Programme

Programme

View the Pre and Post Workshops >>

Programme at a glance >>

Day 1: 14 May, 2019 – Etc Venues St Paul’s, London

07:30

BREAKFAST BRIEFING: Taking a Risk-based Approach to Compliance Management

What are the key elements of a GRC framework needed to keep pace with regulatory change and conduct a rigorous assessment of compliance risk? Is your firm setting standards for meeting regulatory compliance and establishing the key foundational elements such as risk metrics, a compliance risk taxonomy, and regulatory-obligation inventory? Compliance, legal and risk professionals are looking for an end-to-end framework to manage compliance requirements in a way that improves overall governance, risk and compliance (GRC) program effectiveness.

Join IBM for an informal gathering of senior risk and compliance executives to explore challenges and solutions for end-to-end management of regulatory obligations and associated controls across the full range of business lines, products, entities, and geographies.

Speaker TBC, IBM

07:30

BREAKFAST BRIEFING: Practical application of advanced analytics: Case studies

  • Generic analytics vs. financial crime analytics – why expertise matters
  • The power of collective intelligence
  • Timing matters – it’s useless if you can’t deploy in short order
  • 3 use cases demonstrations
  • Having choice in analytics: helping you where you are on the maturity spectrum
  • Operationalising analytics for practical use
  • The impacts of regulators

Damian Matich, Global Fraud Analytics Manager, NICE ACTIMIZE

08:00

Registration and refreshments

08:50

Welcome remarks:

Tom Osborn, Editor, Risk Management, RISK.NET

08:55

Chair's opening remarks

09:00

Keynote address: Operational Resilience - a progress report

  • Why operational resilience is a shared goal
  • Regulator-led initiatives to improve operational resilience - UK and international
  • Industry engagement and industry-led initiatives

Nick Strange, Director, Supervisory Risk Specialists, BANK OF ENGLAND

09:30

Keynote address: Europe's top policy priorities

  • Will efficiency and resiliency ever be a happy marriage?
  • Why international cooperation is needed more than ever
  • How prepared are we for unknown risks?

Patrick Pearson, Head of Unit, Financial Market Infrastructure and Derivatives, EUROPEAN COMMISSION

10:00

The Leader's Debate: Operational risk management in a rapidly evolving regulatory and technological landscape

  • What are the top regulatory requirements and operational risk priorities in the current market environment?
  • How are firms adapting to growing regulatory burden and escalating cost? Considering cyber, AML and GDPR
  • What are the key areas of innovation in operational risk management techniques?
  • Moving operational risk into the next decade: What are the challenges in planning for the future?

Moderator: Tom Osborn, Editor, Risk Management, RISK.NET
Alan Leigh, Managing Director, International Head of Business Controls, BANK OF AMERICA MERRILL LYNCH
Giles Spungin
,, PhD(Lon),Managing Director, Global Head of Regulatory Compliance and Operational Risk Analytics, HSBC
Patrick Moynihan, Managing Director, Group Head of Operational Risk, BARCLAYS

10:40

Morning coffee and networking break

Speed networking: Network and build quick connections with the most influential players in the operational risk community. Invite only.

Stream 1: 1LoD

11:20

Chair's opening remarks

Andrew Sheen, Head of Operational Risk Regulatory Advisory, CREDIT SUISSE

11:25

Panel: The supervisory framework: building a stronger defence

  • Effectively defining the roles and responsibilities between 1LOD and 2LOD
  • How can organisations ensure that 1st line of defence own and feel accountable for operational risks in their day to day operations?
  • The emerging role of the Chief Control Officer (CCO)
  • How can organisations ensure that the 2nd line of defence adds value to the first line?
  • What are the industry expectations of how the three lines operating model will evolve?

Moderator: Andrew Sheen, Head of Operational Risk Regulatory Advisory, CREDIT SUISSE
William Martyn, Head of Operational Risk Framework and Policy, HSBC
Andrew Brodie, Global head of Front Office Conduct Surveillance, BNP PARIBAS
Paul Neale, Head of Operational Risk, MIZUHO INTERNATIONAL
Christian Alibert, Head of Surveillance, NATWEST MARKETS

12:05

5 min intermission for stream changeover

12:10

Presentation: Managing conduct risk: Examining industry trends and challenges

  • Defining, measuring and managing conduct risk
  • Conduct risk across the first line of defence
  • What are the fundamental drivers of misconduct in the financial services industry?
  • What are the potential vulnerabilities in firm’s cultures that may lead to misconduct events?
  • Assessing the most effective strategies to improve conduct, culture and customer experience

