Agenda 2022

Agenda 2022

OpRisk North America Agenda

13:0014:00

Stream

Workshop 1: Best practices in Risk and Control Self-Assessment

Best practices in Risk and Control Self-Assessment

10:00 - 11:00

One of the most important tools helping banks manage and monitor their key Operational risks and controls, join this discussion to better understand:

  • Where are your strengths? Where could your firm improve? 
  • Are your RCSAs up to date?
  • Are they informative enough?
Ariane Chapelle

Managing partner

Chapelle

Ariane Chapelle is an honorary reader at University College London (UCL) and is an internationally recognised trainer and consultant in risk. She teaches Operational risk measurement for financial institutions and is a fellow of the Institute of Operational Risk..

Chapelle founded and runs her adivsory and training practice in risk management, serving financial organisations and international institutions of all sizes, including central banks and UN agencies. She is a former holder of the chair of international finance at the University of Brussels with backgrounds in internal audit, credit risk and investment risk. She has been active in operational risk management since 2000 and was formerly head of operational risk management at ING Group and Lloyds Banking Group.

15:0016:00

Stream

Workshop 2: Quantification of operational risk

Quantification of operational risk: how are we doing this and what methodologies are best?

13:00 - 14:00

 

Operational risk is fast becoming a leading component of corporate risk governance. What are some of the existing methods used to quantify operational risks within financial services?

Ariane Chapelle

Managing partner

Chapelle

Ariane Chapelle is an honorary reader at University College London (UCL) and is an internationally recognised trainer and consultant in risk. She teaches Operational risk measurement for financial institutions and is a fellow of the Institute of Operational Risk..

Chapelle founded and runs her adivsory and training practice in risk management, serving financial organisations and international institutions of all sizes, including central banks and UN agencies. She is a former holder of the chair of international finance at the University of Brussels with backgrounds in internal audit, credit risk and investment risk. She has been active in operational risk management since 2000 and was formerly head of operational risk management at ING Group and Lloyds Banking Group.

07:4508:50

Registration, coffee and networking

07:45 - 08:50

Grab a coffee, croissant and chat with your peers. A light breakfast will be served. 

Breakfast briefings start from 8 am.

08:0008:50

Stream

Leaders breakfast briefing

Top risks from the Ukraine crisis: from supply chain to cyber risk leaders breakfast briefing

08:00 - 08:45

From sanctions and people risk through to the fear of cyber-attacks on energy, finance, and communications infrastructure, the impact of the Ukraine crisis is vast. Global firms have on one hand an ethical responsibility to ensure the safety and well-being of their workforce as well as complying with sanctions. How are multi-national firms navigating these geopolitical complexities?

Ash Majid

Managing director and CRO

SMBC Capital Markets & SMBC Nikko America

Ash Majid is Managing Director and Chief Risk Officer for SMBC Capital Markets, Inc. & SMBC Nikko Securities America, Inc. wholly owned subsidiaries of SMBC Americas Holdings, Inc. In his current role he oversees teams responsible for managing the risk from the two subsidiaries within the broader America’s Division risk management team. Prior to joining SMBC Capital Markets, Ash worked at Ernst and Young, LLP within their Quantitative Advisory Services and SunTrust Banks, Inc. with oversight of their derivatives trading desks' market risk. Ash holds a Doctorate degree in Electrical and Computer Engineering and a Master's degree in Quantitative and Computational Finance from Georgia Institute of Technology. Additionally, Ash holds FINRA Series 7 & 24 licenses.

Stream

Leaders breakfast briefing 2

The great resignation: the new kid on the block keeping us awake at night breakfast briefing

08:00 - 08:45

The pandemic changed so many things, from the way people work to key priorities. Emerging from this period, many are rethinking work, family and the day-to-day grind. The great resignation is real and the financial services industry has not escaped unscathed. How are leading firms dealing with high turn-over, a skills shortage and weaning interest from new graduates?

