Michelle is a Third-Party Risk Management (TPRM) and Outsourcing Manager at Santander Corporate and Investment Bank (SCIB) where she manages the maintenance of a comprehensive Third-Party Risk policy framework in accordance with the Bank’s Risk Appetite, wider Group and Regulatory requirements. She has 7+ years’ experience in defining and implementing robust TPRM governance framework to meet regulatory expectations.

Michelle’s career spans across a range of risk management disciplines, including BC, Crisis Management and Operational Controls. She made significant contribution in supporting the establishment of a firm wide TPRM framework for the newly formed Banco Santander S.A London Branch, and now leads programmes that support maturing of the framework.

Outside of work, Michelle enjoys gardening, and has a passion for empowering young people. She holds a first class in International Business from Middlesex University, London Campus.

Ros Aryee is recognised as a thought leader on Operational Resilience and Third-Party Risk Management. Coming from an Engineering background, she has over 20 years’ experience in defining and transforming governance frameworks to mitigate operational risks. Her career has spanned various financial organisations including the Bank of England, Lloyds Banking and Standard Chartered Bank where she has held senior management roles both locally and internationally across BCM, TPRM, IT SCM, Crisis Management, Operational Risk and Compliance.
In her current role, as an Executive Director at the Santander London branch, she heads up the TPRM & Outsourcing and Operational Resilience functions and is accountable for embedding a framework to meet both EU and UK regulatory expectations.
Ros is a Certified Third-Party Risk Professional and holds a BSc in Electrical and Electronic Engineering, and a post graduate diploma in BCM. Outside work she serves as a committee member on the City of London Police Advisory Group and on the steering board for the on the TPRM Shared Assessment PSC to support and provide thought leadership. She also works with local church groups in her community to mentor disadvantaged youth in the BAME Community.

Joe runs Procurement, Supplier Management and Supplier Risk for Metro Bank, having set up the team six years ago.  He has a broad range of previous experience across sectors including engineering, construction, consulting, education and design.

I obtained a degree in Law with the dream to bring change, drive innovation and argue my views. After completing law school, I realised that was certainly not the career for me. I signed up to an internship programme in New York and worked on the world’s largest trading floor – UBS Stamford Connecticut. This is where I found my passion for Banking. Following this I worked at Barclays, KPMG and joined HSBC 6 years ago. In these 6 years I have developed specialist knowledge in Vendor management, Third Party Risk and now focusing on building a Supplier Management framework for the Bank. The Supplier landscape is forever changing, but what interests me the most is how we can leverage our relationships to better advance our Sustainability goals. I am actively involving in a number of coaching and mentoring programmes as well as running a Diversity and Inclusion working group.

Rogier Binsbergen is responsible for the commercial strategy and business development across multiple industry sectors for KY3P® in EMEA at S&P Global Market Intelligence.

Prior to joining S&P Global Market Intelligence, Rogier was a Director at PwC based in Amsterdam and Milan. Rogier is an experienced and trusted advisor to a wide range of globally significant financial institutions and has a broad background in Finance and Risk Management. He has advised and supported a large variety of international clients in the development of their risk strategy, risk appetite, operational processes, and new technology.

In his last role at PwC, he was responsible for managing the Non-Financial Risk Management practice where he led the propositions on Operational Risk & Resilience, Technology & Cyber Risk, Supply Chain & Third-Party Risk, Crypto and ESG. Also, Rogier led multiple international engagements in the Financial Risk and Modelling domain, focusing on Credit Risk and Capital and Liquidity Management.

Before joining PwC, he was active in various Risk Management and ALM related roles for leading financial institutions like ABN AMRO, American Express and APG Asset Management.

Rogier holds a MSc in Business Administration from the Vrije Universiteit Amsterdam and is a certified Financial Risk Manager (FRM®) by the Global Association of Risk Professionals.

