Vendor & Third Party Risk Europe

Adelani is an Account Executive with Aravo Solutions, a pioneer within the Third Party Risk Management technology sector.

Having invested a decade within the Integrated Risk Management industry, Adelani brings a wealth of experience with a strong track-record of sales, account management and project delivery across numerous risk domains.

Adelani has been a key member in numerous award-winning implementation projects and, in part part due to being an avid gamer, has a close interest in Information Security and CyberSecurity programs.

Charitable works including participation in the Aleto Foundation’s Future Leaders mentorship program and a Board Member of Dream Nation.

With over 25 years financial services experience, Shamial has worked in insurance, banks and now investment management firm leading the strategic supplier oversight agenda globally.

Shamial has a passion to build inclusive and diverse teams which have been demonstrated through his various roles which have included operations, change and supply chain management.

Shamial continues to challenge the status quo and drive the supplier oversight agenda forward as critical part of any firm dealing with third parties.

Matthew joined Direct Line Group in 2016 as Head of IT Third Party Oversight

where he oversees activities of the Third Party Assurance and PCI Compliance teams. Third Party Assurance focusses on ensuring the operational resilience and security  of DLG’s supply chain and the PCI Compliance team ensures DLG maintains daily compliance to PCI Data Security Standard and conducts the annual PCI DSS assessment.

Previously Matthew was a Qualified Security Assessor at Gemserv Ltd, where, as Principal Consultant, he delivered Cyber Security consultancy and PCI assessments for merchants and service providers in a variety of industries.

Ian leads UK Finance’s operational and policy work on cybersecurity and third party risk management. In this role he engages with key industry stakeholders to determine the applicability of collective action on behalf of the financial sector. Through this engagement he is currently creating a single standard to assess the resilience of critical suppliers, having previously operationalised the Financial Sector Cyber Collaboration Centre (FSCCC), an industry utility designed to promote cyber intelligence sharing amongst financial institutions.

Before joining UK Finance Ian worked for BNY Mellon, where amongst other things he led the development and deployment of a global system to map technology risk regulatory controls to global cyber, technology and data privacy regulations. Prior to this he served as a British Army Officer for eight years.

Tendai is a director at Franklin Templeton, an investment manager with $1.5 trillion in assets under management. His global role focuses on risk management of investment operations across the US, EMEA and APAC. He is responsible for developing and coordinating the program of oversight activities for key fund service providers, developing the strategic plan around third-party partners, technology and product/regulatory change.

Tendai started his career in assurance and advisory services with Deloitte, where he advised some of the world’s largest firms in investment management and private equity sectors. He has vast experience in setting up oversight and governance frameworks in financial services firms. He has also led projects in transaction banking, financial markets and capital markets.

Tendai is passionate about people, leadership, diversity and inclusion and financial education. He has served and continues to serve in various capacities to support these causes.

A qualified Chartered Accountant, Tendai is a member of the Institute of Chartered Accountants in England and Wales (ICAEW) and the Institute of Chartered Accountants of Zimbabwe (ICAZ).

An Alumni of De Monfort University & London Metropolitan University, Demond is a seasoned Third-Party Risk Management Lead as well as a specialist in Supplier Relationship Management. He has worked both in the Public and Private sectors gaining foundational experience at London Underground over a 17 year career. He has also worked for Deutsche Bank, HSBC and now with Vodafone leading on Global Third Party Risk programme implementation.

Prior to joining IHS Markit in May 2021, Mr Chard was a Partner at PwC based in London. Mr Chard is an experienced and trusted Board level advisor to a wide range of globally significant financial institutions. He has advised on technology strategy, resilience, risk, control and assurance models. He led the global enterprise resilience proposition at PwC and has worked with clients across APAC, the Middle East, North America and Europe. He has held senior leadership roles in the Technology, Data and Analytics group and in the Banking & Capital Markets group of PwC.

Mr. Chard has extensive experience in designing, transitioning and leading managed service programmes to drive efficiency in large clients. He has provided evidence to the UK Treasury Select Committee, been appointed on multiple occasions as a Skilled Person to conduct UK financial services regulatory reviews and advised the Prudential Regulation Authority. Prior to joining PwC, he established and led the third-party risk practice at Deloitte for five years. In this role he worked with clients across a range of industries including government, life sciences, technology and media and oil and gas. He holds a BSc in Industrial Business Systems, an MBA from Warwick and is a qualified chartered accountant.

