Why should you attend?
Come and join CeFPro® as we proudly launch our 10th Edition Vendor and Third Party Risk Summit in the City of London June 12-13th 2024. Selling out yearly and highly anticipated, Vendor & Third Party Risk Europe is the must-attend conference for TPRM professionals to extend their knowledge on how to manage, mitigate, and navigate risks down your supply chain.
Gain insight from 25+ TPRM professionals as they delve into key challenges being faced within the industry through in-depth presentations and lively panel discussions. From evolving regulations in the environment to the implementation of AI into supply chains, our carefully curated agenda can assist with ensuring best practices and augmenting your knowledge of potential risks on the horizon.
Key highlights for 2024
- DORA:
Approaches to managing EU DORA implementations and timelines
- CRITICAL THIRD PARTY:
Managing critical third party regimes to align with operational resilience
- EXIT PLANS:
Enhancing exit plans to align with regulatory expectations
- CYBERSECURITY:
Managing cybersecurity risks in the supply chain and identifying weaknesses
- 4TH PARTIES:
Holistic view down the supply chain to enhance security
- INTRAGROUP ARRANGEMENTS:
Developing best practice to manage intragroup arrangements
- AI:
Exploring usage of AI within TPRM and developing approaches to manage supply chains
- GEOPOLITICAL RISKS:
Impact of geopolitical risks and manage the impacts as they evolve
Hear from subject matter experts and industry front-runners
Join us for an engaging, timely and carefully curated agenda across 2-days
Join us for an engaging, timely, and carefully curated agenda across 2-days. Our agenda ensures a deep dive into Vendor & Third Party Risk Management through presentations, panel discussions, and live Q&A’s.
Learn from our line-up of industry thought leaders as they share their expertise
Learn from our line-up of industry thought leaders as they share their expertise. Gain insight and knowledge from 30+ subject-matter experts and return to your department with actionable ideas and best practices.
Continue conversations with our 7+ hour networking opportunity.
Continue conversations with over 7 hours of networking. Benefit from 6 networking breaks across the two days, plus a complimentary drinks reception. Continue discussions beyond the auditorium and create industry connections.
Key speakers
Gerard Doyle,
Chief Operating Officer, Head of Third Party, Operational Resilience and OCIR
Credit Suisse
Gemma Stewart
Global Head of Vendor Management
Zurich Insurance Company
Gary Lock
Global Head of Third Party Risk Management
Fidelity International
David Sheridan
Global Chief Information Security Officer
Santander Corporate and Investment Banking
Zuzana Rebrova
Head of Third Party Cyber Risk Management
Swiss Re
Saima Sabir
Group Head of Third Party Risk Management & Outsourcing (2LOD)
Bank of Ireland Group
Maya Goethals
Director, Compliance and Risk Management
Bank of America Merrill Lynch
Orlando Fernandez Ruiz
Senior Technical Specialist, Operational Resilience/TPRM, Prudential Policy
Bank of England
Sophie Bishop
Head of Supplier Relationship Management
Legal & General
Samikendra Gosh
Global Third Party Risk Lead, Operational Resilience Risk
HSBC
Session previews and related insights
Get an insight of what to expect from the Summit with our past and present speaker session previews.