Originally a big 4 cyber risk consultant Haydn experienced the day to issues that came with running a supply chain assurance programme. He found that current programmes actively caused clients and their suppliers’ headaches. These pain points led him to found Risk Ledger. Risk Ledger is a technology platform that combines a security governance platform with a secure social network. In the last couple of years, Risk Ledger has gone from strength to strength, receiving 2.1 million in seed funding, winning the Cyber Den/Most Innovative Cyber Company Award and being named as one of Forbes’ Tech Champions of 2022.

Matthew joined Direct Line Group in 2016 as Head of IT Third Party Oversight
where he oversees activities of the Third Party Assurance and PCI Compliance teams. Third Party Assurance focusses on ensuring the operational resilience and security  of DLG’s supply chain and the PCI Compliance team ensures DLG maintains daily compliance to PCI Data Security Standard and conducts the annual PCI DSS assessment.Previously Matthew was a Qualified Security Assessor at Gemserv Ltd, where, as Principal Consultant, he delivered Cyber Security consultancy and PCI assessments for merchants and service providers in a variety of industries.

An Alumni of De Monfort University & London Metropolitan University, Demond is a seasoned Third-Party Risk Management Lead as well as a specialist in Supplier Relationship Management. He has worked both in the Public and Private sectors gaining foundational experience at London Underground over a 17 year career. He has also worked for Deutsche Bank, HSBC and now with Barclays.

With over twenty years experience in procurement and supply chain within the Financial Services sector, Dan has successfully led the strategy, transformation and operation of third party risk management across three global banks in the last 14 years (Barclays, HSBC and Deutsche Bank). Now an advisory consultant on the topic, Dan continues to support both FS and non-FS clients with establishing sustainable solutions across both first and second lines of defence.

Mike is Head of UK&I Third Party Management at RSA Insurance. Joining in March 2017 to focus on identifying and unlocking global IT Procurement opportunities and increasing collaboration between regions on procurement initiatives, he moved into Third Party Management in 2019 to implement a new programme and has subsequently run the function since. Mike is currently running the TPMv2 project to enhance the processes and frameworks to meet the new regulatory requirementsPrevious to joining RSA Mike has held senior IT Procurement and Third Party Risk roles across a number of sectors, including roles at Zurich Insurance, EY, Morgan Stanley, Inmarsat and O2. He was the European lead for setting up the global Morgan Stanley Supplier Risk process in 2009/10Mike is married with three children but still finds time to enjoy playing football and cricket – the rest of his time is spent on family crowd control.

Alex is Head of Supply Chain Risk for Lloyds Banking Group (LBG), responsible for ensuring that the supplier onboarding & management frameworks drive effective risk management and regulatory compliance. Alex has worked with LBG for 10 years, and has over 20 year experience in Sourcing and Supply Chain Risk.

With over 20 years banking and risk management experience working across the financial industry, including Bank of Scotland, Barclays and currently with the NatWest Group, Joanne is an industry expert on all aspects of Third Party Risk Management and Outsourcing regulatory requirements. In her current role she is the Risk lead for NatWest on all outsourcing matters working with external and internal outsourcing central teams on their business strategy, processes and control environment to ensure they operate within the bank’s risk appetite and meet regulatory expectations. As a purpose-led business NatWest fosters strong relationships with all key stakeholders across their supply chain.

Penny has over 20 years of experience in third party management and outsourcing. She has helped a number of large international Banks, investment management and insurance firms stand-up, operationalise, or streamline existing programs to increase value or remove cost.

Penny has also led the build out of our full TPRM capability across both advisory and execution managed services (EMS). Penny has a wealth of experience of both Third Party Risk and transitioning the management of complex, global services and supply chains.

Will Gray has 18 years experience in Security and Risk Management, primarily focused on bringing emerging technologies to market.
Having joined SecurityScorecard in 2018, when Cyber Risk Ratings was a nascent industry, he has seen a rapid rise in adoption of the concept which now underpins board reports, risk management discussions, supply chain security assessments and cyber insurance underwriting for 1000’s of organisations globally.

