Programme

Programme

Programme at a glance >>

Day 1: 14 May, 2019 – Etc Venues St Paul’s, London

07:30

BREAKFAST BRIEFING: Taking a Risk-based Approach to Compliance Management

What are the key elements of a GRC framework needed to keep pace with regulatory change and conduct a rigorous assessment of compliance risk? Is your firm setting standards for meeting regulatory compliance and establishing the key foundational elements such as risk metrics, a compliance risk taxonomy, and regulatory-obligation inventory? Compliance, legal and risk professionals are looking for an end-to-end framework to manage compliance requirements in a way that improves overall governance, risk and compliance (GRC) program effectiveness.

Join IBM for an informal gathering of senior risk and compliance executives to explore challenges and solutions for end-to-end management of regulatory obligations and associated controls across the full range of business lines, products, entities, and geographies.

Heather Gentile, Head of Regulatory Offerings, IBM WATSON FINANCIAL SERVICES

Andrew Yuille, Head of Risk Business Solutions, THOMSON REUTERS

07:30

BREAKFAST BRIEFING: Practical application of advanced analytics: Case studies

  • Generic analytics vs. financial crime analytics – why expertise matters
  • The power of collective intelligence
  • Timing matters – it’s useless if you can’t deploy in short order
  • 3 use cases demonstrations
  • Having choice in analytics: helping you where you are on the maturity spectrum
  • Operationalising analytics for practical use
  • The impacts of regulators

Damian Matich, Global Fraud Analytics Manager, NICE ACTIMIZE

Philip Umande, Head of Operational Risk – Capital and Risk Analytics, LLOYDS BANKING GROUP

08:00

Registration and refreshments

08:50

Welcome remarks: Tom Osborn, Editor, Risk Management, RISK.NET

08:55

Chair's opening remarks: Mark Feeley, Research Director, CHARTIS RESEARCH

09:00

Keynote address: Operational Resilience - a progress report

  • Why operational resilience is a shared goal
  • Regulator-led initiatives to improve operational resilience - UK and international
  • Industry engagement and industry-led initiatives

Nick Strange, Director, Supervisory Risk Specialists, BANK OF ENGLAND

09:30

Keynote address: Europe's top policy priorities

  • Will efficiency and resiliency ever be a happy marriage?
  • Why international cooperation is needed more than ever
  • How prepared are we for unknown risks?

Patrick Pearson, Head of Unit, Financial Market Infrastructure and Derivatives, EUROPEAN COMMISSION

10:00

The Leader's Debate: Operational risk management in a rapidly evolving regulatory and technological landscape

  • What are the top regulatory requirements and operational risk priorities in the current market environment?
  • How are firms adapting to growing regulatory burden and escalating cost? Considering cyber, AML and GDPR
  • What are the key areas of innovation in operational risk management techniques?
  • Moving operational risk into the next decade: What are the challenges in planning for the future?

Moderator: Tom Osborn, Editor, Risk Management, RISK.NET
Alan Leigh, Managing Director, International Head of Business Controls, BANK OF AMERICA MERRILL LYNCH
Giles Spungin
,, PhD(Lon),Managing Director, Global Head of Regulatory Compliance and Operational Risk Analytics, HSBC
Patrick Moynihan, Managing Director, Group Head of Operational Risk, BARCLAYS

10:40

Morning coffee and networking break

Speed networking: Network and build quick connections with the most influential players in the operational risk community. Invite only.

Stream 1: 1LoD

11:20

Chair's opening remarks

Andrew Sheen, Head of Operational Risk Regulatory Advisory, CREDIT SUISSE

11:25

The supervisory framework: building a stronger defence

  • Effectively defining the roles and responsibilities between 1LOD and 2LOD
  • How can organisations ensure that 1st line of defence own and feel accountable for operational risks in their day to day operations?
  • The emerging role of the Chief Control Officer (CCO)
  • How can organisations ensure that the 2nd line of defence adds value to the first line?
  • What are the industry expectations of how the three lines operating model will evolve?

