OPRISK NORTH AMERICA ADVISORY BOARD CYBER RISK ... - … · Moderator: Daniel McKinney, Partner,...

JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES! JOIN THE DISCUSSION THROUGHOUT THE DAY ON YOUR PHONES!

www.slido.com #OPRISKNA2018 www.slido.com #CYBERNA2018

20th annual OpRisk North America March 19-22 2018

Marriott Marquis, New York

OPRISK NORTH AMERICA ADVISORY BOARD Meet the OpRisk North America Advisory Board. These industry professionals have

volunteered their time and effort to help develop our OpRisk North America conference. Their dedication is critical to the success of the event and ensuring high-level quality content is provided to attendees. Our esteemed advisors are:

Chair: Alexander Campbell, Divisional Content Editor, RISK.NET

Richard Cech, Senior Bank Examiner Op Risk Governance, FEDERAL RESERVE BANK

OF NEW YORK

Aengus Hallinan, Managing Director- Group Operational Risk Management &

Business Continuity, CREDIT SUISSE Deborah Hrvatin, Managing Director - Global Head of Institutional Clients Group

Operational Risk Management, CITI Jodi Richard, Chief Operational Risk Officer, U.S. BANK

Kathleen M Stack, SVP, Operational Risk, HSBC NORTH AMERICA

Dolores (Lori) Miller, Managing Director, Head of Operational Risk, Investments,

AIG Joshua Kotok, CFE, CISA, Chief Risk and Compliance Officer, FIRST SAVINGS

Frederick Spencer CGEIT, ICBRR, Chief Information Security Officer, Everest RE

Ivan Pooran, Head of Operational Risk, GUARDIAN LIFE

4th annual Cyber Risk North America March 20-21 2018

Marriott Marquis, New York

CYBER RISK NORTH AMERICA ADVISORY BOARD Meet the Cyber Risk North America Advisory Board. These industry professionals have volunteered their time and effort to help develop our Cyber Risk North America conference. Their dedication is critical to the success of the event and ensuring high-level quality content is provided to attendees. Our esteemed advisors are:

Chair: Alexander Campbell, Divisional Content Editor, RISK.NET

Jack Freund, Director- Cyber Risk, TIAA

Henry Jiang, Head of Cyber Risk, SOCIETE GENERALE CORPORATE AND

INVESTMENT BANKING - SGCIB Peter Keenan, Chief Information Security Officer (CISO), LAZARD

John Polis, Chief Operating & Technology Officer, STAR MOUNTAIN CAPITAL

Sheldon Cuffie, CISSP, VP & Chief Information Security Officer, NORTHWESTERN

MUTUAL

http://www.oprisknorthamerica.com/static/home

http://www.cyberrisknorthamerica.com/static/home

http://www.cyberrisknorthamerica.com/static/home


www.slido.com #OpRiskNA www.slido.com #CyberRiskNA

DRILL-DOWN WORKSHOPS

These are invaluable opportunities to not only learn from proven leaders, but to also turn theory into practice by. All of this in one topic intensive, drill down day to help you delve

deep and source solutions. Each workshop is open to up to 25 participants to form part of an enhanced learning experience.

Pre conference 19th March 2018

Post conference 22nd March 2018

Workshop 1: Vendor/ Third party risk management and intelligence Sessions led by:

Leith W. Kaplan, Formerly Senior Vice President, Chief Risk & Compliance Officer, Formerly PHH CORPORATION Randy Herold, Formerly CISO, Formerly PHH CORPORATION Glenn Hursh, Managing Director, KPMG

Christopher Murphey, Partner- GRC & Third Party Governance, RSAM

Workshop 3: Building and strengthening your conduct and risk culture Sessions led by:

Richard Cech, Senior Bank Examiner Op Risk Governance, FEDERAL RESERVE BANK OF NEW YORK Gustavo Ortega, Head of Corporate Operational Risk Management, AIG Rajat Baijal, Head of Enterprise Risk, CANTOR FITZGERALD