Mike is Head of UK&I Third Party Management at RSA Insurance. Joining in March 2017 to focus on identifying and unlocking global IT Procurement opportunities and increasing collaboration between regions on procurement initiatives, he moved into Third Party Management in 2019 to implement a new programme and has subsequently run the function since. Mike is currently running the TPMv2 project to enhance the processes and frameworks to meet the new regulatory requirements

Previous to joining RSA Mike has held senior IT Procurement and Third Party Risk roles across a number of sectors, including roles at Zurich Insurance, EY, Morgan Stanley, Inmarsat and O2. He was the European lead for setting up the global Morgan Stanley Supplier Risk process in 2009/10

Mike is married with three children but still finds time to enjoy playing football and cricket – the rest of his time is spent on family crowd control

Mark is speaking at Vendor & Third Party Risk Europe

Alex is Head of Supply Chain Risk for Lloyds Banking Group (LBG), responsible for ensuring that the supplier onboarding & management frameworks drive effective risk management and regulatory compliance. Alex has worked with LBG for 10 years, and has over 20 year experience in Sourcing and Supply Chain Risk.

Natalie is speaking at Vendor & Third Party Risk USA

Tom Garrubba, Senior Director at Shared Assessments, is a nationally recognized subject matter expert, lecturer, and blogger on third party risk, and is the head instructor for their Certified Third Party Risk Professional (CTPRP) program. An active blogger for the Huffington Post on business risk, he’s blogged on various industry websites including Government Health IT and ISACA. Previously, Tom was Senior Privacy Manager at CVS Health where he instituted and managed their third party assessments program for all proprietary data. Tom has over 15 years of experience in IT security, privacy, audit, and compliance in various industries and public consulting.

18+ Years’ Experience – Seasoned and dynamic professional with core experience in operational risk and internal control across varied functional and operational roles involving Operational Risk Management, Supplier Risk / Third Party/ Vendor Management, Business Management covering Strategy .

Currently head Third Party Risk for HSBC’s Retail & Private Banking business globally , covering risk management support, subject matter expertise, leadership and direction for Third Party Risk related activities and issues. Specialize in developing Third Party Risk strategy, design and implementation across retail markets and using data driven based risk management and analytical tools to design and develop business Risk Appetite Statement and KI measures related to Third Party Risk.

Will Gray has 18 years experience in Security and Risk Management, primarily focused on bringing emerging technologies to market.

Having joined SecurityScorecard in 2018, when Cyber Risk Ratings was a nascent industry, he has seen a rapid rise in adoption of the concept which now underpins board reports, risk management discussions, supply chain security assessments and cyber insurance underwriting for 1000’s of organisations globally.

Julie Hubbard is the Chief Control Officer, Business Services at One Savings Bank with over 30 years of experience in the Financial Services and Outsourcing sector.

Julie has held various roles in her career working in global, high street, start up and scale up organisations specialising in Operations Management, Transformation and Change, Third Party Risk Management and Quality Assurance.

Her carreer in Vendor Management started 20 years ago when first working at CitiFiancialto her responsibilities today at OSB which includes the Group Procurement, Vendor Management and Business Services Assurance Teams.  

Over the years Julie has been involved and seen the evolvement of the Third Party Risk Management framework and regulatory direction and for the last 8+ years working at One Savings Bank and has been instrumental in driving forward and developing the target operarting model, strategies and policies for the Bank ensuring compliance withasscociated Third Party Risk Management, Intragroup and Outsourcing requlations across the 1st Line Operations, IT and support teams.

Ayesha lives in Berkshire with her husband, two sons and their dog.  She is a keen runner and baker – hobbies which luckily balance each other out.

Abhishek Khare is responsible for managing outsourcing risks for Societe Generale EMEA. He joined SGCIB in 2011 where he held various senior management roles in CIB Operations at Bangalore and Hong Kong before coming to London team in October 2016. His previous employers include Nomura, Lehman Brothers, Wipro, Franklin Templeton and Deloitte consulting. With several years of experience in managing operations in capital markets, mutual funds, vendors & audit firms, his key competence is a combination of operational risk, off-shoring and outsourcing oversight.

Since CyberVadis creation Thibault Lapédagne has been at the heart of the cybersecurity assessment department. Having his professional background in consulting (Wavestone) he created the CyberVadis reference model and the processes to assess a company’s cybersecurity performance. Today he manages an international team of cybersecurity experts responsible for all assessment operations. Thibault Lapédagne participates in cybersecurity events as a keynote speaker to raise awareness on the importance of third-party cybersecurity risk assessments and CyberVadis methodology.

I have worked in information cyber security for over 25 years and the last 7 years have been dedicated to TPRM. I am the current chair of the NCSC Supply Chain Cyber Risk Working Group, looking at best practice and helping make the supply chain more secure.

I undertake and lead where appropriate a variety of Third party Cyber Security Risk activities and other related activities which together aid in ensuring that  organisation’s key assets appropriately protected against unauthorised activities including deliberate or accidental loss.

Matthew Moog serves as the General Manager, Third-Party Risk at OneTrust, the category-defining enterprise platform to operationalize trust. In his role, Matthew advises companies throughout their third-party risk management implementations to help meet requirements relating to relevant standards, frameworks, and laws. Prior to joining OneTrust, Matthew spent 18 years at EY where he led their Global Third-party Risk offering for Financial Services and their Third-party Risk Managed Service offering for the Americas.  Moog is a CISA and has a BS in Management Information systems from Rensselaer Polytechnic Institute in Troy, NY.