Moderator: Andrew Sheen, Head of Operational Risk Regulatory Advisory, CREDIT SUISSE
William Martyn, Head of Operational Risk Framework and Policy, HSBC
Andrew Brodie, Global head of Front Office Conduct Surveillance, BNP PARIBAS
Paul Neale, Head of Operational Risk, MIZUHO INTERNATIONAL
Duncan Wilson, Managing Director, Head of Strategic Projects, Wholesale Market and Credit Risk, HSBC

12:05

5 min intermission for stream changeover

12:10

Managing conduct risk: Examining industry trends and challenges

  • Defining, measuring and managing conduct risk
  • Conduct risk across the first line of defence
  • What are the fundamental drivers of misconduct in the financial services industry?
  • What are the potential vulnerabilities in firm’s cultures that may lead to misconduct events?
  • Assessing the most effective strategies to improve conduct, culture and customer experience

Sophie Dupre-Echeverria, Chief Risk Officer, GULF INTERNATIONAL BANK

Stream 2: Vendor and third party risk management

11:20

Chair's opening remarks

Paul Huggett, Head of Third Party Sourcing Risk Profile and Governance, BANK OF IRELAND

11:25

Building strong governance frameworks and reporting for vendor management

  • How can governance frameworks be strengthened to increase accountability?
  • Where does vendor risk sit in a 3LOD model?
  • What does the regulator focus on when they review third party risk?
  • How does the governance vary for regulated vs non regulated third parties?
  • How do you measure concentration risk relating to 3P service providers?
  • How to effectively report on third party risk

Moderator: Bjorn Lenzmann, Senior Vice President, Head of Group Operational Risk, EMIRATES NBD
Amit Lakhani, Head of Ops Risk Controls for ICT and Third Party Management for Corporate and Institutional Banking, BNP PARIBAS
Emma Mansfield, Head of Outsourced Services Assurance, BANK OF IRELAND
Thierry Vincent, Head of Permanent Control and Operational Risk, CREDIT AGRICOLE CIB

12:05

5 min intermission for stream changeover

12:10

Vendor risk in the next generation firm

  • How do you effectively ‘manage’ fourth parties?
  • Where can vendors help to define standards which would be supported by regulators?
  • What tools are evolving to help measure and monitor vendor risk and what are the different approaches to assessing it?
  • Can AI increase third party risk?
  • How do you quantify vendor exposure other than running individual scenarios?
  • How to evaluate country and economic risk for offshore vendors

Tom Garrubba, Senior Director and CISO, THE SANTA FE GROUP

Stream 3: Quantification of risks

11:20

Chair's opening remarks

11:25

Operational stress testing and scenario analysis

  • Defining and creating effective stress test scenarios
  • Aligning scenario analysis and operational stress testing to meet changing regulatory expectations
  • Internal stress testing vs regulatory stress testing
  • Reverse stress testing
  • Review of CCAR requirements
  • Have you stressed for the current geopolitical shifts and included a possible forthcoming period of deregulation as a significant driver of increasing op risk capital?

Moderator: Sanghamitra Karra, Managing Director, EMEA Head of Stress Testing and Portfolio Risk, MORGAN STANLEY
Dora Grant, Chief Risk Officer, UNITED BANK UK
Paul Doran, Global Head of Scenario Analysis , MORGAN STANLEY
Annie Simova, Global Head of Operational Risk Stress Testing, HSBC
Luke Carrivick, Head of Research and Information,  ORX

12:05

5 min intermission for stream changeover

12:10

Quantifying emerging operational risks

  • Approaches for identifying emerging risks, feedback loops and domino effects
  • Alternative scenario techniques for quantification and validation
  • Application of these techniques to specific emerging risks
  • Conclusions and the 3rd era of operational risk

Michael Grimwade, Head of Operational Risk, ICBC STANDARD BANK

12:40

Lunch and Networking break

Women in operational risk networking lunch: Promoting diversity in risk management. This networking lunch provides an excellent opportunity to share success stories of building a positive risk culture and obstacles in achieving diversity of thought in firms. Invite only.