Sophie Dupre-Echeverria, Chief Risk Officer, GULF INTERNATIONAL BANK

Stream 2: Vendor and third party risk management

11:20

Chair's opening remarks

Paul Huggett, Head of Third Party Sourcing Risk Profile and Governance, BANK OF IRELAND

11:25

Panel: Building strong governance frameworks and reporting for vendor management

  • How can governance frameworks be strengthened to increase accountability?
  • Where does vendor risk sit in a 3LOD model?
  • What does the regulator focus on when they review third party risk?
  • How does the governance vary for regulated vs non regulated third parties?
  • How do you measure concentration risk relating to 3P service providers?
  • How to effectively report on third party risk

Moderator: Bjorn Lenzmann, Senior Vice President, Head of Group Operational Risk, EMIRATES NBD
Amit Lakhani, Head of Ops Risk Controls for ICT and Third Party Management for Corporate and Institutional Banking, BNP PARIBAS
Emma Mansfield, Head of Outsourced Services Assurance, BANK OF IRELAND
Thierry Vincent, Head of Permanent Control and Operational Risk, CREDIT AGRICOLE CIB

12:05

5 min intermission for stream changeover

12:10

Presentation: Vendor risk in the next generation firm

  • How do you effectively ‘manage’ fourth parties?
  • Where can vendors help to define standards which would be supported by regulators?
  • What tools are evolving to help measure and monitor vendor risk and what are the different approaches to assessing it?
  • Can AI increase third party risk?
  • How do you quantify vendor exposure other than running individual scenarios?
  • How to evaluate country and economic risk for offshore vendors

Tom Garrubba, Senior Director and CISO, THE SANTA FE GROUP

Stream 3: Quantification of risks

11:20

Chair's opening remarks

11:25

Panel: Operational stress testing and scenario analysis

  • Defining and creating effective stress test scenarios
  • Aligning scenario analysis and operational stress testing to meet changing regulatory expectations
  • Internal stress testing vs regulatory stress testing
  • Reverse stress testing
  • Review of CCAR requirements
  • Have you stressed for the current geopolitical shifts and included a possible forthcoming period of deregulation as a significant driver of increasing op risk capital?

Paul Doran, Global Head of Scenario Analysis, MORGAN STANLEY

Dora Grant, Chief Risk Officer, UNITED BANK UK

 

12:05

5 min intermission for stream changeover

12:10

Presentation: Quantifying emerging operational risks

  • Approaches for identifying emerging risks, feedback loops and domino effects
  • Alternative scenario techniques for quantification and validation
  • Application of these techniques to specific emerging risks
  • Conclusions and the 3rd era of operational risk

Michael Grimwade, Head of Operational Risk, ICBC STANDARD BANK

12:40

Lunch and Networking break

Women in operational risk networking lunch: Promoting diversity in risk management. This networking lunch provides an excellent opportunity to share success stories of building a positive risk culture and obstacles in achieving diversity of thought in firms. Invite only.

Key points to be discussed:

  • How businesses benefit from diversity of thought, and by having more women in senior positions/across the organisation
  • Which firms are the leaders in the industry? Which women are trailblazers? How have they achieved this?
  • What are the top pitfalls? I.e. What not to do as an organisation aiming to attract and nurture top talent

Hosts: Terri Duhon¸ Non-Executive Director and Risk Chair, MORGAN STANLEY INTERNATIONAL and Marilin Luna Butters, Global RCSA Methodology & CEEMA Head of Operational Risk, CITIBANK

Stream 1: 1LOD

13:50

Chair's opening remarks

Andrew Sheen, Head of Operational Risk Regulatory Advisory, CREDIT SUISSE

13:55

Panel: Obtaining value from RCSAs

  • What is next for RCSAs? Examining the trends across the industry
  • Developing traditional RCSAs to increase benefit and efficiency and drive strategic business decisions
  • Reporting and quantifying RCSA results
  • Aligning risk appetite and RCSA processes
  • How are technology risks reflected in RCSAs and how do they interact with traditional IT risk monitoring?
  • What actions should be taken against emerging risks and how should they be covered in the RCSA?

