Operational Risk Management USA | 7th Annual

Day One | October 12

New York City

8:15 Registration and breakfast

8:50 Chair’s opening remarks


9:00 Reviewing requirements for operational resilience and developing agile programs in a changing environment

Session details 

  • Identifying overlap between risk and IT processes
  • Evolution of resilience program post pandemic
  • Inclusion of political disruption within resiliency
  • Testing plans and recovery to limit disruption
  • Requirements for mapping processes and controls
  • Evaluating criticality in resilience requirements
  • Identifying resilience challenges across supply chain

 Sabeena Liconte, Chief of Compliance, ICBC

Gus Ortega, Head of Operational Risk Management, Voya Financial

9:45 Integrating third party risk with operational resiliency

Session details 

  • Session to come

Preety Tulsain, Head of Third-Party Risk US/ Enterprise Risk, Scotiabank

Gregory Vinton, Director, US Internal Controls, Third Party Risk, Scotiabank 

10:20 Morning refreshment break and networking


10:50 Enhancing control environment across supply chains and managing exposure to vendor and third-party risks

Session details 

  • Enforcing proper processes for delivery
    • Mitigating introduction of additional risks
  • Monitoring access to data across organization boundaries
  • Developing adequate control mechanisms
    • Controls to address incidents firms are experiencing
  • Managing compliance of contracts
  • Communicating incidences in a timely manner
  • Managing instances that expose the firm to reputation risk
  • Corrective action and remediation steps in real time

Aielleen Fajardo, Managing Director, Head of Internal Investigations, TIAA

Jeremy Resler, SVP, Director Third Party Risk Management Governance, US Bank

Sri Intan, Head of Vendor Risk Management, Commerzbank


11:35 Monitoring exposure to cyber threats across the organization to enhance response

Session details 

  • Cyber incident notifications
    • Impact to banks and third-party service providers
  • Alignment of privacy regulations
  • Managing third party cyber risks
  • Heightened risk of state sponsored attacks with Russia conflict
  • Managing vulnerabilities in a WFH/Hybrid environment
    • Increased reliance on vendors
  • Anti-phishing campaigns to educate employees
  • Increased use of ransomware attacks


12:10 Leveraging data as a tool to enhance operational risk controls and tailor customer experience

Session details 

  • Developing a data governance process
  • Impact of privacy on data programs
  • Data security practices across vendors
  • Managing data in an increasingly digital world
  • Operationalizing risk data
  • Developing for advanced and predictive analytics
  • Challenges with client reference data
    • Implications of having bad reference data at the source on consumers of data

Michael Ivie, MD, Head of FS Consulting, Phyton Consulting 

12:45 Lunch break and networking


1:45 Maintaining control and oversight over in a cloud environment

Session details 

  • Leveraging cloud providers
  • Meeting demands faced by large financial institutions
  • Reliance on cloud providers to mitigate operational risk
    • Technology support
  • Understanding the distinction between public and private cloud
  • Level of rigor relating to data privacy
  • Intrinsic risks from controls over public vs. private cloud


2:15 Managing evolution of data privacy requirements and alignment of expectations across jurisdictions

Session details 

  • Protection safeguards for employee data and customers
  • Mitigating risk of unintentional data transmission to unauthorized persons
  • Reviewing local and global regulations
  • Staying abreast of changes in legislation
  • Understanding impacts and developing best practice


2:50 Reviewing global regulatory requirements and expectations towards ESG and synchronization across regimes

Session details 

  • Vetting decisions on investments
  • Managing constantly changing global expectations
  • Building out new functions to manage ESG
  • Developing sustainability frameworks
  • Impact on operational risk practices
  • Increased business continuity processes
  • Monitoring products for green bonds
  • Profile/portfolio monitoring and transitioning

3:25 Afternoon refreshment break and networking


3:55 Reviewing treatment of climate risks from operational risk teams and impact to business practices