Key points to be discussed:

  • How businesses benefit from diversity of thought, and by having more women in senior positions/across the organisation
  • Which firms are the leaders in the industry? Which women are trailblazers? How have they achieved this?
  • What are the top pitfalls? I.e. What not to do as an organisation aiming to attract and nurture top talent

Hosts: Terri Duhon¸ Non-Executive Director and Risk Chair, MORGAN STANLEY INTERNATIONAL and Marilin Luna Butters, Global RCSA Methodology & CEEMA Head of Operational Risk, CITIBANK

Stream 1: 1LOD

13:50

Chair's opening remarks

Andrew Sheen, Head of Operational Risk Regulatory Advisory, CREDIT SUISSE

13:55

Obtaining value from RCSAs

  • What is next for RCSAs? Examining the trends across the industry
  • Developing traditional RCSAs to increase benefit and efficiency and drive strategic business decisions
  • Reporting and quantifying RCSA results
  • Aligning risk appetite and RCSA processes
  • How are technology risks reflected in RCSAs and how do they interact with traditional IT risk monitoring?
  • What actions should be taken against emerging risks and how should they be covered in the RCSA?

Moderator: Sean Titley, Director, Business Development, THE INSTITUTE OF OPERATIONAL RISK (IOR)
Marilin Luna Butters, Global RCSA Methodology & CEEMEA Head of Operational Risk, CITIBANK
Steven Portway, Group head of Operational Risk Framework, Policy and Conformance, BARCLAYS
Hannah Chung, Senior VP Internal Audit – Operational Risk and Reputational Risk, CREDIT SUISSE

Stream 2: Vendor and third party risk management

13:50

Chair's opening remarks:

Paul Huggett, Head of Third Party Sourcing Risk Profile and Governance, BANK OF IRELAND

13:55

External third and fourth party dependency for operational resilience

  • What are the risks from people, processes and technology from third parties? What sort of preventative monitoring controls could help address these risks?
  • How does cloud outsourcing fit in with the operational resilience regulatory requirements?
  • What metrics and other information is currently available in your third parties for monitoring operational resilience?
  • What’s the approach for the role of the first and second line in monitoring the risk from third parties within operational resilience?

Moderator: Paul Huggett, Head of Third Party Sourcing Risk Profile and Governance, BANK OF IRELAND

Charles Forde, Global Head of Outsourcing and Third Party Risk and Shared Services Risk for IB Global and UK Business, UBS

Sean Miles, Head of Risk, PAY.UK

Vipul Asher, Privacy Consulting Manager, ONETRUST

 

14:35

Afternoon coffee and networking break

15:00

Embedding a strong risk culture to aid operational risk management

  • Defining, understanding and measuring risk culture
  • What are the key components of a strong risk culture which will support banks with operational resilience?
  • How does risk culture fit into the overall culture of an organisation?
  • Who should be primarily responsible for the implementation of risk culture? It is 1LOD, 2LOD, 3LOD? Or is it embedded divisionally?
  • Is the level of diversity and integration a measure of culture or conduct risk or both?
  • Is the concept of front, middle and back office impacting culture negatively?

Moderator: Alexander Campbell, Divisional Content Editor, RISK.NET
Terri Duhon¸ Non-Executive Director and Risk Chair, MORGAN STANLEY INTERNATIONAL
Libby Denchfield, Managing Director, Global Head of Strategy and Change, Cyber and Information Security Risk, STANDARD CHARTERED BANK
Søren Agergaard Andersen, Chief Risk Officer, NORDEA ASSET MANAGEMENT
Sophie Rutherford, EMEA Head of FX Business Risk, Global Markets, STATE STREET

15:40

Keynote address: From transnational threats to cyber and enterprise risks 

Live interview with Steve Hill, Managing Director, Global Head of Technology Operational Risk, CREDIT SUISSE and Alexander Campbell, Divisional Content Editor, RISK.NET

