Vendor & Third Party Risk USA

Vendor USA
Innovative Best Practice for Managing Vendor and Third Party Risk Beyond Compliance
2nd Annual

Vendor & Third Party Risk USA

June 13 – 14, 2017 | Crowne Plaza, 1605 Broadway, New York, NY 10019


Key Topics To Be Addressed

Risk Based Approaches
Reviewing the evolution of risk based approaches beyond just compliance

Cross Jurisdictional Sourcing
Understanding requirements and limitations across jurisdictions & global regulation

Maturing governance frameworks to increase accountability

Vendor Assessments
Reviewing techniques for vendor assessments for a unified approach across the industry

Lines of Defence
Reviewing where vendor risk sits in a three lines of defence model

Intragroup Agreements
Managing intragroup agreements to the same level as external third parties

Cyber and IT Security
Understanding threats and vulnerabilities across the cyber and IT landscape

Evolving cloud storage understanding and moving towards more reliance on the cloud

Third Party Risk of the Future
Increasing best practices and innovative drivers to push beyond regulatory compliance

Hear from more than 20 senior vendor, third party and supplier professionals including:

Melissa Lille


ED, Third Party Risk Oversight, International Affiliate Services

JP Morgan Chase

Maureen Vance

Maureen Vance

Director, Vendor Risk Management, Outsourcing, Governance and Risk Management

Deutsche Bank

Daniel Morrison


MD & Group Head, Third Party Risk Management


Tonya Jesso

Tonya Jesso

Senior Director, Supplier Risk Program


John Gilbride


ED, Third Party Risk Oversight

JP Morgan

Nishantha Fernando

Nish Fernando

Global Head of Third Party Risk Management Oversight

Download the brochure

Download a print-friendly PDF copy of the full program that includes the full two-day agenda, registration form, and more.

Download here

Register today

Don’t miss out on the opportunity to join the conference and hear from the senior presenters listed on the agenda. Remember to invite your colleagues as a third person can attend at half price or a fifth person for free.

Register here

Day One | June 13, 2017

08:00 Registration and morning refreshments

08.50 Chair’s opening remarks

Dennis Frio, Managing Director, Risk Advisory Services, Grant Thornton

09:00 Evolution of risk based approaches to third party risk management beyond compliance

  • Portfolio analysis
  • Know your vendor
  • High risk vendors vs high spend vendors
  • Demonstrating robust ongoing monitoring
  • Effective escalation and management summarization of all risks
  • Risk management and reporting
  • Sustainability

Melissa Lilli, ED, Third Party Risk Oversight, International Affiliate Services, JP Morgan

09:40 Evolution of risk based approaches to third party risk management beyond compliance

  • Portfolio analysis
  • Know your vendor
  • High risk vendors vs high spend vendors
  • Demonstrating robust ongoing monitoring
  • Effective escalation and management summarization of all risks
  • Risk management and reporting
  • Sustainability

Joe Peddle, SVP, Operational and Third Party Risk, GE Capital

10:20 Morning refreshment break and networking

10:50 Enhanced techniques for assigning risk and risk identification practices

  • Identifying all third parties
  • Assigning risk based on consolidated risks
  • Services provided internally
  • Level of due diligence based on consolidated risk
  • System and data access
  • Financial stability/ viability
  • Offshoring to sanctioned countries
  • Risk ranking to determining level of risk ongoing monitoring requirements

Maureen Vance, Regional Head of Vendor Risk Management Americas, Deutsche Bank
Jan Lucero, SVP, Vendor Risk Management, Banc of California
Tonya Jesso, Senior Director, Supplier Risk Program, TIAA

11:40 Integration of third party risk in insurance companies

  • On-boarding third parties and integrating into risk management process
  • Category based risk assessments and simplifying the compliance footprint
  • Tackling insurance based third parties (brokers, agents, administrators, etc.) into third party risk management process

Nish Fernando, Third Party Risk Management Oversight, AIG

12:20 Lunch break and networking

1:20 Maturing governance frameworks to increase accountability

  • Approved sourcing strategy
  • Governance structures
  • Clear escalation protocols
    • Executive level, management level and operational level
  • Incident and issue resolution
  • Regulatory risk matrix
  • Maintaining documentation
  • Reporting and interaction of the board and senior level committees

Daniel Morrison, Managing Director, Group Head of Third Party Risk Management, MUFG
Anna Mazzone, Managing Director, International. Global Head of Financial Services, Aravo Solutions

2:40 Reviewing the changing landscape of vendor assessments and validating controls

  • Ensuring integrity of data and level of scrutiny
  • Assessing risk and adjusting control
  • Technology to assess data continuously and alert
  • Balancing assessment level with risk
  • Reviewing new assessment techniques

Tonya Jesso, Senior Director, Supplier Risk Program, TIAA
Sam Kassoumeh, COO and Co-Founder, SecurityScorecard

