and third party risks and complying with enhanced regulatory requirements
and third party risks and complying with enhanced regulatory requirements
Why should you attend?
Come and join CeFPro® as we proudly launch our 10th Edition Vendor and Third Party Risk Summit in the City of London June 12-13th 2024. Selling out yearly and highly anticipated, Vendor & Third Party Risk Europe is the must-attend conference for TPRM professionals to extend their knowledge on how to manage, mitigate, and navigate risks down your supply chain.
Gain insight from 25+ TPRM professionals as they delve into key challenges being faced within the industry through in-depth presentations and lively panel discussions. From evolving regulations in the environment to the implementation of AI into supply chains, our carefully curated agenda can assist with ensuring best practices and augmenting your knowledge of potential risks on the horizon.
Key highlights for 2024
- DORA:
Approaches to managing EU DORA implementations and timelines
- CRITICAL THIRD PARTY:
Managing critical third party regimes to align with operational resilience
- EXIT PLANS:
Enhancing exit plans to align with regulatory expectations
- CYBERSECURITY:
Managing cybersecurity risks in the supply chain and identifying weaknesses
- 4TH PARTIES:
Holistic view down the supply chain to enhance security
- INTRAGROUP ARRANGEMENTS:
Developing best practice to manage intragroup arrangements
- AI:
Exploring usage of AI within TPRM and developing approaches to manage supply chains
- GEOPOLITICAL RISKS:
Impact of geopolitical risks and manage the impacts as they evolve
Hear from subject matter experts and industry front-runners
Join us for an engaging, timely and carefully curated agenda across 2-days
Join us for an engaging, timely, and carefully curated agenda across 2-days. Our agenda ensures a deep dive into Vendor & Third Party Risk Management through presentations, panel discussions, and live Q&A’s.
Learn from our line-up of industry thought leaders as they share their expertise
Learn from our line-up of industry thought leaders as they share their expertise. Gain insight and knowledge from 30+ subject-matter experts and return to your department with actionable ideas and best practices.
Continue conversations with our 7+ hour networking opportunity.
Continue conversations with over 7 hours of networking. Benefit from 6 networking breaks across the two days, plus a complimentary drinks reception. Continue discussions beyond the auditorium and create industry connections.
Key speakers
Gerard Doyle,
EMEA Head of Third Party Management and Procurement
SMBC Bank
Gemma Stewart
Global Head of Vendor Management
Zurich Insurance Company
Gary Lock
Global Head of Third Party Risk Management
Fidelity International
Jean-Francois Valette
CTPO EMEA
J.P Morgan
Zuzana Rebrova
Head of Third Party Cyber Risk Management
Swiss Re
Saima Sabir
Group Head of Third Party Risk Management & Outsourcing (2LOD)
Bank of Ireland Group
Maya Goethals
Director, Compliance and Risk Management
Bank of America Merrill Lynch
Jean-Marc Boulo
Director, Head of Global Sourcing & Procurement UK
Credit Agricole
Sophie Bishop
Head of Supplier Relationship Management
Legal & General
Samikendra Gosh
Global Third Party Risk Lead, Operational Resilience Risk
HSBC
Session previews and related insights
Get an insight of what to expect from the Summit with our past and present speaker session previews.
Evolving TPRM strategies to align with regulatory change and ensure security across supply chains
Evolving TPRM strategies to align with regulatory change and ensure security across supply chains Maya Goethals, Director, Compliance and Risk Management, Bank of America Merill Lynch Below is an insight into what can be expected from Stefano's session at Risk Evolve 2024. {{ vc_btn: title=Find+out+more+about+CeFPro%27s+Risk+Evolve+2024&style=outline-custom&outline_custom_color=%23001c64&outline_custom_hover_background=%23001c64&outline_custom_hover_text=%23ffffff&link=url%3Ahttps%253A%252F%252Fwww.cefpro.com%252Fforthcoming-events%252Frisk-evolve%252F }} The views and opinions expressed in this article are those of the
Staying vigilant: 7 practical tips for ongoing TPRM monitoring
Staying vigilant: 7 practical tips for ongoing TPRM monitoring Matthew Moog, General Manager, Third-Party Risk Management, OneTrust Below is an insight into what can be expected from Matt's session at Third Party & Supply Chain Risk USA 2023. {{ vc_btn: title=Find+out+more+about+Third+Party+%26amp%3B+Supply+Chain+Risk+USA&style=outline-custom&outline_custom_color=%23d51224&outline_custom_hover_background=%23d51224&outline_custom_hover_text=%23ffffff&link=url%3Ahttps%253A%252F%252Fwww.cefpro.com%252Fforthcoming-events%252Fthird-party-supply-chain-risk%252F }} The views and opinions expressed in this article are those of the thought leader
Gaining visibility across suppliers and subcontractors and enhancing resilience
Gaining visibility across suppliers and subcontractors and enhancing resilience Sara Ricci, Information Risk Governance and Resilience Executive, HBC Below is an insight into what can be expected from Sara's session at Third Party & Supply Chain Risk USA 2023. {{ vc_btn: title=Find+out+more+about+Third+Party+%26amp%3B+Supply+Chain+Risk+USA&style=outline-custom&outline_custom_color=%23d51224&outline_custom_hover_background=%23d51224&outline_custom_hover_text=%23ffffff&link=url%3Ahttps%253A%252F%252Fwww.cefpro.com%252Fforthcoming-events%252Fthird-party-supply-chain-risk%252F }} The views and opinions expressed in this article are those of the thought
Human trafficking and exploitation risk exposure
Human trafficking and exploitation risk exposure Christopher Kemp, Senior Operations Manager, Anti-Human Trafficking Intelligence Initiative Below is an insight into what can be expected from Christopher's session at Third Party & Supply Chain Risk USA 2023. {{ vc_btn: title=Find+out+more+about+Third+Party+%26amp%3B+Supply+Chain+Risk+USA&style=outline-custom&outline_custom_color=%23d51224&outline_custom_hover_background=%23d51224&outline_custom_hover_text=%23ffffff&link=url%3Ahttps%253A%252F%252Fwww.cefpro.com%252Fforthcoming-events%252Fthird-party-supply-chain-risk%252F }} The views and opinions expressed in this article are those of the thought leader as an
Take a look at what was said at last year's event
A fantastic couple of days at Vendor & Third Party Risk Europe. Great to connect with so many new faces and a few familiar ones too.