Join industry leaders as they explore

  • Strategies to retain talent and acquire new graduates
  • Encouraging employee engagement
  • Developing inclusivity
  • Creating interest around current vacancies
  • Planning for the future workforce
  • Improving leadership management skills
Anne-Sophie Gug

Director - GRC program manager

Société Générale

Shelly Kalra

Vice president operational risk

DailyPay

Shelly, in her role as VP Operational Risk at Daily Pay, is responsible to establish an operational risk framework from ground up, evaluate and mitigate emerging risks, and create a risk informed culture in a hyper growth business. Daily Pay is a leader in the On Demand Pay industry and Shelly is enabling business growth by continually improving  its operational processes and Institutionalizing risk management by design. Prior to DailyPay, Shelly spent 10 years at American Express in various first and second line roles. In her last role at Amex, she led global operational risk for Travel Lifestyle Services (TLS) business in 22 markets, responsible to evaluate and mitigate business risks and risk oversight functions like Compliance Risk Assessment, Process Risk Self Assessment, Third Party Lifecycle management, Business Self Testing etc. She also spearheaded the build of control framework, oversight in emerging markets like China and Manila, and Global Business Travel, an AXP critical joint venture. She also had solid experience in Privacy Laws having worked in Privacy organization and partnering closely with Privacy, compliance and Legal on a regular basis.  Shelly has a Technology background and is hands on to work with technology in assessing technology processes for risks or working on enhancements to risk management processes and programs.

 

Shelly likes to volunteer her time at St Joseph’s Center and Community Food Bank of NJ. She also volunteers to teach elementary kids math and coding.

Madiha Fatima

Third-party risk management director

Angelo Gordon

Dawn Sidgwick

Chief learning officer

Risk.net and Central Banking

09:0009:30

5 key priorities for op risk professionals today

09:00 - 09:45

Join US regulatory and supervisory bodies as they explore their top priorities from operational, cyber, concentration and cloud risk through to failovers

Tom Osborn

Editor, risk management

Risk.net

Tom Osborn is the desk editor of Risk.net's risk management coverage. Prior to joining Risk, he reported on the futures and foreign exchange industries for Dow Jones' Financial News and the Euromoney group of publications. Osborn holds a bachelor's degree in English literature from the University of Warwick.

Arthur Lindo (Art)

Deputy director for policy

Federal Reserve Board's Division of Supervision and Regulation

Arthur Lindo (Art) is the Deputy Director for Policy in the Federal Reserve Board's Division of Supervision and Regulation. His principal responsibilities include overseeing the development and assessment of the effectiveness of Board regulations and policies affecting the financial services sector and coordinating the Board’s domestic and international regulatory programs. He also advises the Board on emerging policy matters that have implications for the supervision and regulation of the financial services sector. He is an active participant in various committees in the Federal Reserve System and is the Chairman of the Appraisal Subcommittee of the Federal Financial Institutions Examination Council (FFIEC) and the Chairman of the Basel Committee’s Operational Resiliency Working Group. Art has a BA in Accounting from the Catholic University of America and a MBA in Finance from the George Washington University.

Kevin Greenfield

Deputy comptroller for operational risk

Office of the Comptroller of the Currency

Kevin Greenfield is the Deputy Comptroller for Operational Risk at the Office of the Comptroller of the Currency (OCC).

In this role, Mr. Greenfield oversees development of policy and examination procedures addressing operational risk, bank information technology, cybersecurity, critical infrastructure resilience, payments systems, and corporate and risk governance. He assumed these responsibilities in November 2019.

Prior to this role, Mr. Greenfield served as the Director for Bank Information Technology for the Operational Risk Division where he managed a team responsible for developing, communicating, and interpreting policies for the OCC's supervision of technology operations at financial institutions. He represented the OCC on several interagency groups that focus on coordination and development of information technology risk management supervisory guidance for such topics as information security, resiliency, technology operations, corporate governance, and independent risk management.

Prior to being named Director for Bank Information Technology in 2014, Mr. Greenfield spent 14 years with the OCC's Large Bank Supervision Department, where he gained experience examining large and complex technology operations at several of the largest U.S. financial institutions. In this role, he held various technology supervision roles at large financial institutions based in Pittsburgh, Charlotte, and New York City.

Mr. Greenfield is a graduate of the University of Dayton and holds the Certified Information Systems Auditor professional certification.

09:3009:50

Live stream: Update on operational resilience expectations

09:30 - 09:50

Mariam Harfush-Pardo

Head of operational risk & resilience division

Bank of England

Mariam is currently Head of Operational Risk and Resilience Risk Division within the Supervisory Risk Specialists at the Bank of England. She has responsibility for the implementation of the operational resilience policy and cyber stress testing. Previously, Mariam led the credit risk analysis for the solvency and climate stress tests as Head of Credit Risk Division. She has experience in financial and operational resilience in banks and FMIs. Mariam has a PhD in Financial Economics from Imperial College.