Beyond the scoring: Managing the third and fourth party attack surface
Beyond the scoring: Managing the third and fourth party attack surface Will Gray, Area Director Europe North, SecurityScorecard Below is an insight into what can be expected from Will's session at Vendor & Third Party Risk Europe. {{ vc_btn: title=Find+out+more+about+CeFPro%27s+Vendor+%26amp%3B+Third+Party+Risk+Europe+2024&style=outline-custom&outline_custom_color=%23001c64&outline_custom_hover_background=%23001c64&outline_custom_hover_text=%23ffffff&link=url%3Ahttps%253A%252F%252Fwww.cefpro.com%252Fforthcoming-events%252Fvendor-third-party-risk-europe%252F }} The views and opinions expressed in this article are those of the thought leader as an
Enhancing due diligence and assessment practices to obtain and develop actionable insights
Enhancing due diligence and assessment practices to obtain and develop actionable insights Codee Woo, Third Party Risk Management Lead, Legal & General Laura Faure, Third Party Risk Manager, Legal & General Below is an insight into what can be expected from Codee's session at Vendor & Third Party Risk Europe. {{ vc_btn: title=Find+out+more+about+CeFPro%27s+Vendor+%26amp%3B+Third+Party+Risk+Europe+2024&style=outline-custom&outline_custom_color=%23001c64&outline_custom_hover_background=%23001c64&outline_custom_hover_text=%23ffffff&link=url%3Ahttps%253A%252F%252Fwww.cefpro.com%252Fforthcoming-events%252Fvendor-third-party-risk-europe%252F }} The views and
Increasing collaboration across teams to monitor risk throughout the lifecycle
Increasing collaboration across teams to monitor risk throughout the lifecycle Simon Shepherd, Managing Director, MYRIAD Group Technologies Below is an insight into what can be expected from Simon's session at Vendor & Third Party Risk Europe. {{ vc_btn: title=Find+out+more+about+CeFPro%27s+Vendor+%26amp%3B+Third+Party+Risk+Europe+2024&style=outline-custom&outline_custom_color=%23001c64&outline_custom_hover_background=%23001c64&outline_custom_hover_text=%23ffffff&link=url%3Ahttps%253A%252F%252Fwww.cefpro.com%252Fforthcoming-events%252Fvendor-third-party-risk-europe%252F }} The views and opinions expressed in this article are those of the thought leader as an
The ever-changing role of third party risk management
The ever-changing role of third party risk management Branan Cooper, TPRM Consultant Below is an insight into the role of third party risk management, with a highlight into how the it has developed over the years. Discover more at Vendor & Third Party Risk USA. {{ vc_btn: title=Find+out+more+about+CeFPro%27s+Vendor+%26amp%3B+Third+Party+Risk+USA+2024&style=outline-custom&outline_custom_color=%23001c64&outline_custom_hover_background=%23001c64&outline_custom_hover_text=%23ffffff&link=url%3Ahttps%253A%252F%252Fwww.cefpro.com%252Fforthcoming-events%252Fvendor-third-party-risk-usa%252F }} The views and opinions expressed in
Take a look at what was said at last year's event
A fantastic couple of days at Vendor & Third Party Risk Europe. Great to connect with so many new faces and a few familiar ones too.
Brilliant atmosphere at today’s conference on Vendor & Third Party Risk. Privileged to have been invited to share my thoughts…
[Vendor & Third Party Risk Europe] was a great opportunity to engage with others and share thoughts on best practice in TPRM. As always, CeFPro arranged a wide variety of presentations and panel discussions which saw interesting discussions…
[Vendor & Third Party Risk Europe was] an absolute pleasure to speak on two panels… A fantastic opportunity to share knowledge.
Would your organization like to partner with us on this event?
To discuss how we can deliver your thought-leadership at the event, help you generate leads, and provide you with unique networking and branding opportunities, please contact sales@cefpro.com or call us on +44 (0)207 164 6582 for more information.
2024 Sponsors
Co-sponsors
Associate sponsors
Content and media partners
Agenda
8:00 – 8:50
Registration and breakfast
8:50 – 9:00
Chair’s opening remarks
9:00 – 9:35
REGULATION
Balancing compliance with risk management in an increasingly complex regulatory environment
View Session Details
- Reviewing the regulatory landscape over the next 2 years
- Aligning business processes with regulatory expectations
- Alignment with risk tolerance and appetite
- Future-proofing supplier relationships to meet regulation
- Understanding impact of regulation on the organization
- Aligning increasing regulatory requirements
- Operational resilience, cyber resilience, NIST, EU AI Act, GDPR etc.