Brilliant atmosphere at today’s conference on Vendor & Third Party Risk. Privileged to have been invited to share my thoughts…
[Vendor & Third Party Risk Europe] was a great opportunity to engage with others and share thoughts on best practice in TPRM. As always, CeFPro arranged a wide variety of presentations and panel discussions which saw interesting discussions…
[Vendor & Third Party Risk Europe was] an absolute pleasure to speak on two panels… A fantastic opportunity to share knowledge.
Would your organization like to partner with us on this event?
To discuss how we can deliver your thought-leadership at the event, help you generate leads, and provide you with unique networking and branding opportunities, please contact sales@cefpro.com or call us on +44 (0)207 164 6582 for more information.
2024 Sponsors
Co-sponsors
Associate sponsors
Content and media partners
Agenda
8:00 – 8:50
Registration and breakfast
8:50 – 9:00
Chair’s opening remarks
9:00 – 9:35
REGULATION
Balancing compliance with risk management in an increasingly complex regulatory environment
View Session Details
- Reviewing the regulatory landscape over the next 2 years
- Aligning business processes with regulatory expectations
- Alignment with risk tolerance and appetite
- Future-proofing supplier relationships to meet regulation
- Understanding impact of regulation on the organization
- Aligning increasing regulatory requirements
- Operational resilience, cyber resilience, NIST, EU AI Act, GDPR etc.
- Minimum requirements to ensure alignment with all changes
- Managing variations in templates and reporting expectations
- Prioritizing changes and expectations
|
Gerard Doyle, EMEA Head of Third Party Management and Procurement, SMBC Bank |
9:35 – 10:20
EXIT PLANS – PANEL DISCUSSION
Advancing exit plans aligned with current and future expected regulatory requirements
View Session Details
- Developing stressed and unstressed exit plans
- Determining what is proportionate
- Exit plans at service level for organizations providing multiple services
- Reviewing expectations for cloud service providers
- Identifying gaps on service and impact to customer
- Reviewing timelines for compliance and benchmarking progress
- Documenting all services and reliance of third party
- Leveraging expertise internally and within suppliers
- Updating contracts to include stressed exit plan provisions
- Managing the practical realities of supplier failure
- Monitoring financial stability of third parties
- Setting risk appetite for supplier or service outages
- Minimizing duplication of work for bank wide vs individual third party exit plans
|
Jean-Marc Boulo, Director, Head of Global Sourcing & Procurement UK, Credit Agricole |
|
Anne McGowan, Head of Supplier Management, Governance & Risk, Lloyds Banking Group; Third Party Risk Management Advisory Board member, CeFPro |
|
Anita Barber, VP, Supplier Management, HSBC; Third Party Risk Management Advisory Board member, CeFPro |
10:20-10:50
Morning refreshment break and networking
10:50 – 11:25
Organizations Rely on an Increasing Number of Third Parties for Business Operations
View Session Details
- Session details to be confirmed
|
Will Gray, Area Director Europe North, SecurityScorecard; Third Party Risk Management Advisory Board member, CeFPro |
11:25 – 12:00
CRITICAL THIRD PARTIES
Reviewing future treatment of critical third parties as regulated entities
View Session Details
- Defining critical third parties in line with regulatory requirements
- Implementing legislation within timelines
- Managing cost and reporting implementation
- Implementing in a proportionate way
- Identifying potential concentration or systemic risk
- Management of critical services that don’t meet the definition of outsourcing
- Potential to increase efficiency in the industry with pooled information
- Impact of frequency of reporting and granularity of data
- Implementing expectations into an efficient process
|
Senior expert, Bank of England |
12:00 – 12:35
AI
Explore the use of artificial intelligence within TPRM
View Session Details
- Consider how AI should and should not be used within TPRM
- Review the practical application through real-world use cases
- Assess the impacts and benefits for you and your third parties
- Identify the roles and functions that will be affected
- Evaluate the risks of implementing AI into TPRM
|
Brian Shaw, Director of Financial Services Sales, Mirato |
12:35 – 1:35
Lunch break and networking
1:35 – 2:20
DORA – PANEL DISCUSSION
Reviewing practical implementation approaches for EU DORA regulation and regional variations
View Session Details
- Working with suppliers in order to meet requirements
- Reviewing global operational resilience requirements
- Managing vast scale of change
- Undertaking gap analysis to define expectations
- Enhancing inventories and controls
- Managing additional governance and documentation requirements
- Centralizing teams and assessments at a group level
- Enhancing relationship management with single point of contact
- Reviewing impact to fintech companies: How are fintech’s adopting the new requirements
|
Sophie Bishop, Head of Supplier Relationship Management, Legal & General |
|
Mihaela Breg, Head of Operational Resilience & Third Party Oversight, Europe Arab Bank |
2:20 – 2:55
GETTING SERIOUS ABOUT TPRM IN AN UNSTABLE WORLD
Assessing the results of Aravo’s third party risk maturity survey and report
View Session Details
- Review overall survey results and what they mean for the industry
- Determine the current maturity of TPRM programs in the marketplace and why it may be a concern
- Identifying critical elements for maturing and enhancing TPRM programs
- Understanding the strategic value of investing in a competent, adaptable, and resilient TPRM program
- Examining how leadership defines performance, priorities, and next steps
