Why should you attend?
CeFPro are pleased to announce the launch of our 9th Annual Edition of Vendor and Third Party Risk Congress in New York City on June 5-6, 2024. Selling out yearly and highly anticipated, Vendor & Third Party Risk USA is the must-attend conference for TPRM professionals to expand their knowledge.
The agenda for 2024 has been re-vamped after much demand for increased focus on resilience and some of the regulatory changes that have increased the prominence of TPRM over the last year. The agenda features two streams, the first being the main event, the second a breakout on resilience, including a number of regulatory initiatives
As an attendee you will gain insight from 40+ TPRM professionals as they delve into key challenges being faced within the industry through in-depth presentations and lively panel discussions.
Over 40 sessions across 2 interactive workstreams:
THIRD PARTY RISK MANAGEMENT
RESILIENCE
- TPRM
- Due Diligence
- Fourth Party Risk
- Supply Chain
- Vendor Relationships
- Contract Management
- AI
- ERM
- Interagency Guidance
- Resilience
- Critical Relationships
- BCM
- Cyber Resilience
- Ransomware
- Technology
- Exit Planning
Interact with industry front-runners paving the way in third party risk
An engaging and interactive agenda spread across 2-days
Participate in a comprehensive exploration of the topics at hand via presentations, panel discussions, and live Q&As to facilitate learning and engagement.
Listen in as subject matter experts share their knowledge
Our line-up of 30+ knowledgeable and experienced practitioners speakers bring the highest standard within the industry, offering fresh perspectives and insights for you to return to your department with.
7+ hours of available networking opportunities
Continue conversations from inside the auditorium over coffee, lunch, and at our complimentary drinks reception. Make meaningful career-long industry connections to use to your professional advantage.
Key speakers for the 2024 Congress
Dolly Singh
MD, Global Head of Third Party Oversight
JPMorgan Chase
Tom Kartanowicz
Regional CISO, Europe and Americas
Standard Chartered Bank
Melissa Mellen
Head of Third Party risk Management
Federal Reserve Bank of New York
Scot Lynch
Executive Director
Morgan Stanley
Kholofelo Mothibi
Head of TPRM
Corebridge Financial
Varun Agarwal
Director, Enterprise Risk Management
Western Alliance Bank
Sri Intan
Head of Vendor Risk Management for North America
Commerzbank AG
Spruille Braden
Enterprise Head of Operational Resilience
Citi
Session previews and related insights
Get an insight of what to expect from the Congress with our past and present speaker session previews.
Beyond the scoring: Managing the third and fourth party attack surface
Beyond the scoring: Managing the third and fourth party attack surface Will Gray, Area Director Europe North, SecurityScorecard Below is an insight into what can be expected from Will's session at Vendor & Third Party Risk Europe. {{ vc_btn: title=Find+out+more+about+CeFPro%27s+Vendor+%26amp%3B+Third+Party+Risk+Europe+2024&style=outline-custom&outline_custom_color=%23001c64&outline_custom_hover_background=%23001c64&outline_custom_hover_text=%23ffffff&link=url%3Ahttps%253A%252F%252Fwww.cefpro.com%252Fforthcoming-events%252Fvendor-third-party-risk-europe%252F }} The views and opinions expressed in this article are those of the thought leader as an
Enhancing due diligence and assessment practices to obtain and develop actionable insights
Enhancing due diligence and assessment practices to obtain and develop actionable insights Codee Woo, Third Party Risk Management Lead, Legal & General Laura Faure, Third Party Risk Manager, Legal & General Below is an insight into what can be expected from Codee's session at Vendor & Third Party Risk Europe. {{ vc_btn: title=Find+out+more+about+CeFPro%27s+Vendor+%26amp%3B+Third+Party+Risk+Europe+2024&style=outline-custom&outline_custom_color=%23001c64&outline_custom_hover_background=%23001c64&outline_custom_hover_text=%23ffffff&link=url%3Ahttps%253A%252F%252Fwww.cefpro.com%252Fforthcoming-events%252Fvendor-third-party-risk-europe%252F }} The views and
Increasing collaboration across teams to monitor risk throughout the lifecycle
Increasing collaboration across teams to monitor risk throughout the lifecycle Simon Shepherd, Managing Director, MYRIAD Group Technologies Below is an insight into what can be expected from Simon's session at Vendor & Third Party Risk Europe. {{ vc_btn: title=Find+out+more+about+CeFPro%27s+Vendor+%26amp%3B+Third+Party+Risk+Europe+2024&style=outline-custom&outline_custom_color=%23001c64&outline_custom_hover_background=%23001c64&outline_custom_hover_text=%23ffffff&link=url%3Ahttps%253A%252F%252Fwww.cefpro.com%252Fforthcoming-events%252Fvendor-third-party-risk-europe%252F }} The views and opinions expressed in this article are those of the thought leader as an
The ever-changing role of third party risk management
The ever-changing role of third party risk management Branan Cooper, TPRM Consultant Below is an insight into the role of third party risk management, with a highlight into how the it has developed over the years. Discover more at Vendor & Third Party Risk USA. {{ vc_btn: title=Find+out+more+about+CeFPro%27s+Vendor+%26amp%3B+Third+Party+Risk+USA+2024&style=outline-custom&outline_custom_color=%23001c64&outline_custom_hover_background=%23001c64&outline_custom_hover_text=%23ffffff&link=url%3Ahttps%253A%252F%252Fwww.cefpro.com%252Fforthcoming-events%252Fvendor-third-party-risk-usa%252F }} The views and opinions expressed in
Would your organization like to partner with us on this event?