09:5010:30

How are leading FIs keeping pace with operational resilience expectations? Empirical insights from practitioners panel

09:50 - 10:30

Over the past decade, the financial services industry has faced an evolving landscape, with growing threats to operations, IT systems, offices and workforce. From the prevalence of third party risks through to natural or man-made crises, the emphasis on preparedness and response has never been so crucial to sector wide resilience and maintaining public confidence.

  • Macro: How we can develop more robust operational resilience in the banking industry
  • Complying with regulatory mandates: how do you recover from physical events?
  • Process improvement and management: reviewing to consider current threats
  • End to end mapping of underlying assets
  • Developing a risk tolerance statement:  when would you start feeling the pinch?
  • Techniques with data, systems, tools and other capabilities which can help us understand a firm’s ability to overcome a given situation and its true resilience.·
Vishal Thakkar

Acting chief risk officer

The OCC

Rich Cooper

Global head of financial service go-to-market

Fusion Risk Management

With many years of experience deploying business continuity and risk management platforms globally, Rich Cooper oversees customer success and business development for large, global accounts.

Rich has more than 20 years of experience in the business continuity and risk management marketplace, running programs and implementing software in both Europe and North America for some of the world’s largest organizations. He has an MBCI certification from the Business Continuity Institute.

Michele Ushkowitz

Managing director, head of risk supervision

SG Corporate and Investment Banking

Michele's career at Société Générale began in 1993 and has held positions in Internal Audit, Investment Banking Division, managed multiple teams within the Operations Division, Head of Operational Risk and currently is Head of Risk Supervision for the Americas.
Michele was appointed as Head of Risk Supervision in July 2016 reporting to the Chief Risk Officer. She is responsible for defining the strategic goals, missions, day-to-day management of Operational Risk Management, Data and Technology Risk, Third Party Risk Management, Cyber Security Risk Management and Global Risk Monitoring teams in order to promote a secure, profitable and sustainable platform.
Michele received a Masters in Finance from the St. Joseph's University, Philadelphia, PA and a B.S. in Accounting from St. Joseph's University. Michele has successfully obtained series 99 regulatory license.

Paula Fontana

Senior director of product marketing

Fusion Risk Management

Ash Majid

Managing director and CRO

SMBC Capital Markets & SMBC Nikko America

Ash Majid is Managing Director and Chief Risk Officer for SMBC Capital Markets, Inc. & SMBC Nikko Securities America, Inc. wholly owned subsidiaries of SMBC Americas Holdings, Inc. In his current role he oversees teams responsible for managing the risk from the two subsidiaries within the broader America’s Division risk management team. Prior to joining SMBC Capital Markets, Ash worked at Ernst and Young, LLP within their Quantitative Advisory Services and SunTrust Banks, Inc. with oversight of their derivatives trading desks' market risk. Ash holds a Doctorate degree in Electrical and Computer Engineering and a Master's degree in Quantitative and Computational Finance from Georgia Institute of Technology. Additionally, Ash holds FINRA Series 7 & 24 licenses.

Sakshi Sharma

Commercial editor, Americas

Risk.net

11:0011:30

Stream

Cloud risk: post-pandemic takeaways on an accelerated digital landscape knowledge cafe

Cloud risk and post-pandemic takeaways on an accelerated digital landscape knowledge cafe

11:00 - 11:30

While many financial institutions were well en-route to cloud migration, the onset of the pandemic greatly accelerated the need for cloud-based working. While moving to the cloud can offer significant benefits, it also comes with new risks.

Join digital risk leaders as they offer practical insights on how to:

  • Effectively manage  security and governance
  • Utilize a public /private cloud strategy

Stream

The rise of synthetic fraud: navigating fraud sophistication knowledge cafe

The rise of synthetic fraud: navigating fraud sophistication

11:00 - 11:30

Increasing instances of synthetic fraud have op risk, fraud and financial services teams worried and with good reason: many organizations don’t always vet consumers identities when applying for credit cards or loans. How can firms navigate increasing complexities and manage synthetic fraud sophistication?