3:30 Afternoon refreshment break and networking

4:00 Effective review of regulatory risk and financial health of service providers

  • Review regulatory risk and financial solvency indicators early
  • Assess financial viability and sustainability assessments of public and private companies
  • Monitor financial and regulatory risk with automated notifications
  • Eliminate volume limitations to assess all relationships

Anders Rodenberg, Director of Sales, Bureau van Dijk
Bill Hauserman, Sr Director, Compliance Solutions, Bureau van Dijk

4:40 Reviewing the three lines of defense (LOD) and where vendor and third party risk management sits

  • Tone at the top
  • Business unit, governance unit and audit
  • First line due diligence – process flow and control testing
  • Move to second line: Control function validation
  • Moving towards third line: audit
  • Define processes, procedures and documentation to ensure policy adherence

Jan Lucero, SVP, Vendor Risk Management, Banc of California

5:20 The role of the vendor and third party risk manager in sanctions and financial crime prevention

  • Know your vendor and due diligence
  • Sanctions and AML
  • Country rules and requirements
  • Role in identifying unusual payments
  • Reporting, metric and escalation protocols

Kenneth Wolckenhauer, VP, Vendor Management, Nordea Bank

6:00 Chair’s closing remarks

6:10 End of day one and drinks reception

3rd Colleague Half Price
Download the brochure

Download a print-friendly PDF copy of the full program that includes the full two-day agenda, registration form, and more.

Download here

Register today

Don’t miss out on the opportunity to join the conference and hear from the senior presenters listed on the agenda. Remember to invite your colleagues as a third person can attend at half price or a fifth person for free.

Register here

Day Two | June 14, 2017

08:15 Registration and morning refreshments

08:50 Chair’s opening remarks

(Chaired by: Anna Mazzone, Managing Director, International. Global Head of Financial Services, Aravo Solutions)

09:00 International regulators and managing different levels of maturity globally

  • Currency issues
  • Privacy and information retention
  • Processing data across regulatory jurisdictions
    • Protection and security requirements
  • Different views from different regulators
  • How regulators are coordinating activities
  • Harmonization across global regulators

Maureen Vance, Director, Vendor Risk Management, Outsourcing Governance and Risk Management, Deutsche Bank
John Gilbride, ED, Corporate Third Party Risk Oversight, JP Morgan

09:50 Rethinking — and revaluing — 3rd party cyber risk management

  • Measuring and reducing cyber risk
  • Risk transfer
  • Enabling the business and enhancing enterprise value

Jake Olcott, VP, Business Development, BitSight

10:30 Morning refreshment break and networking

11:00 Advancing internal/intragroup agreements to the same level of rigor as external third party partnerships and incorporating as part of assessment process

  • Availability if business fails: business continuity plan
  • Internal transfer pricing: fair pricing for services
  • Defining parameters and controls for each entity
  • Same level of risk assessment and organizational risk analysis as external vendors
  • Offshore component: implementing a program with policy hierarchy across affiliates and subsidiaries
  • Governance and organizational elements
  • Joint venture and strategic alliance guide

John Bree, Former MD, Head of Vendor Risk Management, Deutsche Bank

11:40 Third party risk considerations for NYDFS and GDPR regulatory requirements

Shane M Lieber, CRVPM Strategist – Third Party Management, KeyBank
Adam Schrock,
Managing Director, Grant Thornton

12:20 Lunch break and networking

1:20 Reviewing the cyber and IT security landscape to better understand the threats and vulnerabilities

  • Landscape and penetration techniques
  • Threat vulnerability prevention, detection and controls
  • Third party service provider security policy
  • Shared service provider security policy
  • Testing third parties independent of their participation
    • Validation and verification through independent means
    • Testing vendor IT security framework
  • Cyber security regulatory agenda
  • Macro effects
  • Mission critical recovery time

Nasser Fattah, Managing Director, Bank of Tokyo Mitsubishi UFJ

2:10 Improving your strategy for managing third party cyber security risk

  • Discussing emerging trends and approaches to third party cybersecurity
  • Reducing time, cost and resources to address regulatory requirements more completely
  • Collaboration between Finservs and their 3rd parties to shorten the cycle and produce better results
  • Including cybersecurity in the broader picture of overall third party risk

Dov Goldman, VP Innovation and Alliances, Opus

2:50 Afternoon refreshment break and networking

3:20 Utilizing the advantages technology provides to build efficient and automated processes to capture risks

  • Blockchain used for AML, monitoring and operating
  • Know your vendor technology
  • Categorizing vendor capabilities
    • Using big data and analytics to determine risk category
  • Fintechs: Programs, processes and systems in place
    • Fintech model outline
    • Control environment

4:00 Pulling it all together: When vision meets reality

  • Execution of governance
  • Reporting and communicating with stakeholders
  • Usage of vendor scorecards

