J.D. Opdyke - Robust Stats for OpRisk Severity Distribution - OrX Analytics Forum - 09-28-11
OPRISK NORTH AMERICA ADVISORY BOARD CYBER RISK ... - … · Moderator: Daniel McKinney, Partner,...
Transcript of OPRISK NORTH AMERICA ADVISORY BOARD CYBER RISK ... - … · Moderator: Daniel McKinney, Partner,...
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OPRISKNA2018 www.slido.com #CYBERNA2018
20th annual OpRisk North America March 19-22 2018
Marriott Marquis, New York
OPRISK NORTH AMERICA ADVISORY BOARD Meet the OpRisk North America Advisory Board. These industry professionals have
volunteered their time and effort to help develop our OpRisk North America conference. Their dedication is critical to the success of the event and ensuring high-level quality content is provided to attendees. Our esteemed advisors are:
Chair: Alexander Campbell, Divisional Content Editor, RISK.NET
Richard Cech, Senior Bank Examiner Op Risk Governance, FEDERAL RESERVE BANK
OF NEW YORK
Aengus Hallinan, Managing Director- Group Operational Risk Management &
Business Continuity, CREDIT SUISSE Deborah Hrvatin, Managing Director - Global Head of Institutional Clients Group
Operational Risk Management, CITI Jodi Richard, Chief Operational Risk Officer, U.S. BANK
Kathleen M Stack, SVP, Operational Risk, HSBC NORTH AMERICA
Dolores (Lori) Miller, Managing Director, Head of Operational Risk, Investments,
AIG Joshua Kotok, CFE, CISA, Chief Risk and Compliance Officer, FIRST SAVINGS
Frederick Spencer CGEIT, ICBRR, Chief Information Security Officer, Everest RE
Ivan Pooran, Head of Operational Risk, GUARDIAN LIFE
4th annual Cyber Risk North America March 20-21 2018
Marriott Marquis, New York
CYBER RISK NORTH AMERICA ADVISORY BOARD Meet the Cyber Risk North America Advisory Board. These industry professionals have volunteered their time and effort to help develop our Cyber Risk North America conference. Their dedication is critical to the success of the event and ensuring high-level quality content is provided to attendees. Our esteemed advisors are:
Chair: Alexander Campbell, Divisional Content Editor, RISK.NET
Jack Freund, Director- Cyber Risk, TIAA
Henry Jiang, Head of Cyber Risk, SOCIETE GENERALE CORPORATE AND
INVESTMENT BANKING - SGCIB Peter Keenan, Chief Information Security Officer (CISO), LAZARD
John Polis, Chief Operating & Technology Officer, STAR MOUNTAIN CAPITAL
Sheldon Cuffie, CISSP, VP & Chief Information Security Officer, NORTHWESTERN
MUTUAL
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
DRILL-DOWN WORKSHOPS
These are invaluable opportunities to not only learn from proven leaders, but to also turn theory into practice by. All of this in one topic intensive, drill down day to help you delve
deep and source solutions. Each workshop is open to up to 25 participants to form part of an enhanced learning experience.
