8:00 Registration and Breakfast | 8:50 Chairs opening remarks 

Chaired by: BCS Consulting


9:00 Maintaining an established risk culture with changes to working environments

  • Building culture into changing digital environment
  • Monitoring key indicators for changes to behavior
  • Changing tone from the top and regulators
  • Enhanced monitoring of staff
  • Embedding culture in a changing environment
  • Disenfranchisement with organizations with WFH
    • Lack of human interaction
  • Maintaining company culture in a long term work from home environment

Gary SavillHead of RiskSAGA
Lorraine Solway, Director of Risk, NEST
Sucharita Banerjee Lodha, Head of Operational Risk, AIG


9:45 The evolution of non-financial risk practices in financial services and the future of the generalist

  • Basel II spawned a generation of operational risk managers with an uncomplicated mandate.  As operational risk is divided and sub-divided into an increasing number of risk specialisms are the days of the ‘generalist’ operational risk manager numbered?

Michael SparksCRO, Issuer ServicesBNY Mellon

10:20 Morning refreshment break and networking 

10:50 Operational Risk Management: Rise of the Machines

Rob CrewdsonDirectorBCS Consulting
Liam CarlisleManaging ConsultantBCS Consulting
Laura DaviesPrincipal ConsultantBCS Consulting
Rob MurrayManaging DirectorBCS Consulting

GRC Risk Management

11:25 Bringing quantification into the game – how to combine GRC risk management with an analytical engine to manage operational risks more efficiently

  • Why ordinal scales and heat maps are used for operational risk and how they can lead to false conclusions
  • Using nested bowtie risk diagrams to better describe key risks and their treatment
  • How quantitative bowtie diagrams better reflect the intentions of Basel II’s AMA approach
  • How to optimize the cost effectiveness of risk treatments
  • Building risk heat maps that provide correct guidance

David VoseVice President Risk Management, Archer

12:10 Lunch break and networking


1:10 Discussion on the integration of Operational Resilience into the wider Enterprise Risk Management Framework

  • Preparedness to absorb shocks
  • Influence of operational resilience on organisational risk culture
  • Cross-function engagement model – seamless or wrought with sensitivity?
  • Fostering an environment of continuous improvement through the self-assessment process
  • Balancing internal stakeholder objectives and expectations

Gary Lynam, Director of Risk Advisory, Protecht Group
Wendy Quintal, Head: Operational Risk, Investec
Mathew Wells, Principal Advisor, Wavestone

1:45 How resilient is modern digital infrastructure? What Risk Officers should know - Uptime

  • Outage trends, what causes outrages, severity levels and impacts
  • Examples of outages and their impact
  • Approaches to assessing third party platform and technology party suppliers
  • How the rise of cloud has changed the risk profile
  • Strategies to mitigate IT outage risk and improve operational resilience

Ali Moinuddin, Managing Director, Europe, Uptime Institute


2:30 Incorporating effective change management processes to adapt to new business environment

  • Changing priorities and approach to business model
  • Managing change to processes and products
  • Security considerations for long term change
  • Setting transformation plans
  • Leveraging and transitioning to increased reliance on technology
  • Setting and articulating strategy and incorporating change

Stefana BrownHead of Operational Risk, Legal and General
Dan DavisChief Risk Officer, NEST
Carlos MartinExecutive Director, JP Morgan

3:15 Afternoon refreshment break and networking


3:45 Managing regulatory expectations for management of third parties

  • Compliance with local and global regulators and aligning definitions
  • Changes to risk assessments and management of data
  • Managing ESG risks across supply chains
  • Thresholds and controls to comply with competent authority
  • Outsourcing material third parties
    • Changes to requirements under resilience regulations
  • Audit requirements for large third parties
    • Outsourcing to non-regulated institutions
  • Acquiring an exit plan for material outsourcing entities
  • Reviewing cyber risk preparedness of third parties
  • Monitoring and demonstrating resilience of third parties

Sean TitleyDirector of Enterprise and Operational Risk, Metro Bank
Ali Moinuddin, Managing Director, Europe, Uptime Institute
Andy NatesanFounder & Director, Levizo


4:30 Maintaining oversight and controls of third parties in a changing landscape

  • Oversight of third parties working remotely
    • Contractual requirements
  • Leveraging third party operations within change management
  • Optimizing processes and systems
  • Cultural shift towards third party risk
  • Concentration risk of large global players
  • Connectedness of supply chains
  • Concentration risk of companies and locations
    • Risk of natural disasters impacting locations

Abhishek Khare, Director, Oversight Lead, Chief Controls Office, Societe Generale


5:05 Using culture and behaviour assessments to improve risk culture

  • What is the purpose of a culture and behavior assessment
  • What is a culture and behavior assessment
  • The methodology used as well as the steps we distinguish during a C&B assessment
  • Reporting on the C&B outcome, and some take aways

