Techniques with data, systems, tools and other capabilities which can help us understand a firm’s ability to overcome a given situation and its true resilience.·
Vishal Thakkar is Chief Risk Officer at OCC, the world's largest equity derivatives clearing organization.
In this role, Mr. Thakkar is responsible for implementing OCC's Risk Management Strategy, which includes Enterprise Risk Management, Third Party Risk Management, Model Risk Management, Strategic Risk, Model Validation and Model Risk Governance areas.
Previously, Mr. Thakkar led the Enterprise Risk Management function for OCC and was responsible for designing a sound risk management framework with processes and systems to conduct risk assessments, support risk management decisions and prepare the company’s risk profile. He previously served as First Vice President of Financial Risk Management (FRM), Risk Advisory Services where under his leadership, FRM defined a transformation roadmap and significantly strengthened the risk and control environment to enhance process effectiveness and meet regulatory requirements. Mr. Thakkar first joined OCC in 2016 as First Vice President, Internal Audit and was responsible for leading Technology and Operations Audits for the company.
From 2004 to 2016, Vishal held internal audit and risk management roles for Southern Company Gas, most recently serving as Director Internal Audit, Corporate/Shared Services and Regulated Operations and prior to that as Senior Manager of Risk Management. Before joining Southern Company Gas, Vishal served in a variety of consulting, operations, and technology roles at Accenture and MCI.
Vishal earned both a bachelor’s degree in information systems and an MBA in entrepreneurship from DePaul University. A member of the Institute of Internal Auditors and ISACA, Vishal has been a regular speaker at industry events. He is a Certified Information Systems Auditor and a Certified Fraud Examiner.
With many years of experience deploying business continuity and risk management platforms globally, Rich Cooper oversees customer success and business development for large, global accounts.
Rich has more than 20 years of experience in the business continuity and risk management marketplace, running programmes and implementing software in both Europe and North America for some of the world’s largest organsations. He has an MBCI certification from the Business Continuity Institute.
Michele Ushkowitz
Managing director, Americas, and head, operational risk
SG Corporate and Investment Banking
Michele was appointed to Americas head of operational risk in July 2016 reporting to the chief risk officer. Responsible for defining the goals, missions, day-to-day management of the overall operational risk management framework including data, technology and business continuity risk, cyber security risk management, third-party risk management, control testing and global risk monitoring teams.
Michele’s career at Société Générale began in 1993 and has worked in all three lines-of-defense. Her career began as a manager in internal audit. In 1999, Michele moved to San Francisco and worked in the investment banking division. She has held various positions in operations including: control manager responsible for accounting, system administration and managementreporting; chief of staff and head of operational risk management; head of structured finance operations, as well as responsible for the oversight of all operations in Brazil and Canada.
Michele received a Master’s in Finance from St. Joseph's University, Philadelphia, and a B.S. in Accounting from St. Joseph's University. Michele has successfully obtained series 99 regulatory license.
Ash Majid is Managing Director and Chief Risk Officer for SMBC Capital Markets, Inc. & SMBC Nikko Securities America, Inc. wholly owned subsidiaries of SMBC Americas Holdings, Inc. In his current role he oversees teams responsible for managing the risk from the two subsidiaries within the broader America’s Division risk management team. Prior to joining SMBC Capital Markets, Ash worked at Ernst and Young, LLP within their Quantitative Advisory Services and SunTrust Banks, Inc. with oversight of their derivatives trading desks' market risk. Ash holds a Doctorate degree in Electrical and Computer Engineering and a Master's degree in Quantitative and Computational Finance from Georgia Institute of Technology. Additionally, Ash holds FINRA Series 7 & 24 licenses.
Sakshi Sharma has over 12 years of multi-platform professional journalism experience as a financial news editor and reporter at global news organizations in New York, London and Mumbai at Euromoney, CNBC and Bloomberg. Over the past ten years she specialized in infrastructure and energy finance news across the Americas with a deep understanding of financial markets, project finance, asset management, institutional investors, capital markets and various debt & equity instruments. In her current role, as Americas commercial content lead and an editor with Infopro Digital’s Ignite team, she provides financial industry clients with compelling thought leadership content across its brands - Risk.net and WatersTechnology.