- Assessing the measurability and impact of mature TPRM programs on the business
|
Adelani Adesida, Senior Sales Director, Aravo Solutions |
2:55 – 3:30
CONTINUOUS MONITORING
Enhancing continuous monitoring processes for a holistic and real time view of risk
View Session Details
- Tools for continuous and online monitoring
- Managing and monitoring tools
- Alerts to monitor all third parties
- Monitoring SLAs and compliance
- Building in operational resilience
- Online monitoring for real time global updates
- Developing a holistic view of supply chain
- Reviewing tools and capabilities
|
Carlos Colino, MD, Global Head of Third-Party Risk Management, Santander Corporate and Investment Bank |
3:30 – 4:00
Afternoon refreshment break and networking
4:00 – 4:35
DUE DILIGENCE
Enhancing due diligence and assessment practices to obtain and develop actionable insights
View Session Details
- Protecting reputation through effective due diligence
- Conducting due diligence down the supply chain
- Assurance requirements for 4th to Nth parties
- Monitoring for conflict of interest breaches
- Validating due diligence questionnaires
- Determining the right level of risk assessment and due diligence for third party arrangements
- Reviewing due diligence processes and action on risk and issues identified
- Demonstrating effective monitoring and remediation of risks
- Due diligence for organizations needed for immediate strategic benefit
- Minimizing process time for faster turnaround
- Managing vendor overload
- Industry collaboration opportunities to streamline processes
- Reducing manual collection of data and information
|
Codee Woo, Strategic Supplier Risk Management, Legal & General; Third Party Risk Management Advisory Board member, CeFPro |
4:35 – 5:20
RISK CONVERGENCE – PANEL DISCUSSION
Increasing collaboration across teams to monitor risk across the lifecycle
View Session Details
- Distinguishing primary risk from cascading or downstream risk
- Increasing collaboration and communication across risk teams
- Ensuring an integrated approach
- Identifying, tracking and managing risks
- Moving from activity to risk based metrics
- Enhancing governance by focusing on risk over activity
- Gaining support from the business and effective tone from the top
- Developing a holistic third party risk management reporting program
- Integrating dashboards across third party risk
- Bringing all data into one place for third party risk management
|
Samikendra Gosh, Global Third-Party Risk Lead, Operational and Resilience Risk, HSBC |
|
Gary Lock, Global Head of Third-Party Risk Management, Fidelity International |
|
Alex Dorlandt, Head of Supply Chain Risk Management, Lloyds Banking Group; Third Party Risk Management Advisory Board member, CeFPro |
|
Simon Shepherd, Managing Director, MYRIAD Group Technologies Ltd |
|
Natalie Druckmann, VP Sales, EMEA, Certa |
5:30-5:30
Chair’s closing remarks
5:30
End of day one and networking drinks reception
8:00 – 8:50
Registration and breakfast
8:50 – 9:00
Chair’s opening remarks
9:00 – 9:45
GEOPOLITICAL RISK – PANEL DISCUSSION
Reviewing implications of geopolitical tensions to supply chains and future proofing business strategies
View Session Details
- Maintaining oversight of restrictions and impact to third parties
- Considering geopolitical risk when working with new suppliers
- Approaches to assess the geopolitical risks for proactive management of risk
- Developing and testing business continuity arrangements
- Interconnected nature of risk and compliance
- Reviewing sanctions regimes in jurisdictions and data privacy
- Uses of AI in monitoring geopolitical risks
- Developing a forward looking strategic view of TPRM
- Reviewing supply chain dependencies as a result of long term horizon risks
- Scenario planning for geopolitical changes
- Exploring impacts across the supply chain and resilience
|
Joanne Emmerson, Head of Third Party Risk Management Oversight, NatWest |
|
Industry Expert, LEMA.AI |
|
Maya Goethals, Director, Compliance and Risk Management, Bank of America Merrill Lynch; Fintech Advisory Board member, CeFPro |
|
Saima Sabir, Group Head of Third-Party Risk Management & Outsourcing (2LOD), Bank of Ireland Group |
9:45 – 10:20
ESG
Monitoring supply chains to ensure adherence with internal ESG goals and standards
View Session Details
- Evaluating ESG risks in third-party relationships
- Strategies for ensuring ESG Compliance of suppliers
- The importance of reporting
- Using TPRM to manage our own ESG commitments
- Case study of how inadequate consideration of ESG can negatively impact outsourced processes and TPRM
|
Julius Herfel, Head of Audit –International Regulatory & Second Line, BNY Mellon |
10:20 – 10:50
Morning refreshment break and networking
10:50 – 11:15
RESILIENCE
Driving resilience in third party and supply chain risk management
View Session Details
Evaluate: Review links between resilience and third party risk
- Understand downstream and upstream impacts
- Inventory IT assets and linking to service
- Review resilience regulations
Plan: Create strong vendor relationships
- Communicate risk appetite and monitoring activities
- Outreach plan to resolve incidents
Execute: Develop maturity in resilience practices
- Translate impact tolerances into something measurable
- Enhance industry collaboration
|
Andrew Moyad, CEO, Shared Assessments |
11:25 – 12:00
CONCENTRATION RISK
Gaining a full view of concentration risk: Minimizing and monitoring geographic and organization concentrations
View Session Details
- Varying nature of concentration risk
- Identifying company and jurisdictional concentrations
- Monitoring geopolitical risk and impact to supply base
- Approaches to map data to identify concentration risk
- Tools available to map data
- Increased concentration in areas with heightened geopolitical tension
- Collecting data to visualize concentration
- Leveraging data to inform sourcing decisions