Join this session to explore:

  • Examples of synthetic fraud
  • Fighting synthetic ID rings
  • How criminality is evolving in line with the tech to mitigate it
  • Innovation, tech and envisioning 5 years down the line

11:3012:10

The rise of digital risk: making sense of digital networks and an expanding ecosystem panel

11:30 - 12:10

As traditional financial services institutions continue on a path of accelerated digital transformation how are risk leaders anticipating and mitigating cyber, third party, cloud, IT and cyber risk? Join technology risk and digital risk experts as they break down:

  • How digital networks introduce risk: the impact of big tech and service delivery
  • Working with big tech and third parties to deliver services and the resultant considerations for operational risk
  • Resiliency stacks in the organization: moving from one data center to another with real-time failover
  • Why we’re more vulnerable to cyber-attacks and natural disasters than ever before
Isabel Rohrbeck

Director non financial risk management, head of NFRM infrastructure coverage

Deutsche Bank

Fred Harris

Head of cybersecurity, data and technology risk and compliance

Société Générale

Fred Harris is the Head of Cybersecurity Risk, Data Risk and IT Risk at Société Générale Americas. Fred is an accomplished Technology Executive with more than 30 years of technology and cybersecurity experience in the financial services industry. Before joining SG, Fred was in a similar role at Bank of America and before that he was with Deloitte for 16 years in a variety of role

Tom Kartanowicz

Regional chief information security officer

Commerzbank

 

 

12:1012:50

Lost in (digital) transformation: how risk, resilience, and digital are converging

12:10 - 12:50

Transformations are inevitable and success is not optional. There are many factors that drive changes and transformations, but all are reacting to existing risks and all present new risks, perhaps more now than ever before. The traditional approach has relied heavily on managing financial risks and project risks, including change management, but the pace of change and the cost of failure are too great to rely on analog transformation techniques. In this session, you’ll learn how digital disruptors are employing a resilience-first mindset by:

  • Collaborating across first and second-line teams to understand risk, compliance, and control implications holistically
  • Driving end-to-end solutioning that stretches beyond teams, businesses, groups, and lines of defense
  • Gaining greater visibility of control effectiveness and changes in risk levels while reducing operating costs
Laurén Robbins

ServiceNow

Vice president and general manager, financial services

 

Laurén Robbins To is the General Manager of ServiceNow’s Financial Services business unit. Named by IBM and FinTech Magazine as a 2020 “Top 100 Women in FinTech,” Laurén is responsible for co-creating industry solutions through strategic design partnerships with customers and bringing those solutions to market. Under her leadership, ServiceNow launched the Financial Services Operations industry product, which has driven business transformation for top financial institutions. Prior to ServiceNow, Laurén built and led the Corporate & Investment Banking vertical at Salesforce. She began her career as a banker in both the Investment Banking and Debt Capital Markets organizations at Deutsche Bank. Laurén is based in New York City and holds a bachelor’s degree from the University of Pennsylvania in Economics and Mathematics.

13:0014:00

Networking lunch

11:00 - 11:30

13:0014:00

Stream

GRC 2.0: how data science is reshaping GRC the discipline roundtable

GRC 2.0: how data-driven GRC is reshaping  the  discipline roundtable

13:00 - 14:00

Businesses today operate in a complex, global environment where the risk landscape is ever evolving. How are leading FIs moving beyond legacy infrastructure to unleash the true potential of data-driven GRC?

Anne-Sophie Gug

Director - GRC program manager

Société Générale

Stream

Rise of the machines: machine learning is creating new risks. How are FIs contextualizing these risks? Lunch roundtable

Rise of the machines: machine learning is creating new risks. How are FIs contextualizing these risks? Lunch roundtable

13:00 - 14:00

Is ML truly a model risk? It’s undeniable these re models, but they are non-models in the traditional banking sense (ie. not related to risk or projections for decision-making). How are firms thinking around the ‘models’ used to automate tasks and repetitive processes?  How can we validate these kinds of models? And, importantly, what is the impact on operational risk?