10:40 – 11:10
Managing nonfinancial risks arising from the sustainability agenda
Sponsored by:
Financial institutions have recognized the critical importance of climate change and sustainability to their business strategy, and have made ambitious commitments to their shareholders and stakeholders. Arising alongside these ambitious commitments are both reputational and operational risks that must be addressed. Risk and Control stakeholders must define strategies to address emerging risks associated with climate change and the sustainability agenda. Join sustainability and climate risk experts as they break down:
- Defining strategies to manage risks associated with missing public commitments and targets
- Protecting customers, and the firm, from greenwashing of products and services
Kaitlin Johnson is a Senior Manager in EY’s financial services consulting practice, focused on sustainable finance. Kaitlin has supported global banks in designing and implementing their climate risk programs, developing their sustainability strategies and target operating models, and calculating financed emissions and setting decarbonization targets. Prior to sustainable finance, Kaitlin focused on conduct risk and front office controls.
She has a B.A. in Economics from Barnard College and holds the Sustainability and Climate Risk (SCR) certificate from GARP. She is currently pursuing an M.S. in Sustainability Management from Columbia University
Greg Faraone, FRM
Vice president | sustainability & climate risk management
Sumitomo Mitsui Banking Corporation
11:10 – 12:00
Networking coffee break and knowledge cafes
Sponsored by:
Feel free to grab a coffee, take a meeting or hop into one of our Knowledge Café hubs for an informal discussion with your colleagues.
Knowledge cafes in the networking hub
You are a victim of a cyber-attack – So what now?
Yogesh Mudgal, Director, operational risk; emerging tech risk, enterprise engineering & architecture, cloud
Managing diverse operational risks for resilience in dynamic enterprise.
Renuka Shankar, Founder, averQ In
Jeff Brandeis, Vice president of sales, averQ
AML efficiencies: systems and technology
Krishna Nair, Head of AML and fraud technologies, MUFG in the Americas
Renuka Shankar is in charge of the product strategy of averQ with a vision towards delivering high-value transparency solutions to financial institutions to manage their financial and operational risk. She strives to intently listen and empathize with customer needs, and enjoys building teams to deliver innovative solutions.
She was previously the cofounder & Vice President of Engineering at Certus Software Inc., where she delivered market-leading GRC solutions for Fortune 1000 companies. Prior to Certus, she was part of the early team at Rightworks through its $1B valuation and subsequent merger with i2 Inc. At Rightworks she led product development, technical partnerships, and customer services for both B2B marketplaces and enterprise clients. Her early career was in applied research in Human Computer Interactions at NASA Ames Center and technology transfer programs to leading aerospace companies.
She has an M.S. in Electrical Engineering from Vanderbilt University and B.E. from Anna University, India
Yogesh Mudgal
Operational risk - global head enterprise tech/cyber risk; engineering & architecture, cloud, emerging tech
Citi
12:00 – 12:10
Live stream: Update on operational resilience expectations
Mariam is currently Head of Operational Risk and Resilience Risk Division within the Supervisory Risk Specialists at the Bank of England. She has responsibility for the implementation of the operational resilience policy and cyber stress testing. Previously, Mariam led the credit risk analysis for the solvency and climate stress tests as Head of Credit Risk Division. She has experience in financial and operational resilience in banks and FMIs. Mariam has a PhD in Financial Economics from Imperial College.
12:10 – 13:00
The rise of digital risk: making sense of digital networks and an expanding ecosystem panel
Sponsored by:
As traditional financial services institutions continue on a path of accelerated digital transformation how are risk leaders anticipating and mitigating cyber, third party and ICT risk? Join technology risk and digital risk experts as they break down:
- How digital networks introduce risk: the impact of big tech and service delivery
- Working with big tech and third parties to deliver services and the resultant considerations for operational risk
- Why we’re more vulnerable to cyber-attacks and natural disasters than ever before
Isabel Rohrbeck
Director non financial risk management, head of NFRM infrastructure coverage
Deutsche Bank
Fred Harris
Managing director, global head of risk and compliance for enterprise technology and operations
Citi
Fred Harris is the managing director, global head of risk and compliance for enterprise technology and operations at Citi. Before that he was with Société Générale Americas. Fred is an accomplished technology executive with more than 30 years of technology and cybersecurity experience in the financial services industry. Before joining SG, Fred was in a similar role at Bank of America and before that he was with Deloitte for 16 years in a variety of roles.