Matthew Luongo, Head of Vendor Management, CLS Bank

4:40 Third party management of the future: Increasing best practices and innovative drivers to push beyond regulatory compliance

  • Raising best practice whilst keeping costs down
  • Data analytics and reporting
  • How third party risk is changing
  • Improving systems and governance beyond compliance
  • Utilizing cyber security processes to protect reputation

Charlie Miller, SVP, Santa Fe Group Shared Assessment
Sam Kassoumeh
, COO and Co-Founder, SecurityScorecard

5:30 Chair’s closing remarks

5:40 End of Congress

John Bree
John Bree, Managing Director-Global Head of Vendor Risk Management, Former Deutsche Bank AG

John will be presenting at the forthcoming Vendor and Third Party Risk USA 2017 Congress

Nasser Fattah, Managing Director, Bank of Tokyo Mitsubishi UFJ

Nasser will be presenting at the forthcoming Vendor and Third Party Risk USA 2017 Congress

Dennis Frio Headshot[1]
Dennis Frio, Managing Director, Risk Advisory Services, Grant Thornton

Dennis leads Grant Thornton’s Third Party Risk Management practice for the Financial Services industry.  He is a Managing Director with over 20 years of consulting and industry expertise specializing in the implementation and optimization of third-party risk management and supply chain processes and applications.   He has experience managing a broad array of initiatives for financial services clients designed to reduce costs, improve efficiency or manage risk.

Prior to Grant Thornton,  Dennis worked for 14 years at PwC providing expertise to Fortune 500 companies throughout the United States, Europe and Asia-Pacific across a range of business and technical disciplines including finance, supply chain and risk management.

Nish Fernando
Nish Fernando, Third Party Risk Management Oversight, AIG

Professional career spans 20+ years providing though leadership in the fields of risk, financial and third party management focused within the financial services industries.

Includes 10+ years of experience leading my own management consulting company engaging clients in the financial services industry in Toronto, Boston and New York.

BA in Economics and post-graduate diploma in accounting from Wilfrid Laurier University in Waterloo, Ontario, Canada.

John Gilbride, ED, Third Party Risk Oversight, JP Morgan

John will be preseting at Vendor & Third Party Risk USA

Patrick Gorman, Head of Strategy and Product, CyberGRX

Patrick Gorman is Head of Strategy and Product at CyberGRX. Previously, Gorman served as Chief Security Officer (CSO) at Bridgewater Associates, Chief Information Security Officer (CISO) at Bank of America, and Associate Director of National Intelligence (ADNI) for technology and strategy at the Office of the Director of National Intelligence (ODNI). Prior to these positions, Patrick worked at Booz Allen Hamilton, leading cybersecurity practices in both government and commercial markets. He also served in the USAF in electronic security and intelligence.

Gorman holds a B.A. from the University of Maryland and an M.A. from The George Washington University.

Bill Hauserman
Bill Hauserman, Senior Director, Compliance Solutions, Bureau van Dijk

Bill is focused on anti-corruption compliance solutions at Bureau van Dijk. As a rapidly evolving global risk within financial institutions, corruption risk management requires a far more systematic approach encompassing customers, third-party partners and employees. Bill joined Bureau van Dijk after 12 years of designing and deploying global compliance and ethics programs for SAI Global and NAVEX Global. For the last seven years he has focused on the perplexing problem of creating efficient due diligence technology and content to truly understand the risks of customers and business partners. Bill has seen first-hand the potentially false sense of security found in current due diligence programs.

Tonya Jesso
Tonya Jesso, Senior Director, Supplier Risk Program, TIAA

Tonya Jesso is a graduate of Phillips Exeter Academy, The University of the South, and Regent Law School. Ms. Jesso passed the North Carolina Bar and began her financial services career with First Union/Wachovia as a Sourcing Attorney. Ms. Jesso spent 13 years at Bank of America where she became an expert in vendor risk oversight. Her other professional passion is business process design leveraging her Six Sigma Black Belt. Ms. Jesso joined Enterprise Risk Management at TIAA in 2014 where she currently leads the Supplier Risk Program.

Sam Kassoumeh, COO and Co-Founder, SecurityScorecard

Sam Kassoumeh is the COO and co¬-founder of SecurityScorecard. A seasoned cyber security professional, he has been the Head of Security and Compliance at Gilt and leading Global Security at Federal¬Mogul. Sam has a keen understanding of the cyber¬security space that only comes with 10 years of experience leading security teams.

Melissa Lilli, ED, Third Party Risk Oversight, International Affiliate Services, JP Morgan Chase

Melissa will be presenting at Vendor & Third Party Risk USA

Jan Lucero
Jan Lucero, SVP, Vendor risk management, Banc of California

In depth experience in building and managing enterprise third party risk management programs (second line of defense) governed by the OCC, FRB and FDIC. Most recent four years have been spent building the third party risk program for Banc of California, Bank of the West and BancWest subsidiaries of BNPP. Prior 5 years were with Wells Fargo Corporate Risk Management Program – Third Party Risk.