To discuss how we can deliver your thought-leadership at the event, help you generate leads, and provide you with unique networking and branding opportunities, please contact sales@cefpro.com or call us on +1 888 677 7007 for more information.
2024 Sponsors
Co-sponsors
Associate sponsors
Content and media partners
Speakers from our 2023 Congress
Shamial Afzal
Global Head of Strategic Supplier Oversight
Legal & General Investment Management
Shamial Afzal
With over 25 years financial services experience, Shamial has worked in insurance, banks and now investment management firm leading the strategic supplier oversight agenda globally.
Shamial has a passion to build inclusive and diverse teams which have been demonstrated through his various roles which have included operations, change and supply chain management.
Shamial continues to challenge the status quo and drive the supplier oversight agenda forward as critical part of any firm dealing with third parties.
Olga Baldwin
VP, Vendor Management
Axiom Bank
Olga Baldwin
“Olga Baldwin is a VP, Vendor Management at Axiom Bank with over 13 years of experience in third party risk management. Currently she is responsible third-party risk management program development, improvements, and implementation to ensure a proper oversight of the bank third parties is conducted in accordance with regulatory requirements including vendor selection, risk assessment, due diligence, ongoing monitoring, and terminations. Prior to this role, Olga held a position of a Director, Vendor Risk Management at Sterling National Bank overseeing Vendor Risk Management Program.
Krystelle Bilodeau
Senior Director, Banking Operations & Risk
Bank of Canada
Krystelle Bilodeau
Krystelle Bilodeau is Senior Director, Banking Operations & Risk at the Bank of Canada. Krystelle has worked in the financial sector for over 20 years with 16 years at Canada’s central Bank. Throughout her career, Krystelle has established herself as a versatile professional holding leadership positions in a broad range of areas including Director of Retail and Wholesale Debt Administration responsible for large and complex outsourced operations; as Director of Awareness and Education in the Currency Department during Canada’s successful transition from paper-based to polymer-based currency; As Adviser on Third Party Risk having designed and implemented the Bank’s Third party risk management program; and as Senior Director for the Bank of Canada’s critical Banking Operations and risk during the COVID crisis
Krystelle is a member of the Faculty for Third Party Risk Institute and its delivery partner SIG University’s “Certified Third Party Risk Management Professional” program; Vice President of the Board of Directors of the EBO Financial Education Centre; Chair of the Ottawa chapter of the Dean’s Advisory Council for the Lazaridis School of Business & Economics, and a member of the Strategic Direction Committee for the Bank of Canada’s women’s leadership network – PotentiELLE. Krystelle is also the recipient of the Future of Sourcing Awards ‘Rising Star’ award for 2018 and shortlist candidate for the Women in Finance awards ‘Outstanding Achievement’ award in 2019.
Krystelle holds a BA in Communications and a Master’s in Business Administration from Wilfrid Laurier University.
Jera Bradshaw
Counsel
Bradley Arant Boult Cummings LLP
Jera Bradshaw
Jera Bradshaw is a member of Bradley’s Banking & Financial Services Practice Group. Jera has more than 13 years of experience heading regulatory, transactional, and niche cases within the financial services industry. She excels at building trusting business relationships, directing multifunctional teams, and presenting strategic and risk-management recommendations to decision-makers at all levels.
Jera worked as a bank regulator for a decade and leverages that knowledge and experience to help banks and lenders maintain compliance and understand their regulators’ expectations and point of view.
Prior to joining the firm, Jera served as vice president and senior counsel of Regulatory Affairs for a regional banking organization, where she advised the enterprise on U.S. banking laws and regulations, supervisory guidance and interpretations, and complex legal matters.
Her bank regulatory experience also includes eight years as a senior attorney at the Federal Deposit Insurance Corporation (FDIC). In that role, she oversaw enforcement actions, advised on consumer protection laws, and supported regulatory examinations. Additionally, she was responsible for the legal review of various types of regulatory filings such as branch applications, golden parachute payments, mergers, brokered deposits and retirement of capital. Jera began her banking regulatory career as an attorney for the Tennessee Department of Financial Institutions, where she advised on legislation, laws and policy affecting financial institutions in Tennessee.
Thomas Brandt
Chief Risk Officer/Director, Office of Planning and Risk
Federal Retirement Thrift Investment Board
Thomas Brandt
Tom Brandt is a risk management practitioner in the federal government. With nearly three decades of federal service, he is currently the Chief Risk Officer (CRO) and Director of Planning and Risk for the Federal Retirement Thrift Investment Board. He previously served as CRO for the IRS. He is a fellow with the National Academy of Public Administration, a past president of the Association for Federal Enterprise Risk Management (AFERM), and also served as chair of the OECD Forum on Tax Administration’s ERM Community of Interest from 2018–2021.