Moderator: Sean Titley, Director, Business Development, THE INSTITUTE OF OPERATIONAL RISK (IOR)
Marilin Luna Butters, Global RCSA Methodology & CEEMEA Head of Operational Risk, CITIBANK
Steven Portway, Group head of Operational Risk Framework, Policy and Conformance, BARCLAYS
Hannah Chung, Senior VP Internal Audit – Operational Risk and Reputational Risk, CREDIT SUISSE

Stream 2: Vendor and third party risk management

13:50

Chair's opening remarks:

Paul Huggett, Head of Third Party Sourcing Risk Profile and Governance, BANK OF IRELAND

13:55

Panel: External third and fourth party dependency for operational resilience

  • What are the risks from people, processes and technology from third parties? What sort of preventative monitoring controls could help address these risks?
  • How does cloud outsourcing fit in with the operational resilience regulatory requirements?
  • What metrics and other information is currently available in your third parties for monitoring operational resilience?
  • What’s the approach for the role of the first and second line in monitoring the risk from third parties within operational resilience?

Charles Forde, Global Head of Outsourcing and Third Party Risk and Shared Services Risk for IB Global and UK Business, UBS
Sean Miles, Head of Risk Assurance, Technology and Operations, SANTANDER
Ian Evans, Managing Director EMEA, ONETRUST

 

14:35

Afternoon coffee and networking break

15:00

Panel: Embedding a strong risk culture to aid operational risk management

  • Defining, understanding and measuring risk culture
  • What are the key components of a strong risk culture which will support banks with operational resilience?
  • How does risk culture fit into the overall culture of an organisation?
  • Who should be primarily responsible for the implementation of risk culture? It is 1LOD, 2LOD, 3LOD? Or is it embedded divisionally?
  • Is the level of diversity and integration a measure of culture or conduct risk or both?
  • Is the concept of front, middle and back office impacting culture negatively?

Moderator: Alexander Campbell, Divisional Content Editor, RISK.NET
Terri Duhon¸ Non-Executive Director and Risk Chair, MORGAN STANLEY INTERNATIONAL
Libby Denchfield, Managing Director, Global Head of Strategy and Change, Cyber and Information Security Risk, STANDARD CHARTERED BANK
Søren Agergaard Andersen, Chief Risk Officer, NORDEA ASSET MANAGEMENT
Sophie Rutherford, EMEA Head of FX Business Risk, Global Markets, STATE STREET

15:40

OUT OF INDUSTRY ADDRESS: Managing non-financial Risk – Lessons learned from outside the finance industry

Identifying common taxonomies, core principles and different level of maturity at corporate companies

16:10

War Games: How resilient is your environment? Disaster recovery and business continuity in operational and cyber risk

PART I: SCENARIO DISSECTION AND STRATEGIZING

In each disaster and recovery scenario, participants are introduced to an operational risk scenario which is still unfolding and asked to consider the immediate steps they would advise their firm to take based on the information available at each stage

PART II: HARVEST SESSION

Each Leader will summarise their POA of the discussion and present it back to the table participants with comments

Learning outcomes:

  • What immediate actions would you advise your firm to do in the scenario?
  • Hierarchy of response- who are the 1st and 2nd responders?
  • Incident management- how do you assess the impact on your firm?
  • What’s your crisis management protocols? What do they look like?
  • How equipped is your organisation to respond to high stress situations?
  • Business continuity planning from employees to infrastructure

Leader 1: Steven Portway, Group Head of Operational Risk Framework, Policy and Conformance, BARCLAYS
Leader 2: Data loss incident - Sean Titley, Director, Business Development, THE INSTITUTE OF OPERATIONAL RISK (IOR)
Leader 3: Third party risk - Paul Huggett,Head of Third Party Sourcing Risk Profile and Governance, BANK OF IRELAND
Leader 4: Vinaya Parvate, Global Head Fraud Risk Oversight for Institutional Clients Group, CITI
Leader 5: Cyber, speaker TBC

17:30

Chair's closing remarks

17:35

Networking drinks reception

Day 2: 15 May, 2019 – Etc Venues St Paul’s, London

08:30

Registration and Refreshments

08:55

Chair's Opening Remarks

09:00

Keynote address: Regulatory action in the UK – How the FCA makes its decisions

  • The regulatory framework, including SMCR
  • The FCA’s Regulatory Decisions Committee
  • Settle or fight?