Noah is a New York-based Senior Manager in EY’s Consulting practice within the Financial Services Office. He has many years of experience leading various technology, security and operational risk management initiatives in support of CIO and CTO-led strategic transformations. Noah currently leads EY’s Cloud Risk Governance competency for Financial Services in the US
Yogesh Mudgal
Operational risk - global head enterprise tech/cyber risk; engineering & architecture, cloud, emerging tech
Citi
13:00 – 14:00
Networking lunch
14:00 – 16:15
Stream
Methods and strategies room
Executive boardroom: Utilization of frameworks and risk quantification for better decision making
Sponsored by:
An interactive panel discussion with industry leaders on the unique challenges facing Financial Services risk and resilience practitioners. There are no shortage of rules, frameworks, and methods available. During this discussion, we will focus on optimization in the interest of more effective decision making while addressing a myriad of rules, frameworks, and threats.
Join the discussion to collaborate with experts on
- The value harmonization of regulatory requirements provides to risk management
- How risk quantification helps organizations improve decision making
- How Financial Services organizations are preparing for “certain uncertainty”
Jack is one of the foremost authorities in the field of information risk management. As the Chairman of the FAIR Institute and co-founder and EVP R&D at RiskLens, he continues to lead the way in developing effective and pragmatic ways to manage and quantify information risk. As a three time Chief Information Security Officer (CISO) with forward-thinking financial institutions such as Nationwide Insurance, Huntington Bank and CBC Innovis, he received numerous recognitions for his work, including: the ISSA Excellence in the Field of Security Practices award in 2006; a finalist award for the Information Security Executive of the Year, Central US in 2007; and the CSO Compass Award in 2012, for advancing risk management within the profession. Prior to that, his career included assignments in the military, government intelligence, consulting, as well as the financial and insurance industries. Jack is the author of FAIR, the only international standard VaR model for cybersecurity and enterprise technology. A sought-after thought leader, he recently published 'Measuring and Managing Information Risk: A FAIR Approach', which was recently inducted into the Cyber Security Canon as a "must read" within the profession, and is a regular speaker at industry conferences.
Mark Hofberg is an accomplished risk management leader with over 20 years of industry experience. He previously served as a leader in a variety of audit, risk and compliance management functions within retail, wealth, and investment banking at Bank of America. Mark currently serves customers as Risk Solutions Executive within ServiceNow’s financial services division. Prior to joining ServiceNow, Mark served as RSA Archer’s field risk officer for US and Canada.
Mark has held various senior leadership roles at Accenture, Bank of America, RSA and now guides customers on their integrated risk transformation journeys with ServiceNow. He is passionate about the evolution of risk management, emerging risks, and the utilization of technology to optimize business outcomes. Mark has co-authored white papers on impacts of technical debt, digital risk, and has a patent on optimization of technology decisions (US 8,321,363 · Issued Nov 27, 2012) along with a patent pending process risk prioritization model. Mark holds a bachelor’s degree in engineering from North Carolina State University.
John Goodman is a Senior Vice President for the Cyber Risk Institute. Mr. Goodman specializes in cybersecurity control standards for the financial services sector. He currently acts as the principal lead for CRI’s Profile, a NIST CSF-based standard for financial services.
He previously served as the Vice President of IT Management and Controls and as Deputy CIO for PenFed Credit Union. While there Mr. Goodman was primarily responsible for technology governance, cybersecurity compliance, and technology risk management. Mr. Goodman also contributed to the development of the CRI Profile as a volunteer while at PenFed.