Workshop 2: Revamping your firms KRIs and risk appetite

Sessions led by: Craig Spielmann, Former Global Head of Enterprise Risk Management Strategy, FIRST DATA Rajat Baijal, Head of Enterprise Risk, CANTOR FITZGERALD

Workshop 4: Cyber risk management and quantification for op risk and cyber risk practitioners

Sessions led by: Jack Jones, Co-Founder, EVP Research & Development, RISKLENS Michael A. Barton, Director of Operational Risk Quantification and Scenario Analysis, AIG

Anthony Shapella, Managing Director – Risk Officer, Liability and Financial Lines Enterprise Risk Management, AIG German Pliego Hernandez, Lead Statistician-Risk Analytics, AIG David Mundy, Technology Risk Officer - Commercial Insurance, AIG



MAIN CONFERENCE PROGRAM

Day One: March 20th 2018

VIP BREAKFAST BRIEFING: Invite only

07:30 Registration and refreshments

08:00

ROUNDTABLE: Basel III- The road ahead The new Basel III requirements on finalizing post-crisis reforms, streamlines the treatment of operational risk, with considerable simplification to the method of

calculating operational risk capital. These reforms reinforce the importance of organizations to refocus risk management efforts on risk prevention and loss reduction. Where, and how, should organizations pivot their risk management activities to prepare for the new Basel requirements? In thi s breakfast briefing, we will explore:

The growing need for data integrity, quality and availability.

How a transformation of the traditional risk architecture is required to provide improved visibility to operational risk and loss profiles.

The use of predictive analytics to improve risk visibility and responsiveness.

The future role of robotics and cognitive technologies to improving operational resiliency and reducing internal losses.

Nitish Idnani, Principal, DELOITTE Steve Bhatti, Senior Manager, Advisory, DELOITTE Christopher Thackray, Leader, Operational Risk Management, DELOITTE

8:30am Registration and refreshments

9:10am WELCOME REMARKS: Alexander Campbell, Divisional Content Editor, RISK.NET

*Interactive Audience Poll via Sli.do Vote live to generate real time content #OpRiskNA2018

WELCOME REMARKS: Jim Gilligan, Retired President and

CEO, BLUE CROSS LIFE CANADA *Interactive Audience Poll via Sli.do Vote live to generate real time content #CyberRiskNA2018



9:20am

KEYNOTE ADDRESS: UBS Innovation- The transformation of a global giant Then and now

What are the benefits of merging operational risk and compliance functions? What were the

obstacles faced?

How to establish a firm-wide risk taxonomy

The need to revamp risk and control assessments

Deterring internal misconduct and monitoring employee behaviour

James Oates, Global Head of Compliance and Operational Risk Control, UBS *Audience Q&A Submit your questions via sli.do

KEYNOTE ADDRESS: Future outlook- Cyber risk in 2020

Brendan Goode, MD, Global Head of Cyber Risk, CITI

*Audience Q&A Submit your questions via sli.do

9:50am

THE LEADER’S DEBATE: Next generation operational risk management

Regulatory developments in operational risk management

o Where are the biggest regulatory demands coming from? How are firms adapting to

growing regulatory burden and escalating costs?

o Do regulatory sandboxes, bank-run pilots work for emerging fintech?

Conduct and culture

o How has the definition of conduct and culture changed over the years? Looking at broader systemic risk and moving away from idiosentric examples

o Insider threats vs outsiders threats Moderator: Daniel McKinney, Partner, Financial Services Organization, EY

Glenna Hagopian, Chief Conduct Officer & Head of Enterprise Risk Management, CITIZENS FINANCIAL GROUP Jodi Richard, Chief Operational Risk Officer, U.S. BANK

Lazaro Barreiro, Director- Governance and Operational Risk Policy, OFFICE OF THE COMPTROLLER OF THE CURRENCY (OCC) Jay Newberry, Managing Director, Operational Risk Management, CITI

CISO PANEL: Next generation cyber risk

management How do you develop risk appetite l imits for cyber

security risk?

What are the weakness or challenges firms

experience with the data aggregation or intell igence gathering tools to address cyber security risks?