Session details 

  • SEC and TCF reporting requirements
  • Understanding net zero commitments’
  • Managing reputation risk
  • Scenario analysis for transition and physical risk
  • Impact to investments
  • Data for net zero commitments
  • Standardization of submissions
  • Mitigating against greenwashing risk

Andy Gloub, Risk Lead ESG, CIT tbc


4:30 Understanding what social represents in an ESG context and driving agendas across business lines

Session details 

  • Managing social challenges
  • Changing definitions of social across business lines
  • Drawing commonalities of themes
  • Keeping up with changing regulatory initiatives and expectations
  • Best practice to manage expectations with stakeholders
  • Responsibility to understand impact

Ameet Barve, Managing Director & Management Board Member, Former Lloyds


5:05 Protecting reputation in a politically charged environment and managing evolution of customer expectations

Session details 

  • Monitoring for reputation risk
  • Vetting scenarios before taking public stance
  • Identifying key risks
  • Monitoring media, social media and news outlets
  • Aligning investment values with customer values
  • Identifying leading indicators for reputational risk

5:40 Chair’s closing remarks

5:50 End of day one and drinks reception

Operational Risk Management USA | 7th Annual

Day Two | October 13

New York City

8:15 Registration and breakfast

8:50 Chair’s opening remarks


9:00 Managing uncertainty in a volatile geopolitical environment

Session details 

  • Managing risks with evolving volatility
  • Financial services in international conflict
    • Impact of swift system limitations
  • Best practice to anticipate political risk
  • Scenario analysis of impact to firms


9:35 Leveraging scenario analysis and quantification methods to better identify impact of disruption

Session details 

  • Leveraging historical data to quantify damage
  • Quantifying reputation risk
  • Measuring business interruption
  • Capabilities to run additional scenario
  • Developing quantifiable stress scenarios
  • Developing scenarios applicable to business units
  • Regulatory expectations on scenarios
  • Identifying large scale impact scenarios

Jason Conn, Head of Electronic Trading Risk Governance, Citi

Craig Spielmann, Risk Intelligence Leader, CNM LLP

10:15 Morning refreshment break and networking


10:45 Setting risk appetites within the organization and setting firmwide expectations and monitoring metrics

Session details 

  • Making decisions based off of appetite
  • Leveraging systems data and people structure
  • Continuous monitoring of risks
  • Developing readily available data programs
  • Reliable and quantifiable data
  • Developing metrics for cyber risk

Stephen Woitsky, VP, Operational Risk Officer, Wells Fargo


11:20 Session to come

Session details 

  • Session to come

David Box, Vice President, Single Family Operational Risk, Fannie Mae


11:40 Conducting impactful RCSAs to identify material risks

Session details 

  • Adopting a risk-based approach
  • Prioritizing critical processes to identify inherent risk
  • Identifying effectiveness of key controls to mitigate risk
  • Reviewing regulatory expectations

James Serinese, Head of Front Office Risk and Control and Operational Risk, Scotiabank

David Box, Vice President, Single Family Operational Risk, Fannie Mae

Javier Adolfo Ortiz, Chief, Financial Control & Operational Risk Management Unit, Inter-American Development Bank

Hafsteinn Gislason, Director, Operational Risk, Silvergate Bank

12:35 Lunch break and networking


1:35 Enhancing business continuity planning in a volatile global environment

Session details 

  • Lessons learnt from Covid-19
  • Uses of disaster recovery sites post pandemic
    • Move to WFH as DR site
  • Providing evidence of business continuity testing
  • Aligning with controls
  • Ongoing changes across the industry
  • Updating policies to reflect changes in working practices

Javier Adolfo Ortiz, Chief, Financial Control & Operational Risk Management Unit, Inter-American Development Bank


2:10 Enhancing capabilities of operational risk through real time monitoring capabilities

Session details 

  • Designing processing systems to generate real time information
  • Developing tighter oversight
  • Leveraging as a tool to develop operational health
  • Real time risk identification
  • Identifying key metrics
  • Generating data streams more easily