Freek van Velsen, Chief Audit Executive, LeasePlan
Jonnah Pragt, Senior Auditor, Culture & Behaviour, LeasePlan 

5:40 Chair’s closing remarks

5:45 End of day 1 and networking drinks reception

8:00 Registration and breakfast | 8:50 Chairs’s opening remarks

Moderated by: Henry Umney, Managing Director GRC, Mitratech


9:00 Reviewing expectations and evolution of ESG requirements and considerations to assess risk

  • Reviewing sustainability requirements and impact to business model
  • Turning talk into meaningful action and appropriate steps
  • Investing in quantitative ways of assessing risk
  • Developing an outsourcing strategy based on ESG and carbon footprint
  • Reputation impacts of practices across supply chains
  • Maintaining ethical standards and setting KPIs
  • Deciphering risks of greenwashing across the industry
  • Diversity and inclusion considerations

Anit Deb, Head of External Industry Coverage for Non-Financial Risk, Deutsche Bank
Nicola Crawford, Chief Risk Officer, National Bank of Kuwait
Sophie Dupre-Echeverria, Chief Risk Officer, Gulf International Bank

9:45 Greenwashing risk in asset management

  • What is Greenwashing Risk?
  • What are the requirements on Asset Management?
  • What does it take to manage Greenwashing Risk?

Søren Agergaard AndersenChief Risk Officer, Nordea Asset Management

10:20 Morning refreshment break and networking 


10:50 The potential impacts of climate change on operational risk

  • Behavioural & economic consequences of Climate Change.
  • Transformation into Operational Risk losses
  • Quantification: Stressing loss forecasts, scenario analysis, capital models and reputation

Michael Grimwade, Managing Director Operational Risk, ICBC Standard

11:25 DORA & PRA: Navigating the latest third-party risk management requirements

  • Overview of the implications of working with third parties under new regulations
  • Best practices for building a third-party risk management program in the context of DORA & PRA
  • Immediate next steps organizations can take to position themselves for compliance success
  • Long-term strategies for building a future-proof and agile third-party risk management program

Nikki Stoy, Offering Specialist, OneTrust Vendorpedia


12:00 Supervisory expectations in 2022 and beyond

  • Policy and regulators objectives
  • Supervisory expectations in 2022 and beyond
  • Thematic observations and firm’s readiness so far

Javier MartinezSenior Manager, Bank of England

12:35 Lunch break and networking 


1:35 Embedding resilience into BAU and navigating updates to legacy systems

  • Reliance on third parties to provide infrastructure or business processes
  • Assigning ownership and accountability
    • Changing role of the operational risk function
  • Understanding ownership and end to end processes
  • Long term sustainability and business preparedness
  • Quantifying ‘significant harm to customers’ and defining tolerances
  • Constructing processes and controls for future stress events

Jenny BirdiHead of Operational Risk and Risk Strategy, UK Bank, HSBC
Sean TitleyDirector of Enterprise and Operational Risk, Metro Bank
Andrew SheenDirector, AJ Sheen Consulting


2:20 Managing changes to product offering and meeting customer demand for increase in digital products

  • Changes to product offerings as a result of covid
  • Operational risks of increase in digital products
  • Streamlining existing processes and infrastructure
  • Managing evolving client expectations

Sean Miles, Associate Director, Risk, CompareTheMarket


2:55 Managing increase in people risk with move to long term remote or hybrid working

  • Managing hybrid work environment
  • Shift of talent and work activities with work from home
    • Changes to product strategy and services
  • Resource capacity to prevent burnouts
  • Ensuring teams are in locations they say they are
    • Data security considerations
  • Integrating new starters into company culture working remotely
  • Managing productivity and morale

Gary SavillHead of Risk, SAGA
Karen Frazer, Head of Retail Governance and Controls, Santander UK

3:30 Afternoon refreshment break and networking


3:45 Leveraging lessons learnt from the pandemic and improving ability to respond to extreme events

  • Testing barriers to monitor extreme risks
  • Origin of operational risk for extreme risk events
    • Financial losses from financial crisis
  • Defending against a range of potential extreme events
  • Identifying risks and impact on organization and industry
  • Upgrading scenario analysis capabilities
  • Understanding how to be resilient against extreme events
    • Crisis response plans
  • Developing transferable response plans across scenarios

Anit Deb, Head of External Industry Coverage for Non-Financial Risk, Deutsche Bank
Merlin Linehan, Risk Manager, EBRD
Zuzana Vybiralova, EMEA Deputy Head of Operational Risk, Nomura

4:30 Chair’s closing remarks | 4:35 end of Summit