The Fed guidance issued recently specifies the

CISO function to be part of 2LOD. How are firms

implementing it? Moderator: Anthony G. Vigilante, Managing Director, Head of Global Information Technology & Information Security, MACKAY SHIELDS

Thomas Kartanowicz, Head of Information Security, NATIXIS CIB AMERICAS Henry Jiang, Head of Cyber Risk, SOCIETE GENERALE

CORPORATE AND INVESTMENT BANKING - SGCIB




Howard Whyte, Chief Information Officer and Chief Privacy Officer, FDIC


10:40am MORNING COFFEE AND NETWORKING

STREAM 1: Governance, risk and

compliance

STREAM 2: Vendor risk

management and ORM frameworks

STREAM 3: Quantification of

oprisk

GUEST ADDRESS: Risk implications of new and emerging threats

Impact, l ikelihood and uncertainty

Diverse in nature, amplified by interconnectivity

and technology

Technology and cyber risk through an operational

risk lens

Embracing innovation while maintaining a secure

and sound environment

Broader implications when considering cyber

threats

Aengus Hallinan, Managing Director- Group Operational

Risk Management & Business Continuity, CREDIT SUISSE

11:10am CHAIR'S OPENING REMARKS

Robert Paolino, Former Chief Risk Officer, FORMERLY BANK OF TOKYO-MITSUBISHI UFJ

CHAIR'S OPENING REMARKS

Craig Spielmann, Former Global Head of Enterprise Risk Management Strategy, FIRST DATA

CHAIR'S OPENING REMARKS

Luke Carrivick, Head of Analytics and Research, ORX

11:15am

PRESENTATION: Hardening the First Line of Defence

Context of operational risk

to the first l ine No magic bullet, but there

are common themes People, Process and

Technology Start with people

Understanding maturity,

compliance > risk >

performance Designing a program to

match Technology as an

accelerator

PRESENTATION: Strengthening governance

framework and reporting for vendor management

How can governance

frameworks be strengthened to increase

accountability? Where does vendor risk

sit in a 3LOD model? What does the regulator

focus on when they review third party risk?

How to effectively report

on third party risk?

PRESENTATION: An effective approach to cyber

regression modeling Value of quantifying risk

as Expected Loss Bottom Up ─ Why the

industry struggles to quantify risk?

Top Down ─ a

Statisticians approach Synergy between Top

Down and Bottom Up Case studies: Revelations

from modeling; CCAR/DFAST idiosyncratic

scenarios



Alex Hollis, GRC Solutions Director, SURECLOUD

Dominique Benz, Director, Operational Risk Management, MIZUHO

Thomas Lee PhD, CEO and co-founder, VIVOSECURITY


5 min intermission allowing participants to change streams

11:50am

PANEL DISCUSSION: Next generation GRC

eGRC: Transitioning from

the risk team entering data to risk owner - how to manage that

behavioural/cultural change?

Use of GRC tools and

techniques to inform operational risk

management How to use your GRC tool

across various business l ines

How did GRC solutions

keep pace with increasingly

technical risk discipline? Moderator: Marshall Toburen, GRC Strategist, RSA ARCHER

Jennifer Rushing, SVP Innovation, Governance & IT Risk Management, REGIONS Matt Sulkey, Managing Director,

Head of ERM Framework & Governance, TIAA Barry Macklin, Director of Risk

Management, AIG

PANEL DISCUSSION: Vendor risk in the next

generation firm Fourth party risk

management- How do you "manage" fourth

parties? What successful approaches have you witnessed and/or implemented?

Should vendors

themselves be regulated to some degree to shift some of the burden around regulatory

demands and ensure cooperation with financial institutions

Can AI increase third

party risk? Moderator: Dolores (Lori) Miller, Managing Director, Head of Operational Risk, Investments, AIG

Ted Carter, Business Line Risk Officer, Investments and Trading, Enterprise Risk Management

Office, T. ROWE PRICE

PANEL DISCUSSION: Integrating CCAR into business as

usual How are firms moving

from just producing the numbers to using them?

How can finance and

treasury util ise CCAR data?

How can we use

operational risk to make business decisions?