Mr. Goodman holds a Bachelor of Science in Computer Science and Psychology (double major) from the University of Maryland, College Park and maintains several industry-recognized certifications, to include the CISSP, CCSK, CISM, CRISC, CGEIT, Open FAIR, and PMP. He currently lives in Fairfax, Virginia.
Greg Kanevski, is the Global Head of Banking for ServiceNow serving as the company’s subject matter expert and leading the strategic plan for products within the Retail and Commercial Banking sector.
Prior to ServiceNow, Greg lead a centralized group of experienced professionals managing risk for a diverse number of business lines including Technology, Corporate Security and Data Management. His team was accountable for the first line risk responsibilities including assurance, risk assessments, program governance & execution as well as quantification analysis. Prior to this role, Greg managed a team of more than 300 security and technical professionals with an annual budget of $40M and a capital budget of approximately $65M that were focused on identity, data management and infrastructure security. Greg quickly earned respect by rebuilding the function in less than one year, as well as embarking on a modernization effort focused on an end-to-end integration & automation that reduced expenses. Prior to joining Citizens bank, Greg spent more than 20
Executive boardroom: Scenario construction: taking a standardized approach to benchmarking risk exposures
Sponsored by:
One of the key obstacles facing operational risk departments is the distinct lack of forward facing data to help them articulate risk exposures. Nowhere is this more evident than in emerging risks and tail events where the data isn’t available or a given financial institution simply hasn’t the experience. How are industry players proposing to bridge this gap and create an industry standard that paints a holistic picture?
Delve into how FIs are overcoming these data challenges and using scenario generation techniques to:
- Use quantitative techniques to determine the risk exposure of specific situations
- Understand how specific scenarios would impact a given organisation, the losses and the potential consequences
- Set an industry standard
Nedim Baruh leads the Operational Risk Capital and Analytics function at J.P. Morgan Chase ("JPMC") and is responsible for the Operational Risk Capital and Stress Testing processes.
Most recently, Nedim has been leading JPMC's effort to enhance its Scenario Analysis program by developing factor based models to assess its material risks. This work will help JPMC bridge the gap between operational risk measurement and management.
Prior to joining JPMC, Nedim was part of the Algorithmics Operational Risk advisory function and led many client engagements in the operational risk space.
Nedim has a B.S. in Economics from the University of Pennsylvania.
Evan's background is in the measurement and quantification of credit risk and operational risk. His primary focus is currently on supporting institutions in building operational risk modeling for stress testing, developing their risk identification process and developing their model risk management frameworks.
Some of his recent client engagements include:
For a foreign global bank, helped them develop a comprehensive operational risk framework for their US based IHC. Ensured both integration of the framework in their international framework as well as US regulatory compliance.
For a large internationally active US bank: supported major change of course in CCAR operational risk stress estimates a few months prior to submission in reaction to regulatory guidance.
For a large regional bank: built their CCAR loss projection model and wrote the documentation for the full CCAR operational risk submission.
For a global bank conducted a validation of their operational risk modeling framework for CCAR
Prior to joining Oliver Wyman, Evan was the Head of Risk Consulting for Financial Institutions for Aon in Columbia, Maryland. He was in charge of building Aon's risk consulting practice for financial institutions and managed multiple teams based in North America and Europe to deliver services to clients worldwide. Previously, Evan was an Assistant Vice President of the Federal Reserve Bank of Richmond, where he created the center of excellence for operational risk which served the System needs for operational risk related matters. The team was in charge of the supervision of all AMA and CCAR banks in the US and developed the Fed's CCAR model for operational risk.
Evan earned a B.A. and M.A. in Economics from the Université Catholique de Louvain in Belgium. He received an additional M.A. as well as his Ph.D. in Economics from the University of California at Los Angeles.
Patrick Naim is the CEO of Elseware and is widely recognized as an expert for operational risk modelling and quantification. Patrick has extensive experience in advising Fortune 500 companies in the banking, insurance and energy sectors for over 20 years in Continental Europe, the UK and North America.