- Minimum requirements to ensure alignment with all changes
- Managing variations in templates and reporting expectations
- Prioritizing changes and expectations
|
Gerard Doyle, Chief Operating Officer, Head of Third Party, Operational Resilience and OCIR, Credit Suisse |
9:35 – 10:20
EXIT PLANS – PANEL DISCUSSION
Advancing exit plans aligned with current and future expected regulatory requirements
View Session Details
- Developing stressed and unstressed exit plans
- Determining what is proportionate
- Exit plans at service level for organizations providing multiple services
- Reviewing expectations for cloud service providers
- Identifying gaps on service and impact to customer
- Reviewing timelines for compliance and benchmarking progress
- Documenting all services and reliance of third party
- Leveraging expertise internally and within suppliers
- Updating contracts to include stressed exit plan provisions
- Managing the practical realities of supplier failure
- Monitoring financial stability of third parties
- Setting risk appetite for supplier or service outages
- Minimizing duplication of work for bank wide vs individual third party exit plans
|
Jean-Marc Boulo, Director, Head of Global Sourcing & Procurement UK, Credit Agricole |
|
Anne McGowan, Head of Supplier Management, Governance & Risk, Lloyds Banking Group |
|
Anita Barber, VP, Supplier Management, HSBC |
10:20-10:50
Morning refreshment break and networking
10:50 – 11:25
BUSINESS CONTINUITY
Developing an integrated approach to business continuity and disaster recovery planning
View Session Details
- Substitutability and business continuity
- Identifying suppliers with a monopoly on certain markets
- Reviewing alternative options
- Enhancing SLAs for Monopoly Suppliers
- Monitoring overall performance
- Managing transition across suppliers in stressed and unstressed exit
- Developing a seamless exit strategy
- Enhancing business continuity plans
- Developing immediate contingency plans to support exit plans
- Practical steps for implementing contingency plans
|
Will Gray, Area Director Europe North, SecurityScorecard |
11:25 – 12:00
CRITICAL THIRD PARTIES
Reviewing future treatment of critical third parties as regulated entities
View Session Details
- Defining critical third parties in line with regulatory requirements
- Implementing legislation within timelines
- Managing cost and reporting implementation
- Implementing in a proportionate way
- Identifying potential concentration or systemic risk
- Management of critical services that don’t meet the definition of outsourcing
- Potential to increase efficiency in the industry with pooled information
- Impact of frequency of reporting and granularity of data
- Implementing expectations into an efficient process
|
Orlando Fernandez Ruiz, Senior Technical Specialist, Operational Resilience/TPRM, Prudential Policy, Bank of England (tbc) |
12:00 – 12:35
RESILIENCE
Embedding and implementing resilience in third party and supply chain risk management
View Session Details
- Reviewing links between resilience and third party risk
- Translating impact tolerances into something measurable
- Inventorying IT assets and linking to service
- Outreach to resolve incidents
- Developing maturity in resilience practices
- Reviewing cross-impact of resilience regulations
- Understanding downstream and upstream impacts
- Developing strong vendor relationships
- Communicating risk appetite and monitoring activities
- Enhancing industry collaboration
12:35 – 1:35
Lunch break and networking
1:35 – 2:20
DORA – PANEL DISCUSSION
Reviewing practical implementation approaches for EU DORA regulation and regional variations
View Session Details
- Working with suppliers in order to meet requirements
- Reviewing global operational resilience requirements
- Managing vast scale of change
- Undertaking gap analysis to define expectations
- Enhancing inventories and controls
- Managing additional governance and documentation requirements
- Centralizing teams and assessments at a group level
- Enhancing relationship management with single point of contact
- Reviewing impact to fintech companies: How are fintech’s adopting the new requirements
|
Sophie Bishop, Head of Supplier Relationship Management, Legal & General |
|
Mihaela Breg, Head of Operational Resilience & Third Party Oversight, Europe Arab Bank |
2:20 – 2:55
CONCENTRATION RISK
Gaining a full view of concentration risk: Minimizing and monitoring geographic and organization concentrations
View Session Details
- Varying nature of concentration risk
- Identifying company and jurisdictional concentrations
- Monitoring geopolitical risk and impact to supply base
- Approaches to map data to identify concentration risk
- Tools available to map data
- Increased concentration in areas with heightened geopolitical tension
- Collecting data to visualize concentration
- Leveraging data to inform sourcing decisions
|
Gemma Stewart, Global Head of Vendor Management, Zurich Insurance Company |
2:55 – 3:30
CONTINUOUS MONITORING
Enhancing continuous monitoring processes for a holistic and real time view of risk
View Session Details
- Tools for continuous and online monitoring