Pre conference 19th March 2018
Post conference 22nd March 2018
Workshop 1: Vendor/ Third party risk management and intelligence Sessions led by:
Leith W. Kaplan, Formerly Senior Vice President, Chief Risk & Compliance Officer, Formerly PHH CORPORATION Randy Herold, Formerly CISO, Formerly PHH CORPORATION Glenn Hursh, Managing Director, KPMG
Christopher Murphey, Partner- GRC & Third Party Governance, RSAM
Workshop 3: Building and strengthening your conduct and risk culture Sessions led by:
Richard Cech, Senior Bank Examiner Op Risk Governance, FEDERAL RESERVE BANK OF NEW YORK Gustavo Ortega, Head of Corporate Operational Risk Management, AIG Rajat Baijal, Head of Enterprise Risk, CANTOR FITZGERALD
Workshop 2: Revamping your firms KRIs and risk appetite
Sessions led by: Craig Spielmann, Former Global Head of Enterprise Risk Management Strategy, FIRST DATA Rajat Baijal, Head of Enterprise Risk, CANTOR FITZGERALD
Workshop 4: Cyber risk management and quantification for op risk and cyber risk practitioners
Sessions led by: Jack Jones, Co-Founder, EVP Research & Development, RISKLENS Michael A. Barton, Director of Operational Risk Quantification and Scenario Analysis, AIG
Anthony Shapella, Managing Director – Risk Officer, Liability and Financial Lines Enterprise Risk Management, AIG German Pliego Hernandez, Lead Statistician-Risk Analytics, AIG David Mundy, Technology Risk Officer - Commercial Insurance, AIG
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
MAIN CONFERENCE PROGRAM
Day One: March 20th 2018
VIP BREAKFAST BRIEFING: Invite only
07:30 Registration and refreshments
08:00
ROUNDTABLE: Basel III- The road ahead The new Basel III requirements on finalizing post-crisis reforms, streamlines the treatment of operational risk, with considerable simplification to the method of
calculating operational risk capital. These reforms reinforce the importance of organizations to refocus risk management efforts on risk prevention and loss reduction. Where, and how, should organizations pivot their risk management activities to prepare for the new Basel requirements? In thi s breakfast briefing, we will explore:
The growing need for data integrity, quality and availability.
How a transformation of the traditional risk architecture is required to provide improved visibility to operational risk and loss profiles.
The use of predictive analytics to improve risk visibility and responsiveness.
The future role of robotics and cognitive technologies to improving operational resiliency and reducing internal losses.
Nitish Idnani, Principal, DELOITTE Steve Bhatti, Senior Manager, Advisory, DELOITTE Christopher Thackray, Leader, Operational Risk Management, DELOITTE
8:30am Registration and refreshments
9:10am WELCOME REMARKS: Alexander Campbell, Divisional Content Editor, RISK.NET
*Interactive Audience Poll via Sli.do Vote live to generate real time content #OpRiskNA2018
WELCOME REMARKS: Jim Gilligan, Retired President and
CEO, BLUE CROSS LIFE CANADA *Interactive Audience Poll via Sli.do Vote live to generate real time content #CyberRiskNA2018
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
9:20am
KEYNOTE ADDRESS: UBS Innovation- The transformation of a global giant Then and now
What are the benefits of merging operational risk and compliance functions? What were the
obstacles faced?
How to establish a firm-wide risk taxonomy
The need to revamp risk and control assessments
Deterring internal misconduct and monitoring employee behaviour
James Oates, Global Head of Compliance and Operational Risk Control, UBS *Audience Q&A Submit your questions via sli.do
KEYNOTE ADDRESS: Future outlook- Cyber risk in 2020
Brendan Goode, MD, Global Head of Cyber Risk, CITI
*Audience Q&A Submit your questions via sli.do
9:50am
THE LEADER’S DEBATE: Next generation operational risk management
Regulatory developments in operational risk management
o Where are the biggest regulatory demands coming from? How are firms adapting to
growing regulatory burden and escalating costs?
o Do regulatory sandboxes, bank-run pilots work for emerging fintech?
Conduct and culture
o How has the definition of conduct and culture changed over the years? Looking at broader systemic risk and moving away from idiosentric examples
o Insider threats vs outsiders threats Moderator: Daniel McKinney, Partner, Financial Services Organization, EY
Glenna Hagopian, Chief Conduct Officer & Head of Enterprise Risk Management, CITIZENS FINANCIAL GROUP Jodi Richard, Chief Operational Risk Officer, U.S. BANK
Lazaro Barreiro, Director- Governance and Operational Risk Policy, OFFICE OF THE COMPTROLLER OF THE CURRENCY (OCC) Jay Newberry, Managing Director, Operational Risk Management, CITI
CISO PANEL: Next generation cyber risk
management How do you develop risk appetite l imits for cyber
security risk?
What are the weakness or challenges firms
experience with the data aggregation or intell igence gathering tools to address cyber security risks?