16:10

War Games: Disaster recovery and business continuity in operational and cyber risk

PART I: Scenario Strategising 

In each disaster and recovery scenario, participants are introduced to an operational risk scenario which is still unfolding and asked to consider the immediate steps they would advise their firm to take based on the information available at each stage

PART II: Harvest session 

Each Leader will summarise their POA of the discussion and present it back to the table participants with comments

Learning outcomes:

  • What immediate actions would you advise your firm to do in the scenario?
  • Hierarchy of response- who are the 1st and 2nd responders?
  • Incident management- how do you assess the impact on your firm?
  • What’s your crisis management protocols? What do they look like?
  • How equipped is your organisation to respond to high stress situations?
  • Business continuity planning from employees to infrastructure

Leader 1: Steven Portway, Group Head of Operational Risk Framework, Policy and Conformance, BARCLAYS
Leader 2: Data loss incident - Sean Titley, Director, Business Development, THE INSTITUTE OF OPERATIONAL RISK (IOR)
Leader 3: Third party risk - Paul Huggett,Head of Third Party Sourcing Risk Profile and Governance, BANK OF IRELAND
Leader 4: Fraud - Vinaya Parvate, Global Head Fraud Risk Oversight for Institutional Clients Group, CITI
Leader 5: Cyber - Anthony Hines, Director, Cyber Risk Assurance, CITI

17:10

Chair's closing remarks: Mark Feeley, Research Director, CHARTIS RESEARCH

17:15

Networking drinks reception

Day 2: 15 May, 2019 – Etc Venues St Paul’s, London

08:15

Registration and refreshments

08:55

Chair's opening remarks: Mark Feeley, Research Director, CHARTIS RESEARCH

09:00

Keynote address: Regulatory action in the UK – How the FCA makes its decisions

  • The regulatory framework, including SMCR
  • The FCA’s Regulatory Decisions Committee
  • Settle or fight?

Tim Parkes, Chair of the Regulatory Decisions Committee, THE FINANCIAL CONDUCT AUTHORITY (FCA)

09:30

NextGen OpRisk, creating the foundation for effective ERM

  • How AI, analytics and advanced technologies are transforming OpRisk and creating a foundation for managing enterprise risk
  • Leveraging AI to classify and categorize events, risks and issues to improve data quality and improve compliance efficiency
  • How advanced analytics are shifting risk activities from “what happened?” to “what’s coming?” through timely, relevant and predictive information
  • Empowering the first line of defence through User Experience Design to more actively participate in risk management as a part of their day-to-day activity

Vivek Bajaj, Global Vice President, IBM WATSON FINANCIAL SERVICES

10:10

Moving to the cloud – Identifying and managing the risks

  • How can firms best manage the potential risks associated with cloud computing?
  • Considering challenges in:
  • Security 
  • Compliance
  • Handling and categorizing data
  • Outsourcing to the cloud

Angela Johnson, Global head of Security, Risk and Compliance for the Public Cloud, DEUTSCHE BANK

10:40

CRO’S PERSPECTIVE: Thriving in an era of change and upheaval

  • What keeps the CRO awake at night: What are the emerging risks for the year to come and how do you quantify them?
  • Do you think the CRO of the future is a technologist?
  • How do other risks (market risk, credit risk) fit in with op risk? How do you deploy resources and capital across the spectrum of risks?
  • Emerging risks:
  • Which of the current and emerging risks are of most concerns to the CROs? How do you set operational risk appetite to these risk?
  • Managing the emerging customer risk: Protecting customer data and risk mitigation tactics for data breaches
  • How big a risk is social media and instant messaging?
  • Is digital risk a discrete risk type or is it a cause within other existing categories?