|
Gemma Stewart, Global Head of Vendor Management, Zurich Insurance Company |
12:00 – 12:35
4TH PARTIES
Gaining a holistic view of supply chain and ensuring security of processes and services
View Session Details
- Leveraging tools to monitor vulnerabilities across the supply chain
- Understanding impact of security incidents across the supply chain
- Gaining confidence from third parties
- Identifying impacts of nth party breaches
- Managing security with complex supply chains
|
Zuzana Rebrova, Head of Third Party Cyber Risk Management , Swiss Re |
12:35 – 1:35
Lunch break and networking
1:35 – 2:10
SaaS
Enhancing security around SaaS and identifying vulnerabilities across suppliers
View Session Details
- Reviewing security across the supply chain and software security
- Vulnerabilities when buying and using Software as a Service
- Security with increased adoption of technology
- Heightened use of cloud and migration of applications or systems
- Developing a clear inventory of software
- Managing risks with greater use of cloud
- Alignment of contingency and exit planning for cloud service providers
|
Jean-Francois Valette, CTPO EMEA, JPMorgan Chase & Co. |
2:10 – 2:45
CYBERSECURITY
Understanding increased cyber risk with complexity in supply chains and increased use of ransomware
View Session Details
- Identifying weaknesses in vendor systems
- Understanding end to end supply chain
- Interaction and oversight of fourth parties
- Tracking data across supply chain
- Threat modeling to understand how the service works
- Understanding global landscape and increased geopolitical risk
- Developing strong monitoring, assessment and contract clauses
- Inclusion of cyber security clauses
- Future of cyber security agency for critical third parties
- Aligning programs with consumer duty to keep customers at the center
- Ensuring third party systems are as robust as internal systems
2:45 – 3:20
DATA
Developing centralized and aggregated data processes to better use of available data
View Session Details
- Leveraging compliance data from third party assessments and due diligence
- Monitoring threat intelligence to identify vulnerabilities
- Integrating other parts of the business into vendor management analysis
- Collecting data on vendor performance
- Approaches to collect the right data to satisfy regulatory requirements
- Maintaining data in a centralized and structured platform
- Accessibility for regulatory reviews
- Developing a data consolidation and remediation program
- Reviewing tooling available to manage data
- Capturing information and connectivity between different sources
- Structuring and cleansing data for a consolidated view of key attributes
- Developing proactive and preemptive data metrics and insights
3:20 – 3:50
Afternoon refreshment break and networking
3:50 – 4:25
MEDIA SCANNING
Leveraging technology to scan news and media for alerts and monitoring of trends
View Session Details
- Automating media scans for all suppliers
- Monitoring news for trends
- Identifying opportunities
- Enhancing efficiency through AI
- Ensuring well rounded view with positive and negativity monitoring
- Setting up alerts to aid in negotiation and ongoing monitoring
- Aligning teams to communicate incidents globally
4:25 – 5:10
INTRAGROUP ARRANGEMENTS – PANEL DISCUSSION
Reviewing approaches and best practice for intragroup arrangements and management of sensitive data
View Session Details
- Managing materiality trigger aligned with access to sensitive data
- Reviewing regulatory treatment of inter group agreements
- Developing exit and resilience plans
- Treatment of personal data in internal agreements
- Assessing and defining materiality for intragroup
- Developing BAU programs to assess risk
- Onboarding expertise to review deviation opportunities whilst remaining compliant.
|
Funke Uwaifo, Head of Outsourcing and Vendor Management, EFG Private Bank |
|
Raghuveer Bhanoori, Director, Third-Party, Operational Risk, Pacific Life Re |
|
Jean-Francois Valette, CTPO EMEA, JPMorgan Chase & Co. |
5:10 – 5:20
Chair’s closing remarks
5:20
End of Vendor & Third-Party Europe 2024
Speakers
Adelani Adesida
Sales Executive
Aravo Solutions
Adelani Adesida
Adelani is an Account Executive with Aravo Solutions, a pioneer within the Third Party Risk Management technology sector.
Having invested a decade within the Integrated Risk Management industry, Adelani brings a wealth of experience with a strong track-record of sales, account management and project delivery across numerous risk domains.
Adelani has been a key member in numerous award-winning implementation projects and, in part part due to being an avid gamer, has a close interest in Information Security and CyberSecurity programs.
Charitable works including participation in the Aleto Foundation’s Future Leaders mentorship program and a Board Member of Dream Nation.
Anita Barber
VP, Supplier Management
HSBC
Third Party Risk Management Advisory Board member
CeFPro
Anita Barber
I obtained a degree in Law with the dream to bring change, drive innovation and argue my views. After completing law school, I realised that was certainly not the career for me. I signed up to an internship programme in New York and worked on the world’s largest trading floor – UBS Stamford Connecticut. This is where I found my passion for Banking. Following this I worked at Barclays, KPMG and joined HSBC 6 years ago. In these 6 years I have developed specialist knowledge in Vendor management, Third Party Risk and now focusing on building a Supplier Management framework for the Bank. The Supplier landscape is forever changing, but what interests me the most is how we can leverage our relationships to better advance our Sustainability goals. I am actively involving in a number of coaching and mentoring programmes as well as running a Diversity and Inclusion working group.