How to effectively marry

macro prudential regulations with individual bank health

Forecasting framework-

what is the objective of

CCAR? Abiding by the regulators

requirements- ensuring 1LOD and 2lod work hand

in hand. What does it mean to have involvement form 1LOD?

Moderator: Luke Carrivick, Head

of Analytics and Research, ORX Nedim Baruh, Managing Director -

PANEL DISCUSSION: Modeling cyber risk Does the vast scope of threats make modelling for

cyber risk unfeasible? Can risk models accurately

capture cyber risk? How to apply stress testing and scenario analysis

to cyber risk Do you redo the same cyber scenarios each year

or do new ones?

Do you combine cyber scenarios along with macro

scenarios? Moderator: Jack Freund, Director, Cyber Risk, TIAA Manan N. Rawal, Head of US Model Risk Management, HSBC USA

Ashish Dev, Principal Economist, Supervision & Regulation, FEDERAL RESERVE BOARD Jack Jones, Co-Founder, EVP Research & Development, RISKLENS

Sidhartha Dash, Research Director, CHARTIS



Russell Stohr, Director of Market Development, THOMSON REUTERS

Lee Marks, Global Head of Enterprise & Operational Risk Management, FIRST DATA

Michael Casey, Head of Outsourcing & Supplier Risk- Americas, UBS

Head of Operational Risk Measurement and Analytics, JPMORGAN CHASE

Justin Huhn, CFA, US Enterprise Risk Management & Head of US ICAAP, DEUTSCHE BANK Evan Sekeris, Partner, OLIVER

WYMAN

12:35pm LUNCH AND NETWORK Advice sharing and networking tables over lunch on the 8th floor: Have a seat at a table to share your experiences with fellow peers and give advice on everything from the

SMA to recruiting the millennials.

1:35pm

CASE STUDY: Agile Risk Management – Innovating in the

Risk Space Applying a ‘growth mind-

set’ to leapfrog to innovative solutions

Holding a Future of Risk offsite to kick start

innovation Applying Kanban and agile

pods to risk deliverables Robotics and Machine

Learning in the risk space

Unlocking the power of risk

data in the cloud Philippa Girling, SVP, Chief Risk Officer, INVESTORS BANK

PRESENTATION: How to combat vendor risk management

program fatigue? Assessing and analyzing

risk Key elements of a third-

party risk management program

Communicating status to

internal and external parties

Remediating priority

issues

Daniel De Juan, Director of Product Management, RSAM

PRESENTATION: A pilot project for peer benchmarking of

scenario assessment Jane Yao, SVP - Benchmarking & Survey Research, Office of the

Chief Economist, ABA Clémentine Marie, Risk Quantification and Modelisation Expert, MSTAR

PRESENTATION: The missing ingredient when quantifying cyber risk: the attacker

Overview of cyber’s current position in the

business Establishing traceability for better risk

management Analyzing the attacker’s role in cyber risk

Outlook for the future of cyber risk quantification

Jerry Caponera, VP Cyber Risk Strategy, NEHEMIAH SECURITY


perro

Texte surligné



2:10pm

LIVE INTERVIEW: Delving into risk appetite and emerging

risks How to think about a good

risk appetite? Who should own the risk

appetite- The 1LOD or 2LOD?

How you define risk

appetite and limits for emerging risk l ike process risk?

Managing the emerging

customer risk o Protecting

customer data and risk mitigation

tactics for data breaches

Moderator: Robert Paolino, Former

Chief Risk Officer, FORMERLY BANK

OF TOKYO-MITSUBISHI UFJ

Michael Colasso, Head Of

Operational Risk, SUNTRUST Shari Daw, Head, Enterprise Risk Management, DISCOVER FINANCIAL SERVICES

Matt Duditch, Senior Vice President- Operational Risk Management, U.S. BANK

LIVE INTERVIEW: Maximising operational risk

efficiency through revamped KRIs and taxonomy

How do you effectively

identify, assess, measure and manage operational

risk events How did you build your

risk taxonomy? The benefits of customising

your risk register or taxonomy

Moderator: Craig Spielmann, Former Global Head of Enterprise

Risk Management Strategy, FIRST DATA Gustavo Ortega, Head of Corporate Operational Risk

Management, AIG Graeme Farrell, Head of Operational Risk, AQR CAPITAL

MANAGEMENT

LIVE INTERVIEW: Models for the future

How to reflect the

increased economic and political uncertainty caused by Brexit in your risk - based capital

models? I.e. are you holding more capital?