The Fed guidance issued recently specifies the
CISO function to be part of 2LOD. How are firms
implementing it? Moderator: Anthony G. Vigilante, Managing Director, Head of Global Information Technology & Information Security, MACKAY SHIELDS
Thomas Kartanowicz, Head of Information Security, NATIXIS CIB AMERICAS Henry Jiang, Head of Cyber Risk, SOCIETE GENERALE
CORPORATE AND INVESTMENT BANKING - SGCIB
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
*Audience Q&A Submit your questions via sli.do
Howard Whyte, Chief Information Officer and Chief Privacy Officer, FDIC
*Audience Q&A Submit your questions via sli.do
10:40am MORNING COFFEE AND NETWORKING
STREAM 1: Governance, risk and
compliance
STREAM 2: Vendor risk
management and ORM frameworks
STREAM 3: Quantification of
oprisk
GUEST ADDRESS: Risk implications of new and emerging threats
Impact, l ikelihood and uncertainty
Diverse in nature, amplified by interconnectivity
and technology
Technology and cyber risk through an operational
risk lens
Embracing innovation while maintaining a secure
and sound environment
Broader implications when considering cyber
threats
Aengus Hallinan, Managing Director- Group Operational
Risk Management & Business Continuity, CREDIT SUISSE
11:10am CHAIR'S OPENING REMARKS
Robert Paolino, Former Chief Risk Officer, FORMERLY BANK OF TOKYO-MITSUBISHI UFJ
CHAIR'S OPENING REMARKS
Craig Spielmann, Former Global Head of Enterprise Risk Management Strategy, FIRST DATA
CHAIR'S OPENING REMARKS
Luke Carrivick, Head of Analytics and Research, ORX
11:15am
PRESENTATION: Hardening the First Line of Defence
Context of operational risk
to the first l ine No magic bullet, but there
are common themes People, Process and
Technology Start with people
Understanding maturity,
compliance > risk >
performance Designing a program to
match Technology as an
accelerator
PRESENTATION: Strengthening governance
framework and reporting for vendor management
How can governance
frameworks be strengthened to increase
accountability? Where does vendor risk
sit in a 3LOD model? What does the regulator
focus on when they review third party risk?
How to effectively report
on third party risk?
PRESENTATION: An effective approach to cyber
regression modeling Value of quantifying risk
as Expected Loss Bottom Up ─ Why the
industry struggles to quantify risk?
Top Down ─ a
Statisticians approach Synergy between Top
Down and Bottom Up Case studies: Revelations
from modeling; CCAR/DFAST idiosyncratic
scenarios
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
Alex Hollis, GRC Solutions Director, SURECLOUD
Dominique Benz, Director, Operational Risk Management, MIZUHO
Thomas Lee PhD, CEO and co-founder, VIVOSECURITY
*Audience Q&A Submit your questions via sli.do
5 min intermission allowing participants to change streams
11:50am
PANEL DISCUSSION: Next generation GRC
eGRC: Transitioning from
the risk team entering data to risk owner - how to manage that
behavioural/cultural change?
Use of GRC tools and
techniques to inform operational risk
management How to use your GRC tool
across various business l ines
How did GRC solutions
keep pace with increasingly
technical risk discipline? Moderator: Marshall Toburen, GRC Strategist, RSA ARCHER
Jennifer Rushing, SVP Innovation, Governance & IT Risk Management, REGIONS Matt Sulkey, Managing Director,
Head of ERM Framework & Governance, TIAA Barry Macklin, Director of Risk
Management, AIG
PANEL DISCUSSION: Vendor risk in the next
generation firm Fourth party risk
management- How do you "manage" fourth
parties? What successful approaches have you witnessed and/or implemented?
Should vendors
themselves be regulated to some degree to shift some of the burden around regulatory
demands and ensure cooperation with financial institutions
Can AI increase third
party risk? Moderator: Dolores (Lori) Miller, Managing Director, Head of Operational Risk, Investments, AIG
Ted Carter, Business Line Risk Officer, Investments and Trading, Enterprise Risk Management
Office, T. ROWE PRICE
PANEL DISCUSSION: Integrating CCAR into business as
usual How are firms moving
from just producing the numbers to using them?
How can finance and
treasury util ise CCAR data?