Moderator: Tom Osborn, Editor, Risk Management, RISK.NET

Veronica Lazenby, UK Chief Risk Officer, BNY MELLON

Paul Berry, Chief Risk Officer, MIZUHO INTERNATIONAL

Jeff Simmons, Chief Risk Officer, MUFG SECURITIES (EUROPE)

Cosimo Pacciani, Chief Risk Officer, EUROPEAN STABILITY MECHANISM

Richard Settle, Chief Risk Officer, EUROCLEAR UK AND IRELAND

11:20

Knowledge cafes: Grab a coffee and join a table of your choice to share ideas and network with fellow industry professionals

Roundtable 1: AI and Machine Learning - Vivek Bajaj, Global Vice President, IBM WATSON FINANCIAL SERVICES

Roundtable 2: Brexit - Beate Born, Executive Director, Risk and regulatory Management, UBS

Roundtable 3: Cloud computing -  Angela Johnson, Global Head of Security, Risk and Compliance for the Public Cloud, DEUTSCHE BANK

Roundtable 4: Operational resilience - David Phan Dinh, Head of Operational Risk, ROTHESAY LIFE

Roundtable 5: Vendor Risk - Tom Garrubba, Senior Director and CISO, THE SANTA FE GROUP

Roundtable 6: Cyber security - Maxine Gee, Director, Technology Risk – Investment Banking, DEUTSCHE BANK

Stream 1: ORM

12:00

Chair's opening remarks

12:05

Learning from other industries

  • Concepts used in other industries to address high impact risks
  • Can banks use best practice approaches from other industries
  • Compare banking with high reliability industries

Anit Deb, Head of External Industry Coverage in Operational Risk, DEUTSCHE BANK

12:35

5 min intermission for stream changeover

12:45

Building an effective Risk Appetite Framework (RAF) - Key components and challenges

  • Who should own the risk appetite – the 1LOD or 2LOD?
  • How often should risk appetite be revisited and reconsidered?
  • How do you achieve an appropriate balance between the quantitative and qualitative aspects?
  • ‘Risk appetite’ vs ‘risk tolerance’: Is risk appetite evolving into risk tolerance of are they effectively the same thing?

Moderator: Simon Cory, Director of Enterprise Risk Strategy and Interim Director Of Operational Risk, NATIONWIDE

Emily Jenner, Managing Director, Global Head, Risk Strategy and Risk Appetite, STANDARD CHARTERED BANK
Ricardo Soto, Head of Risk and Controls for Wealth Management, BARCLAYS
Simon Cartlidge, Head of Risk, LEGAL & GENERAL
Charlie Palmarini, NFRM Coverage – Equities Lead, DEUTSCHE BANK

Stream 2: Preparing for the future

12:00

Chair's opening remarks

Dr Ariane Chapelle, Honorary Reader, UNIVERSITY COLLEGE LONDON

12:05

Using Machine Learning and AI for better operational risk management

  • Big Data, Machine Learning (ML), Artificial Intelligence (AI): what’s the difference?
  • 7 uses for better oprisk management
  • RegTech and compliance aid: context and conditions
  • The trouble with data: challenges of data quality and interpretability of AI models
  • Social Physics for better conduct and culture

Dr Ariane Chapelle, Honorary Reader, UNIVERSITY COLLEGE LONDON

12:35

5 min intermission for stream changeover

12:40

Big Data & Blockchain - Data transfer and analytics in the new age

  • Recent developments in data analytics to help risk management
  • How to ensure data quality and protection; can blockchain help?
  • Blockchain to the rescue of compliance and regulation: Blockchain Technology for Algorithmic Regulation and Compliance (BARAC) – research project
  • The evolving roles of the Chief Data Officer (CDO) in collaboration with operational risk

Moderator: Dr Ariane Chapelle, Honorary Reader, UNIVERSITY COLLEGE LONDON
Claus Murmann, Head, Risk Analytics Systems, Enterprise Risk Management, STANDARD CHARTERED BANK
Pr. Tomaso Aste, Professor & Director of the Centre of Blockchain Technologies, UNIVERSITY COLLEGE LONDON