Raghuveer Bhanoori
Director, Third-Party, Operational Risk
Pacific Life Re
Raghuveer Bhanoori
Biography coming soon
Sophie Bishop
Head of Supplier Relationship Management,
Legal & General
Sophie Bishop
Biography Coming soon
Jean-Marc Boulo
Director, Head of Global Sourcing & Procurement UK
Credit Agricole
Jean-Marc Boulo
Jean-Marc has more than 20 years’ experience in Procurement within the Financial services sector. He has worked within Tier 1 global banks such as Citi and Barclays with regional and global remit. He is currently in charge of the procurement function at Credit Agricole CIB for the UK and European locations outside France, reporting to the global CPO.
His remit encompasses all domains of procurement such as KYS/Supplier Risk, Category management, Procurement systems and Operations. For Credit Agricole London, He is the accountable Certified Person to the FCA, supporting the increased regulatory scrutiny of the procurement function (EBAs, Outsourcing, PCIs…).
Over the recent years, the Know Your Suppliers (KYS) framework has considerably expanded with new domains such as sanctions, bribery alters, CSR (Modern Slavery, Ecovadis)
Mihaela Breg
Head of Operational Resilience & Third Party Oversight
Europe Arab Bank
Mihaela Breg
Mihaela Breg has more than 17 year of experience spanning across retail, commercial, corporate and investment banking, and a track record of operating in highly complex and regulated environments at a global level (in the Eurozone, the UK and the US). Over the years, Mihaela was involved in leading the successful delivery of various oversight and change programmes leading up to the current role as Head of Operational Resilience & Third Party Oversight for Europe Arab Bank in London. Being a proactive leader with an entrepreneurial mindset, she combined her corporate skills also with FinTech experience in the start-up environment, becoming a co-author of The PayTech Book published in January 2020 (the first globally crowd-sourced book focused on the future of finance and payments revolution).
Carlos Colino
MD, Global Head of Third-Party Risk Management
Santander Corporate and Investment Bank
Carlos Colino
Biography coming soon.
Alex Dorlandt
Head of Supply Chain Risk Management
Lloyds Banking Group
Third Party Risk Management Advisory Board member
CeFPro
Alex Dorlandt
Alex is Head of Supply Chain Risk for Lloyds Banking Group (LBG), responsible for ensuring that the supplier onboarding & management frameworks drive effective risk management and regulatory compliance. Alex has worked with LBG for 10 years, and has over 20 year experience in Sourcing and Supply Chain Risk.
Gerard Doyle
EMEA Head of Third Party Management and Procurement
SMBC Bank
Gerard Doyle
Gerard is currently the EMEA Head of Third Party Management and Procurement at SMBC Bank, having previously spent 12 years at Credit Suisse, where he held responsibilities for UK Operational Resilience compliance, European regional outsourcing oversight, and Global Operational Continuity in Resolution reporting capabilities.
He has led remediation programs to achieve compliance with these topics as well as building out and managing operational support teams to maintain these capabilities, in line with the Bank of England and other key EMEA regulatory expectations.
He has global experience having worked in US, APAC, and in Europe as well as in the UK with a particular focus on emerging regulatory risk trends and requirements, and translating these requirements into sustainable, practical frameworks that deliver clear business benefits as well as regulatory compliance.
Industry Expert
LEMA.AI
LEMA.AI Industry Expert
Biography coming soon
Natalie Druckmann
VP Sales, EMEA
Certa
Natalie Druckmann
For over 10 years Natalie has led the implementation of multiple TPRM transformation programs across both private and public sectors, managed live operations focusing on ensuring continuous compliance and drove organizations to future-proof their Risk programs. As Natalie gained experience in the TPRM field she became a go-to advisor when it comes to implementing Best Practice and providing consistent, measurable and target driven results. Prior to joining Certa recently, Natalie spent the last 3 years leading the global Risk and Performance SME team for Coupa Software supporting customers in their TPRM journey.
Joanne Emmerson
Head of Third Party Risk Management Oversight
NatWest
Joanne Emmerson
With over 20 years banking and risk management experience working across the financial industry, including Bank of Scotland, Barclays and currently with the NatWest Group, Joanne is an industry expert on all aspects of Third Party Risk Management and Outsourcing regulatory requirements. In her current role she is the Risk lead for NatWest on all outsourcing matters working with external and internal outsourcing central teams on their business strategy, processes and control environment to ensure they operate within the bank’s risk appetite and meet regulatory expectations. As a purpose-led business NatWest fosters strong relationships with all key stakeholders across their supply chain.
Maya Goethals
Director, Compliance and Risk Management
Bank of America Merrill Lynch
Fintech Advisory Board member
CeFPro
Maya Goethals
Maya is an experienced professional focusing on Data Protection, Privacy Regulation and Regulatory Change. In her role as a Risk Manager in EPCOR Privacy, she works with the EMEA teams to manage the risk of regulatory changes and rulings and ensure risk management and compliance are across the forefront of BAC’s business operations.
Maya has over 10 years’ experience delivering security, regulatory and data protection projects across various industries including Investment Management and Retail Banking. She has acquired the skillset to effectively enable transformation within challenging business and IT environments, working with a multitude of technical, organisational and C-suite stakeholders.
Maya is a certified privacy professional and holds CIPP/E, CIPM, CIPT, CIPP/US, CIPP/A and CISSP certification. She holds a BSc in Business Economics and an MSc in Information management from Tilburg Business School.