How can we use
operational risk to make business decisions?
How to effectively marry
macro prudential regulations with individual bank health
Forecasting framework-
what is the objective of
CCAR? Abiding by the regulators
requirements- ensuring 1LOD and 2lod work hand
in hand. What does it mean to have involvement form 1LOD?
Moderator: Luke Carrivick, Head
of Analytics and Research, ORX Nedim Baruh, Managing Director -
PANEL DISCUSSION: Modeling cyber risk Does the vast scope of threats make modelling for
cyber risk unfeasible? Can risk models accurately
capture cyber risk? How to apply stress testing and scenario analysis
to cyber risk Do you redo the same cyber scenarios each year
or do new ones?
Do you combine cyber scenarios along with macro
scenarios? Moderator: Jack Freund, Director, Cyber Risk, TIAA Manan N. Rawal, Head of US Model Risk Management, HSBC USA
Ashish Dev, Principal Economist, Supervision & Regulation, FEDERAL RESERVE BOARD Jack Jones, Co-Founder, EVP Research & Development, RISKLENS
Sidhartha Dash, Research Director, CHARTIS
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
Russell Stohr, Director of Market Development, THOMSON REUTERS
Lee Marks, Global Head of Enterprise & Operational Risk Management, FIRST DATA
Michael Casey, Head of Outsourcing & Supplier Risk- Americas, UBS
Head of Operational Risk Measurement and Analytics, JPMORGAN CHASE
Justin Huhn, CFA, US Enterprise Risk Management & Head of US ICAAP, DEUTSCHE BANK Evan Sekeris, Partner, OLIVER
WYMAN
12:35pm LUNCH AND NETWORK Advice sharing and networking tables over lunch on the 8th floor: Have a seat at a table to share your experiences with fellow peers and give advice on everything from the
SMA to recruiting the millennials.
1:35pm
CASE STUDY: Agile Risk Management – Innovating in the
Risk Space Applying a ‘growth mind-
set’ to leapfrog to innovative solutions
Holding a Future of Risk offsite to kick start
innovation Applying Kanban and agile
pods to risk deliverables Robotics and Machine
Learning in the risk space
Unlocking the power of risk
data in the cloud Philippa Girling, SVP, Chief Risk Officer, INVESTORS BANK
PRESENTATION: How to combat vendor risk management
program fatigue? Assessing and analyzing
risk Key elements of a third-
party risk management program
Communicating status to
internal and external parties
Remediating priority
issues
Daniel De Juan, Director of Product Management, RSAM
PRESENTATION: A pilot project for peer benchmarking of
scenario assessment Jane Yao, SVP - Benchmarking & Survey Research, Office of the
Chief Economist, ABA Clémentine Marie, Risk Quantification and Modelisation Expert, MSTAR
PRESENTATION: The missing ingredient when quantifying cyber risk: the attacker
Overview of cyber’s current position in the
business Establishing traceability for better risk
management Analyzing the attacker’s role in cyber risk
Outlook for the future of cyber risk quantification
Jerry Caponera, VP Cyber Risk Strategy, NEHEMIAH SECURITY
5 min intermission allowing participants to change streams
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
2:10pm
LIVE INTERVIEW: Delving into risk appetite and emerging
risks How to think about a good
risk appetite? Who should own the risk
appetite- The 1LOD or 2LOD?
How you define risk
appetite and limits for emerging risk l ike process risk?
Managing the emerging
customer risk o Protecting
customer data and risk mitigation
tactics for data breaches
Moderator: Robert Paolino, Former
Chief Risk Officer, FORMERLY BANK
OF TOKYO-MITSUBISHI UFJ
Michael Colasso, Head Of
Operational Risk, SUNTRUST Shari Daw, Head, Enterprise Risk Management, DISCOVER FINANCIAL SERVICES
Matt Duditch, Senior Vice President- Operational Risk Management, U.S. BANK
LIVE INTERVIEW: Maximising operational risk
efficiency through revamped KRIs and taxonomy
How do you effectively
identify, assess, measure and manage operational
risk events How did you build your
risk taxonomy? The benefits of customising
your risk register or taxonomy
Moderator: Craig Spielmann, Former Global Head of Enterprise
Risk Management Strategy, FIRST DATA Gustavo Ortega, Head of Corporate Operational Risk
Management, AIG Graeme Farrell, Head of Operational Risk, AQR CAPITAL
MANAGEMENT
LIVE INTERVIEW: Models for the future
How to reflect the
increased economic and political uncertainty caused by Brexit in your risk - based capital
models? I.e. are you holding more capital?