Michael Reidy, Head of Risk Appetite and Reporting, Societe Generale

2:45 Afternoon refreshment break and networking


3:15 Reviewing industry approaches to cryptocurrency uses and future opportunities

Session details 

  • Understanding central bank digital currencies
  • Developing a lexicon to define crypto assets
  • Managing disruptions from the crypto space
  • The role of financial institutions in cryptocurrency
  • Impact of stablecoins falling below $1
  • Diversifying portfolios to move into crypto
  • Developing frameworks to manage moving parts

Nick Diieso, Director Global Head of Operational Risk – ICG Ops, Markets and Securities Services, Citi


3:50 Managing the continuous evolution of model risk with increased digitalization

Session details 

  • Building blocks to digitalization
  • Innovation driving increased model complexity and use
  • AI/ML approaches generating operational risk consequences
  • Latest regulatory expectations regarding model risk across the risk appetite
  • Collaboration and integration with third party risk, change management & RCSA’s
  • Evolving operational risk programs

Chris Smigielski, Director of Model Risk Management, Arvest Bank 


4:25 Enhancing technology capabilities to enhance efficiency and develop agility in a competitive market

Session details 

  • Disruption to existing products and processes
  • Developing algorithms to enhance efficiency
  • Leveraging technology capabilities as a tool to view risk holistically
  • Managing data requirements and ensuring accuracy of data sets
  • Managing end of life of a technology
    • Communicating to impacted businesses
  • Quantum computing
    • Changes to data encryption on the horizon

Robert O’Connell, Director, Operational Risk Management, Citi tbc

Paul Clarke, SVP US Operational Risk Management, TD Bank 

Gus Ortega, Head of Operational Risk Management, Voya Financial

5:10 Chair’s closing remarks

5:20 End of Congress

Javier Adolfo Ortiz
Chief, Financial Control & Operational Risk Management UnitInter-American Development Bank (IDB)
Jason Conn
Deputy Head of Operational Risk Management, ICG

Experienced operational leader within Financial Services, with a history of success in large scale program development and process optimization. Jason takes pride in being a leader of high performing teams and organizations and getting things done.

Andy Golub
SVP, Risk Lead ESG
CIT (a division of First Citizens Bank)

Andy Golub started his career as an accidental banker, arriving at Wall St during the go-go 1990s after studies at the University of Chicago looking at the intersection of history, anthropology and economics. He spent 15 years up to the Great Recession supporting structured finance solutions across domains: emerging markets, rate, credit, and energy derivatives, alternative assets, banking-insurance convergence, and CDOs. The next 15 years have been spent in pursuit of a more connected understanding of risk, to understand the direct impact of financial exposures, second order impacts on portfolios and capital/liquidity adequacy, and the broader system beyond immediate financial considerations.

Gus Ortega
Head of Operational Risk Management
Voya Financial

Accomplished risk management executive for multi-national global financial institutions with broad knowledge across Enterprise Risk Management, in particular Operational Risk, including Third-Party & Outsourcing Risk, Business Resilience & IT Risk, Business Controls Management, and Risk Strategy. Experienced in risk management program design, implementation and execution. Specialist in risk assessments (RCSA, Fraud Risk Assessments (FRA), Third-Party Risk Assessments, ORSA, etc.), Internal and External Operational Risk Loss Data / Event Reporting and Investigations, Key Risk Indicators, Issue Management, Controls Testing, Risk Treatment, Data Management, and Operational Risk Technology (GRC tools) solutions. Experienced with leading strategic and change initiatives in Risk Governance & Oversight, and Operational Controls, including Business Accountability models, Conduct and Risk Culture programs. Regulatory focused with foreign bank supervision and systemically important financial institution (SIFI) compliance knowledge. Work experience includes international risk and control projects across foreign markets including Latin America, Europe, Japan and Australia.