Leah Campbell
Counsel
Bradley Arant Boult Cummings LLP
Thomas Brandt
Leah Campbell is a Senior Attorney in Bradley’s Charlotte office. Leah has significant experience representing financial services and insurance company clients in both federal and state courts, as well as before state regulators. Leah has provided intellectual property guidance in M&A and corporate structuring matters and advised on GDPR implementation and cross-border encryption issues. Leah currently advises banks on payment systems technology and licensing, data privacy, address confidentiality programs, and emerging risk issues.
Prior to joining Bradley, Leah served as Senior Counsel in the Cyber/Intellectual Property/Information Technology group for Deutsche Bank AG in New York. Leah was responsible for negotiating outsourcings, software license agreements, SaaS agreements, consulting services agreements, commercial leases and construction agreements.
Rodney Campbell
Head of Third Party Risk Management
Valley Bank
Thomas Brandt
Rodney Campbell is a recognized industry leader in Third-Party Risk Management (TPRM) framework, Relationship Management, Contract Management & Performance Management. Rodney is a business champion, dedicated to empowering organizations and business leaders with industry insights and best practices to establish both regulatory compliance and operational success. Experienced in developing global programs, processes, cross-functional teams from the ground up and leading projects spanning Asia-Pacific, Latin America, United Kingdom and North America regions, Rodney creates a high-impact, collaborative environment that eliminates silos and cross borders.Additionally, Rodney serves on Seton Hall University Customer Experience Program Advisory Council and The Board of Directors for HANDS Housing and Neighborhood Development.
Javier Cubano
VP, Third Party Risk Oversight
BNY Mellon
Javier Cubano
Javier Cubano is Vice President, Third Party Risk and Oversight at BNY Mellon, where he specializes in third party due diligence. Recognized as an SME for building and optimizing global third-party risk management programs in the financial industry, Javier has significant experience conducting onsite and remote third-party risk assessments on programs of varied maturity. Javier has streamlined processes for external audit requests, crafting policies and authoring procedures to create effective third party management practices. Javier strives to create solutions that harmonize business, regulatory, and management goals, while strengthening the vendor management lifecycle by working cross functionally with sourcing and legal.
Javier is a graduate of Rutgers University and Rutgers Law School. Javier is a Certified Third Party Risk Professional (CTPRP) and a Certified Third Party Risk Assessor (CTPRA).
Andrew Egoroff
Senior Cybersecurity Specialist
ProcessUnity
Andrew Egoroff,
Andrew is the Senior Cybersecurity Specialist at ProcessUnity. He has more than 30 years’ international experience providing cybersecurity advisory and consulting services across a wide variety of industry verticals in Australia, the UK and the USA.Andrew is responsible for keeping up to date with all the latest cybersecurity trends and advancements, as well as evangelizing the use of the ProcessUnity Cybersecurity Risk Management service offering for customers across the globe
Madiha Fatima
Executive Director – Operational & Outsourcing Risk
JP Morgan
Madiha Fatima
Madiha Fatima is an Executive Director – Operational and Outsourcing Risk Management at JP Morgan, where she leads the second line of defense function for operational and outsourcing risk overseeing Third Party Risk Management, Sourcing, Procurement and Inter-Affiliate Management. Previously, Madiha was the Head of Third Party Risk Management Department at Angelo Gordon where she was responsible for development of Third Party Risk Management Framework while enabling businesses to achieve their strategic objectives from utilizing vendors. Prior to joining Angelo Gordon, Madiha Fatima served as the Third Party Risk Governance & Oversight Lead at DTCC. Madiha is a Certified Third Party Risk Professional (CTPRP). Madiha earned a Bachelors of Science degree in Financial and Capital Markets from Rutgers Business School.
Dov Goldman
VP, Risk Strategy
Panorays
Dov Goldman
Dov has years of experience in the third-party risk and compliance field, as well as a long history as a serial entrepreneur, software and network engineer. Dov focuses on the evolving best practices and industry standards in third-party management and regulatory compliance. Previously, Dov was VP of innovation at Opus, director of product marketing at Navigant, and founder and CEO of Cognet Corp and Dynalog Technologies. Dov has spoken at industry events around the world and has been quoted in numerous industry press articles, as well as The Wall Street Journal, about information security and privacy.
Gregory Goldstein
Vice President, Strategic Global Partner Management
Prudential Insurance Company of America
Gregory Goldstein
Greg Goldstein is Vice President, Strategic Global Partner Management at Prudential Insurance Company of America where he optimizes governance of key strategic provider relationships during the entire lifecycle from transition to operations. He leverages strength in managing and governing partnerships, utilizing resourcefulness and creativity to balance capacity management, ensuring that the right provider does the right work, financial targets are met and aligned with delivery excellence and performance.
Previously, Greg was Principal, Enterprise Third Party Management at BNY Mellon and Head of Third Party Risk Management for Investors Bank and Prudential Insurance Company of America, enabling businesses and functions to achieve objectives from using third parties including improved profitability, faster time to market, competitive advantage and decreased costs by providing a framework to manage reputational, legal & regulatory, operational and information security risks. He has deep financial services industry experience complimented by an extensive management consulting/public accounting background that includes Ernst & Young and Deloitte.
Greg is a graduate of University of California, Los Angeles, with a Bachelor of Arts degree in Economics and Business. He is a Certified Public Accountant (CPA), a member of the American Institute of Certified Public Accountants (AICPA) and a member of the New York Society of CPAs. Greg is also a Cartified Third-Party Risk Professional (CTPRP), Fellow of the Life Management Institute (FLMI) and Six Sigma Black Belt.
