Vendor & Third Party Risk Europe

Biography coming soon.

Ros Aryee is recognised as a thought leader on Operational Resilience and Third-Party Risk Management. Coming from an Engineering background, she has over 20 years’ experience in defining and transforming governance frameworks to mitigate operational risks. Her career has spanned various financial organisations including the Bank of England, Lloyds Banking and Standard Chartered Bank where she has held senior management roles both locally and internationally across BCM, TPRM, IT SCM, Crisis Management, Operational Risk and Compliance.
In her current role, as an Executive Director at the Santander London branch, she heads up the TPRM & Outsourcing and Operational Resilience functions and is accountable for embedding a framework to meet both EU and UK regulatory expectations.
Ros is a Certified Third-Party Risk Professional and holds a BSc in Electrical and Electronic Engineering, and a post graduate diploma in BCM. Outside work she serves as a committee member on the City of London Police Advisory Group and on the steering board for the on the TPRM Shared Assessment PSC to support and provide thought leadership. She also works with local church groups in her community to mentor disadvantaged youth in the BAME Community.

Joe runs Procurement, Supplier Management and Supplier Risk for Metro Bank, having set up the team six years ago.  He has a broad range of previous experience across sectors including engineering, construction, consulting, education and design.

I obtained a degree in Law with the dream to bring change, drive innovation and argue my views. After completing law school, I realised that was certainly not the career for me. I signed up to an internship programme in New York and worked on the world’s largest trading floor – UBS Stamford Connecticut. This is where I found my passion for Banking. Following this I worked at Barclays, KPMG and joined HSBC 5 years ago. In these 5 years I have developed specialist knowledge in Vendor management with particular focus on Third Party Risk. The landscape for TPR is forever changing but what interests me the most is sustainability. We all have a huge role to play in achieving net zero targets, so within my capacity I am working to measure HSBC’s supply chain carbon emissions. Alongside this, I am actively involved in a number of coaching and mentoring programmes and also run a Diversity and Inclusion working group.

Biography coming soon.

Originally a big 4 cyber risk consultant Haydn experienced the day to issues that came with running a supply chain assurance programme. He found that current programmes actively caused clients and their suppliers’ headaches. These pain points led him to found Risk Ledger. Risk Ledger is a technology platform that combines a security governance platform with a secure social network. In the last couple of years, Risk Ledger has gone from strength to strength, receiving 2.1 million in seed funding, winning the Cyber Den/Most Innovative Cyber Company Award and being named as one of Forbes’ Tech Champions of 2022.

Matthew joined Direct Line Group in 2016 as Head of IT Third Party Oversight
where he oversees activities of the Third Party Assurance and PCI Compliance teams. Third Party Assurance focusses on ensuring the operational resilience and security  of DLG’s supply chain and the PCI Compliance team ensures DLG maintains daily compliance to PCI Data Security Standard and conducts the annual PCI DSS assessment.Previously Matthew was a Qualified Security Assessor at Gemserv Ltd, where, as Principal Consultant, he delivered Cyber Security consultancy and PCI assessments for merchants and service providers in a variety of industries.

An Alumni of De Monfort University & London Metropolitan University, Demond is a seasoned Third-Party Risk Management Lead as well as a specialist in Supplier Relationship Management. He has worked both in the Public and Private sectors gaining foundational experience at London Underground over a 17 year career. He has also worked for Deutsche Bank, HSBC and now with Barclays.

With over twenty years experience in procurement and supply chain within the Financial Services sector, Dan has successfully led the strategy, transformation and operation of third party risk management across three global banks in the last 14 years (Barclays, HSBC and Deutsche Bank). Now an advisory consultant on the topic, Dan continues to support both FS and non-FS clients with establishing sustainable solutions across both first and second lines of defence.

Mike is Head of UK&I Third Party Management at RSA Insurance. Joining in March 2017 to focus on identifying and unlocking global IT Procurement opportunities and increasing collaboration between regions on procurement initiatives, he moved into Third Party Management in 2019 to implement a new programme and has subsequently run the function since. Mike is currently running the TPMv2 project to enhance the processes and frameworks to meet the new regulatory requirementsPrevious to joining RSA Mike has held senior IT Procurement and Third Party Risk roles across a number of sectors, including roles at Zurich Insurance, EY, Morgan Stanley, Inmarsat and O2. He was the European lead for setting up the global Morgan Stanley Supplier Risk process in 2009/10Mike is married with three children but still finds time to enjoy playing football and cricket – the rest of his time is spent on family crowd control.

Alex is Head of Supply Chain Risk for Lloyds Banking Group (LBG), responsible for ensuring that the supplier onboarding & management frameworks drive effective risk management and regulatory compliance. Alex has worked with LBG for 10 years, and has over 20 year experience in Sourcing and Supply Chain Risk.

With over 20 years banking and risk management experience working across the financial industry, including Bank of Scotland, Barclays and currently with the NatWest Group, Joanne is an industry expert on all aspects of Third Party Risk Management and Outsourcing regulatory requirements. In her current role she is the Risk lead for NatWest on all outsourcing matters working with external and internal outsourcing central teams on their business strategy, processes and control environment to ensure they operate within the bank’s risk appetite and meet regulatory expectations. As a purpose-led business NatWest fosters strong relationships with all key stakeholders across their supply chain.

Will Gray has 18 years experience in Security and Risk Management, primarily focused on bringing emerging technologies to market.
Having joined SecurityScorecard in 2018, when Cyber Risk Ratings was a nascent industry, he has seen a rapid rise in adoption of the concept which now underpins board reports, risk management discussions, supply chain security assessments and cyber insurance underwriting for 1000’s of organisations globally.