Samikendra Gosh
Global Third-Party Risk Lead, Operational and Resilience Risk
HSBC
Samikendra Gosh
~20+ Years’ Experience – Seasoned and dynamic professional with core experience in operational risk and internal control across varied functional and operational roles involving Operational Risk Management, Supplier Risk / Third Party/ Vendor Management, Operations & Project Management, Business Management covering Strategy and Financial Forecasting. Extensive experience in Enterprise Risk Management and leading teams
Will Gray
Area Director Europe North
SecurityScorecard
Third Party Risk Management Advisory Board member
CeFPro
Will Gray
Will Gray has 18 years experience in Security and Risk Management, primarily focused on bringing emerging technologies to market.
Having joined SecurityScorecard in 2018, when Cyber Risk Ratings was a nascent industry, he has seen a rapid rise in adoption of the concept which now underpins board reports, risk management discussions, supply chain security assessments and cyber insurance underwriting for 1000’s of organisations globally.
Julius Herfel
Head of Audit –International Regulatory & Second Line
BNY Mellon
Julius Herfel
Julius is Head of Audit at the Bank of New York Mellon (BNY Mellon) in London and in that role responsible for covering Risk Management, Compliance, Treasury, Capital Adequacy and Finance in the EMEA region, and Client Asset Safety globally. Before joining BNY Mellon in 2015 he worked at PwC in Luxembourg as Risk and Regulatory Consultant, specialised in Prudential Risk/ Basel III. Julius has a Master in Economics and Political Sciences, and holds both the Financial Risk Manager (FRM) as well as the Sustainability and Climate Risk (SCR) Certificate.
Gary Lock
Global Head of Third-Party Risk Management
Fidelity International
Gary Lock,
Biography coming soon
Anne McGowan
Head of Supplier Management, Governance & Risk
Lloyds Banking Group
Third Party Risk Management Advisory Board member
CeFPro
Anne McGowan
Anne is Head of IT Supplier Management , Governance and Risk at Lloyds Banking Group (LBG), leading a large team of 37 professional Supplier Managers who manage 330 of the most important technology suppliers.
This reliance on technology suppliers, in support of the delivery of LBGs Technology Strategy, has grown exponentially with the trajectory continuing.
Recognising that we can’t stand still in the face of environmental disruption in the supply chain eg geopolitical tensions, soaring inflation and potential supplier financial instability, climate concerns and increasing dependency on technology suppliers, Anne has led a significant project to transform Supplier Management.
The project initiatives have released capacity, focused colleagues on value and innovation, ensuring our customers receive the best service with the lowest risk.
Previously, as the Lead of LBG’s central Assurance Team, Anne successfully shaped the framework and delivered the assurance plan for critical suppliers across the various business divisions.
An accomplished leader, Anne has extensive experience in senior roles in Third Party Risk Management, and Management roles across Insurance and Retail channels
Andrew Moyad
CEO
Shared Assessments
Anne McGowan
Andrew Moyad is the Chief Executive Officer of Shared Assessments.
Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.
Most recently, Andrew served as Senior Vice President, Vendor Risk Management at Blackstone, where he led a team of risk professionals responsible for overseeing all phases of the vendor lifecycle at the firm, including risk assessments, control diligence, contract reviews, financial checks, performance monitoring, issue tracking, and management reporting. Prior to Blackstone, he served as a director and global head of vendor risk management and BlackRock and Senior Vice President for Citigroup, where he was a Business Information Security Officer in Global Fixed Income and led third party risk assessments for several years.
Andrew holds a Bachelor of Arts Degree in Natural Sciences from Harvard University and a Master of Science Degree in Information Systems from the Stevens Institute of Technology.
Zuzana Rebrova
Head of Third Party Cyber Risk Management
Swiss Re
Zuzana Rebrova
- Zuzana Rebrova, comes from Slovakia where I work for Swiss Re as a head of Third-Party Cyber Risk Management global service and team.
- More than 15 years of experience in different roles and positions, dealing with information security, privacy, business continuity, security and risk advisory, ISO 27k implementations and internal audits.
Senior expert
Bank of England
Senior representitive
Biography coming soon
Saima Sabir
Group Head of Third-Party Risk Management & Outsourcing (2LOD)
Bank of Ireland Group
Saima Sabir
Saima is an industry recognised leader who specialises in Governance, Risk, Compliance and Global Business Transformations. Experienced in navigating at Board level acting as a presenter and advisor. Saima has worked within non-financial and Financial Services; helping Investment Banks, FMIs and Tech Companies achieve a balance between regulation, governance, and commercial results. Saima is currently the Group Head of Third Party Risk Management & Outsourcing (TPRM&O) within the second line of defence for the Bank of Ireland Group. Please visit Saima’s LinkedIn profile for further information.
Wayne Scott
Regulatory Compliance Lead
NCC Group
Wayne Scott
In his role as Regulatory Compliance Solutions Lead, Wayne manages NCC Group’s relationships with the global financial services regulators. This involves co-writing NCC Group’s consultation paper responses relating to third-party risk management, supply chain risk and operational resilience, as well as ensuring its products meet global regulatory requirements. Much of Wayne’s time is spent advising systemic financial institutions and their suppliers on how to build “demonstrably successful stressed exit plans” as instructed by the PRA.
Brian Shaw
Director of Financial Services Sales
Mirato
Brian Shaw
Brian has automated risk and compliance for over 25 years, supporting hundreds of Fortune 500 and mid-market firms across all industries. Since 2011, Brian has focused on Third-Party Risk, Compliance and Performance Management for the Financial Services Industry, Master Data Management and Know your Customer (KYC) challenges. At Mirato, Brian serves as Director of Financial Services Sales, responsible for sales to Financial Services firms in North America and Europe.