Operational risk is
becoming more diverse-
how do we quantify cyber-crime, conduct risk to a capital number?
Do U.S. firms have
sufficient capital to
absorb worst case cyber risk losses?
Moderator: Luke Carrivick, Head of Analytics and Research, ORX
Michael A. Barton, Director of Operational Risk Quantification and Scenario Analysis , AIG
Filippo Curti, Financial Economist- Supervision, Regulation and Credit, THE FEDERAL RESERVE BANK OF RICHMOND
LIVE INTERVIEW: Insurance of cyber risk- an additional tool in the toolkit
How do firms broaden scope of insurance risk
products?
What are the data and tools used to insure cyber
risk to effectively manage the risk? How to
manage the risk and not just transfer it? Moderator: Jim Gilligan, Retired President and CEO, BLUE CROSS LIFE CANADA
Sheldon Cuffie, CISSP, VP & Chief Information Security Officer, NORTHWESTERN MUTUAL Matthew P. McCabe, Senior Vice President, Assistant General Counsel, Cyber Policy, MARSH
2:45pm AFTERNOON COFFEE AND NETWORKING
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
1-2-1 Meetings: These bespoke meetings held in the dedicated meeting zone will provide you with the opportunity to address your specific concerns and challenges
3:20pm
THE EXECUTIVE BOARDROOM: Tone from the top Memo to the Board
o How do you see ORM and cyber risk interacting with the Board? What is the nature of the op risk and cyber risk reporting to the Board?
o Op risk and cyber risk now have a voice with the Board of Directors- What is needed to improve the Board's understanding of operational and cyber risks? Does the Board have the necessary information regarding the pain points in the organisation?
o What are Board expectations? What is expected of them to dispense their duties properly and are they focused on the right things? Adding value to the business:
o What value is operational and cyber risk bringing to the business?
o What is your second line view of a great example of bringing something valuable to the business? o The value operational risk and cyber risk adds and the costing framework- how to assess whether putting a control in place will save or cost?
Moderator: Brenda Boultwood, Senior Vice President of Industry Solutions, METRICSTREAM
Michael J Abriatis, Executive Vice President, Chief Operational Risk Officer, PNC BANK David Canter-McMillan, Function Head for Operational Risk, FEDERAL RESERVE BANK OF NEW YORK Michael Barry, Executive Director, Head of Operational Risk, NATIXIS CIB AMERICAS
*Audience Q&A Submit your questions via sli.do
4:10pm
WAR GAMES: How resilient is your environment? Disaster recovery and business continuity in operational
and cyber risk PART I: SCENARIO DISSECTION AND STRATEGIZING
In each disaster and recovery scenario, participants are introduced to an operational risk scenario which is still unfolding and asked to consider the immediate steps they would advise their firm to take based on the info rmation available at each stage PART II: HARVEST SESSION
Each Leader will summarise their POA of the discussion and present it back to the table participants with comments Learning outcomes:
What immediate actions would you advise your firm to do in the scenario?
IDEA SHOWCASE AFTERNOON:
At the event to shop and not just network? Then this is your time-saving opportunity to experience a live demonstration of ORM products that stand
out for innovation. Compare the leading vendor risk management, GRC and ORM platforms in one dedicated hour
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
Hierarchy of response- who are the 1st and 2nd responders?
Incident management- how do you assess the impact on your firm?
What’s your crisis management protocols? What do they look like?
How equipped is your organisation to respond to high stress situations?