Responsible for all aspects of building and executing third party risk management programs. Incorporating the three line of defense model to manage all third party provider relationships.  Includes establishing and maintaining the requisite enterprise policy, standards and procedures; governance framework; operating model; oversight; and reporting (including: Board of Directors, Senior Management, and business).

Prior changing career to third party risk management, managed large scale operations for Wells Fargo and Bank of America. Including strategic business initiatives, business process improvement and automation.

Certified Third Party Risk Professional San Fe Group. Certified in Six Sigma DFSS.  Graduate from Pacific Coast Banking School. MBA from Bellarmine University, Louisville, Kentucky. BSC from University of Louisville, Louisville, Kentucky.

Matt Luongo
Matthew Luongo, SVP, Vendor risk management, CLS Bank

Matt Luongo is a veteran of implementing and executing change programs and systems in global organizations. Known for his innovative and resourceful style, Matt’s expertise in operations and systems, strategic leadership development and change management makes him a trusted c-suite advisor.

Matt is currently the Head of Global Vendor Management at CLS Bank International, a global FX settlement utility. Prior to joining CLS Bank, Matt founded MJ Management Consulting where he led various global projects for Barclays, Sony, Avon, American Express and Wachovia. He also held leadership positions at UBS, Cognizant Technology Solutions and American Express.

Matt holds a Bachelor of Science degree in Business Administration from the University of Nebraska-Lincoln and an MBA from Pace University. His philanthropic endeavours include board positions with Pace University Lubin School of Business Alumni Committee and DREAM (formerly Harlem RBI), a non-profit organization which supports inner city youth in East Harlem, the South Bronx and Newark.  Matt is an avid traveller and has conducted business in over 20 countries.

Anna Mazzone, Managing Director, International. Global Head of Financial Services, Aravo Solutions

Anna Mazzone leads and drives Aravo’s global expansion and is responsible for building operations and direct and partner channels internationally. She also leads growth initiatives and client engagement across financial services, bringing with her over 20 years’ financial services industry experience in the international markets.

The former Global Head of KYC Managed Services at Thomson Reuters, Anna founded and grew Thomson Reuters’ Org ID KYC Managed Service, leading a team of more than 150 staff and managing clients in more than 80 countries.

Ms. Mazzone’s deep domain expertise in Technology for Financial markets (FinTech), GRC (Governance Risk & Compliance technologies), and Know Your Customer (KYC) as well as Know Your Supplier/Vendor (KYS/KYV) has contributed to significant growth at companies including BAML, Thomson Reuters, CME Group, Markit and Trunomi.

Anna is on the Board of the Non-profit, Junior League of London, having supported the organization for over 14 years, on the Advisory Board for Trunomi, and is a business mentor for Level39 London Accelerator. In 2016 Anna was named in Innovate Finance’s “Women in Fintech Powerlist” which recognizes women who are playing a vital role in the development of the global Fintech sector. She holds a Bachelor of Science, Finance and Insurance from the University of South Carolina – Darla Moore School of Business.

Charlie Miller
Charlie Miller, Senior Vice president, The Santa Fe Group / Shared Assessment Program

Charlie Miller, Senior Vice President, recently re-joined the Santa Fe Group as Senior Vice President, where his key responsibilities include managing and expanding the Collaborative Onsite Assessments Program and facilitating regulatory, partner and association relationships. Charlie has vast industry experience, having led third party risk management and financial services initiatives for several global companies.

Charlie was previously the Director of Vendor and Business Partner Risk Management at AIG where he managed regulatory and governance activities for the organization’s enterprise vendor risk management program, including co-leading the definition and implementation components. During his tenure at AIG, he simultaneously served as a Shared Assessments Steering Committee member where he used his industry expertise to manage key projects for the Program. Prior to joining AIG, Charlie led the vendor risk management group at the Bank of Tokyo-Mitsubishi UFJ. Charlie also served in other key roles including the CEO of his own company, Charles R. Miller & Associates, LLC and his first term as Senior Vice President for the Santa Fe Group. He also held multiple leadership roles at Merrill Lynch, where he oversaw the company’s global vendor management program and designed and implemented major global initiatives including programs pertaining to financial systems standardization; information security and privacy; acquisition and divestiture due diligence; and information leakage and data protection. His experience also includes time as a consulting partner at Deloitte LLP, and leading a financial services practice unit focused on outsourcing, risk management, and cost control.