Operational risk is

becoming more diverse-

how do we quantify cyber-crime, conduct risk to a capital number?

Do U.S. firms have

sufficient capital to

absorb worst case cyber risk losses?

Moderator: Luke Carrivick, Head of Analytics and Research, ORX

Michael A. Barton, Director of Operational Risk Quantification and Scenario Analysis , AIG

Filippo Curti, Financial Economist- Supervision, Regulation and Credit, THE FEDERAL RESERVE BANK OF RICHMOND

LIVE INTERVIEW: Insurance of cyber risk- an additional tool in the toolkit

How do firms broaden scope of insurance risk

products?

What are the data and tools used to insure cyber

risk to effectively manage the risk? How to

manage the risk and not just transfer it? Moderator: Jim Gilligan, Retired President and CEO, BLUE CROSS LIFE CANADA

Sheldon Cuffie, CISSP, VP & Chief Information Security Officer, NORTHWESTERN MUTUAL Matthew P. McCabe, Senior Vice President, Assistant General Counsel, Cyber Policy, MARSH

2:45pm AFTERNOON COFFEE AND NETWORKING



1-2-1 Meetings: These bespoke meetings held in the dedicated meeting zone will provide you with the opportunity to address your specific concerns and challenges

3:20pm

THE EXECUTIVE BOARDROOM: Tone from the top Memo to the Board

o How do you see ORM and cyber risk interacting with the Board? What is the nature of the op risk and cyber risk reporting to the Board?

o Op risk and cyber risk now have a voice with the Board of Directors- What is needed to improve the Board's understanding of operational and cyber risks? Does the Board have the necessary information regarding the pain points in the organisation?

o What are Board expectations? What is expected of them to dispense their duties properly and are they focused on the right things? Adding value to the business:

o What value is operational and cyber risk bringing to the business?

o What is your second line view of a great example of bringing something valuable to the business? o The value operational risk and cyber risk adds and the costing framework- how to assess whether putting a control in place will save or cost?

Moderator: Brenda Boultwood, Senior Vice President of Industry Solutions, METRICSTREAM

Michael J Abriatis, Executive Vice President, Chief Operational Risk Officer, PNC BANK David Canter-McMillan, Function Head for Operational Risk, FEDERAL RESERVE BANK OF NEW YORK Michael Barry, Executive Director, Head of Operational Risk, NATIXIS CIB AMERICAS


4:10pm

WAR GAMES: How resilient is your environment? Disaster recovery and business continuity in operational

and cyber risk PART I: SCENARIO DISSECTION AND STRATEGIZING

In each disaster and recovery scenario, participants are introduced to an operational risk scenario which is still unfolding and asked to consider the immediate steps they would advise their firm to take based on the info rmation available at each stage PART II: HARVEST SESSION

Each Leader will summarise their POA of the discussion and present it back to the table participants with comments Learning outcomes:

What immediate actions would you advise your firm to do in the scenario?

IDEA SHOWCASE AFTERNOON:

At the event to shop and not just network? Then this is your time-saving opportunity to experience a live demonstration of ORM products that stand

out for innovation. Compare the leading vendor risk management, GRC and ORM platforms in one dedicated hour



Hierarchy of response- who are the 1st and 2nd responders?

Incident management- how do you assess the impact on your firm?

What’s your crisis management protocols? What do they look like?

How equipped is your organisation to respond to high stress situations?