Patrick is a frequent speaker on operational risk management. He is also the author of "Risk Quantification: Management, Diagnosis and Hedging" (Wiley, 2006), "Bayesian Networks" (Eyrolles, 2007) and "Bayesian Networks: a Practical Guide to Applications" (Wiley, 2008). Patrick graduated from Ecole Centrale de Paris (M.Sc.) in with a degree in economics and applied mathematics, and is qualified as an Associate in Risk Management (ARM).
Prior to joining Risk, he reported on the futures and foreign exchange industries for Dow Jones' Financial News and the Euromoney group of publications. Osborn holds a bachelor's degree in English literature from the University of Warwick.
Executive Boardroom: TPRM 2.0: how firms are navigating increasing complexities
Sponsored by:
As FIs have operated in an increasingly digital landscape, the digital risk ecosystem, including cloud risk and IT, has become increasingly complex. Moving beyond COVID 19, firms are also developing mechanisms to prioritise third-party ESG risks. How are FIs keeping ahead of the regulatory landscape and evolving their approach to TPRM in such a complex environment?
Listen in to gain practical insights into:
- How to approach TPRM in the face of strict regulatory requirements and an evolving threat landscape
- How to strengthen your approach, safeguard your supply chain and stay compliant
- How you can develop appropriate measures to prioritize third party ESG risks
As Vice President of Operational Risk, Michael leads the first line of defense risk management for financial crimes, privacy and information security, business resiliency, vendor management and compliance with regulatory requirements. Mike and his team establishes the risk direction by aligning the Multifamily Governance Framework with the business operating model. He continually improves governance by understanding the multifaceted drivers that effect risk environment.
Rodney Campbell is a recognized industry leader in Third-Party Risk Management (TPRM), Enterprise Risk Management (ERM), Relationship Management & Contract Management. Rodney is a business champion, dedicated to empowering organizations and business leaders with industry insights and best practices to establish both regulatory compliance and organizational success. Experienced in developing global programs, organizational frameworks, and business processes that spans Asia-Pacific, Latin America, United Kingdom and North America regions, Rodney creates a high-impact, collaborative environment that eliminates silos and cross borders.
Additionally, Rodney serves on Seton Hall University Customer Experience Program Advisory Council and The Board of Directors for HANDS Housing and Neighborhood Development.
Jeannie Pumphrey
Director, and head of third-party and operational risk management
Mitsubishi UFJ Financial Group
Stream
Emerging and rapidly evolving risk room
Getting to grips with climate risk: salient considerations for operational risk leaders
Fines are on the horizon. As climate risk and ESG climb the global agenda, how do they factor into the already complex supervisory landscape?
Sit in on this discussion to gain exclusive practical insights exploring:
- Business continuity and resilience with a focus on offices and infrastructure
- Meeting new regulatory requirements
- Thinking outside of the box: health and safety and location strategy
- Supply chain: disruption and resilience, from net zero commitments, labor laws and human rights
- Disclosure requirements
- Litigation and greenwashing controls
Michael Barton is the Director of Operational Risk Quantification and Scenario Analysis at AIG. In his role, he leads the development and implementation of operational risk stress testing, economic capital estimation, and allocation of those estimates to the business lines, as well as supporting the development of and quantification of operational loss scenarios for the organization. In this role, Michael has worked extensively with cyber and business professionals around identifying and quantifying cyber risk. Before working at AIG, Michael was the Head of the Regulatory Solutions Quantification group in U.S. Bank’s Corporate Treasury department. In this role, he was responsible for CCAR/DFAST and Regulatory Capital modeling for Operational Risk as well as setting up a governance framework for models and analytical tools in the Corporate Treasury department. Previous to those roles, Michael worked in an actuarial capacity at Sun Life Financial in Boston handling variable annuity reserving, fixed and variable annuity lapse study estimations, and retirement product pricing. He held a similar variable annuity reserving role in Security Benefit Corporation in Topeka, KS before that. Michael has a Bachelor’s Degree in Mathematics with an Actuarial Emphasis, and a Master’s Degree in Theology.
Joined SG in 2016, and soon became chief of staff for the risk team. Shelley now oversees environmental and social risk for SG IB.