- Managing and monitoring tools
- Alerts to monitor all third parties
- Monitoring SLAs and compliance
- Building in operational resilience
- Online monitoring for real time global updates
- Developing a holistic view of supply chain
- Reviewing tools and capabilities
|
Carlos Colino, MD, Global Head of Third-Party Risk Management, Santander Corporate and Investment Bank |
3:30 – 4:00
Afternoon refreshment break and networking
4:00 – 4:35
DUE DILIGENCE
Enhancing due diligence and assessment practices to obtain and develop actionable insights
View Session Details
- Protecting reputation through effective due diligence
- Conducting due diligence down the supply chain
- Assurance requirements for 4th to Nth parties
- Monitoring for conflict of interest breaches
- Validating due diligence questionnaires
- Determining the right level of risk assessment and due diligence for third party arrangements
- Reviewing due diligence processes and action on risk and issues identified
- Demonstrating effective monitoring and remediation of risks
- Due diligence for organizations needed for immediate strategic benefit
- Minimizing process time for faster turnaround
- Managing vendor overload
- Industry collaboration opportunities to streamline processes
- Reducing manual collection of data and information
|
Codee Woo, Strategic Supplier Risk Management, Legal & General |
4:35 – 5:20
RISK CONVERGENCE – PANEL DISCUSSION
Increasing collaboration across teams to monitor risk across the lifecycle
View Session Details
- Distinguishing primary risk from cascading or downstream risk
- Increasing collaboration and communication across risk teams
- Ensuring an integrated approach
- Identifying, tracking and managing risks
- Moving from activity to risk based metrics
- Enhancing governance by focusing on risk over activity
- Gaining support from the business and effective tone from the top
- Developing a holistic third party risk management reporting program
- Integrating dashboards across third party risk
- Bringing all data into one place for third party risk management
|
Samikendra Gosh, Global Third-Party Risk Lead, Operational and Resilience Risk, HSBC |
|
Gary Lock, Global Head of Third-Party Risk Management, Fidelity International |
|
Alex Dorlandt, Head of Supply Chain Risk Management, Lloyds Banking Group |
5:30-5:30
Chair’s closing remarks
5:30
End of day one and networking drinks reception
8:00 – 8:50
Registration and breakfast
8:50 – 9:00
Chair’s opening remarks
9:00 – 9:45
GEOPOLITICAL RISK – PANEL DISCUSSION
Reviewing implications of geopolitical tensions to supply chains and future proofing business strategies
View Session Details
- Maintaining oversight of restrictions and impact to third parties
- Considering geopolitical risk when working with new suppliers
- Approaches to assess the geopolitical risks for proactive management of risk
- Developing and testing business continuity arrangements
- Interconnected nature of risk and compliance
- Reviewing sanctions regimes in jurisdictions and data privacy
- Uses of AI in monitoring geopolitical risks
- Developing a forward looking strategic view of TPRM
- Reviewing supply chain dependencies as a result of long term horizon risks
- Scenario planning for geopolitical changes
- Exploring impacts across the supply chain and resilience
|
Saima Sabir, Group Head of Third-Party Risk Management & Outsourcing (2LOD), Bank of Ireland Group |
|
Luca Bolcato, Head of Global Procurement Policies and Risks, ING (tbc) |
|
Maya Goethals, Director, Compliance and Risk Management, Bank of America Merrill Lynch |
9:45 – 10:20
ESG
Monitoring supply chains to ensure adherence with internal ESG goals and standards
View Session Details
- Evaluating ESG risks in third-party relationships
- Strategies for ensuring ESG Compliance of suppliers
- The importance of reporting
- Using TPRM to manage our own ESG commitments
- Case study of how inadequate consideration of ESG can negatively impact outsourced processes and TPRM
|
Julius Herfel, Head of Audit –International Regulatory & Second Line, BNY Mellon |
10:20 – 10:50
Morning refreshment break and networking
10:50 – 11:15
AI
Explore the use of artificial intelligence within TPRM
View Session Details
- Consider How AI should and should not be used in TPRM
- Review practical application through real-world use cases
- Assess the impacts and benefits for you and your Third Parties
- Identify roles and functions that will be affected
- Evaluate the risks of implementing AI into TPRM
|
Brian Shaw, Director of Financial Services Sales, Mirato |
11:25 – 12:00
AI Session Two
Developing approaches and controls to monitor the use of AI across supply chain
View Session Details
- Developing controls for uses of AI across supply chain
- Developing strategies for third parties leveraging OpenAI
- Managing those with access to data
- Information to obtain from third parties using AI
- Understanding how suppliers are using AI
- Impact of use of AI on cloud management
- Ensuring data and core information remains safe and well controlled
- Monitoring data uses within generative AI tooling
- Controls to ensure information is accurate and free of bias