Business continuity planning from employees to infrastructure
Leader 1: Elisabeth Rose, COO, Managing Director, AIG Leader 2: Joshua Kotok, CFE, CISA, Chief Risk and Compliance Officer, FIRST SAVINGS Leader 3: Andrew Richardson, Formerly VP, Enterprise and Operational Risk Management, FORMER COAST CAPITAL
SAVINGS Leader 4: Nikki Covino, Regional Head of Business Continuity Americas, CREDIT SUISSE Leader 5: Craig Spielmann, Former Global Head of Enterprise Risk Management Strategy, FIRST DATA Leader 6: Edmund Daniels, Managing Director, General Counsel & Chief Compliance Officer, PANDA POWER FUNDS
Leader 7: Glenn Hursh, Managing Director, KPMG Leader 8: Marshall Toburen, GRC Strategist, RSA ARCHER
5:30pm CHAIR'S CLOSING REMARKS: Alexander Campbell, Divisional Content Editor, RISK.NET
5:35pm NETWORKING DRINKS RECEPTION
7:00pm Private dinner- Invite only
Day Two: March 21st 2018
8:30am Registration and refreshments
9:00am CHAIR'S OPENING REMARKS: Alexander Campbell, Divisional Content Editor, RISK.NET CHAIR'S OPENING REMARKS: Jim Gilligan, Retired
President and CEO, BLUE CROSS LIFE CANADA
9:10am
REGULATORY ADDRESS: Risk transformation due to regulatory and technological change
Todd Vermilyea, Senior Associate Director- Division of Banking Supervision and Regulation, FEDERAL RESERVE BOARD OF GOVERNORS
*Audience Q&A
KEYNOTE ADDRESS: The CIO’s role in enterprise
cyber risk Howard Whyte, Chief Information Officer and Chief
Privacy Officer, FDIC
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
Submit your questions via sli.do *Audience Q&A Submit your questions via sli.do
9:40am
CRO PANEL: Thriving in an era of change and upheaval
Which of the current and emerging risks - regulatory risk, geopolitical risk, l iquidity and systemic
risk are of most concerns to CROs? How do you set operational risk appetite to these risk? How do you deploy resources and capital across the spectrum of ri sks?
What is the biggest regulatory challenge? Is excessively growing regulation a risk? Is regulation
stifl ing innovation or is it a necessary check? How do other risks (market risk, credit risk) fit in with op risk?
Moderator: Joshua Kotok, CFE, CISA, Chief Risk and Compliance Officer, FIRST SAVINGS Joshua Rosenberg, Executive Vice President , Chief Risk Officer, FEDERAL RESERVE BANK OF NEW YORK Beth Dugan, Deputy Comptroller for Operational Risk, OFFICE OF THE COMPTROLLER OF THE CURRENCY
(OCC) Joseph Iraci, Managing Director-Financial Risk Management, CRO TD Ameritrade Futures and Forex, TD AMERITRADE Peter Moenickheim, Executive Vice President, Chief Risk Officer, OCWEN
*Audience Q&A Submit your questions via sli.do
PANEL: Third party vendor risk and cyber security
Addressing 4th party risk
Collective market efforts for addressing third
party risk (consortium, data providers, platform providers)
Effective organizational structures and
governance models including board reporting Moderator: Robert Paolino, Former Chief Risk Officer,
FORMERLY BANK OF TOKYO-MITSUBISHI UFJ
Chris Watson, Executive Director - Global Head of
Supplier Assurance Services, JPMORGAN CHASE & CO Filippo Curti, Financial Economist- Supervision, Regulation and Credit, THE FEDERAL RESERVE BANK OF RICHMOND Matthew Moog, Principal, Financial Services, EY
Kelley Chamberlain, CAFP, Financial Crimes Consultant, WELLS FARGO
*Audience Q&A Submit your questions via sli.do
10:30am MORNING COFFEE AND NETWORKING
STREAM 1: ORM STREAM 2: AI and machine
learning
STREAM 3: Preparing for the
future SPOTLIGHT ON: Are we secure enough?