Business continuity planning from employees to infrastructure

Leader 1: Elisabeth Rose, COO, Managing Director, AIG Leader 2: Joshua Kotok, CFE, CISA, Chief Risk and Compliance Officer, FIRST SAVINGS Leader 3: Andrew Richardson, Formerly VP, Enterprise and Operational Risk Management, FORMER COAST CAPITAL

SAVINGS Leader 4: Nikki Covino, Regional Head of Business Continuity Americas, CREDIT SUISSE Leader 5: Craig Spielmann, Former Global Head of Enterprise Risk Management Strategy, FIRST DATA Leader 6: Edmund Daniels, Managing Director, General Counsel & Chief Compliance Officer, PANDA POWER FUNDS

Leader 7: Glenn Hursh, Managing Director, KPMG Leader 8: Marshall Toburen, GRC Strategist, RSA ARCHER

5:30pm CHAIR'S CLOSING REMARKS: Alexander Campbell, Divisional Content Editor, RISK.NET

5:35pm NETWORKING DRINKS RECEPTION

7:00pm Private dinner- Invite only

Day Two: March 21st 2018

8:30am Registration and refreshments

9:00am CHAIR'S OPENING REMARKS: Alexander Campbell, Divisional Content Editor, RISK.NET CHAIR'S OPENING REMARKS: Jim Gilligan, Retired

President and CEO, BLUE CROSS LIFE CANADA

9:10am

REGULATORY ADDRESS: Risk transformation due to regulatory and technological change

Todd Vermilyea, Senior Associate Director- Division of Banking Supervision and Regulation, FEDERAL RESERVE BOARD OF GOVERNORS

*Audience Q&A

KEYNOTE ADDRESS: The CIO’s role in enterprise

cyber risk Howard Whyte, Chief Information Officer and Chief

Privacy Officer, FDIC



Submit your questions via sli.do *Audience Q&A Submit your questions via sli.do

9:40am

CRO PANEL: Thriving in an era of change and upheaval

Which of the current and emerging risks - regulatory risk, geopolitical risk, l iquidity and systemic

risk are of most concerns to CROs? How do you set operational risk appetite to these risk? How do you deploy resources and capital across the spectrum of ri sks?

What is the biggest regulatory challenge? Is excessively growing regulation a risk? Is regulation

stifl ing innovation or is it a necessary check? How do other risks (market risk, credit risk) fit in with op risk?

Moderator: Joshua Kotok, CFE, CISA, Chief Risk and Compliance Officer, FIRST SAVINGS Joshua Rosenberg, Executive Vice President , Chief Risk Officer, FEDERAL RESERVE BANK OF NEW YORK Beth Dugan, Deputy Comptroller for Operational Risk, OFFICE OF THE COMPTROLLER OF THE CURRENCY

(OCC) Joseph Iraci, Managing Director-Financial Risk Management, CRO TD Ameritrade Futures and Forex, TD AMERITRADE Peter Moenickheim, Executive Vice President, Chief Risk Officer, OCWEN


PANEL: Third party vendor risk and cyber security

Addressing 4th party risk

Collective market efforts for addressing third

party risk (consortium, data providers, platform providers)

Effective organizational structures and

governance models including board reporting Moderator: Robert Paolino, Former Chief Risk Officer,

FORMERLY BANK OF TOKYO-MITSUBISHI UFJ

Chris Watson, Executive Director - Global Head of

Supplier Assurance Services, JPMORGAN CHASE & CO Filippo Curti, Financial Economist- Supervision, Regulation and Credit, THE FEDERAL RESERVE BANK OF RICHMOND Matthew Moog, Principal, Financial Services, EY

Kelley Chamberlain, CAFP, Financial Crimes Consultant, WELLS FARGO


10:30am MORNING COFFEE AND NETWORKING

STREAM 1: ORM STREAM 2: AI and machine

learning

STREAM 3: Preparing for the

future SPOTLIGHT ON: Are we secure enough?

answering tough business questions with the NIST cyber security framework

Why NIST for Cyber Risk Management

11:00am CHAIR'S OPENING REMARKS Ed Kim, Operational Risk Expert

CHAIR'S OPENING REMARKS Andrew Richardson, Formerly VP, Enterprise and Operational

CHAIR'S OPENING REMARKS Robert Paolino, Former Chief Risk Officer, FORMERLY BANK OF