- Protecting data without impacting business process and development
- Managing risks across jurisdictions and governments
12:00 – 12:35
4TH PARTIES
Gaining a holistic view of supply chain and ensuring security of processes and services
View Session Details
- Leveraging tools to monitor vulnerabilities across the supply chain
- Understanding impact of security incidents across the supply chain
- Gaining confidence from third parties
- Identifying impacts of nth party breaches
- Managing security with complex supply chains
|
Zuzana Rebrova, Head of Third Party Cyber Risk Management , Swiss Re |
12:35 – 1:35
Lunch break and networking
1:35 – 2:10
SaaS
Enhancing security around SaaS and identifying vulnerabilities across suppliers
View Session Details
- Reviewing security across the supply chain and software security
- Vulnerabilities when buying and using Software as a Service
- Security with increased adoption of technology
- Heightened use of cloud and migration of applications or systems
- Developing a clear inventory of software
- Managing risks with greater use of cloud
- Alignment of contingency and exit planning for cloud service providers
|
Jean-Francois Valette, CTPO EMEA, JPMorgan Chase & Co. |
2:10 – 2:45
CYBERSECURITY
Understanding increased cyber risk with complexity in supply chains and increased use of ransomware
View Session Details
- Identifying weaknesses in vendor systems
- Understanding end to end supply chain
- Interaction and oversight of fourth parties
- Tracking data across supply chain
- Threat modeling to understand how the service works
- Understanding global landscape and increased geopolitical risk
- Developing strong monitoring, assessment and contract clauses
- Inclusion of cyber security clauses
- Future of cyber security agency for critical third parties
- Aligning programs with consumer duty to keep customers at the center
- Ensuring third party systems are as robust as internal systems
|
David Sheridan, Global Chief Information Security Officer, Santander Corporate and Investment Banking |
2:45 – 3:20
DATA
Developing centralized and aggregated data processes to better use of available data
View Session Details
- Leveraging compliance data from third party assessments and due diligence
- Monitoring threat intelligence to identify vulnerabilities
- Integrating other parts of the business into vendor management analysis
- Collecting data on vendor performance
- Approaches to collect the right data to satisfy regulatory requirements
- Maintaining data in a centralized and structured platform
- Accessibility for regulatory reviews
- Developing a data consolidation and remediation program
- Reviewing tooling available to manage data
- Capturing information and connectivity between different sources
- Structuring and cleansing data for a consolidated view of key attributes
- Developing proactive and preemptive data metrics and insights
3:20 – 3:50
Afternoon refreshment break and networking
3:50 – 4:25
MEDIA SCANNING
Leveraging technology to scan news and media for alerts and monitoring of trends
View Session Details
- Automating media scans for all suppliers
- Monitoring news for trends
- Identifying opportunities
- Enhancing efficiency through AI
- Ensuring well rounded view with positive and negativity monitoring
- Setting up alerts to aid in negotiation and ongoing monitoring
- Aligning teams to communicate incidents globally
4:25 – 5:10
INTRAGROUP ARRANGEMENTS – PANEL DISCUSSION
Reviewing approaches and best practice for intragroup arrangements and management of sensitive data
View Session Details
- Managing materiality trigger aligned with access to sensitive data
- Reviewing regulatory treatment of inter group agreements
- Developing exit and resilience plans
- Treatment of personal data in internal agreements
- Assessing and defining materiality for intragroup
- Developing BAU programs to assess risk
- Onboarding expertise to review deviation opportunities whilst remaining compliant.
|
Funke Uwaifo, Head of Outsourcing and Vendor Management, EFG Private Bank |
|
Raghuveer Bhanoori, Director, Third-Party, Operational Risk, Pacific Life Re |
|
Jean-Francois Valette, CTPO EMEA, JPMorgan Chase & Co. |
5:10 – 5:20
Chair’s closing remarks
5:20
End of Vendor & Third-Party Europe 2024
Speakers
Anita Barber
VP, Supplier Management
HSBC
Anita Barber
I obtained a degree in Law with the dream to bring change, drive innovation and argue my views. After completing law school, I realised that was certainly not the career for me. I signed up to an internship programme in New York and worked on the world’s largest trading floor – UBS Stamford Connecticut. This is where I found my passion for Banking. Following this I worked at Barclays, KPMG and joined HSBC 6 years ago. In these 6 years I have developed specialist knowledge in Vendor management, Third Party Risk and now focusing on building a Supplier Management framework for the Bank. The Supplier landscape is forever changing, but what interests me the most is how we can leverage our relationships to better advance our Sustainability goals. I am actively involving in a number of coaching and mentoring programmes as well as running a Diversity and Inclusion working group.