answering tough business questions with the NIST cyber security framework
Why NIST for Cyber Risk Management
11:00am CHAIR'S OPENING REMARKS Ed Kim, Operational Risk Expert
CHAIR'S OPENING REMARKS Andrew Richardson, Formerly VP, Enterprise and Operational
CHAIR'S OPENING REMARKS Robert Paolino, Former Chief Risk Officer, FORMERLY BANK OF
TOKYO-MITSUBISHI UFJ
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
Risk Management, FORMER COAST CAPITAL SAVINGS
How do Cyber Risk and Operational Risk Intersect
Operationalization of NIST CSF as Part of
Integrated Risk Management Where to Start, How to Evolve
Andrew Vesay, Rsam Client Partner, RSAM
11:05am
SPOTLIGHT ON: Risk-
informed decision making Challenges of an
evolving and maturing risk program and
external pressures What are the core
drivers to effective risk informed decision
making? Utilizing technology in
support of the risk management journey
Lee Anne Milhiser, Vice
President, Head of Global Enterprise Risk Management, NASDAQ
PRESENTATION:
Leveraging data management to minimize op risk and deliver shareholder value
Bala Ayyar, Managing Director & Chief Data Officer, SOCIÉTÉ GÉNÉRALE AMERICAS
PRESENTATION: Managed
Services What is Managed
Services for financial software?
Why is there a trend to
move away from On-Premise
Managed Services Vs
SaaS
What is the ROI for
Managed Services Nick Smith, SVP, Managed Services and Regional Head of Professional Services,
SMARTSTREAM
5 min intermission allowing participants to change streams
11:35am
LIVE INTERVIEW:
Dynamic risk assessment- Identify, connect and visualize
risk in four dimensions Comparing and
contrasting the traditional two dimensional approach
vs the new four-dimensional approach
LIVE INTERVIEW: AIs role
in streamlining regulatory compliance
Keeping up with growing
regulatory demands-where are the biggest demands coming from?
How compliance and risk
organizations are dealing
with increased
PANEL DISCUSSION:
Defining roles across 3LOD Should the 1LOD or
2LOD test operational
controls? Have any 2LOD ops risk
functions used outside vendors to challenge the 1LOD by conducting pen
testing etc.?
PANEL DISCUSSION: Extrapolating the causes of
cyber security breaches
Evaluating the role of human error
o Inadequate controls on sensitive data
o Insider threat and ‘anomalous
behaviour’ by staff
Ransomware and/or phishing
o Preventative controls (AV, Advanced
End-Point, Cloud Filtering)
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
How can firms place
more of an emphasis on risk contagion?
Leveraging
interconnectedness for
improved decision making and risk management
Moderator: Ed Kim, Operational
Risk Expert Michele Ushkowitz, Managing Director, Head of Risk
Supervision, SG CORPORATE & INVESTMENT BANKING Shelly Martin, Vice President Operational Risk Director, STATE
STREET
regulation coupled with cost challenges with AI?
Are organizations
converging regulation
and compliance teams? Will AI need to be
regulated? Moderator: Andrew Richardson, Formerly VP, Enterprise and
Operational Risk Management, FORMER COAST CAPITAL SAVINGS
Saqib Jamshed, Director – Quantitative Risk Analytics , STATE STREET CORPORATION Gordon G Liu, EVP US Head of
Global Risk Analytics, HSBC
Should there be both a
1.5 and a 2LOD? Has it worked effectively when both exist? Or should
they really be merged into 1LOD and 2LOD?
Should transactional
testing be part of the 2LOD operational risk
management function? Moderator: Tom Osborn, Editor, Risk Management, RISK.NET
Etsuko "Ekko" Fuseya Jennings, Managing Director, MORGAN STANLEY INVESTMENT MANAGEMENT
Richard Cech, Senior Bank Examiner Op Risk Governance, FEDERAL RESERVE BANK OF NEW YORK
Kathleen M Stack, Senior Vice President, Operational Risk, HSBC NORTH AMERICA
o Recovery strategies from ransomware
Moderator: Jim Gilligan, Retired President and CEO, BLUE CROSS LIFE CANADA
Justin Fier, Director for Cyber Intell igence and Analysis , DARKTRACE Afzal Khan, VP, Global Head of IT Security, Risk Mgmt & Compliance, EVEREST RE
John Polis, Chief Operating & Technology Officer, STAR MOUNTAIN CAPITAL
12:20pm LUNCH AND NETWORK Advice sharing and networking tables over lunch on the 8th floor: Have a seat at a table to share your experiences with fellow peers and give advice on everything from the SMA to recruiting the millennials.