Preety Tulsian
Head of Third-Party Risk US / Enterprise Risk

Chris Smigielski
Director of Model Risk Management
Arvest Bank

Andy Golub started his career as an accidental banker, arriving at Wall St during the go-go 1990s after studies at the University of Chicago looking at the intersection of history, anthropology and economics. He spent 15 years up to the Great Recession supporting structured finance solutions across domains: emerging markets, rate, credit, and energy derivatives, alternative assets, banking-insurance convergence, and CDOs. The next 15 years have been spent in pursuit of a more connected understanding of risk, to understand the direct impact of financial exposures, second order impacts on portfolios and capital/liquidity adequacy, and the broader system beyond immediate financial considerations.

Sabeena Liconte
Chief of Compliance
ICBC Standard Bank
Paul Clarke
Senior Vice President
TD Bank

Paul Clarke has been with TD Bank since 1993 in various roles in Risk Management, Technology and TD Wealth.
Paul is currently responsible for the Operational Risk oversight and independent challenge of the TD Bank US Corporate & Shared Services portfolio, including Cyber/Tech, Fraud, Third-party, Corporate, Payments, and Shared Services. As a strategic business partner, Paul also participates and supports their strategy development and implementation efforts with an independent view to ensure these functions operate within Risk Appetite.
Prior to his current appointment, Paul held roles as VP/Head of Operational Risk Management for North American Direct Channels & Payments & Fraud, as Head/VP of ORM for TD Wealth Management, and as Associate Vice President, Technology Risk Management & Information Security supporting TD Wealth, TD Bank US, and TD Securities, successively. Paul has also held technology platform ownership roles and business leadership roles in TD Wealth.
Paul graduated from the University of Toronto with an Honors Bachelor of Arts in Economics & Industrial Relations.

James Serinese
Head of Front Office Risk and Control
David Box
Vice President, Single Family Operational Risk
Fannie Mae

Business transformative leader and trusted advisor with proven record of success driving engagement and positive performance. Direct development and implementation of strategies that establish a foundation for transparent, cost effective, and risk managed operations. Oversee initiatives from concept to full execution, working across internal boundaries, driving for the timely adoption of new ideas. Receive ongoing recognition as proactive leader and team mentor, creating environments that embrace positive change and drive accountability for results. Reputation for value creation while bringing passion and collective energy to create a team culture of shared purpose. Consistently recognized for strategic leadership, management system effectiveness, and ability to get the job done with an unwavering proactive drive for results. Lead teams to identify and solve problems.

Gregory Vinton
Director, US internal controls, third party risk

Greg Vinton has over 15 years in financial services managing complex programs. He joined Scotiabank U.S. in 2017 and has focussed on efforts to enhance the bank’s risk and control functions. He is currently the U.S. Internal Control Head of Third Party Risk and Operational Resiliency.

Michael J.Ivie
MD, Head of FS Consulting
Phyton Consulting

Michael Ivie, Managing Partner, Head of Financial Services Consulting, Phyton Consulting
Michael is a Managing Partner at Phyton Consulting, a specialized professional services firm that empowers data intensive businesses with subject-matter leadership and execution-focused delivery capabilities. Michael has over a decade of experience in Finance, Risk, Data Management, and Technology in both public and private sectors. His diverse background working across the enterprise and in numerous change management roles for many of the world’s leading financial institutions has helped him develop a unique perspective on how these organizations function and how to navigate a changing business, technical, and regulatory landscape.
Michael received an MS in Finance and an MBA in Risk Management & Insurance from Georgia State University’s J. Mack Robinson College of Business. He earned a Professional Risk Manager (PRM) certification from PRMIA, Basel Compliance Professional designation from BCPA, Project Management Professional (PMP) credential from PMI, and numerous professional industry licenses and data/IT certifications.