Raghuveer Bhanoori
Director, Third-Party, Operational Risk
Pacific Life Re
Raghuveer Bhanoori
Biography coming soon
Sophie Bishop
Head of Supplier Relationship Management,
Legal & General
Sophie Bishop
Biography Coming soon
Jean-Marc Boulo
Director, Head of Global Sourcing & Procurement UK
Credit Agricole
Jean-Marc Boulo
Biography Coming Soon.
Luca Bolcato
Head of Global Procurement Policies and Risks
ING (tbc)
Luca Bolcato
Biography coming soon
Mihaela Breg
Head of Operational Resilience & Third Party Oversight
Europe Arab Bank
Mihaela Breg
Mihaela Breg has more than 17 year of experience spanning across retail, commercial, corporate and investment banking, and a track record of operating in highly complex and regulated environments at a global level (in the Eurozone, the UK and the US). Over the years, Mihaela was involved in leading the successful delivery of various oversight and change programmes leading up to the current role as Head of Operational Resilience & Third Party Oversight for Europe Arab Bank in London. Being a proactive leader with an entrepreneurial mindset, she combined her corporate skills also with FinTech experience in the start-up environment, becoming a co-author of The PayTech Book published in January 2020 (the first globally crowd-sourced book focused on the future of finance and payments revolution).
Carlos Colino
MD, Global Head of Third-Party Risk Management
Santander Corporate and Investment Bank
Carlos Colino
Biography coming soon.
Alex Dorlandt
Head of Supply Chain Risk Management
Lloyds Banking Group
Alex Dorlandt
Alex is Head of Supply Chain Risk for Lloyds Banking Group (LBG), responsible for ensuring that the supplier onboarding & management frameworks drive effective risk management and regulatory compliance. Alex has worked with LBG for 10 years, and has over 20 year experience in Sourcing and Supply Chain Risk.
Gerard Doyle
Chief Operating Officer, Head of Third Party, Operational Resilience and OCIR
Credit Suisse
Gerard Doyle
Biography coming soon
Maya Goethals
Director, Compliance and Risk Management
Bank of America Merrill Lynch
Maya Goethals
Maya is an experienced professional focusing on Data Protection, Privacy Regulation and Regulatory Change. In her role as a Risk Manager in EPCOR Privacy, she works with the EMEA teams to manage the risk of regulatory changes and rulings and ensure risk management and compliance are across the forefront of BAC’s business operations.
Maya has over 10 years’ experience delivering security, regulatory and data protection projects across various industries including Investment Management and Retail Banking. She has acquired the skillset to effectively enable transformation within challenging business and IT environments, working with a multitude of technical, organisational and C-suite stakeholders.
Maya is a certified privacy professional and holds CIPP/E, CIPM, CIPT, CIPP/US, CIPP/A and CISSP certification. She holds a BSc in Business Economics and an MSc in Information management from Tilburg Business School.
Samikendra Gosh
Global Third-Party Risk Lead, Operational and Resilience Risk
HSBC
Samikendra Gosh
~20+ Years’ Experience – Seasoned and dynamic professional with core experience in operational risk and internal control across varied functional and operational roles involving Operational Risk Management, Supplier Risk / Third Party/ Vendor Management, Operations & Project Management, Business Management covering Strategy and Financial Forecasting. Extensive experience in Enterprise Risk Management and leading teams
Will Gray
Area Director Europe North
SecurityScorecard
Will Gray
Will Gray has 18 years experience in Security and Risk Management, primarily focused on bringing emerging technologies to market.
Having joined SecurityScorecard in 2018, when Cyber Risk Ratings was a nascent industry, he has seen a rapid rise in adoption of the concept which now underpins board reports, risk management discussions, supply chain security assessments and cyber insurance underwriting for 1000’s of organisations globally.