Daniel Morrison
Daniel Morrison, MD & Group Head, Third Party Risk Management, MUFG

Dan is a Managing Director and the Group Head of Third-Party Risk Management (TPRM) for MUFG Americas.  Dan has more than 20 years of global Financial Services experience, with 10+ years of Third-Party Risk Management experience. Dan has been involved with numerous TPRM initiatives for Global FS organizations. Other roles Dan has held include: PwC’s Financial Services TPRM practice leader, Chief Security Strategist at American Express, SVP of Security Engineering at Bank of America, and Security & Privacy Partner at Arthur Andersen. Dan also has significant process improvement experience (ITIL, Six Sigma Black Belt, and SSE-CMM).

Jake Olcott Headshot
Jake Olcott, VP, Business Development, BitSight

Jake Olcott is VP of Business Development at BitSight. He previously managed the cybersecurity consulting practice at Good Harbor Security Risk Management. Prior to Good Harbor, he served as legal advisor to the Senate Commerce Committee, and also served as counsel to the House of Representatives Homeland Security Committee. He completed his education at the University of Texas at Austin and the University of Virginia School of Law.

Joe Peddle
Joe Peddle, Operational & Third Party Risk Manager, GE Capital

Joe Peddle has been with GE Capital since December of 2004 and is currently the Operational & Third Party Risk Manager.

In this role, Joe is responsible for developing the third party operational risk framework across the GE Capital business units.  This includes development of risk assessment procedures and key risk indicators, integration of third party monitoring and controls, and oversight of third party business disposition activities.

Prior to his current role, Joe has held roles of increasing responsibility within GE Capital and General Electric including Productivity Leader, Global Sourcing Finance Leader, and Sourcing Manager.  In these positions, Joe was responsible for negotiating direct and indirect sourcing opportunities, leading the financial planning cycles, and implementing Sourcing compliance and performance metrics.  He was also the Finance Manager and Controller within GE’s Global Business Services division, implementing Sarbanes-Oxley internal controls and controllership enhancements from 2002 through 2004.

Prior to GE, Joe was with Hewitt Associates in Norwalk, CT and Lincolnshire, IL as Project Manager, managing Fortune 100 clients’ Defined Contribution plan mergers and leading quality initiatives.  He was also Director of Client Services and Vendor Relations for FM Facility Maintenance, a national commercial property maintenance and construction management firm.

Anders Rodenberg, Director of Sales, Financial Institutions & Advisory, North America, Bureau van Dijk

Anders Rodenberg is the Head of Financial Institutions and Advisory in North America for Bureau van Dijk. Originally from Scandinavia, Anders previously served as Head of Compliance for the Nordic European Region at Bureau van Dijk before transferring to the U.S., which gave him key compliance insight and experience on both sides of the Atlantic.

Anders has been involved in multiple compliance projects in areas ranging from AML and OFAC sanctions to FATCA and FCPA, helping to improve compliance levels at various financial institutions, insurance companies and traditional corporates. Much of his work has been focused on improving on-boarding procedures, Enhanced Due Diligence (EDD) processes, off-cycle notification systems, Sanctions identification, investigation and monitoring through global standardization as well as introducing global ownership structures into the AML & OFAC risk models.

Adam Schrock, Managing Director, Grant Thornton

Adam leads Grant Thornton’s National Third Party Risk Management practice.   He is a Managing Director with over 20 years of experience whose experience crosses a number of risk domains, including; third party management, cyber security, IT risk management, operational risk, regulatory compliance and data privacy.

His primary focus has been on the development of regulatory risk and compliance solutions, information protection programs, and strategic implementation of third party risk management programs.  Specifically for third party risk programs, Adam has designed and implemented holistic programs for various financial service clients. This includes development of the third party risk processes, both pre-contract due diligence and post-contract ongoing monitoring. Operationalizing the program processes and procedures using technology and tools such as Archer, Hiperos and Process Unity.

Maureen Vance
Maureen Vance, Regional Head of Vendor Risk Management Americas, Deutsche Bank

Maureen has been with the combined Deutsche Bank / Bankers Trust organization for 27 years and recently joined the Vendor Risk Management team.  Her prior roles at DB include Head of Information Security and Control Policy in the GTO Divisional Control & Regulatory Office, Global Head of Control for Global Business Services, Americas Head of Control for Investment Banking Operations and Head of Global Loan Operations Accounting & Control.  Before joining DB, Maureen had control and project roles a Citibank, NA and Columbia Pictures Industries, Inc. and was a Senior Auditor with Arthur Andersen & Co.

Maureen is a Certified Public Accountant, Series 99 Operations Professional and has a BS in Business Administration / Accounting from Georgetown University.

Ken Wolckenhauer
Ken Wolckenhauer, VP, Vendor Management, Nordea Bank Finland PLC  New York Branch

Ken will be presenting at Vendor & Third Party Risk USA

Find our Vendor Risk thought-leadership articles here. These articles feed from our much larger Risk Insights section of our website which provides you with thought-leadership, white papers, articles and more across risk and regulation.