Andy Natesan, Founder & Director at Levizo with over 17 years of extensive experience in Risk & Control Frameworks, Third Party Risk /Vendor Risk Management (VRM / TPRM), Information Risk Management (IRM), Third-party Risk Oversight, Legal, Regulatory & Contract Compliance. He has worked with Admiral Group, Shell, Euroclear, BP, Deutsche Bank, Barclays, HSBC in a variety of roles across third-party risk / supply chain risk, operational risk, information risk management.

Rizwan Nazir is a Director in PwC’s Resilience & Risk Management Practice in London.  He has 20 years of consulting experience delivering a range of third party risk management (TPRM), technology risk, cyber security, and assurance related services to large global financial services (FS) clients.

Rizwan specialises in leading global TPRM programmes and has led several major initiatives across the FS market.  He has helped to design, implement, operationalise, standardise, and optimise complex TPRM initiatives across a range of firms.  He is also responsible for leading and overseeing PwC’s TPRM delivery portfolio across the firm’s clients and the market, helping to drive growth and create value in the most challenging environments.

Jon joined Crossword from BAE Systems Applied Intelligence (‘AI’), the plc’s Cyber Security Consulting Managed Security Services, and software product business where he was CIO & Security Director.  Jon had been with the AI business since its Detica days prior to acquisition by BAES.

He built on his experience in the National Security sector from that period, leading the acquisition and integration of 4 internationally-distributed commercial security businesses into a single global cyber security business with a diverse client base, ultimately heading up a global team of over 250 Security subject matter experts.

In 1999 Jon was awarded a PhD from Lancaster University in Methods for Corporate Requirements Capture, Collaborative Systems Design.

Ruth Poulten is the Social Impact and ESG Manager UK&I at RSA, with significant experienceshaping and embedding Social Impact strategies across business functions from risk managementand operations, to products and services and human resources.

Harnessing business as a force for good has been the focus of her career for the last 15 years having developed wide-ranging ESG, Communications and Media expertise whilst working in local Government and the private and charitable sectors.

She now manages RSA’s community investment programme and associated strategic partnerships, leads purpose driven campaigns, and oversees the compliance of its ESG policies including Modern Slavery and Human Rights, Community and Charity and Environment.

Brian has worked in business process automation targeting risk and compliance for over 25 years, supporting hundreds of fortune 500 and mid-market firms across all industries.  Since 2011 Brian has focused on Third-Party Risk, Compliance and Performance Management for the Financial Services Industry, as well as Master Data Management and Know your Customer (KYC) challenges. At Mirato, Brian serves as Director of Financial Services Sales responsible for sales to Financial Services firms in North America and Europe

Ian is a Director in the PwC UK Financial Services practice, with 13 years experience in third party risk management (TPRM), cybersecurity, and assurance.

Ian has worked extensively with a number of the world’s leading financial institutions and has helped design, implement, and optimise third party risk management programmes in complex and distributed environments. He has helped a number of large international Banks and Investment Management firms stand-up, operationalise, or streamline existing programs in order to increase value or remove cost. He leads PwC’s EMEA-wide TPRM centre of excellence, ensuring standards and methodology are consistently applied and delivered.

Ian also has significant experience with the broader non-financial risk agenda, delivering advisory and regulatory driven engagements around cybersecurity, technology, resilience, and privacy.

Shayne Tyler is a highly experienced practitioner in the identification, investigation and resolution of worker welfare issues with experiences that span many hundreds of cases affecting many thousands of victims.  A practical and hands on Director with over 30 years of people leadership within the food industry.  He relies on over 22 years of experience directly managing variable levels of employee exploitation situations, where he has actively helped shape legislation, guidance, best practice and support mechanisms for the prevention and eradication of worker abuse.

Shayne now partners an organisation with the specific goal to share experiences and help clients understand not just what to do, but more importantly how to do it.

His practical knowledge gives organisations the tools to Prevent, the skills to Prepare for those situations they cannot prevent and the knowledge and understanding to both Protect and Pursue all stakeholders in the subsequent investigations.

Having had ‘first hand’ experience that has identified and tackled numerous examples of worker exploitation for such an extended timeframe, Shayne offers a valuable perspective in the fight to improve worker welfare.

Atul is speaking at Vendor & Third Party Risk Europe 2022

Louise Waite is the Supply Chain Management & Assurance Director at Lloyds Banking Group. She leads a team of 50, delivering a group-wide approach to supplier risk assessment, supplier assurance and supplier management. Louise and her team maintain an effective Supply Chain Management framework, run a Centre of Excellence for Supplier Management and conduct hundreds of assurance reviews every year. Having spent several years in the IT and Pharmaceutical industries, Louise is enjoying her return to Financial Services where she started her Procurement career.