Julius Herfel
Head of Audit –International Regulatory & Second Line
BNY Mellon
Julius Herfel
Julius is Head of Audit at the Bank of New York Mellon (BNY Mellon) in London and in that role responsible for covering Risk Management, Compliance, Treasury, Capital Adequacy and Finance in the EMEA region, and Client Asset Safety globally. Before joining BNY Mellon in 2015 he worked at PwC in Luxembourg as Risk and Regulatory Consultant, specialised in Prudential Risk/ Basel III. Julius has a Master in Economics and Political Sciences, and holds both the Financial Risk Manager (FRM) as well as the Sustainability and Climate Risk (SCR) Certificate.
Gary Lock
Global Head of Third-Party Risk Management
Fidelity International
Gary Lock,
Biography coming soon
Anne McGowan
Head of Supplier Management, Governance & Risk
Lloyds Banking Group
Anne McGowan
Biography coming soon
Zuzana Rebrova
Head of Third Party Cyber Risk Management
Swiss Re
Zuzana Rebrova
Biography coming soon
Orlando Fernandez Ruiz
Senior Technical Specialist, Operational Resilience/TPRM, Prudential PolicyPartner
Bank of England (tbc)
Orlando Fernandez Ruiz
Biography coming soon
Brian Shaw
Director of Financial Services Sales
Mirato
Brian Shaw
Brian has automated risk and compliance for over 25 years, supporting hundreds of Fortune 500 and mid-market firms across all industries. Since 2011, Brian has focused on Third-Party Risk, Compliance and Performance Management for the Financial Services Industry, Master Data Management and Know your Customer (KYC) challenges. At Mirato, Brian serves as Director of Financial Services Sales, responsible for sales to Financial Services firms in North America and Europe.
Gemma Stewart
Global Head of Vendor Management
Zurich Insurance Company
Gemma Stewart
Gemma has worked in a variety of third-party management roles over 15 years including procurement transformation and IT portfolio management. Currently leading the group strategy for third party risk management which includes the risk policy, third party governance framework, and a GRC solution for automated risk management & reporting. Gemma and her team have spent the last 18mths implementing a globally consistent framework and system across 37 countries. A lean black belt with a passion for implementing efficient operating models and using IT solutions to simplify and automate third party risk management.
Saima Sabir
Group Head of Third-Party Risk Management & Outsourcing (2LOD)
Bank of Ireland Group
Saima Sabir
Saima is an industry recognised leader who specialises in Governance, Risk, Compliance and Global Business Transformations. Experienced in navigating at Board level acting as a presenter and advisor. Saima has worked within non-financial and Financial Services; helping Investment Banks, FMIs and Tech Companies achieve a balance between regulation, governance, and commercial results. Saima is currently the Group Head of Third Party Risk Management & Outsourcing (TPRM&O) within the second line of defence for the Bank of Ireland Group. Please visit Saima’s LinkedIn profile for further information.
David Sheridan
Global Chief Information Security Officer
Santander Corporate and Investment Banking
David Sheridan
Biography coming soon
Funke Uwaifo
Head of Outsourcing and Vendor Management
EFG Private Bank
Funke Uwaifo
Biography coming soon.
Jean-Francois Valette
CTPO EMEA
JPMorgan Chase & Co.
Jean-Francois Valette,
Biography coming soon.
Codee Woo
Strategic Supplier Risk Management
Legal & General
Codee Woo
Codee is a Strategic Supplier Risk Manager at Legal & General Investment Management (LGIM) and has 7 years’ experience in the financial services industry. Previously, Codee worked at PwC where she qualified as a Chartered Accountant and advised financial institutions on how to meet third party risk regulatory requirements, including framework design and implementation and supplier due diligence. Codee is also passionate about using technology to transform the way that we manage suppliers to obtain efficiencies and deeper data insights.
Would your organization like to partner with us on this event?
To discuss how we can deliver your thought-leadership at the event, help you generate leads, and provide you with unique networking and branding opportunities, please contact sales@cefpro.com or call us on +44 (0)207 164 6582 for more information.
2024 Sponsors
Co-sponsors
Aravo
Aravo delivers the market’s smartest third-party risk and performance management solutions, powered by intelligent automation. With Aravo, customers can work smarter, move faster, see clearer, and make better decisions about their extended enterprise – all in one place.
For more than 20 years now, Aravo’s combination of award-winning technology and unrivaled domain expertise has helped the world’s most respected brands accelerate and optimize their third-party management programs, delivering better business outcomes faster and ensuring the agility to adapt as programs evolve. Aravo is trusted by the world’s leading brands, helping them manage the risk and improve the performance of more than 5 million third parties, suppliers and vendors across the globe.