Hasintha Gunawickrema is currently the Chief Control Officer for HSBC UK Wealth and Personal banking. Over her 17-year career in Financial Services, she has worked with markets across Europe and Asia. She is currently reading for an Executive Leadership program with Harvard Business School and is also a qualified accountant.
Hasintha has led large scale business, digital and culture transformational programs to deliver better customer outcomes, improve operational excellence and drive effective risk management.
Hasintha is passionate in coaching and mentoring and has a large mentee base across Europe and Asia. She is back in the UK after a successful stint in India as the COO for Wealth and Personal Banking for HSBC. During her time in India, Hasintha was engaged in supporting charities that are focused on educating less privileged girls.  She is passionate in supporting colleagues and customers who are disadvantaged due to their physical abilities, mental health challenges and neurodiversity. She is the Diversity and Inclusion Ability lead for Global Wealth and Personal Banking in HSBC.
Hasintha leads the ‘Data driven risk management’ agenda to support businesses deliver sustainable growth and meet customer needs effectively.

Sundeep leads PA Consulting’s Third Party Risk Management capability for Financial Services. With over 20 years experience, Sundeep has significant experience in working with boards and executive committees, bringing deep experience in delivering programmes against evolving regulatory expectations.

Edit König-Bihari is a business strategist with 20 years of experience combining sustainability, strategic sourcing and compliance mindset in the financial industries. Currently working at Danske Bank Group, Edit is responsible for building up the Group’s sustainable supply chain focusing on ESG risk, sourcing strategies and change management which enables the transformation. Edit holds an MBA from Technology University in Budapest and a master education in sustainability from the Norwegian BI Business School.

Since CyberVadis creation Thibault Lapédagne has been at the heart of the cybersecurity assessment department. Having his professional background in consulting (Wavestone) he created the CyberVadis reference model and the processes to assess a company’s cybersecurity performance. Today he manages an international team of cybersecurity experts responsible for all assessment operations. Thibault Lapédagne participates in cybersecurity events as a keynote speaker to raise awareness on the importance of third-party cybersecurity risk assessments and CyberVadis methodology.

Merlin Linehan is a Risk Manager at the European Bank for Reconstruction & Development (EBRD), working across Crisis management and business resilience. Merlin has supported the Bank through a number of major geopolitical and IT events including Covid, Ukraine and Log4j. Merlin is also a regular contributor to publications such as Frontera, PRMIA and Risk Screen and others covering geopolitics, risk and technology. He has also appeared in various media outlets including the FT, BBC and Global Capital commenting on China’s global role and emerging markets

Hannah MacDonald is a seasoned IT, procurement, and risk management specialist with over 20 years of experience in the technology sector. She has worked with renowned organizations like the National Trust and Just Eat, and currently leads the Procurement and Third-Party Risk team at Monzo, one of the UK’s leading banks.

Joining Monzo as a founding team member over 5 years ago, Hannah’s passion lies in collaborating with high-growth, tech-native companies focused on delivering exceptional and innovative customer experiences.

Biography coming soon.

Anne is Head of IT Supplier Management , Governance and Risk at Lloyds Banking Group (LBG), leading a large team of 37 professional Supplier Managers who manage 330 of the most important technology suppliers.

This reliance on technology suppliers, in support of the delivery of LBGs Technology Strategy, has grown exponentially with the trajectory continuing.

Recognising that we can’t stand still in the face of environmental disruption in the supply chain eg geopolitical tensions, soaring inflation and potential supplier financial instability, climate concerns and increasing dependency on technology suppliers, Anne has led a significant project to transform Supplier Management.

The project initiatives have released capacity, focused colleagues on value and innovation, ensuring our customers receive the best service with the lowest risk.