Stream 3: Operational resilience

12:00

Chair's opening remarks

Hannah Chung, Senior VP Internal Audit – Operational Risk and Reputational Risk, CREDIT SUISSE

12:05

Achieving cyber resilience

  • Examining the nature of existing and emerging cyber threats
  • How to adapt data protection and recovery practices to better reflect today’s more targeted and malicious attacks
  • Application of stress testing and scenario analysis to cyber risk. How is BoE’s planned approached to stress testing set to impact firms?
  • Reputational protection during a cyber-attack: Developing effective crisis communications plan
  • Building a risk-aware cyber security culture and assessing innovative solutions for people related challenges
  • Effective monitoring, including KRIs

Yiannis Pavlosoglou, PhD, CISSP, Head of UK Chief Information Security Office (CISO), UBS

12:35

5 min intermission for stream changeover

12:40

Developing operational resilience in financial services

  • Examining the current focus and regulatory scope
  • Is the 1LoD/2LoD leading changes in the operational resilience framework?
  • Do you currently set impact tolerances? How do these relate to scenarios and (reverse) stress-testing?
  • How do you ensure resilience of systems/applications/data access?
  • Do you intend to have a consistent and cohesive approach (inc. governance, reporting, communication) for all types of disruption?

Moderator: Mark Feeley, Research Director, CHARTIS RESEARCH

David Phan Dinh, Head of Operational Risk, ROTHESAY LIFE
Jenifer Moodie, Director of Operational Risk, SANTANDER UK

Edward Rhodes, EMEA Head of Operational Resilience, BNY MELLON

13:20

Lunch and networking break

14:10

OUT OF INDUSTRY ADDRESS: Risk and Uncertainty Through a Military Lens

The role of leaders in handling operational and institutional risks

Sir Peter Wall, Former Chief of the General Staff, BRITISH ARMY and CEO of AMICUS

14:40

Financial stability and Brexit - An operational risk perspective

  • Lessons learned: were financial institutions well prepared for the operational risks posed by Brexit?
  • Impacts of Brexit on:
  • Data privacy and cyber security
  • Supply chain
  • Vendor management and control of outsourcing in the wake of Brexit
  • What additional operational risks has Brexit created?
  • What are the alternatives to ‘passporting’ and what are the consequences of likely models?
  • Will FMIs bolster London’s role as a financial centre post-Brexit?
  • Looking forward: what opportunities exist for financial institutions in a shifting political and regulatory environment and how to stay ahead

Moderator: Michelle Zak, Chief Operating Officer, KYTE BROKING

Kieren Stanley, GRM Head of Operational Risk – Europe & APAC, RBC

Beate Born, Executive Director, Risk and Regulatory Management, UBS

Stephen Creese, Managing Director, EMEA Head of Operational Risk Management & Global Head of MCA, CITI

15:20

Managing operational risk and enabling growth in the age of innovation

  • Which risk drivers are easier to automate? Where have there been challenges in automation?
  • How does the current risk technology that you use support your risk management innovation?
  • Understanding how to adapt oversight, processes and tools to support real time digital innovation
  • What gives better results: automated data, model driven analyses or rather qualitative assessments? Where does the future lie?
  • Digital disruption in financial markets: impact of fintech, blockchain and faster payments and setting up risk appetite and risk governance to respond to new emerging risks

Moderator: Alexander Campbell, Divisional Content Editor, RISK.NET

Lewis Cox, Head of Fintech Risk, DEUTSCHE BANK

Carlos Martin, Risk Director, NATWEST MARKETS

Freek Van Velsen, Head ORM Retail and Private Banking, ABN AMRO BANK N.V

16:00

Chair's closing remarks:

Mark Feeley, Research Director, CHARTIS RESEARCH

16:05

End of conference

We also offer workshops

13th May 2019 & 16th May 2019

The conference is book-ended by tutor-led workshops that have been specifically created to help sharpen your skills and knowledge, and can be added on to your conference pass.

Read more