TOKYO-MITSUBISHI UFJ



Risk Management, FORMER COAST CAPITAL SAVINGS

How do Cyber Risk and Operational Risk Intersect

Operationalization of NIST CSF as Part of

Integrated Risk Management Where to Start, How to Evolve

Andrew Vesay, Rsam Client Partner, RSAM

11:05am

SPOTLIGHT ON: Risk-

informed decision making Challenges of an

evolving and maturing risk program and

external pressures What are the core

drivers to effective risk informed decision

making? Utilizing technology in

support of the risk management journey

Lee Anne Milhiser, Vice

President, Head of Global Enterprise Risk Management, NASDAQ

PRESENTATION:

Leveraging data management to minimize op risk and deliver shareholder value

Bala Ayyar, Managing Director & Chief Data Officer, SOCIÉTÉ GÉNÉRALE AMERICAS

PRESENTATION: Managed

Services What is Managed

Services for financial software?

Why is there a trend to

move away from On-Premise

Managed Services Vs

SaaS

What is the ROI for

Managed Services Nick Smith, SVP, Managed Services and Regional Head of Professional Services,

SMARTSTREAM


11:35am

LIVE INTERVIEW:

Dynamic risk assessment- Identify, connect and visualize

risk in four dimensions Comparing and

contrasting the traditional two dimensional approach

vs the new four-dimensional approach

LIVE INTERVIEW: AIs role

in streamlining regulatory compliance

Keeping up with growing

regulatory demands-where are the biggest demands coming from?

How compliance and risk

organizations are dealing

with increased

PANEL DISCUSSION:

Defining roles across 3LOD Should the 1LOD or

2LOD test operational

controls? Have any 2LOD ops risk

functions used outside vendors to challenge the 1LOD by conducting pen

testing etc.?

PANEL DISCUSSION: Extrapolating the causes of

cyber security breaches

Evaluating the role of human error

o Inadequate controls on sensitive data

o Insider threat and ‘anomalous

behaviour’ by staff

Ransomware and/or phishing

o Preventative controls (AV, Advanced

End-Point, Cloud Filtering)



How can firms place

more of an emphasis on risk contagion?

Leveraging

interconnectedness for

improved decision making and risk management

Moderator: Ed Kim, Operational

Risk Expert Michele Ushkowitz, Managing Director, Head of Risk

Supervision, SG CORPORATE & INVESTMENT BANKING Shelly Martin, Vice President Operational Risk Director, STATE

STREET

regulation coupled with cost challenges with AI?

Are organizations

converging regulation

and compliance teams? Will AI need to be

regulated? Moderator: Andrew Richardson, Formerly VP, Enterprise and

Operational Risk Management, FORMER COAST CAPITAL SAVINGS

Saqib Jamshed, Director – Quantitative Risk Analytics , STATE STREET CORPORATION Gordon G Liu, EVP US Head of

Global Risk Analytics, HSBC

Should there be both a

1.5 and a 2LOD? Has it worked effectively when both exist? Or should

they really be merged into 1LOD and 2LOD?

Should transactional

testing be part of the 2LOD operational risk

management function? Moderator: Tom Osborn, Editor, Risk Management, RISK.NET

Etsuko "Ekko" Fuseya Jennings, Managing Director, MORGAN STANLEY INVESTMENT MANAGEMENT

Richard Cech, Senior Bank Examiner Op Risk Governance, FEDERAL RESERVE BANK OF NEW YORK

Kathleen M Stack, Senior Vice President, Operational Risk, HSBC NORTH AMERICA

o Recovery strategies from ransomware

Moderator: Jim Gilligan, Retired President and CEO, BLUE CROSS LIFE CANADA

Justin Fier, Director for Cyber Intell igence and Analysis , DARKTRACE Afzal Khan, VP, Global Head of IT Security, Risk Mgmt & Compliance, EVEREST RE

John Polis, Chief Operating & Technology Officer, STAR MOUNTAIN CAPITAL

12:20pm LUNCH AND NETWORK Advice sharing and networking tables over lunch on the 8th floor: Have a seat at a table to share your experiences with fellow peers and give advice on everything from the SMA to recruiting the millennials.