Carolyn Handley
Head of Vendor Due Diligence & Monitoring – NA Investments, Global Investment Center
Aon
Carolyn Handley
Carolyn Handley is the Head of Vendor Due Diligence and Monitoring for NA Investments, in Aon’s Global Investment Center. She joined Aon in 2013 as the Finance Lead for NA Investments, previously holding lead roles in financial, analytical and business decision support for top-tier companies such as PepsiCo, Walmart Stores Inc., and GE Capital. Carolyn holds an MBA in International Business, BS in Accounting, and an active CPA license.
Laura Hawkins
Principal Consultant Resilience and Third Party Risk Management
PA Consulting
Laura Hawkins
Laura is an experienced resilience consultant and has worked on projects that cover all aspects of the discipline including third-party risks management, data privacy, business continuity, incident response and exercising. Laura combines her understanding of resilience capabilities with her ability to support and collaborate with others to help create more resilient organizations. Laura has worked in highly regulated environments and prior to PA Consulting worked at the UK’s Financial Conduct Authority in the incident response team and as the sector lead for crisis management exercising and industry collective action.
Stuart Hoffman
Governance & Operational Risk Policy Analyst
OCC
Stuart Hoffman
Stuart is a Policy Analyst with the OCC’s Bank Supervision Policy division, specializing in governance and operational risk policy. He is also a Bank Information Technology examiner, specializing in cybersecurity and information technology risk / information security. He supports international efforts as the OCC’s interim representative to the Basel Committee on Banking Supervision (BCBS) Operational Resilience Group. Stuart joined the OCC as an industry hire in June of 2013. Prior to joining the OCC, Stuart held IT risk management related positions at Citigroup, Cisco, and GE. His career also includes management consulting experience at Deloitte. He has substantial experience in regulatory examinations, technology audits, IT certification efforts, and cross-border initiatives from both the regulatory and business perspectives. Stuart completed his BA and MBA at NYU and holds several industry-recognized credentials, including the CISA, CISSP, and CRISC.
Vanessa Jankowski
Senior Vice President & General Manager, TPRM & CNI
Bitsight
Vanessa Jankowski
Vanessa is the Senior Vice President and General Manager Third Party Risk Management and Critical National Infrastructure at Bitsight. She has spent more than a decade in product management and leadership roles at technology companies focused on data-driven solutions that transform how people work. Vanessa holds a Master’s degree in Predictive Analytics from Northwestern University and an undergraduate degree in Political Science from Rutgers University.
Mike Jawetz
Director, Solution Architecture
CyberGRX
Mike Jawetz
Mike Jawetz is currently a Director of Solution Architecture with CyberGRX. He has worked in the security industry for over 30 years and worked on projects for FireEye, iSight Partners, VMware, Symantec, IBM and others. He has spent over twelve years in software development and support for companies such as IBM, DEC, Sun Microsystems, and Seagate Software. Mike holds a BS in Electrical Engineering from the University of California at Davis.
Max Kanaskar
Industry Principle, FSI
Interos
Max Kanaskar
Max Kanaskar is an Industry Principal at Interos, specializing in Financial Services and Insurance. With a background in AI and advanced analytics software startups, he brings extensive experience in sales enablement, customer adoption, marketing, and product strategy. Previously, Max specialized in strategy and management consulting, focusing on strategic transformations, assessments, and delivery management in insurance, banking, and capital markets. His expertise spans sales and distribution, operations, and risk management, driving tangible value and fostering organizational growth.
Tausif Khan
Associate Director, Third Party Risk
DTCC
Tausif Khan
Tausif leads the Third Party Risk Governance and Reporting group of DTCC. He is responsible for managing the Third Party Risk Management framework and lifecycle specifically focusing on Critical Third Parties, firmwide awareness of responsibilities, due diligence of 4th/nth parties, governance for monitoring and oversight, and regulatory responses. Tausif holds a BS in Finance from the University of South Florida and is currently pursuing his MS in Cybersecurity from Virginia Tech.
Cyril Korenbeusser
Chief Resilience Officer
BNP Paribas CIB
Cyril Korenbeusser
Biography coming soon.
Wes Loeffler
Product Manager
Archer
Wes Loeffler
Wes has been with Archer for over five years and serves as the product manager for Third Party Risk Management, Business Resilience, and Operational Resilience. Prior to joining product management, he worked as a product owner and solutions engineer where he developed offerings for Third Party Risk Management, IT & Security Risk Management, and integrations with AWS Security Hub and RiskRecon. Prior to joining Archer, Wes worked for 10 years in the financial services industry as a relationship manager and risk analyst.
James Mcpherson
Director & Counsel
Credit Agricole
James Mcpherson
James McPherson is Director & Counsel at Credit Agricole Corporate and Investment Bank in New York. He is a member of the Regulatory Group and his work includes reviewing and negotiating a broad range of commercial agreements for the Bank, including contracts for a variety of technology and trading related services. He also participates in various steering committees related to the procurement and ongoing monitoring of the Bank’s various service providers and outsourcing initiatives, including the Bank’s Vendor Management Committee.