Staying ahead of the curve: How to assess and treat emerging and rapidly evolving risk panel
Sponsored by:
- Understanding emerging and rapidly evolving risks
- Challenges and opportunities – practical tools for creating value and dealing with emerging and rapidly evolving risks
Penny Cagan is the Americas Head of Operational Risk Control with UBS, where she currently manages the function for the combined US entities.
Operational Risk & Regulation magazine awarded Penny three awards for her contribution to the field of operational risk, including a special industry award in 2011. Penny has published widely, including authoring the chapter on Risk and Control Self Assessments for the PRMIA Operational Risk Manager Handbook.
Penny sits on the boards of PRMIA and Workforce Professional Training Institute.
Penny has more than 40 years of risk management, compliance, controls, and research experience, including managing risk and compliance functions in large financial institutions. Penny has experience with both developing and implementing risk and control frameworks, including convergence among risk disciplines.
Rajat Baijal is the Managing Director – Global Head of Enterprise Risk at Cantor Fitzgerald. In this role, he is responsible for designing and embedding a robust Risk Framework across the firm. This includes articulating and implementing a robust Risk & Control Self-Assessment (RCSA), Risk Event Management, Key Risk Indicators etc. and ensuring that the Board is suitably informed about all material issues.
Rajat has an MBA in Finance and has previously worked for Kensington Mortgages, Lloyds Banking Group and Aviva specialising in global implementation of their Risk Framework. Rajat is a regular speaker at risk conferences across London and New York and has authored a number of articles for risk journals/textbooks.
John is Chief Evangelist & Chief Risk Officer with Supply Wisdom, the leading patented continuous risk intelligence and monitoring solution for third parties and locations. He is recognized as a global financial industry executive and risk subject matter expert, in vendor/third-party risk management, AML/CTF, KYC, and anti-fraud programs. Prior to joining Supply Wisdom, John held senior positions globally for Citi and Deutsche Bank covering corporate, investment, commercial, and consumer banking. He has managed global staff and corresponding budgets in multiple locations and delivered cost-efficient and operationally effective programs ensuring compliance with local and global regulatory requirements. Through interaction with Business Units, Internal Audit, and regulatory agencies, John resolved MRIAs, MRAs and Findings, on time and without penalty. John is a member of the Shared Assessments US and UK Steering Committees and Co-Chair of the Financial Industry Vertical Strategy Group.
Executive boardroom: Emerging instruments: demystifying digital assets
Given the rapid rise, and volatility, of the valuation of digital assets, they are becoming difficult to avoid. Still in its infancy, what are the risks and what should FIs do to prepare themselves for these kinds of emerging instruments?
Join this discussion to understand how digital assets could impact non-financial risk exposures, building on:
- How the technology and legal frameworks that underpins them impacts operational risk
- How the infrastructure used to exchange them impacts operational risk
- The potential risks associated with fraud, cyber, legal and reputational risks
Stan is the Head of Americas Supervision at Citadel Securities where he covers the Equities, Futures, and ETF businesses, systematic trading, and trading technology. Stan is also an Adjunct Professor of Law at Fordham University School of Law teaching Trading, Risk Management & Market Structure Regulation. Stan previously was a Compliance Officer at Marshall Wace North America L.P. where he specialized in Quantitative Compliance and helped build the core US compliance program and scaled globally to EU and APAC. Prior to that he worked at Knight Capital Group focusing on algorithmic trading, market structure, and surveillance. He holds a J.D. in Law from Fordham University School of Law where he was an Associate Editor on the Journal of Corporate & Financial Law, and additionally holds an M.Eng. in Engineering Management, M.S. in Pharmaceutical Manufacturing Engineering, and M.A. in Technology, Policy & Ethics from Stevens Institute of Technology. Stan is Certified in Risk and Information Systems Control (“CRISC”), a Certified Data Privacy Solutions Engineer (“CDPSE”) and is also a Certified Fraud Examiner (“CFE”). Stan lectures and publishes on topics including FinTech, RegTech, market structure, alternative data, artificial intelligence, regulatory and enforcement matters, surveillance, cybersecurity, data privacy, and risk management.