Robert O’Connell
Director, Operational Risk Mangement

Nick Diieso
SVP, OR- Markets and Securities Services / Institutional Clients Group


Nick Diieso is a Director at Citigroup where he heads global Operational Risk business coverage for Markets and Securities Services and serves as the Head of Operational Risk for Citi Global Markets, Inc (the US broker-dealer). Prior to Citi, Nick was globally responsible for Operational Risk for the infrastructure functions at Deutsche Bank, served as a first line risk director and business CAO for the Specialty Commercial arm of Santander Bank, and served in corporate finance and audit capacities at GE Capital, MathWorks, and TJX.

Michael Reidy
Head of Risk Appetite and Reporting
Societe Generale
Hafsteinn Gislason
Director Operational RiskSilvergate Bank

Stephen Woitsky
SVP, Operational Risk Business Oversight Officer
Wells Fargo

Ameet Barve
Managing Director, Risk Management
Lloyds Banking Group

Managing Director with progressive leadership roles across first, second, and third lines of defense spanning Asia, Middle East, Europe, and United States. Most recently company director and management board member with oversight of end-to-end risk, finance, information security, and leadership of European investment firm in Germany. Repeated success in re-engineering front to back processes to improve risk management and operational efficiency. Thrive in ambiguity and undefined functions, navigating through complexity and barriers to achieve strategic organizational goals.

Stuart Hoffman
Governance & Operational Risk Policy Analyst

Stuart is a Policy Analyst with the OCC’s Bank Supervision Policy division, specializing in governance and operational risk policy. He is also a Bank Information Technology examiner, specializing in cybersecurity and information technology risk / information security. He supports international efforts as the OCC’s interim representative to the Basel Committee on Banking Supervision (BCBS) Operational Resilience Group. Stuart joined the OCC as an industry hire in June of 2013. Prior to joining the OCC, Stuart held IT risk management related positions at Citigroup, Cisco, and GE. His career also includes management consulting experience at Deloitte. He has substantial experience in regulatory examinations, technology audits, IT certification efforts, and cross-border initiatives from both the regulatory and business perspectives. Stuart completed his BA and MBA at NYU and holds several industry-recognized credentials, including the CISA, CISSP, and CRISC.


Sri Intan
Head of Vendor Risk Management for North America

Jeremy Resler
SVP, Director Third Party Risk Management Governance
US Bank

Jeremy has over ten years of experience and expertise in the financial services and legal sectors, and is currently a Senior Vice President and the Director of Governance in the Corporate Third Party Risk Management group at U.S. Bank.

Jeremy is responsible for overseeing various functions and teams within the centralized, enterprise TPRM Program, including quality assurance, policy and audit/exam management, fourth party risk, joint venture/strategic alliance risk, merger and acquisition operational risk, enterprise RCSA third party risk and external risk request management. Jeremy graduated with an Economics degree from the University of Minnesota and a Juris Doctor from the William Mitchell College of Law in St. Paul, MN. Prior to U.S. Bank, Jeremy worked for a legal publishing company and subsequently clerked for a District Court Judge in Hennepin County, MN.

Aielleen Fajardo
Managing Director, Head of Internal Investigations

Aielleen is the Head of Internal Investigations for TIAA. Prior to joining TIAA, she was the Head of Regulatory Compliance for North America and Global Head of Personal Conflicts Management at Fitch Ratings, Inc. Aielleen has served as a managing director and in-house counsel for BNY Mellon, overseeing complex and high-profile regulatory enforcement matters and internal investigations. She was also a litigation attorney at several law firms based in California and New York, including Cadwalader, Wickersham & Taft. She holds a Bachelor of Arts in political science from Yale University and a Juris Doctor degree from UCLA School of Law.

Craig Spielmann
Former Global Head of enterprise risk strategy
First Data

Proven Enterprise Risk Management expert and ESG advocate with an established track record of driving enterprise wide initiatives for the world’s top financial institutions. Leverages vision, leadership, innovation and relationship management skills to achieve success. Expertise in leading global initiatives to align risk management practices with business goals.