14:0016:15

Stream

Methods and strategies room

Executive boardroom: Quantification of risk and cyber risk frameworks in concert with FSSCC

14:00 - 14:45

Jack Jones

Co-Founder, EVP Research & Development

RISKLENS

<p>Jack is one of the foremost authorities in the field of information risk management. As the Chairman of the FAIR Institute and co-founder and EVP R&amp;D at RiskLens, he continues to lead the way in developing effective and pragmatic ways to manage and quantify information risk. As a three time Chief Information Security Officer (CISO) with forward-thinking financial institutions such as Nationwide Insurance, Huntington Bank and CBC Innovis, he received numerous recognitions for his work, including: the ISSA Excellence in the Field of Security Practices award in 2006; a finalist award for the Information Security Executive of the Year, Central US in 2007; and the CSO Compass Award in 2012, for advancing risk management within the profession. Prior to that, his career included assignments in the military, government intelligence, consulting, as well as the financial and insurance industries. Jack is the author of FAIR, the only international standard VaR model for cybersecurity and enterprise technology. A sought-after thought leader, he recently published 'Measuring and Managing Information Risk: A FAIR Approach', which was recently inducted into the Cyber Security Canon as a "must read" within the profession, and is a regular speaker at industry conferences.</p>

Mark Hofberg

Risk solutions executive

ServiceNow

Mark Hofberg is an accomplished risk management leader with over 20 years of industry experience.  He previously served as a leader in a variety of audit, risk and compliance management functions within retail, wealth, and investment banking at Bank of America.  Mark currently serves customers as Risk Solutions Executive within ServiceNow’s financial services division.  Prior to joining ServiceNow, Mark served as RSA Archer’s field risk officer for US and Canada.

Mark has held various senior leadership roles at Accenture, Bank of America, RSA and now guides customers on their integrated risk transformation journeys with ServiceNow.  He is passionate about the evolution of risk management, emerging risks, and the utilization of technology to optimize business outcomes.  Mark has co-authored white papers on impacts of technical debt, digital risk, and has a patent on optimization of technology decisions (US 8,321,363 · Issued Nov 27, 2012) along with a patent pending process risk prioritization model.  Mark holds a bachelor’s degree in engineering from North Carolina State University.

Executive boardroom: Scenario construction: taking a standardized approach to benchmarking risk exposures

14:45 - 15:30

Thumbnail

One of the key obstacles facing operational risk departments is the distinct lack of forward facing data to help them articulate risk exposures. Nowhere is this more evident than in emerging risks and tail events where the data isn’t available or a given financial institution simply hasn’t the experience. How are industry players proposing to bridge this gap and create an industry standard that paints a holistic picture?

Delve into how FIs are overcoming these data challenges and using scenario generation techniques to:

  • Use quantitative techniques to determine the risk exposure of specific situations
  • Understand how specific scenarios would impact a given organisation, the losses and the potential consequences
  • Set an industry standard
Nedim Baruh

Head of operational risk measurement and analytics

JP Morgan

Nedim Baruh leads the Operational Risk Capital and Analytics function at J.P. Morgan Chase ("JPMC") and is responsible for the Operational Risk Capital and Stress Testing processes.

Most recently, Nedim has been leading JPMC's effort to enhance its Scenario Analysis program by developing factor based models to assess its material risks. This work will help JPMC bridge the gap between operational risk measurement and management.

Prior to joining JPMC, Nedim was part of the Algorithmics Operational Risk advisory function and led many client engagements in the operational risk space.

Nedim has a B.S. in Economics from the University of Pennsylvania.

 

Evan Sekeris

Head of non-financial risk - Americas

MUFG

Evan's background is in the measurement and quantification of credit risk and operational risk.  His primary focus is currently on supporting institutions in building operational risk modeling for stress testing, developing their risk identification process and developing their model risk management frameworks.
Some of his recent client engagements include:
For a foreign global bank, helped them develop a comprehensive operational risk framework for their US based IHC. Ensured both integration of the framework in their international framework as well as US regulatory compliance.
For a large internationally active US bank: supported major change of course in CCAR operational risk stress estimates a few months prior to submission in reaction to regulatory guidance.
For a large regional bank: built their CCAR loss projection model and wrote the documentation for the full CCAR operational risk submission.
For a global bank conducted a validation of their operational risk modeling framework for CCAR
  Prior to joining Oliver Wyman, Evan was the Head of Risk Consulting for Financial Institutions for Aon in Columbia, Maryland. He was in charge of building Aon's risk consulting practice for financial institutions and managed multiple teams based in North America and Europe to deliver services to clients worldwide. Previously, Evan was an Assistant Vice President of the Federal Reserve Bank of Richmond, where he created the center of excellence for operational risk which served the System needs for operational risk related matters. The team was in charge of the supervision of all AMA and CCAR banks in the US and developed the Fed's CCAR model for operational risk.
Evan earned a B.A. and M.A. in Economics from the Université Catholique de Louvain in Belgium. He received an additional M.A. as well as his Ph.D. in Economics from the University of California at Los Angeles.