Previously, as the Lead of LBG’s central Assurance Team, Anne successfully shaped the framework and delivered the assurance plan for critical suppliers across the various business divisions.

An accomplished leader, Anne has extensive experience in senior roles in Third Party Risk Management, and Management roles across Insurance and Retail channels

Andrew Moyad is the Chief Executive Officer of Shared Assessments.
Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.
Most recently, Andrew served as Senior Vice President, Vendor Risk Management at Blackstone, where he led a team of risk professionals responsible for overseeing all phases of the vendor lifecycle at the firm, including risk assessments, control diligence, contract reviews, financial checks, performance monitoring, issue tracking, and management reporting. Prior to Blackstone, he served as a director and global head of vendor risk management and BlackRock and Senior Vice President for Citigroup, where he was a Business Information Security Officer in Global Fixed Income and led third party risk assessments for several years.
Andrew holds a Bachelor of Arts Degree in Natural Sciences from Harvard University and a Master of Science Degree in Information Systems from the Stevens Institute of Technology.

Rizwan Nazir is a Director in PwC’s Resilience & Risk Management Practice in London. He has 20 years of consulting experience delivering a range of third party risk management (TPRM), technology risk, cyber security, and assurance related services to large global financial services (FS) clients.

Rizwan specialises in leading global TPRM programmes and has led several major initiatives across the FS market. He has helped to design, implement, operationalise, standardise, and optimise complex TPRM initiatives across a range of firms. He is also responsible for leading and overseeing PwC’s TPRM delivery portfolio across the firm’s clients and the market, helping to drive growth and create value in the most challenging environments.

Anders Norremo is an entrepreneur and company builder. He currently serves as the VP of Third Party Risk Products at Bitsight. He previously was the founder and CEO of ThirdPartyTrust, a third-party risk management SaaS, and led the company into a successful merger with Bitsight.

Anders has over 15 years of experience in information security and technology. His expertise in identifying trends and building solutions has contributed to solving the industry problem of a vulnerable supply chain by streamlining third-party risk assessments and security reviews for enterprises and their vendors.

In his role as Regulatory Compliance Solutions Lead, Wayne manages NCC Group’s relationships with the global financial services regulators. This involves co-writing NCC Group’s consultation paper responses relating to third-party risk management, supply chain risk and operational resilience, as well as ensuring its products meet global regulatory requirements. Much of Wayne’s time is spent advising systemic financial institutions and their suppliers on how to build “demonstrably successful stressed exit plans” as instructed by the PRA.

Brian has worked in business process automation targeting risk and compliance for over 25 years, supporting hundreds of Fortune 500 and mid-market firms across all industries. Since 2011 Brian has focused on Third-Party Risk, Compliance and Performance Management for the Financial Services Industry, as well as Master Data Management and Know Your Customer (KYC) challenges. At Mirato, Brian serves as Director of Financial Services Sales, responsible for sales to financial services firms in North America and Europe.

Biography coming soon.

Gemma has worked in a variety of third-party management roles over 15 years including procurement transformation and IT portfolio management. Currently leading the group strategy for third party risk management which includes the risk policy, third party governance framework, and a GRC solution for automated risk management & reporting. Gemma and her team have spent the last 18mths implementing a globally consistent framework and system across 37 countries. A lean black belt with a passion for implementing efficient operating models and using IT solutions to simplify and automate third party risk management.

Nikki serves as a GRC Cloud Specialist, Strategic at OneTrust, the Trust Intelligence Platform, unlocking every company’s value and potential to thrive by doing what’s good for people and the planet. OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture. In her role, Nikki supports the OneTrust GRC & Security Assurance Cloud where she advises companies on how to analyze risk, scale compliance, and reinforce governance to uphold trusted business operations. Nikki earned a MBA in Business Strategy from the University of Hertfordshire and holds a CTPRP and GRCP certification.