16th May 2017

Keeping third party risk first on the cyber risk list

9th May 2017
john bree

Advancing internal/intragroup agreements to the same level of rigor as external third party partnerships

9th May 2017

The role of the vendor and third party risk manager in sanctions and financial crime prevention

12th April 2017

Scottrade Bank’s breach underlines third-party vendor risk

12th April 2017
Trang Sumpter

Ensuring effective due diligence relative to the risk and complexity for third party selection

21st March 2017
Nishanta Fernando

Implementing effective governance operating models and incorporating board oversight

2nd March 2017

Innovative vendor management beyond compliance

5th January 2017
MCO BANNER girl[1]

The development of third party risk management practices

3rd June 2016

How to validate the security maturity of your third party vendors

9th May 2016
Tom Garrubba Vendor Risk Insights

TPRM landscape is poised for coordinated standardisation of assessment processes

5th May 2016

Third party risk management towards a pragmatic approach

11th April 2016

Cyber Culture: Key challenges for banks

7th April 2016

Building models for different classes of vendor

6th April 2016

Reviewing Europe’s Vendor and Third Party Risk Landscape

4th April 2016

Vendor & Third Party Risk: 2016 Focus

The Center For Financial Professionals recently collaborated with MyComplianceOffice to conduct research with close to 250 relevant professionals to identify the development of third party risk management practices to provide the industry with a better view of the current issues and an understanding of how our peers are overcoming the challenges in the sector.

Want to work with the Center for Financial Professionals on the next research report? Contact today to discuss how we research over 450,000 risk professionals.

MCO report



Aravo delivers market-leading SaaS solutions for managing third party risk and compliance at scale.

We help Global 2000 companies protect their business value and reputation by managing the risks associated with third parties and suppliers, and to build business value by ensuring that their third party relationships are optimized.

Aravo has assembled unique domain expertise and best practice approaches from more than 16 years of delivering successful implementations to global companies with the most complex supply and third party networks in the world.

Leading brands count on Aravo for end-to-end enterprise third party risk management together with specialist applications to support anti-bribery and anti-corruption, data privacy and security, responsible sourcing, and registration and qualification/know your supplier programs.

Providing unrivalled regulatory agility and ease-of-use, together with actionable executive reporting, Aravo supports a user base of more than 95,000 corporate users and 4 million third party users in 33 languages and 154 countries. Aravo is headquartered in San Francisco, with offices and partners across the US, Europe and Asia.

BitSight Technologies

BitSight Technologies is transforming how companies manage information security risk with objective, evidence-based security ratings. The company’s Security Rating Platform continuously analyzes vast amounts of external data on security behaviors in order to help organizations manage third party risk, benchmark performance, and assess and negotiate cyber insurance premiums. For more information, please visit or follow us on Twitter (@BitSight).

Bureau van Dijk

Certainty is a highly prized commodity in business. Data might be getting bigger all the time, but this only makes extracting value from it more difficult.

Bureau van Dijk captures and treats private company information for better decision making and increased efficiency.

With information on over 200 million companies, we are the resource for company data. A key benefit of our information is how simple we make it to compare companies internationally.
Our information includes:

– What companies do, how they’re performing and the people that run them
– Financial data, legal entity details, M&A activity and news
– Corporate structures and ownership

You can access our information via a range of interfaces that are designed to help different business challenges and streamline workflows. Many of our customers blend our information with their own internal data for superior insight.

Register for your free trial at

Compliance Education Institute

Compliance Education Institute will be participating at the Vendor & Third Party Risk USA Congress.


CyberGRX provides the most comprehensive third-party cyber risk management platform to cost-effectively identify, assess, mitigate and monitor an enterprise’s risk exposure across its entire partner ecosystem. Through automation and advanced analytics, the CyberGRX solution enables enterprises to collaboratively mitigate threats presented from their increasing interdependency on vendors, partners and customers. CyberGRX is based in Denver, CO.

Grant Thorton

Grant Thornton LLP’s Risk Advisory Services works to help protect and drive enterprise value for our clients. We aim to develop and deploy business strategies that align with your approach to risk and your organization’s strategic priorities. We bring expertise in creating risk management programs and holistic solutions to address strategic, operational, regulatory, compliance and cyber risk inefficiencies.

Third party risk management is an area of growing concern today. Organizations rely on third parties for a variety of reasons – cost savings, revenue enhancement, or increased expertise to gain a competitive edge. While it is true third parties can help realize many business benefits, they can also introduce significant risks. These risks may include failure to protect sensitive company and client data, inability to meet business operational objectives, failure to meet your organization’s compliance requirements, or cause reputational damage based on how your third party is perceived in the industry. If these risks aren’t properly managed, it could lead to regulatory fines and penalties, lost customers or decreased revenue. Learn more about our work and how we protect value at

Grant Thornton LLP is the US member firm of Grant Thornton International Ltd, one of the world’s leading organizations of independent audit, tax and advisory firms.