Tim Parkes, Chair of the Regulatory Decisions Committee, THE FINANCIAL CONDUCT AUTHORITY (FCA)

09:30

CRO panel: Thriving in an era of change and upheaval

  • What keeps the CRO awake at night: What are the emerging risks for the year to come and how do you quantify them?
  • Do you think the CRO of the future is a technologist?
  • How do other risks (market risk, credit risk) fit in with op risk? How do you deploy resources and capital across the spectrum of risks?
  • Emerging risks:
  • Which of the current and emerging risks are of most concerns to the CROs? How do you set operational risk appetite to these risk?
  • Managing the emerging customer risk: Protecting customer data and risk mitigation tactics for data breaches
  • How big a risk is social media and instant messaging?
  • Is digital risk a discrete risk type or is it a cause within other existing categories?

Moderator: Tom Osborn, Editor, Risk Management, RISK.NET
Veronica Lazenby, UK Chief Risk Officer, BNY MELLON
Paul Berry, Chief Risk Officer, MIZUHO
Jeff Simmons, Chief Risk Officer, MUFG SECURITIES
Cosimo Pacciani, Chief Risk Officer, EUROPEAN STABILITY MECHANISM

10:10

IBM PRESENTATION

 

10:50

Panel: Managing operational risk and enabling growth in the age of innovation

  • Which risk drivers are easier to automate? Where have there been challenges in automation?
  • How does the current risk technology that you use support your risk management innovation?
  • Understanding how to adapt oversight, processes and tools to support real time digital innovation
  • What gives better results: automated data, model driven analyses or rather qualitative assessments? Where does the future lie?
  • Digital disruption in financial markets: impact of fintech, blockchain and faster payments on operational risk
  • How do you set up your risk appetite and risk governance to response to new emerging risks from digital disruption?

Moderator: Alexander Campbell, Divisional Content Editor, RISK.NET
Lewis Cox, Head of Fintech Risk, DEUTSCHE BANK
Carlos Martin, Risk Director, NATWEST MARKETS

10:50

Knowledge cafes: Grab a coffee and join a table of your choice to share ideas and network with fellow industry professionals

Roundtable 1: AI and Machine Learning: Justin McLean, General Manager, Case Management, NICE ACTIMIZE and Damian Matich, Global Fraud Analytics Manager, NICE ACTIMIZE

Roundtable 2: Brexit - Beate Born, Executive Director, Risk and regulatory Management, UBS

Roundtable 3: Cloud computing

Roundtable 4: Operational resilience - David Phan Dinh, Head of Operational Risk, ROTHESAY LIFE

Roundtable 5: Vendor Risk - Tom Garrubba, Senior Director and CISO, THE SANTA FE GROUP

Roundtable 6: Cyber security

Stream 1: ORM

12:10

Chair's opening remarks

12:15

Presentation: Learning from other industries

  • Concepts used in other industries to address high impact risks
  • Can banks use best practice approaches from other industries
  • Compare banking with high reliability industries

Anit Deb, Head of External Industry Coverage in Operational Risk, DEUTSCHE BANK

12:45

5 min intermission for stream changeover

12:50

Panel: Building an effective Risk Appetite Framework (RAF) - Key components and challenges

  • Who should own the risk appetite – the 1LOD or 2LOD?
  • How often should risk appetite be revisited and reconsidered?
  • How do you achieve an appropriate balance between the quantitative and qualitative aspects?
  • ‘Risk appetite’ vs ‘risk tolerance’: Is risk appetite evolving into risk tolerance of are they effectively the same thing?

Moderator: Simon Cory, Director of Enterprise Risk Strategy and Interim Director Of Operational Risk, NATIONWIDE

Emily Jenner, Global Head, Risk Strategy and Risk Appetite, STANDARD CHARTERED BANK
Ricardo Soto, Head of Risk and Controls for Wealth Management, BARCLAYS
Simon Cartlidge, Head of Risk, LEGAL & GENERAL
Charlie Palmarini, NFRM Coverage – Equities Lead, DEUTSCHE BANK

Stream 2: Preparing for the future

12:10

Chair's opening remarks

Dr Ariane Chapelle, Honorary Reader, UNIVERSITY COLLEGE LONDON

12:15

Presentation: Using Machine Learning and AI for better operational risk management

  • Big Data, Machine Learning (ML), Artificial Intelligence (AI): what’s the difference?
  • 7 uses for better oprisk management
  • RegTech and compliance aid: context and conditions
  • The trouble with data: challenges of data quality and interpretability of AI models
  • Social Physics for better conduct and culture