1:20pm

PANEL DISCUSSION:

RCSAs Optimization of RCSA

Design and Deployment

/ Execution

SPOTLIGHT ON: AI for

effective ORM Importance of Artificial

Intell igence and

Machine Learning techniques and

LIVE INTERVIEW:

Tightening BSA and AML controls Addressing a bank's risk

appetite for the level of

Bank Secrecy Act (BSA) and AML compliance risk

PRESENTATION: When consumer data is your

opportunity and your risk

Tim Sparapani, Former First Director of Public Policy, FORMERLY FACEBOOK



Value proposition:

‘value-added’ benefits of RCSA versus ‘check the box’

Guiding principles and

leading practices Next generation:

Convergence of risk assessments

Moderator: Craig Spielmann,

Former Global Head of Enterprise Risk Management Strategy, FIRST DATA

Glenn Hursh, Managing Director, KPMG Neil Roth, Former Head of Operational Risk Governance for

Combined U.S. Operations, RBC Ed Kim, Operational Risk Expert

technologies to firms of all sizes and scales

Leveraging these

techniques to improve

efficiency and effectiveness in ORM

How to govern and

control the risks these techniques introduce to

the enterprise Alexander Brash, Principal, EY

How can banks with

banking services across multiple jurisdictions comply?

What is included as part

of governing payment processes with the objective of mitigating money laundering?

What kind of technology

and data analytics do firms use for AML protection?

Moderator: Lester Joseph, SVP, Manager- Global Financial Crimes Intell igence Group, WELLS FARGO

Stuart Davis, Chief Anti-Money Laundering Officer, BMO McHenry Kane, Senior Vice President, Director of AML, NEW

YORK COMMUNITY BANK Ted Sausen, Subject Matter Expert, AML, NICE ACTIMIZE

5 min intermission allowing participants to change streams 2:05pm

FIRESIDE CHAT: The insidious effects of geopolitical risk on operational and cyber risk

How to prepare for potential repercussions within your own firms - The increasing necessity for Boards and Chief Risk Officers to monitor the political and

business environment How to reflect the increased economic and political uncertainty caused by political events in your risk - based capital models? I.e. are you holding more

capital?

Moderator: Tom Osborn, Editor, Risk Management, RISK.NET Manan N. Rawal, Head of US Model Risk Management, HSBC USA



Michael Barry, Executive Director, Head of Operational Risk, NATIXIS CIB AMERICAS

2:40pm

OUT OF INDUSTRY KEYNOTE ADDRESS: OpRisk in the energy industry

Novera Khan, Chief Risk Officer, UNIPER

3:10pm AFTERNOON COFFEE AND NETWORKING 1-2-1 Meetings: These bespoke meetings held in the dedicated meeting zone will provide you with the opportunity to address your specific concerns and challenges

3:40pm

CHAMPAGNE KEYNOTE ADDRESS: DHS Cybersecurity Priorities

Rick Driggers, Deputy Assistant Secretary, U.S. DEPARTMENT OF HOMELAND SECURITY

4:10pm

WRAP UP PANEL: OpRisk and CyberRisk NA 2018- what are the key takeaways?

Featuring members of the 2018 Advisory Board Moderator: Alexander Campbell, Divisional Content Editor, RISK.NET Dolores (Lori) Miller, Managing Director, Head of Operational Risk, Investments, AIG

Richard Cech, Senior Bank Examiner Op Risk Governance, FEDERAL RESERVE BANK OF NEW YORK Deborah Hrvatin, Managing Director - Global Head of Institutional Clients Group Operational Risk Management, CITI

4:55pm CHAIR'S CLOSING REMARKS: Alexander Campbell, Divisional Content Editor, RISK.NET

5:00pm END OF CONFERENCE

OPRISK NORTH AMERICA ADVISORY BOARD CYBER RISK ... - … · Moderator: Daniel McKinney, Partner,...

Documents

Transcript of OPRISK NORTH AMERICA ADVISORY BOARD CYBER RISK ... - … · Moderator: Daniel McKinney, Partner,...