IHS Markit

IHS Markit (Nasdaq: INFO) is a world leader in critical information, analytics and solutions for the major industries and markets that drive economies worldwide. The company delivers next-generation information, analytics and solutions to customers in business, finance and government, improving their operational efficiency and providing deep insights that lead to well-informed, confident decisions. IHS Markit has more than 50,000 key business and government customers, including 85 percent of the Fortune Global 500 and the world’s leading financial institutions. Headquartered in London, IHS Markit is committed to sustainable, profitable growth.


MetricStream will be participating at Vendor and Third Party Risk USA 2017.


Opus was founded on a simple premise: that faster, better decisions in compliance and risk management could give businesses an extraordinary advantage in the marketplace.

Today, the world’s most respected, global corporations rely on Opus to free their business from the complexity and uncertainty of managing customer, vendor, and third-party risks.

By combining the most innovative SaaS platforms with unparalleled data solutions, Opus turns information into action so your business thrives.


Prevalent is the leader in third-party risk management and cyber threat intelligence, helping global organizations manage and monitor the security threats and risks associated with third and fourth-party vendors. With the release of Prevalent Synapse™, organizations now have a purpose-built, unified platform that reduces both risk and cost in a shared assessment model, leveraging standardized content, automation, and threat intelligence.


SecurityScorecard provides the most accurate security risk rating for any organization worldwide. The proprietary SaaS platform helps enterprises gain operational command of the security posture for themselves and across all of their partners and vendors. It provides continuous, non-intrusive monitoring for any organization including third and fourth parties. The platform offers a breadth and depth of critical data points not available from any other service provider including a broad range of risk categories such as Application Security, Malware, Patching Cadence, Network Security, Hacker Chatter, Social Engineering, and Passwords Exposed.



ProcessUnity’s cloud-based solutions help organizations of all sizes automate their risk and compliance programs. Our highly configurable, easy-to-use tools significantly reduce manual administrative tasks, allowing customers to spend more time on strategic risk mitigation. As a software-as-a-service technology, ProcessUnity deploys quickly with minimal effort from customers and their IT resources. The inherent efficiency our technology delivers faster, better results, and the ability to scale governance, risk, and compliance programs over time. ProcessUnity’s suite of applications includes Third-Party Risk Management, Policy and Procedure Management, Enterprise Risk Management, Regulatory Compliance Management, Product and Service Offer Management, and more. Learn more at


Can your organization contribute at our Vendor & Third Party Risk USA Congress?

Please contact the Center for Financial Professionals today to discuss how we can deliver your thought-leadership at the event, help you generate leads, and provide you with unique networking and branding opportunities. Below is an outline of what we can offer, but please contact or call us on +44 (0)20 7164 6582 where a member of the team will be happy to tailor the right package for you.

Media Publications

We are happy to support publications, associations and organisations at this event. From a simple company listing with your logo to taking advantage of some of our sponsor benefits listed above. To discuss a media partnership further please email or call +44 (0)20 7164 6582.

FocusEconomics_HR_Tagline copy
Global Risk Community 150x100
IT GRC 180x110
ORIC International


Crowne Plaza Hotel
Times Square Manhattan
1605 Broadway
New York

There are limited rooms available at a preferential rate by booking here or alternatively call Tim Olohan on 212 315 6122.  The venue is within walking distance of Times Square so please feel free to use alternative accommodation using or


More accommodation options:

Mayfair New York
242 W 49th St, New York,
NY, 10019


(800) 556-2932

The Manhattan at Times Square Hotel
790 7th Ave, New York, NY, 10019



Millennium Broadway New York Times Square
145 W 44th St, New York, NY, 10036

Millennium Broadway

866 866 8086

 Hilton Garden Inn Times Square
790 Eighth Avenue, New York, New York, 10019



Download the Risk Insights App

Interact with your colleagues, peers and industry thoughts leaders live at the Vendor & Third Party Risk USA Conference.

Our Risk Insights App provides an audience interaction participation tool at the Summit which allows you to ask speakers and panelists questions throughout the sessions and engage in industry polls with other senior risk professionals.

All Summit information is available at a click of a button such as the two day agenda, biographies of all presenters map location and surveys


Sponsor the App. For more information, email us.


1. Search for “Risk Insights” on your relevant app store.


2. Once the App is downloaded and opened, Vendor & Third Party Risk USA will appear on your dashboard. Select “Access Now”

3. You will be asked to provide the event access code, an email with this code has been sent to you by email after registering for the event.

4. Here you will be able to access all details you need prior and during the event, i.e presentations, agenda and map. The polls and ask a question features will be used during the course of the two days so make sure to keep your phones handy during the event.


We have a web App available to use through your phone internet browser. At the event visit and simply select Vendor & Third Party Risk USA Summit, then enter your details and the access code (refer to your emails for the code)

If you are having any issues please feel free to drop us a call on +44 (0)20 7164 6582 and a member of the team will be able to help you out.