16:15 – 16:45
Networking coffee break
Plus, knowledge cafes & peer benchmarking
Sponsored by:
Knowledge cafes:
GRC 2.0: how data-driven GRC is reshaping the discipline
Host:
Anne-Sophie Gug, Director - GRC program manager, Société Générale
Operational Resilience: Central to Your Risk Strategies
16:45 – 17:30
Ahead of the game: building a smarter cyber risk strategy panel
It is inevitable that cyber risk concerns will continue to grow. Cybersecurity is now listed as one of the top priorities for CEOs globally. Strategies to cyber risk management are now evolving and ownership is no longer seen as the sole responsibility of one specific department. How are leading FIs evolving their approach to cyber risk, transcending departments and better incorporating the perspectives and concerns across supply chain and technical departments?
Widely considered a thought leader in risk management and information security, Jack has been employed in technology for over thirty five years, and specializing in information security and risk management for over thirty years. During this time he has garnered a decade of experience as a CISO, including five years for a Fortune 100 financial services company. His work has also been recognized by his peers and the industry, earning him the 2006 ISSA Excellence in the Field of Security Practices award, and the 2012 CSO Compass Award for Leadership in Risk Management.
Jack is the originator of the now industry standard risk measurement model known as Factor Analysis of Information Risk (FAIR). FAIR has seen adoption globally, within organizations of all sizes, and is now regularly included in graduate-level university courses on information security and referenced by other industry standards. He also co-authored a book on FAIR entitled "Measuring and Managing Information Risk - A FAIR Approach", which has been inducted into the Cybersecurity Canon as a "must read" for professionals in the industry. Jack was also on the ISACA task force that developed the RiskIT framework, and he led the ISACA group that developed the CRISC certification.
Today, Jack is in charge of Risk Science at RiskLens, Inc. and is a sought after speaker at national conferences and universities. He is also an adjunct instructor of risk measurement for Carnegie Mellon University. Jack is currently also the Chairman of The FAIR Institute (http://www.fairinstitute.org/), an award-winning non-profit organization led by information risk officers, CISOs and business executives to advance risk management practices based on FAIR.
Mandar has over 20 years of engineering and risk management experience across Technology Operations, Governance and Audit, helping organizations meet business objectives through technology. Currently he is serving as a Managing Director at Citigroup in the Operational Risk group. Prior to Citi, Mandar was the Global CTRO at TD Bank Group, before which he served as the CTRO and CISO at the Bank of Montreal. In his prior career, Mandar has worked extensively with financial institutions globally through leadership roles at Cisco Systems, Inc., Accenture LLC, Alvarez & Marsal LLP, KPMG LLP and Ernst & Young LLP.
Mandar is an active member of the professional community and has presented at industry forums like Risk.Net, RSA and IAPP Conferences. Additionally, he is active in various profesional organizations such as ISACA, IAPP and ISC2 and has served as the Chair of the Canadian Banking Association’s CIRT (CISO Forum). He holds the CISSP, CIPP, CISA, and PMP certifications.
John Goodman is a Senior Vice President for the Cyber Risk Institute. Mr. Goodman specializes in cybersecurity control standards for the financial services sector. He currently acts as the principal lead for CRI’s Profile, a NIST CSF-based standard for financial services.
He previously served as the Vice President of IT Management and Controls and as Deputy CIO for PenFed Credit Union. While there Mr. Goodman was primarily responsible for technology governance, cybersecurity compliance, and technology risk management. Mr. Goodman also contributed to the development of the CRI Profile as a volunteer while at PenFed.
Mr. Goodman holds a Bachelor of Science in Computer Science and Psychology (double major) from the University of Maryland, College Park and maintains several industry-recognized certifications, to include the CISSP, CCSK, CISM, CRISC, CGEIT, Open FAIR, and PMP. He currently lives in Fairfax, Virginia.
17:30 – 18:30
Networking drinks reception
Sponsored by:
Relax, grab a drink and debrief with your peers.