Hasintha Gunawickrema is currently the Chief Control Officer for HSBC UK Wealth and Personal banking. Over her 17-year career in Financial Services, she has worked with markets across Europe and Asia. She is currently reading for an Executive Leadership program with Harvard Business School and is also a qualified accountant.
Hasintha has led large scale business, digital and culture transformational programs to deliver better customer outcomes, improve operational excellence and drive effective risk management.
Hasintha is passionate in coaching and mentoring and has a large mentee base across Europe and Asia. She is back in the UK after a successful stint in India as the COO for Wealth and Personal Banking for HSBC. During her time in India, Hasintha was engaged in supporting charities that are focused on educating less privileged girls.  She is passionate in supporting colleagues and customers who are disadvantaged due to their physical abilities, mental health challenges and neurodiversity. She is the Diversity and Inclusion Ability lead for Global Wealth and Personal Banking in HSBC.
Hasintha leads the ‘Data driven risk management’ agenda to support businesses deliver sustainable growth and meet customer needs effectively.

Biography coming soon.

Ameet Jugnauth is an experienced Cyber and Technology leader within the Financial Services sector. With over 15 years of experience across insurance and banking, Ameet has led global information security initiatives, large scale risk and control transformation programmes and recently led risk oversight for strategic transformation at a large banking group. Ameet joined Capital One in 2022 as the Cyber Governance and Risk Director, responsible for third party management, cyber risk and compliance, developing thought leadership across both UK and US teams. Appearing at events regularly in the UK and Europe, he shares his insights into resilience best practices, innovation and is a strong advocate for diversity and inclusion as a lever to organisational success.

Biography coming soon.

Since CyberVadis creation Thibault Lapédagne has been at the heart of the cybersecurity assessment department. Having his professional background in consulting (Wavestone) he created the CyberVadis reference model and the processes to assess a company’s cybersecurity performance. Today he manages an international team of cybersecurity experts responsible for all assessment operations. Thibault Lapédagne participates in cybersecurity events as a keynote speaker to raise awareness on the importance of third-party cybersecurity risk assessments and CyberVadis methodology.

Merlin Linehan is a Risk Manager at the European Bank for Reconstruction & Development (EBRD), working across Crisis management and business resilience. Merlin has supported the Bank through a number of major geopolitical and IT events including Covid, Ukraine and Log4j. Merlin is also a regular contributor to publications such as Frontera, PRMIA and Risk Screen and others covering geopolitics, risk and technology. He has also appeared in various media outlets including the FT, BBC and Global Capital commenting on China’s global role and emerging markets

Biography coming soon.

Biography coming soon.

Andrew Moyad is the Chief Executive Officer of Shared Assessments.
Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.
Most recently, Andrew served as Senior Vice President, Vendor Risk Management at Blackstone, where he led a team of risk professionals responsible for overseeing all phases of the vendor lifecycle at the firm, including risk assessments, control diligence, contract reviews, financial checks, performance monitoring, issue tracking, and management reporting. Prior to Blackstone, he served as a director and global head of vendor risk management and BlackRock and Senior Vice President for Citigroup, where he was a Business Information Security Officer in Global Fixed Income and led third party risk assessments for several years.
Andrew holds a Bachelor of Arts Degree in Natural Sciences from Harvard University and a Master of Science Degree in Information Systems from the Stevens Institute of Technology.

Biography coming soon.

Brian has worked in business process automation targeting risking and compliance for over 25 years, supporting hundreds of Fortune 500 and mid-market firms across all industries. Since 2011 Brian has focused on Third-Party Risk, Compliance and Performance Management for the Financial Services Industry, as well as Master Data Management and Know Your Customer (KYC) challenges. At Mirato, Brian serves as Director of Financial Services Sales, responsive for sales to financial services firms in North America and Europe.

Biography coming soon.

Gemma has worked in a variety of third-party management roles over 15 years including procurement transformation and IT portfolio management. Currently leading the group strategy for third party risk management which includes the risk policy, third party governance framework, and a GRC solution for automated risk management & reporting. Gemma and her team have spent the last 18mths implementing a globally consistent framework and system across 37 countries. A lean black belt with a passion for implementing efficient operating models and using IT solutions to simplify and automate third party risk management.

Biography coming soon.

Shabbir is an Operational Risk Control professional with a blend of Risk management and Digital Transformation experience. He currently leads the second line’ oversight of Technology, Information Security Risk and Internal Controls Frameworks at Handesbanken plc and in the past he has worked with KPMG for close to 11 years in their Risk & Control Transformation practices across UK, India and Southern Africa. He is passionate about simplifying risk management and actively champions use of technology to enhance risk processes within the organisation using GRC and advanced technologies. Shabbir is an IT Engineer by qualification and holds professional certifications Certified in Operational Risk Management (CORM), Certified Information Systems Auditor (CISA), ISO 27001, Privacy Lead Auditor and PRINCE2 professional.

Eustathios is the Commercial Lead for KY3P data, framework and regulatory initiatives. He joined S&P Global from the Prudential Regulation Authority – part of the Bank of England where he was the Head of Integrated Operational Risk & Resilience in the Supervisory Risk Specialists Directorate.

He has experience in leading multidisciplinary teams across financial and operational resilience responsible for policy design, implementation and regulatory operationalisation, which includes the UK’s Operational Resilience policy. In addition, Eustathios has led the PRA’s risk modelling and analytics teams having developed the first concurrent stress test and having led numerous modelling and data initiatives for supervisory and financial stability purposes. Eustathios has in-depth exposure to regulation, central banking, retail and wholesale banking having worked in Europe and North America.

Eustathios holds an Executive MBA from the University of Exeter (UK), a Master’s degree in Finance and Econometrics from Concordia University (Montreal, Canada) following an honours Economics Bachelor’s degree from Carleton University (Ottawa, Canada).