After the Event

Keep the Risk Insights App after the event to browse risk and regulation insights, share and save articles, and receive notifications on the latest challenges all within your professional interests. Our network of authors range from risk professionals within banking risk, financial regulation, market risk, credit risk, operational risk and treasury/balance sheet management.

Frequently Asked Questions

Can I present at Vendor & Third Party Risk USA Conference?

Yes, the Center for Financial Professionals are happy to discuss speaking opportunities at Vendor & Third Party Risk USA Conference 2017. For further information on this please contact or call us on +44 (0) 20 7164 6582.

Are there any rules on the dress code?

Business attire is requested. The Summit is a formal opportunity to network with like-minded professionals and to gain knowledge from the industry’s finest risk management experts.

What is the cost and what is included in the registration fee?

We offer incentives for ‘early bird’ registrants of the Summit, as outlined on our pricing structure.

Registration includes breakfast, refreshment breaks, lunches, the cocktail reception at the end of the day, full access to the Summit sessions and exhibition area. Presentations from sessions are also available, subject to speaker approval.

Where can I find the Summit documentation and speaker presentations?

All registered attendees will receive an email with access to documentation and speaker presentations after the Summit*

We will work with our presenters to include as many presentations as possible on our Risk Insights App during the Summit.

*Please note that our speakers often have to gain permission from their relevant compliance departments to release their presentations. On rare occasions compliance may not allow presentations to be distributed.

Will breakfast, lunch and refreshment be provided?

Yes. As with all of our events the Center for Financial Professionals will be providing brilliant coffee, breakfast, lunch, refreshments, and smaller bites during the networking breaks.

This will be provided on both days of the Summit.

Will there be opportunities to network with other attendees?

There are ample opportunities for networking and interaction throughout the Summit, such as

  • Breakfast, lunch and refreshment breaks
  • Cocktail reception at the end of the day (Subject to confirmation)
  • Q&A, panel discussions and audience participation technology available through the Risk Insights App
I have several colleagues that would like to attend, is there a group discount?

Certainly! We are pleased to offer you a 50% discount on the third registration or provide a fifth registration for free.

If you would like to register more than five colleagues please contact us on +44 (0) 20 7164 6582

Please note:

  • Registrations must be made at the same time
  • Registrations must come from the organisation
  • The lowest registration will be discounted
Are there opportunities to share my thought-leadership at Vendor & Third Party Risk USA?

Yes there are plenty of opportunities for the Center for Financial Professionals to share thought-leadership to the attendees of Vendor & Third Party Risk USA and our wider risk professionals community.

At the event
We can distribute your material to the attendees, offer you an exhibition booth, and provide speaking opportunities so that you may enjoy a more prominent presence at the Summit. Visit the Sponsor tab for further information or contact / +44 (0) 207 164 6582.

Risk Insights
Feature your content on our Risk Insights website and supporting Risk Insights monthly newsletter. For further information please download our media pack here.

Are media partnerships available for Vendor & Third Party Risk USA?

Yes. As part of a media partnership we can offer a variety of options to increase the branding and awareness of your association, company, certificate, publication or media. We are flexible with what we can offer however we usually:

  • Provide a discounted rate to attend
  • Place your logo and profile on the Summit website
  • Place your logo on the Summit brochure
  • Place your logo on promotional content where applicable
  • Distribute your media/marketing at the Summit
  • Promote through social media channels

To discuss this further please contact or call +44 (0) 20 7164 6582.


Prerequisites: Knowledge of financial risk management Advanced Preparation: No advanced preparation is required Program Level: Intermediate to advanced
Delivery Method: Group-live

The Center for Financial Professionals is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website:


See Us In Action

Early Bird
Registration Before May 26
Standard Rate
Registrations After May 26
Register Now
(SAVE $300)
$1,599 Register

Should you have any questions regarding registering, please contact the Center for Financial Professionals, please contact us on +1 888 677 7007 (US) or +44 (0)20 7164 6582, or email

Group Bookings:

Group rates are available for 2 or more attendees from the same organisation, when registering at the same time. The current rate allows every third colleague to come along for half price! or a fifth colleague to attend for free

Other ways to register

Save time – Register by email

Simply email us your e-signature – and we will do the rest for you!

2. Contact Us Directly

3. Download the PDF Registration Form

Keep Updated


Interested in Vendor Risk Management but not ready to register? Click here to keep updated.


Bitsight Logo 245
CEI 300 DPI[3][2]
CyberGRX 245x150
GTlogo-245x 150
IHS logo 245x150
opus-logo copy
Prevalent-logo 245x150
SSC-Logo-Stacked-BlkBlue- 2017 version 245x150


ProcessUnity-Logo-RGB 245x150

Connect With Us | #VendorRiskUSA

TwitterLinkedInFacebookYouTubephone icon 50px