Melissa Mellen
Head of Third Party Risk Management
Federal Reserve Bank of New York
Melissa Mellen
Melissa J. Mellen is an Officer within Procurement Value Management, leading the Policy, Analytics, & Vendor Strategy team. In this capacity, Melissa is responsible for overseeing Procurement Policy related compliance, and advisory client driven services. She also manages the Federal Reserve Bank of New York’s Vendor Management, and Supplier Diversity Program.
Prior to joining the Federal Reserve Bank of New York, Ms. Mellen spent fifteen years in the private sector, focused on Procurement, Supplier Diversity and Vendor Risk Management for firms such as: MUFG Union Bank, JP Morgan Chase, OppenheimerFunds, and Mizuho Bank, Ltd.
Ms. Mellen received her bachelor’s degree in Philosophy from SUNY Albany and holds an MBA with a concentration in Risk Management from Saint Peter’s University. She earned a Professional Certificate in Diversity & Inclusion from Cornell University. Melissa is currently a Doctoral Candidate at Pace University, with a focus in Consumer Psychology and Marketing.
Melissa lives in Hoboken New Jersey with her husband Kevin, and Pitbull puppy Viggo. She is a certified yoga instructor affiliated with both the Dharma Yoga Center of New York City, as well as National Yoga Alliance.
Donald Mones
VP Compliance, Head of Third Party Risk
Brown Brothers Harriman & Co.
Donald Mones
Biography coming soon.
Matthew Moog
General Manager
OneTrust
Matthew Moog,
Matthew Moog serves as the General Manager, Third-Party Risk at OneTrust, the category-defining enterprise platform to operationalize trust. In his role, Matthew advises companies throughout their third-party risk management implementations to help meet requirements relating to relevant standards, frameworks, and laws. Prior to joining OneTrust, Matthew spent 18 years at EY where he led their Global Third-party Risk offering for Financial Services and their Third-party Risk Managed Service offering for the Americas. Moog is a CISA and has a BS in Management Information systems from Rensselaer Polytechnic Institute in Troy, NY
Andrew Moyad
Chief Executive Officer
Shared Assessments
Andrew Moyad
Andrew Moyad is the Chief Executive Officer of Shared Assessments.
Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.
Most recently, Andrew served as Senior Vice President, Vendor Risk Management at Blackstone, where he led a team of risk professionals responsible for overseeing all phases of the vendor lifecycle at the firm, including risk assessments, control diligence, contract reviews, financial checks, performance monitoring, issue tracking, and management reporting. Prior to Blackstone, he served as a director and global head of vendor risk management and BlackRock and Senior Vice President for Citigroup, where he was a Business Information Security Officer in Global Fixed Income and led third party risk assessments for several years.Andrew holds a Bachelor of Arts Degree in Natural Sciences from Harvard University and a Master of Science Degree in Information Systems from the Stevens Institute of Technology.
Luke Nordlie
Executive Director and Global Head of Vendor Due Diligence
KY3P®, S&P Global
Luke Nordlie
Luke Nordlie joined KY3P in 2023 with the TruSight acquisition and leads the commercial and strategic development of vendor due diligence products and methodology. Prior to joining, he served as the Revenue Officer at TruSight and was a Senior Manager in Crowe Horwath’s Risk Consulting Services practice providing information technology and third-party risk services to the financial services industry.
Luke has over 15 years of experience providing information technology and third-party risk services to the financial services industry. Luke’s expertise includes leading a diversified portfolio of regional and national financial institutions through regulatory and industry standard challenges. Based on a strong understanding of regulatory expectations, risk management and program design, Luke has provided consulting and advisory services to more than 50 financial services companies. Before that, Luke was a lead in JPMorgan Chase Bank’s Third Party Office specializing in Information Systems and Application Security assessments.
Luke Nordlie holds a bachelor’s degree in Management Information Systems with a focus on Information Security Auditing Controls from Bowling Green State University.
Chris O’Brien
Senior Manager, Sales Engineer
UpGuard
Chris O'Brien
As a Senior Sales Engineer Manager at UpGuard, my journey has revolved around helping businesses reduce their third-party risk and protect their most valuable data. Through my experiences working with businesses and facing many security challenges, I’ve been able to fortify the cyber defenses of enterprises in an ever-changing threat landscape.
My role has required me to leverage my expertise, bridging the gap between technology and business needs, to reduce third-party risks (present and future).
Peter Pernebo
Managing Director, Global Head of Third Party Risk Management Solutions
KY3P®, S&P Global
Peter Pernebo,
Peter Pernebo is the Global Head of Third Party Risk Solutions for KY3P, S&P Global Market Intelligence, where he is leading the commercial, strategy and client delivery of third-party risk management solutions. KY3P is designed in close cooperation with large financial institutions to provide efficiencies and standardization to the third-party due diligence process.
Before joining S&P Global, Peter spent eight years leading various engagements within Goldman Sachs third party risk management office, establishing vendor management policies, procedures and infrastructure to support the firm’s program.
Prior, he was recruited to head the US NE region for Totality, a silicon valley technology upstart providing operational support for major ecommerce clients. His responsibilities included sales, client service delivery and consulting. As part of the executive leadership team, Peter was responsible for product and growth strategies. Totality was acquired by Verizon Business and he led the integration of Totality services.
Before joining Totality, Peter was a senior Director at Accenture, leading global supply chain projects for clients in the US, Canada, Japan, UK, Sweden and many other locations.