Simon Shepherd
Managing Director
MYRIAD Group Technologies Ltd
Simon Shepherd
I am the Managing Director at MYRIAD Group Technologies Limited and I helped found the Company in 2004. I read Economics & Politics at Durham, completing a Dissertation on Just War Theory. After a brief stint in the Army, I spent 12 years in Investment Banking in Property Finance and then in High Yield Bond Trading & Sales, running desks covering both high yield currencies and junk/distressed credits, completing my Banking career as a senior Managing Director at Deutsche Bank. I then set up a small, privately funded portfolio which invested directly in six small Technology Companies, two of which were sold successfully and two of which merged and out of that entity we created MYRIAD Group Technologies Limited. The Company is a pure Technology business with 3 software platforms which target large Financial Institutions and specifically the Network or Vendor Management Departments. Our success has encouraged us to look at related disciplines, specifically continuous due diligence, Risk, Operational Resilience and related managed services, as well as other Industry verticals including NBFIs, Government and some Corporates. The Company develops all its own source code onshore in the U.K. and we will have more than 20 large Financial Institutions as Clients by the end of 2024. I play golf, ski a fair amount, collect Stamps, drink half-decent wine and listen to great music through various HiFi systems, old and new.
Gemma Stewart
Global Head of Vendor Management
Zurich Insurance Company
Gemma Stewart
Gemma has worked in a variety of third-party management roles over 15 years including procurement transformation and IT portfolio management. Currently leading the group strategy for third party risk management which includes the risk policy, third party governance framework, and a GRC solution for automated risk management & reporting. Gemma and her team have spent the last 18mths implementing a globally consistent framework and system across 37 countries. A lean black belt with a passion for implementing efficient operating models and using IT solutions to simplify and automate third party risk management.
Funke Uwaifo
Head of Outsourcing and Vendor Management
EFG Private Bank
Funke Uwaifo
Funke has spent the last 13 years of her career in Procurement and Vendor Management across a diverse range of sectors mainly in financial service organisations such as M&G Investments and the Financial Services (now Conduct) Authority but also non-financial services organisations. She currently heads up the outsourcing function at EFG Private Bank with a main focus on developing Intra-Group Agreements with jurisdictions outside of the UK as well as embedding third party governance and risk management across the organisation.
Jean-Francois Valette
CTPO EMEA
JPMorgan Chase & Co.
Jean-Francois Valette,
Biography coming soon.
Codee Woo
Strategic Supplier Risk Management
Legal & General
Third Party Risk Management Advisory Board member
CeFPro
Codee Woo
Codee is a Strategic Supplier Risk Manager at Legal & General Investment Management (LGIM) and has 7 years’ experience in the financial services industry. Previously, Codee worked at PwC where she qualified as a Chartered Accountant and advised financial institutions on how to meet third party risk regulatory requirements, including framework design and implementation and supplier due diligence. Codee is also passionate about using technology to transform the way that we manage suppliers to obtain efficiencies and deeper data insights.
Would your organization like to partner with us on this event?
To discuss how we can deliver your thought-leadership at the event, help you generate leads, and provide you with unique networking and branding opportunities, please contact sales@cefpro.com or call us on +44 (0)207 164 6582 for more information.
2024 Sponsors
Co-sponsors
Aravo
Aravo delivers the market’s smartest third-party risk and performance management solutions, powered by intelligent automation. With Aravo, customers can work smarter, move faster, see clearer, and make better decisions about their extended enterprise – all in one place.
For more than 20 years now, Aravo’s combination of award-winning technology and unrivaled domain expertise has helped the world’s most respected brands accelerate and optimize their third-party management programs, delivering better business outcomes faster and ensuring the agility to adapt as programs evolve. Aravo is trusted by the world’s leading brands, helping them manage the risk and improve the performance of more than 5 million third parties, suppliers and vendors across the globe.
Mirato
Improve any TPRM program by reducing the manual work.
Whether you are using email and spreadsheets, or have a mature, fully automated and sophisticated program, Mirato can help. Significantly.
Mirato’s advanced Artificial Intelligence solutions were created and trained specifically to address the most common and difficult challenges of Third Party Risk Management.
Our TPRM Intelligence Platform completes your TPRM assessments using your risk appetite, your controls framework, and the information you already collect. The Mirato Questionnaire Killerautomatically pre-answers your due diligence questionnaires for your third parties.
MIrato makes no “black box” decisions but enables better human decisions faster.
NCC Group
With over 30 years’ experience, NCC Group is a world-leading Software Resilience provider ensuring the continued availability of outsourced business-critical software and data through our Escrow and Verification services. Our Software Resilience services enable businesses to easily prepare for, respond to and recover from disruption to third-party services, strengthening operational resilience and satisfying business continuity planning, regulatory compliance and supply chain risk management requirements.
Security Scorecard
SecurityScorecard is the global leader in cybersecurity ratings and the only service with millions of organizations continuously rated. Our mission is to make the world a safer place by transforming the way organizations understand, improve, and communicate cybersecurity risk to their boards, employees, and vendors.
SecurityScorecard’s patented rating technology is used by thousands of organizations for enterprise cyber risk management, third-party risk management, board reporting, cyber insurance underwriting, and regulatory oversight to meet compliance mandates; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their externally facing digital-footprint.