Dr Ariane Chapelle, Honorary Reader, UNIVERSITY COLLEGE LONDON

12:45

5 min intermission for stream changeover

12:50

Panel: Big Data & Blockchain - Data transfer and analytics in the new age

  • Recent developments in data analytics to help risk management
  • How to ensure data quality and protection; can blockchain help?
  • Blockchain to the rescue of compliance and regulation: Blockchain Technology for Algorithmic Regulation and Compliance (BARAC) – research project
  • The evolving roles of the Chief Data Officer (CDO) in collaboration with operational risk

Moderator: Dr Ariane Chapelle, Honorary Reader, UNIVERSITY COLLEGE LONDON
Claus Murmann, Head, Risk Analytics Systems, Enterprise Risk Management, STANDARD CHARTERED BANK
Pr. Tomaso Aste, Professor & Director of the Centre of Blockchain Technologies, UNIVERSITY COLLEGE LONDON

Stream 3: Operational resilience

12:10

Chair's opening remarks

Hannah Chung, Senior VP Internal Audit – Operational Risk and Reputational Risk, CREDIT SUISSE

12:15

Presentation: Achieving cyber resilience

  • Examining the nature of existing and emerging cyber threats
  • How to adapt data protection and recovery practices to better reflect today’s more targeted and malicious attacks
  • Application of stress testing and scenario analysis to cyber risk. How is BoE’s planned approached to stress testing set to impact firms?
  • Reputational protection during a cyber-attack: Developing effective crisis communications plan
  • Building a risk-aware cyber security culture and assessing innovative solutions for people related challenges
  • Effective monitoring, including KRIs

Yiannis Pavlosoglou, PhD, CISSP, Head of UK Chief Information Security Office (CISO), UBS

12:45

5 min intermission for stream changeover

12:50

Panel: Developing operational resilience in financial services

  • Examining the current focus and regulatory scope
  • Is the 1LoD/2LoD leading changes in the operational resilience framework?
  • Do you currently set impact tolerances? How do these relate to scenarios and (reverse) stress-testing?
  • How do you ensure resilience of systems/applications/data access?
  • Do you intend to have a consistent and cohesive approach (inc. governance, reporting, communication) for all types of disruption?

David Phan Dinh, Head of Operational Risk, ROTHESAY LIFE
Jenifer Moodie, Director of Operational Risk, SANTANDER UK

13:30

Lunch and networking break

START-UP SHOWCASE:

Hear from 5 start-ups, which are creating waves in the FinTech space pitch live against the clock, demonstrating ORM products that stand out for innovation! Vote for the start-up that interests you most via our interactive event technology, Sli.do – the winner will be announced later in the day and will receive a booth space to exhibition at one of our 2020 events!

14:30

In conversation with: Financial stability and Brexit - An operational risk perspective

  • Lessons learned: were financial institutions well prepared for the operational risks posed by Brexit?
  • Impacts of Brexit on:
  • Data privacy and cyber security
  • Supply chain
  • Vendor management and control of outsourcing in the wake of Brexit
  • Challenges in transferring existing trade agreements and derivatives trades to EU entities
  • What additional operational risks has Brexit created?
  • What are the alternatives to ‘passporting’ and what are the consequences of likely models?
  • Will FMIs bolster London’s role as a financial centre post-Brexit?
  • Looking forward: what opportunities exist for financial institutions in a shifting political and regulatory environment and how to stay ahead

Kieren Stanley, GRM Head of Operational Risk – Europe & APAC, RBC
Beate Born, Executive Director, Risk and regulatory Management, UBS
Michelle Zak, Chief Operating Officer, KYTE BROKIN

15:10

LIVE INTERVIEW:

Steve Hill, Managing Director, Global Head of Technology Operational Risk, CREDIT SUISSE

15:40

OUT OF INDUSTRY ADDRESS: Managing non-financial Risk – Lessons learned from the British Army 

Sir Peter Wall, Former Chief of the General Staff, BRITISH ARMY and CEO of AMICUS

16:10

Chair's closing remarks

16:15

End of conference

We also offer workshops

13th May 2019 & 16th May 2019

The conference is book-ended by tutor-led workshops that have been specifically created to help sharpen your skills and knowledge, and can be added on to your conference pass.

Read more