Patrick Naim

Chief executive officer

MSTAR

Patrick Naim is the CEO of Elseware and is widely recognized as an expert for operational risk modelling and quantification. Patrick has extensive experience in advising Fortune 500 companies in the banking, insurance and energy sectors for over 20 years in Continental Europe, the UK and North America.

Patrick is a frequent speaker on operational risk management. He is also the author of "Risk Quantification: Management, Diagnosis and Hedging" (Wiley, 2006), "Bayesian Networks" (Eyrolles, 2007) and "Bayesian Networks: a Practical Guide to Applications" (Wiley, 2008). Patrick graduated from Ecole Centrale de Paris (M.Sc.) in with a degree in economics and applied mathematics, and is qualified as an Associate in Risk Management (ARM).

Tom Osborn

Editor, risk management

Risk.net

Tom Osborn is the desk editor of Risk.net's risk management coverage. Prior to joining Risk, he reported on the futures and foreign exchange industries for Dow Jones' Financial News and the Euromoney group of publications. Osborn holds a bachelor's degree in English literature from the University of Warwick.

Executive Boardroom: TPRM 2.0: how firms are navigating increasing complexities

14:45 - 15:30

 As FIs have operated in an increasingly digital landscape, the digital risk ecosystem, including cloud risk and IT, has become increasingly complex. Moving beyond COVID 19, firms are also developing mechanisms to prioritise third-party ESG risks. How are FIs keeping ahead of the regulatory landscape and evolving their approach to TPRM in such a complex environment?

Listen in to gain practical insights into:

  • How to approach TPRM in the face of strict  regulatory requirements and an evolving threat landscape
  • How to strengthen your approach, safeguard your supply chain and stay compliant
  • How you can develop appropriate measures to prioritize third party ESG risks
Michael Kenney

Vice president operational risk asset management and operations multi-family

FreddieMac

As Vice President of Operational Risk, Michael leads the first line of defense risk management for financial crimes, privacy and information security, business resiliency, vendor management and compliance with regulatory requirements. Mike and his team establishes the risk direction by aligning the Multifamily Governance Framework with the business operating model. He continually improves governance by understanding the multifaceted drivers that effect risk environment.

Rodney Campbell

Senior vice president – head of third-party risk management

Valley National Bank

Rodney Campbell is a recognized industry leader in Third-Party Risk Management (TPRM), Enterprise Risk Management (ERM), Relationship Management & Contract Management. Rodney is a business champion, dedicated to empowering organizations and business leaders with industry insights and best practices to establish both regulatory compliance and organizational success. Experienced in developing global programs, organizational frameworks, and business processes that spans Asia-Pacific, Latin America, United Kingdom and North America regions, Rodney creates a high-impact, collaborative environment that eliminates silos and cross borders.  

 

Additionally, Rodney serves on Seton Hall University Customer Experience Program Advisory Council and The Board of Directors for HANDS Housing and Neighborhood Development.

Jeannie M Pumphrey

Director head of third-party risk management operational risk management

MUFG

Stream

Emerging and rapidly evolving risk room

Getting to grips with climate risk: salient considerations for operational risk leaders

14:00 - 14:45

Fines are on the horizon. As climate risk and ESG climb the global agenda, how do they factor into the already complex supervisory landscape?