SecurityScorecard is the only provider of instant risk ratings that automatically map to vendor cybersecurity questionnaires and the largest ecosystem of integrations, providing a true 360-degree view of risk. But we don’t stop there. Through a customer-centric, solution-based commitment to our partners, we are transforming the digital landscape building a path toward resilience.
Shared Assessments
Shared Assessments is a global membership organization dedicated to developing the best practices, education and tools to drive third party risk assurance. We are creators of the industry standard third party risk toolkit, used by over 15,000 organizations worldwide.
Associate sponsors
Certa
Certa is the only platform that digitizes, orchestrates, and automates the entire third- party journey, across procurement, compliance, IT, legal, finance, and other groups. Founded in 2015 by Jag Lamba, Certa was designed to be a modern tool for modern teams. Certa helps companies onboard third-parties 3x faster by combining speed with superior risk and compliance controls. Up to 80% of evaluations for low-risk third-parties can be automated, allowing your team to focus on entities that require additional due diligence. Certa replaces your antiquated legacy systems with one centralized platform and a simple, modern user interface. Flexible no-code integrations with 70+ vetted data sources provide instant verification of all vendor information and prevent unexpected disruptions, losses, or reputation damage. Certa makes third-party risk management fast, easy, and modern. Learn more at getcerta.com.
Fusion Risk Management
Fusion Risk Management is a leading industry provider of cloud-based software solutions for operational resilience, encompassing risk management, third-party risk management, information technology and security risk, business continuity and disaster recovery, and crisis and incident management. Its products and services take organizations beyond legacy solutions and empowers them to make data-driven decisions with a comprehensive and flexible approach through one system. Fusion and its team of experts are dedicated to helping companies achieve greater operational resilience and mitigate risks within their businesses.
MYRIAD Group Technologies Ltd
Since 2004 MYRIAD Group Technologies Ltd has provided financial institutions with sophisticated market-leading software to manage any type of Provider or Supplier Network. Our platforms provide performance monitoring, cost management, automated process control, rolling due diligence and comprehensive reporting.
Our products enable institutions to amplify operational excellence using secure Cloud-based technology and instant actionable intelligence, uniting departments and driving efficiency. Rationalising fragmented ways of working and generating economy of effort are central to the value that we deliver.
We have assisted institutions in identifying and realising significant tangible cost savings and providing a ‘where are we’ view, identifying exposures and impact with counterparties and their hierarchies. We firmly believe our platforms are a critical tool for any recovery and resilience plan and will provide reassurance to any risk management strategy.
We are a global technology company accredited with ISO/IEC 27001:2013 and pride ourselves in the quality of the products we deliver and the premier service we provide to our Clients.
OneTrust
As society redefines risk and opportunity, OneTrust empowers tomorrow’s leaders to succeed through trust and impact with the Trust Intelligence Platform. The market-defining Trust Intelligence Platform from OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture by unlocking their value and potential to thrive by doing what’s good for people and the planet.
Learn more at OneTrust.com.
Content and media partners
CeFPro Connect
CeFPro Connect aims to connect industry experts through thought leadership content and timely news, written for the industry, by the industry. Gain unlimited access to CeFPro’s unparalleled library of resources including iNFRont Magazine, market intelligence reports, filmed presentations, insights Q&A’s, and much more.
Sign up for free.
iNFRont Magazine
iNFRont Magazine is a unique publication providing regular insight on the operational and non-financial risk (NFR) sector. Featuring contributions provided by leading industry figures and experts from around the world, iNFRont Magazine touches on the most critical themes and challenges currently affecting financial professionals.
Available to download for free.
Can I share my thought leadership at Vendor & Third Party Risk Europe?
Will there be opportunities to network with other attendees?
- Breakfast, lunch and refreshment breaks
- Drinks reception at the end of day-1
- Q&As, panel discussions, and audience participation technology
What is included within the registration fee?
Where can I find the Summit documentation and speaker presentations?
*Please note that our speakers often have to gain permission from their relevant compliance departments to release their presentations. On rare occasions compliance may not allow presentations to be distributed.
Will breakfast, lunch and refreshment be provided?
Are there any rules on dress code?
Register - Super early bird rate
Available until April 26
E.g. Bank, Insurance company, Asset manager, Regulator
E.g. Consultant, Vendor, Executive search firm, Law firm
Register for Vendor & Third Party Risk Europe today and join the likes of 150+ industry professionals and subject matter experts looking to engage in meaningful conversation and discuss the latest developments and challenges within the vendor and third party risk sector.
Register now and secure your place at the lowest rate possible.
Don’t miss out, we only have a limited number of tickets available.
The benefits are amplified when you attend alongside your colleagues, fostering a unique environment for collective learning, sharing insights, and strengthening professional bonds. Join us to explore this diverse and dynamic field together with your team.
Buy 2 passes and get the 3rd half price OR buy 4 and get the 5th for free!
Need assistance with your registration? Get in touch with us via email below, or call us on +44 (0)207 164 6582.
Prices do not include VAT
*To qualify for the preferential ‘early bird’ rates, registration must be received by the close of the ‘early bird’ working day, and payment can be made at the time of registering, or up to a week after registration is made an invoice sent. CeFPro reserves the right to increase rates should payment be delayed significantly. Should a delegate register at a rate that is inaccurate, CeFPro reserves the right to issue an additional invoice for the outstanding amount. Cancellations received more than one calendar month before the event will be eligible for a refund less 15% administration fee. Cancellations must be made in writing to info@cefpro.com. Regrettably, no refund can be made for cancellations within a month of the event.
Register to receive the brochure
Download our event brochure and receive special access to:
- Speaker reveals
- Agenda updates
- Access to exclusive discounts