Peter holds a BSc in Business and Strategy from Lund University as well as minors in History and Sociology. He is also ITIL certified.
Michael Rivas
Head of Third Party Risk
DTCC
Michael Rivas
Michael Rivas is Executive Director, Head of Third Party Risk at DTCC where he is responsible for defining and implementing the third party risk oversight framework. In this role, Mike leads a team of risk experts that partner with DTCC’s business lines and technology to manage DTCC’s third party risks while meeting the firm’s strategic objectives.
Mike has over 15 years of experience in the finance industry specializing in establishing teams that address organizational challenges and meet regulatory requirements. Mikes experience includes roles within Strategy, Operational Risk, Market Risk, Compliance, and Internal Audit. Mike holds a bachelor’s degree in Economics and Employment Relations from Rutgers University.
Hugo Ramirez
SVP BBVA US Internal Audit responsible for Governance, Transactional & Fraud Risks and TPRM
BBVA
Hugo Ramirez
Hugo Ramirez has over 33 years of internal audit experience in three countries (US, Mexico, and Puerto Rico) providing assurance on governance effectiveness Risk management and control practices.
Professional Experience and Responsibilities
Hugo Ramirez joined BBVA Internal Audit in February 1993.
During his time at BBVA, Ramirez has held audit positions at five BBVA entities in three different countries. Ramirez has held the title of Chief Audit Executive at BBVA Bancomer USA (2006) and BBVA Puerto Rico (2012). Before joining the audit team of BBVA New York, Ramirez served as Director of the Internal Audit Fraud Division and subsequently he was appointed as Corporate Assurance Director for Internal Audit, focusing on the enactment of a three line of defense integrated structure for all BBVA entities in the US.
As a part of the Solutions Development team in BBVA New York (Agile Methodology), Ramirez is focused on audits related to Operations, and Third-Party Risk Management, although his experience in auditing covers almost all areas of the banking industry as a result of the diversity of his functions throughout his wide-ranging banking career. Notable audits worked on/led include Retail Banking Sales Incentives, Forensic investigations, Volcker Rule Compliance, Vendor Risk Management, Operational Risk, Consumer Deposits, Governance, IT & Data Security, and Lending reviews.
Professional and Community Activities
Ramirez holds a Certification in Risk Management Assurance, designation by the IIA and is a Certified Regulatory Vendor Program Manager. He is a member of the Institute of Internal Auditors and the Association of Certified Fraud Examiners. He has experience as college professor and conference speaker on financial subjects.
Education
Ramirez holds a Master’s degree in Financial Engineering with concentration in Mergers and Acquisitions and a Bachelor’s degree in International Trade both from the Universidad de Guadalajara in Mexico. He has also completed executive training in Leadership and Senior Management at recognized business schools in Texas, Guadalajara (MX) and Mexico City.
Brian Shaw
Director of Financial Services
Mirato
Brian Shaw
Brian has worked in business process automation targeting risk and compliance for over 25 years, supporting hundreds of Fortune 500 and mid-market firms across all industries. Since 2011 Brian has focused on Third-Party Risk, Compliance and Performance Management for the Financial Services Industry, as well as Master Data Management and Know Your Customer (KYC) challenges. At Mirato, Brian serves as Director of Financial Services Sales, responsible for sales to financial services firms in North America and Europe.
Larry Slusser
Vice President Global Head Professional Services Delivery
SecurityScorecard
Larry Slusser
Larry Slusser is the Vice President & Global Head of Professional Services Delivery at SecurityScorecard. In addition to leading our Professional Services Delivery Team, Mr. Slusser runs point on SSC’s Incident Response Team, who respond to ransomware and extortion negotiations. Mr. Slusser served as an Officer in the United States Air Force for 6 years and has held P&L responsibility for various Fortune 500 companies as well as run a successful printing and manufacturing business. Graduating with a Master’s in Cyber Security, Mr. Slusser successfully transitioned to cybersecurity bringing his considerable professional services delivery experience to the space. Security Scorecard’s clients and Partners find Larry’s combination of business leadership experience and cybersecurity knowledge a valuable asset, whether in a time of crisis or helping to prepare their cybersecurity defenses through SecurityScorecard’s cyber resilience and emergency preparation services.
Michael Steinhoefel
Director Operational Risk Management
Barclays
Michael Steinhoefel
Michael Steinhoefel is a Director of Operational Risk Management at Barclays responsible for Connecting Risk in the Supply Chain. Prior to this Michael was at BNY Mellon Global Markets and 20 years with Citi, the Swiss Stock Exchange, and Credit Suisse in roles in Internal Audit and in first line Risk & Control and Business Process Reengineering in the US, LATAM and EMEA. Michael worked several years as external auditor. He holds a Master of Political Science from the Johannes Gutenberg University in Germany and an MBA from the Institute of Management Development (IMD)
Thomas Sutton
Director of Global Accounts
NCC Group
Thomas Sutton
Strategic Relationship Manager for NCC Group’s global financial customers predominantly in North America and Western Europe, consults on supply chain risk mitigation, business continuity planning and process management to mitigate third and fourth party risk.