Shabbir is an Operational Risk Control professional with a blend of Risk management and Digital Transformation experience. He currently leads the second line’ oversight of Technology, Cyber and Third-party risk at Handesbanken plc. In the past he has worked with KPMG for over 10 years in wide range of roles across its offices in the UK, India and Southern Africa. He is passionate about simplifying risk management and actively champions use of technology to enhance risk processes within the organisation using GRC and advanced technologies. Shabbir is an IT Engineer by qualification and holds professional certifications Certified in Operational Risk Management (CORM), Certified Information Systems Auditor (CISA), ISO 27001, Privacy Lead Auditor and PRINCE2 professional. 

Eustathios is the Commercial Lead for KY3P data, framework and regulatory initiatives. He joined S&P Global from the Prudential Regulation Authority – part of the Bank of England where he was the Head of Integrated Operational Risk & Resilience in the Supervisory Risk Specialists Directorate.

He has experience in leading multidisciplinary teams across financial and operational resilience responsible for policy design, implementation and regulatory operationalisation, which includes the UK’s Operational Resilience policy. In addition, Eustathios has led the PRA’s risk modelling and analytics teams having developed the first concurrent stress test and having led numerous modelling and data initiatives for supervisory and financial stability purposes. Eustathios has in-depth exposure to regulation, central banking, retail and wholesale banking having worked in Europe and North America.

Eustathios holds an Executive MBA from the University of Exeter (UK), a Master’s degree in Finance and Econometrics from Concordia University (Montreal, Canada) following an honours Economics Bachelor’s degree from Carleton University (Ottawa, Canada).

Ian is a Director in the PwC UK Financial Services practice, with 13 years experience in third party risk management (TPRM), cybersecurity, and assurance.

Ian has worked extensively with a number of the world’s leading financial institutions and has helped design, implement, and optimise third party risk management programmes in complex and distributed environments. He has helped a number of large international Banks and Investment Management firms stand-up, operationalise, or streamline existing programs in order to increase value or remove cost. He leads PwC’s EMEA-wide TPRM centre of excellence, ensuring standards and methodology are consistently applied and delivered.

Ian also has significant experience with the broader non-financial risk agenda, delivering advisory and regulatory driven engagements around cybersecurity, technology, resilience, and privacy.

Andrew is Head of TPRM Product at Thomas Murray, where he has served in a range of technology and product roles for over 20 years. He has also developed several of the firm’s analytical products, including operational benchmarking services and risk assessment methodologies for financial service providers ranging from traditional securities services to digital asset custodians and exchanges, and as Chief Administrative Officer he created and oversaw some of the company’s own risk policies. He has an MBA from the UCLA Anderson School of Management and an MA from the University of St Andrews.

Mirato’s TPRM intelligence platform elevates existing TPRM programs and tools by streamlining an entire operation’s data into one smart platform. Using natural language processing (NLP) and advanced artificial intelligence (AI), Mirato validates and enriches this data, turning it into actionable insights. What was previously multi-destination, manual-intensive labor is now replaced by the Mirato platform and is easily managed from one dashboard. This saves time and money (up to 60% of assessment cost) while increasing an organization’s ability to mitigate risk in an ever-evolving risk landscape.

NCC Group will be sponsoring CeFPro’s Vendor & Third Party Risk Summit 2024

Myriad are sponsoring CeFPro’s Vendor and Third Party Risk Summit 2024

CeFPro Connect aims to connect industry experts through thought leadership content and timely news, written for the industry, by the industry. Gain unlimited access to CeFPro’s unparalleled library of resources including iNFRont Magazine, market intelligence reports, filmed presentations, insights Q&A’s, and much more.
Sign up for free.

iNFRont Magazine is a unique publication providing regular insight on the operational and non-financial risk (NFR) sector. Featuring contributions provided by leading industry figures and experts from around the world, iNFRont Magazine touches on the most critical themes and challenges currently affecting financial professionals.
Available to download for free.