1:20pm
PANEL DISCUSSION:
RCSAs Optimization of RCSA
Design and Deployment
/ Execution
SPOTLIGHT ON: AI for
effective ORM Importance of Artificial
Intell igence and
Machine Learning techniques and
LIVE INTERVIEW:
Tightening BSA and AML controls Addressing a bank's risk
appetite for the level of
Bank Secrecy Act (BSA) and AML compliance risk
PRESENTATION: When consumer data is your
opportunity and your risk
Tim Sparapani, Former First Director of Public Policy, FORMERLY FACEBOOK
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
Value proposition:
‘value-added’ benefits of RCSA versus ‘check the box’
Guiding principles and
leading practices Next generation:
Convergence of risk assessments
Moderator: Craig Spielmann,
Former Global Head of Enterprise Risk Management Strategy, FIRST DATA
Glenn Hursh, Managing Director, KPMG Neil Roth, Former Head of Operational Risk Governance for
Combined U.S. Operations, RBC Ed Kim, Operational Risk Expert
technologies to firms of all sizes and scales
Leveraging these
techniques to improve
efficiency and effectiveness in ORM
How to govern and
control the risks these techniques introduce to
the enterprise Alexander Brash, Principal, EY
How can banks with
banking services across multiple jurisdictions comply?
What is included as part
of governing payment processes with the objective of mitigating money laundering?
What kind of technology
and data analytics do firms use for AML protection?
Moderator: Lester Joseph, SVP, Manager- Global Financial Crimes Intell igence Group, WELLS FARGO
Stuart Davis, Chief Anti-Money Laundering Officer, BMO McHenry Kane, Senior Vice President, Director of AML, NEW
YORK COMMUNITY BANK Ted Sausen, Subject Matter Expert, AML, NICE ACTIMIZE
5 min intermission allowing participants to change streams 2:05pm
FIRESIDE CHAT: The insidious effects of geopolitical risk on operational and cyber risk
How to prepare for potential repercussions within your own firms - The increasing necessity for Boards and Chief Risk Officers to monitor the political and
business environment How to reflect the increased economic and political uncertainty caused by political events in your risk - based capital models? I.e. are you holding more
capital?
Moderator: Tom Osborn, Editor, Risk Management, RISK.NET Manan N. Rawal, Head of US Model Risk Management, HSBC USA
JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!
www.slido.com #OpRiskNA www.slido.com #CyberRiskNA
Michael Barry, Executive Director, Head of Operational Risk, NATIXIS CIB AMERICAS
2:40pm
OUT OF INDUSTRY KEYNOTE ADDRESS: OpRisk in the energy industry
Novera Khan, Chief Risk Officer, UNIPER
3:10pm AFTERNOON COFFEE AND NETWORKING 1-2-1 Meetings: These bespoke meetings held in the dedicated meeting zone will provide you with the opportunity to address your specific concerns and challenges
3:40pm
CHAMPAGNE KEYNOTE ADDRESS: DHS Cybersecurity Priorities
Rick Driggers, Deputy Assistant Secretary, U.S. DEPARTMENT OF HOMELAND SECURITY
4:10pm
WRAP UP PANEL: OpRisk and CyberRisk NA 2018- what are the key takeaways?
Featuring members of the 2018 Advisory Board Moderator: Alexander Campbell, Divisional Content Editor, RISK.NET Dolores (Lori) Miller, Managing Director, Head of Operational Risk, Investments, AIG
Richard Cech, Senior Bank Examiner Op Risk Governance, FEDERAL RESERVE BANK OF NEW YORK Deborah Hrvatin, Managing Director - Global Head of Institutional Clients Group Operational Risk Management, CITI
4:55pm CHAIR'S CLOSING REMARKS: Alexander Campbell, Divisional Content Editor, RISK.NET
5:00pm END OF CONFERENCE