Mirato
Traditional TPRM solutions automate workflow; Mirato automates the manual work.
Mirato’s TPRM Intelligence Platform is an advanced Artificial Intelligence solution created and trained specifically to complete your TPRM assessments using your unique risk model and the information you already collect. The platform validates your controls with evidence and a complete audit trail.
Mirato’s Questionnaire Killer uses the same advanced technology to automatically pre-answer your unique due diligence questionnaires for your third parties and validate the answers with evidence for you. This reduces time, cost, pain, and effort for everyone.
Mirato makes no decisions but enables better human decisions faster.
NCC Group
With over 30 years’ experience, NCC Group is a world-leading Software Resilience provider ensuring the continued availability of outsourced business-critical software and data through our Escrow and Verification services. Our Software Resilience services enable businesses to easily prepare for, respond to and recover from disruption to third-party services, strengthening operational resilience and satisfying business continuity planning, regulatory compliance and supply chain risk management requirements.
Security Scorecard
SecurityScorecard is the global leader in cybersecurity ratings and the only service with millions of organizations continuously rated. Our mission is to make the world a safer place by transforming the way organizations understand, improve, and communicate cybersecurity risk to their boards, employees, and vendors.
SecurityScorecard’s patented rating technology is used by thousands of organizations for enterprise cyber risk management, third-party risk management, board reporting, cyber insurance underwriting, and regulatory oversight to meet compliance mandates; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their externally facing digital-footprint.
SecurityScorecard is the only provider of instant risk ratings that automatically map to vendor cybersecurity questionnaires and the largest ecosystem of integrations, providing a true 360-degree view of risk. But we don’t stop there. Through a customer-centric, solution-based commitment to our partners, we are transforming the digital landscape building a path toward resilience.
Shared Assessments
Shared Assessments will be sponsoring Vendor & Third Party Risk Europe
Associate sponsors
Certa
Certa are sponsoring CeFPro’s Vendor and Third Party Risk Summit 2024
Myriad
Myriad are sponsoring CeFPro’s Vendor and Third Party Risk Summit 2024
Content and media partners
CeFPro Connect
CeFPro Connect aims to connect industry experts through thought leadership content and timely news, written for the industry, by the industry. Gain unlimited access to CeFPro’s unparalleled library of resources including iNFRont Magazine, market intelligence reports, filmed presentations, insights Q&A’s, and much more.
Sign up for free.
iNFRont Magazine
iNFRont Magazine is a unique publication providing regular insight on the operational and non-financial risk (NFR) sector. Featuring contributions provided by leading industry figures and experts from around the world, iNFRont Magazine touches on the most critical themes and challenges currently affecting financial professionals.
Available to download for free.
Can I share my thought leadership at Vendor & Third Party Risk Europe?
Will there be opportunities to network with other attendees?
- Breakfast, lunch and refreshment breaks
- Drinks reception at the end of day-1
- Q&As, panel discussions, and audience participation technology
What is included within the registration fee?
Where can I find the Summit documentation and speaker presentations?
*Please note that our speakers often have to gain permission from their relevant compliance departments to release their presentations. On rare occasions compliance may not allow presentations to be distributed.
Will breakfast, lunch and refreshment be provided?
Are there any rules on dress code?
Register
Launch rate - Available until March 8
E.g. Bank, Insurance company, Asset manager, Regulator
E.g. Consultant, Vendor, Executive search firm, Law firm
Register for Vendor & Third Party Risk Europe today and join the likes of 150+ industry professionals and subject matter experts looking to engage in meaningful conversation and discuss the latest developments and challenges within the vendor and third party risk sector.
Register before March 8 to take advantage of our Launch rate.
Don’t miss out, we only have a limited number of tickets available.
Need assistance with your registration? Get in touch with us via email below, or call us on +44 (0)207 164 6582.
Prices do not include VAT
*To qualify for the preferential ‘early bird’ rates, registration must be received by the close of the ‘early bird’ working day, and payment can be made at the time of registering, or up to a week after registration is made an invoice sent. CeFPro reserves the right to increase rates should payment be delayed significantly. Should a delegate register at a rate that is inaccurate, CeFPro reserves the right to issue an additional invoice for the outstanding amount.