Nate Vanderheyden
Executive Director, US Banks Cyber & Information Security
Morgan Stanley
Nate Vanderheyden
Nate Vanderheyden is an Executive Director on Morgan Stanley’s U.S. Banks Cybersecurity and Information Security Team.Mr. Vanderheyden is responsible for the evaluation and evolution of banking systems to enhance cyber resiliency and defensive measures. He started at the firm in 2018 on the Wealth Management Cybersecurity team in direct support of Global Banking Technology and the Private Bank.Prior to joining Morgan Stanley, Mr. Vanderheyden served for 11 years in the U.S. Marine Corps and was deployed to Iraq and Afghanistan. His last six years of duty were spent at the National Security Agency (NSA), where he conducted and led a team performing computer network operations, advised senior government officials, and authored multiple policy documents shaping cyberspace operations in support of the U.S. Intelligence Community and national security objectives.
Olga Voytenko
Managing Director of Operational Resilience
Silicon Valley Bank
Olga Voytenko
Olga Voytenko is a Managing Director of Operational Resilience with Silicon Valley Bank. She is responsible for building the global operational resilience program and supporting resolution and recovery planning. In her role, she is regarded as the operational risk and resilience expert who promotes the importance of sound operational resilience practices and supports her financial organization in the timely and effective build and execution of operational risk and resilience management programs and processes. Prior to this role, Ms. Voytenko was the Global Head of Third Party Risk Management with State Street Corporation, where she was responsible for building the Third Party Risk Management program and managing third party risks, including operational resilience and cyber security risks. Ms. Voytenko’s extensive experience across financial and non financial risk domains includes serving as Vice President within Treasury leading the Global Liquidity Risk Management team, as well as, leadership roles in Recovery Resolution Planning, Valuation & Analytics, and Corporate Audit. Ms. Voytenko also contributed to Sun Life Financial, where she held a leadership position in the Investment Finance and Security Valuation team.
Olga holds a Master of Science in Business Administration from Suffolk University and a Bachelor of Science in Accounting and Finance from Boston University.
Ken Wolckenhauer
VP, Vendor Management
Nordea Bank
Ken Wolckenhauer
Ken Wolckenhauer is the Head of Vendor Management at Nordea Bank’s New York branch. Leading up to this position, Ken was as a subject matter expert, trainer, solutions provider, and consultant for FIS, the world’s largest global provider dedicated to banking and payments technologies. With FIS, Ken specialized in financial industry regulatory risk and compliance, mostly in the area of anti-money laundering and watchlist compliance. Nordea Bank leveraged Ken’s risk and compliance knowledge to build out the vendor management program for the New York branch, developing a program that would properly manage risk as well as gaining acceptance to the US regulators. The success of the US program is now being used to advise Nordea’s European branches on enhancements to its TPRM program. Ken is a graduate of Bucknell University and is a Certified Anti-Money Laundering Specialist.
Mike Yaffe
CMO
Prevalent
Mike Yaffe,
Michael Yaffe brings more than 20 years of experience at organizations ranging from start-ups to Fortune 100 companies to his position as Chief Marketing Officer. He has a significant record of achievement in developing strategic and tactical marketing programs for information security companies that deliver revenue. He possesses a strong set of skills in lead generation, public and analyst relations, product marketing, partnership development, positioning and branding.
Jing Zhao
Director Third Party Data and Analytics
USAA
Jing Zhao
Jing Zhao has over a decade of experience in the Third Party, Supply Chain, and Procurement space. Jing currently oversees USAA’s Third Party Data and Analytics team which is accountable for the delivery of Procurement and Third Party risk data, reporting and analytics, including Third Party Risk Appetite Metrics, Key Risk / Performance Indicators, Board of Director reporting, Data and Analytics Strategy, Pricing Analytics, and other intelligence supporting the Third Party program.
Jing’s professional career has been centered around Supply Chain Management and Third Party Risk Management. Jing has previous experience in the logistics field and he was a previous entrepreneur. Prior to USAA, Jing provided many years of leadership through setting strategic direction, implementing emerging technology such as AI and RPA, and process design in the Procurement / Third Party Risk Management division at Bank of America.
Jing received his bachelor’s degree & MBA focused on Supply Chain Management, Operations, and Strategy from Purdue University at West Lafayette, IN. Boiler Up!
Jing enjoys spending his free time with his wife, Lindsay, and 2 sons, Wade (2018) and Luke (2020) playing the piano and guitar, and binge watching basketball. He currently reside in Charlotte, NC.
Would your organization like to partner with us on this event?
To discuss how we can deliver your thought-leadership at the event, help you generate leads, and provide you with unique networking and branding opportunities, please contact sales@cefpro.com or call us on +1 888 677 7007 for more information.
2024 Sponsors
Co-sponsors
Aravo
Aravo delivers the market’s smartest third-party risk and performance management solutions, powered by intelligent automation. With Aravo, customers can work smarter, move faster, see clearer, and make better decisions about their extended enterprise – all in one place.
For more than 20 years now, Aravo’s combination of award-winning technology and unrivaled domain expertise has helped the world’s most respected brands accelerate and optimize their third-party management programs, delivering better business outcomes faster and ensuring the agility to adapt as programs evolve. Aravo is trusted by the world’s leading brands, helping them manage the risk and improve the performance of more than 5 million third parties, suppliers and vendors across the globe.