Sit in on this discussion to gain exclusive practical insights exploring:

  • Business continuity and resilience with a focus on offices and infrastructure
  • Meeting new regulatory requirements
  • Thinking outside of the box: health and safety and location strategy
  • Supply chain: disruption and resilience, from net zero commitments, labor laws and human rights
  • Disclosure requirements  
  • Litigation and greenwashing controls
Michael Barton

Senior director of quantitative assessments

United Health Group

Michael Barton is the Director of Operational Risk Quantification and Scenario Analysis at AIG.  In his role, he leads the development and implementation of operational risk stress testing, economic capital estimation, and allocation of those estimates to the business lines, as well as supporting the development of and quantification of operational loss scenarios for the organization.  In this role, Michael has worked extensively with cyber and business professionals around identifying and quantifying cyber risk.  Before working at AIG, Michael was the Head of the Regulatory Solutions Quantification group in U.S. Bank’s Corporate Treasury department.  In this role, he was responsible for CCAR/DFAST and Regulatory Capital modeling for Operational Risk as well as setting up a governance framework for models and analytical tools in the Corporate Treasury department.  Previous to those roles, Michael worked in an actuarial capacity at Sun Life Financial in Boston handling variable annuity reserving, fixed and variable annuity lapse study estimations, and retirement product pricing.  He held a similar variable annuity reserving role in Security Benefit Corporation in Topeka, KS before that.  Michael has a Bachelor’s Degree in Mathematics with an Actuarial Emphasis, and a Master’s Degree in Theology.

Shelley Pressman

Environmental and social risk officer

Societe Generale

Staying ahead of the curve: How to assess and treat emerging and rapidly evolving risk panel

14:45 - 15:30

  • Understanding emerging and rapidly evolving risks
  • Challenges and opportunities – practical tools for creating value and dealing with emerging and rapidly evolving risks
Penny Cagan

Head of operational risk Americas

UBS

Gustavo A. Ortega

Head of technology, innovation and operations risk

Voya Financial

Rajat Baijal

Head of enterprise risk

The Clearing House

Rajat Baijal is the Managing Director – Global Head of Enterprise Risk at Cantor Fitzgerald. In this role, he is responsible for designing and embedding a robust Risk Framework across the firm. This includes articulating and implementing a robust Risk & Control Self-Assessment (RCSA), Risk Event Management, Key Risk Indicators etc. and ensuring that the Board is suitably informed about all material issues.

Rajat has an MBA in Finance and has previously worked for Kensington Mortgages, Lloyds Banking Group and Aviva specialising in global implementation of their Risk Framework. Rajat is a regular speaker at risk conferences across London and New York and has authored a number of articles for risk journals/textbooks.

Executive boardroom: Emerging instruments: demystifying digital assets 

15:45 - 16:30

Given the rapid rise, and volatility, of the valuation of digital assets, they are becoming difficult to avoid. Still in its infancy, what are the risks and what should FIs do to prepare themselves for these kinds of emerging instruments?

Join this discussion to understand how digital assets could impact non-financial risk exposures, building on:

  • How the technology and legal frameworks that underpins them impacts operational risk
  • How the infrastructure used to exchange them impacts operational risk
  • The potential risks associated with fraud, cyber, legal and reputational risks
Ashley Shillingford

Principal, digital assets

BNY Mellon

Stan Yakoff

Head of Americas supervision

Citadel Securities

Stan is the Head of Americas Supervision at Citadel Securities where he covers the Equities, Futures, and ETF businesses, systematic trading, and trading technology.  Stan is also an Adjunct Professor of Law at Fordham University School of Law teaching Trading, Risk Management & Market Structure Regulation.  Stan previously was a Compliance Officer at Marshall Wace North America L.P. where he specialized in Quantitative Compliance and helped build the core US compliance program and scaled globally to EU and APAC.  Prior to that he worked at Knight Capital Group focusing on algorithmic trading, market structure, and surveillance. He holds a J.D. in Law from Fordham University School of Law where he was an Associate Editor on the Journal of Corporate & Financial Law, and additionally holds an M.Eng. in Engineering Management, M.S. in Pharmaceutical Manufacturing Engineering, and M.A. in Technology, Policy & Ethics from Stevens Institute of Technology.  Stan is Certified in Risk and Information Systems Control (“CRISC”), a Certified Data Privacy Solutions Engineer (“CDPSE”) and is also a Certified Fraud Examiner (“CFE”). Stan lectures and publishes on topics including FinTech, RegTech, market structure, alternative data, artificial intelligence, regulatory and enforcement matters, surveillance, cybersecurity, data privacy, and risk management. 

16:3017:00

Networking coffee break

15:30 - 16:00

Feel free to grab a coffee, take a meeting or hop into one of our Knowledge Café hubs for an informal discussion with your colleagues. 