Black Kite
Black Kite is disrupting third-party risk management practices by providing security experts with the industry’s most accurate and comprehensive cyber intelligence, resulting in unparalleled visibility into vendor risk. The award-winning platform pushes the limits on predictive insights, delivering the highest quality intelligence to help organizations make better risk decisions.
Mirato
Don’t just automate workflow. Automate the remaining manual work.
Mirato’s TPRM intelligence platform elevates existing TPRM programs and
tools by streamlining an entire operation’s data into one smart platform. Using natural language processing (NLP) and advanced artificial intelligence (AI), Mirato validates and enriches this data, turning it into actionable insights. What was previously multi-destination, manual-intensive labor is now replaced by the Mirato platform and is easily managed from one dashboard. This saves time and money (up to 60% of assessment cost) while increasing an organization’s ability to mitigate risk in an ever-evolving risk landscape.
NCC Group
NCC Group are sponsoring CeFPro’s Vendor & Third Party Risk Congress 2024
OneTrust
As society redefines risk and opportunity, OneTrust empowers tomorrow’s leaders to succeed through trust and impact with the Trust Intelligence Platform. The market-defining Trust Intelligence Platform from OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture by unlocking their value and potential to thrive by doing what’s good for people and the planet.
Security Scorecard
SecurityScorecard is the global leader in cybersecurity ratings and the only service with millions of organizations continuously rated. Our mission is to make the world a safer place by transforming the way organizations understand, improve, and communicate cybersecurity risk to their boards, employees, and vendors.
SecurityScorecard’s patented rating technology is used by thousands of organizations for enterprise cyber risk management, third-party risk management, board reporting, cyber insurance underwriting, and regulatory oversight to meet compliance mandates; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their externally facing digital-footprint.
SecurityScorecard is the only provider of instant risk ratings that automatically map to vendor cybersecurity questionnaires and the largest ecosystem of integrations, providing a true 360-degree view of risk. But we don’t stop there. Through a customer-centric, solution-based commitment to our partners, we are transforming the digital landscape building a path toward resilience.
Associate sponsors
Archer
Archer, an RSA company, is a leader in providing integrated risk management solutions that enable customers to improve strategic decision making and operational resiliency. As true pioneers in GRC software, Archer remains solely dedicated to helping customers understand risk holistically by engaging stakeholders, leveraging a modern platform that spans key domains of risk and supports analysis driven by both business and IT impacts. The Archer customer base represents one of the largest pure risk management communities globally, with over 1,500 deployments including more than 90 of the Fortune 100.
Shared Assessments
Shared Assessments are sponsoring CeFPro’s Vendor & Third Party Risk Congress 2024
Content and media partners
CeFPro Connect
CeFPro Connect aims to connect industry experts through thought leadership content and timely news, written for the industry, by the industry. Gain unlimited access to CeFPro’s unparalleled library of resources including iNFRont Magazine, market intelligence reports, filmed presentations, insights Q&A’s, and much more.
Sign up for free.
iNFRont Magazine
iNFRont Magazine is a unique publication providing regular insight on the operational and non-financial risk (NFR) sector. Featuring contributions provided by leading industry figures and experts from around the world, iNFRont Magazine touches on the most critical themes and challenges currently affecting financial professionals.
Available to download for free.
Venue & FAQs
360 Madison Avenue | etc.venues
Madison Avenue
Midtown Manhattan
New York NY 10017
Can I share my thought leadership at Vendor & Third Party Risk USA?
Will there be opportunities to network with other attendees?
- Breakfast, lunch and refreshment breaks
- Drinks reception at the end of day-1
- Q&A, panel discussions and audience participation technology
What is included within the registration fee?
Where can I find the Congress documentation and speaker presentations?
* Please note that our speakers often have to gain permission from their relevant compliance departments to release their presentations. On rare occasions compliance may not allow presentations to be distributed.
Will breakfast, lunch and refreshment be provided?
Are there any rules on dress code?
Are CPE Credits available?
Register - Pre-agenda rate
E.g. Bank, Insurance company, Asset manager, Regulator
E.g. Consultant, Vendor, Executive search firm, Law firm
Maximise the impact of Vendor & Third Party Risk USA with your team:
Register for Vendor & Third Party Risk USA today and join the likes of 150+ industry professionals and subject matter experts looking to engage in meaningful conversation and discuss the latest developments and challenges within the vendor and TPRM landscape.
Register now and secure your place at the lowest rate possible.
Don’t miss out, we only have a limited number of tickets available.
The benefits are amplified when you attend alongside your colleagues, fostering a unique environment for collective learning, sharing insights, and strengthening professional bonds. Join us to explore this diverse and dynamic field together with your team.
Buy 2 passes and get the 3rd half price OR buy 4 and get the 5th for free!
Need assistance with your registration? Get in touch with us via email below, or call us on +44 (0)207 164 6582.
*To qualify for the preferential ‘early bird’ rates, registration must be received by the close of the ‘early bird’ working day, and payment can be made at the time of registering, or up to a week after registration is made an invoice sent. CeFPro reserves the right to increase rates should payment be delayed significantly. For Group Rates to be valid, the whole group must register at the same time, though names can be changed at any time up to the event at no additional cost. Should a delegate register at a rate that is inaccurate, CeFPro reserves the right to issue an additional invoice for the outstanding amount.