16:1516:45

Stream

Knowledge cafe: You are a victim of a cyber-attack – So what now?

You are a victim of a cyber-attack – So what now?

15:30 - 16:00

  • How do you recover from a successful hack?
  • What is your institution’s real ability to recover from cyber-attack interruptions and what efforts do you make to make sure your suppliers are not too connected?
Yogesh Mudgal

Global head enterprise tech/cyber architecture and engineering risk

Citi

Stream

Knowledge cafe: You are experiencing an IT outage. All your services are down.

Knowledge cafe: Managing the IT meltdown: What steps do you take to recover?

15:30 - 16:00

 

You are experiencing an IT outage. All your services are down.

  • How do you overcome an IT systems mitigation failure
  • Moving beyond disjointed and decentralised systems: solving the legacy infrastructure dilemma

Stream

Knowledge cafe: You're under attack... and it's an inside job!

You're under attack... and it's an inside job!

15:30 - 16:00

Insider bank attack: a group of employees has created fake accounts for thousands of customers. How do you manage the situation and what steps do you take to ensure you take proper action internally and effectively communicate with supervisors? How do you mitigate future instances of insider fraud and market abuse?

16:4517:30

Ahead of the game: building a smarter cyber risk strategy panel

17:00 - 17:30

It is inevitable that cyber risk concerns will continue to grow. Cybersecurity is now listed as one of the top priorities for CEOs globally. Strategies to cyber risk management are now evolving and ownership is no longer seen as the sole responsibility of one specific department. How are leading FIs evolving their approach to cyber risk, transcending departments and better incorporating the perspectives and concerns across supply chain and technical departments?

Josh Magri

President and founder

Cyber Risk Institute

Jack Jones

Chairman

The FAIR Institute

Widely considered a thought leader in risk management and information security, Jack has been employed in technology for over thirty five years, and specializing in information security and risk management for over thirty years. During this time he has garnered a decade of experience as a CISO, including five years for a Fortune 100 financial services company. His work has also been recognized by his peers and the industry, earning him the 2006 ISSA Excellence in the Field of Security Practices award, and the 2012 CSO Compass Award for Leadership in Risk Management.

Jack is the originator of the now industry standard risk measurement model known as Factor Analysis of Information Risk (FAIR). FAIR has seen adoption globally, within organizations of all sizes, and is now regularly included in graduate-level university courses on information security and referenced by other industry standards. He also co-authored a book on FAIR entitled "Measuring and Managing Information Risk - A FAIR Approach", which has been inducted into the Cybersecurity Canon as a "must read" for professionals in the industry. Jack was also on the ISACA task force that developed the RiskIT framework, and he led the ISACA group that developed the CRISC certification.

Today, Jack is in charge of Risk Science at RiskLens, Inc. and is a sought after speaker at national conferences and universities. He is also an adjunct instructor of risk measurement for Carnegie Mellon University. Jack is currently also the Chairman of The FAIR Institute (http://www.fairinstitute.org/), an award-winning non-profit organization led by information risk officers, CISOs and business executives to advance risk management practices based on FAIR.

Mandar Rege

Managing director, operational risk management, technology and cybersecurity

Citi

Mandar has over 20 years of engineering and risk management experience across Technology Operations, Governance and Audit, helping organizations meet business objectives through technology. Currently he is serving as a Managing Director at Citigroup in the Operational Risk group. Prior to Citi, Mandar was the Global CTRO at TD Bank Group, before which he served as the CTRO and CISO at the Bank of Montreal. In his prior career, Mandar has worked extensively with financial institutions globally through leadership roles at Cisco Systems, Inc., Accenture LLC, Alvarez & Marsal LLP,  KPMG LLP and Ernst & Young LLP.

Mandar is an active member of the professional community and has presented at industry forums like Risk.Net, RSA and IAPP Conferences. Additionally, he is active in various profesional organizations such as ISACA, IAPP and ISC2 and has served as the Chair of the Canadian Banking Association’s CIRT (CISO Forum). He holds the CISSP, CIPP, CISA, and PMP certifications.

 

Eduardo Delgado

Associate vice president - 2LoD cybersecurity risk leader

TD Bank

17:3019:00

Networking drinks reception

18:00 - 19:30

Relax, grab a drink and debrief with your peers.