PLEASE SELECT A DAY FROM THE BELOW DROPDOWN TO VIEW THE AGENDA:

8:00 Breakfast and Registration

8:50 Chair’s opening remarks

Moderated by: Nick Dixon, Director of Sales, ORI

REGULATION-PANEL DISCUSSION

9:00 Reviewing the regulatory landscape to stay ahead of continuous change

Session details 

  • Practical implementation of regulation
  • Alignment across geographies
  • ECB outsourced register
  • ICO data privacy requirements in the UK
    • Tracking and risk assessing data
  • Implications of German supply chain act
  • Consumer duty: Embedding standard across supply chains
    • Mitigating potential risk and detriment to customers
  • DORA: Testing requirements and incident reporting

Hasintha Gunawickrema, Chief Control Officer, Wealth & Personal Banking, HSBC

Codee Woo, Strategic Supplier Risk Manager, Legal & General Investment Management

Miriam Douglas, Third Party Oversight Manager, Virgin Money

Richard Mapes, Director, Compliance and Operational Risk, UBS

CRITICALITY

9:45 Reviewing future guidance on treatment of critical suppliers and implementation challenges

Session details 

  •  Focus on cloud suppliers
  •  Reviewing regulatory intervention impact
  •  Enhancing resilience of supply chain
  • Holistic oversight of the industry
  •  Impact on assurance activity and oversight
  •  Managing concentration within the cloud industry
  •  Impact of direct oversight and assurance testing by regulator

Paul Huggett, Head of Third Party Risk, Business Services, Resilience & Agility,
Nationwide Building Society

10:20 Morning refreshment break and networking

DATA – PANEL DISCUSSION

10:50 Developing an integrated program to leverage insight across supply chain

Session details 

  • Collecting the right data
  • Evolution of regulations and data requirements
  • Identifying important business service
  • Using data to the full extent of its capability
  • Leveraging data to identify supplier risk profile
  • Integrating systems and formats for an aggregate view

Anita Barber, Head of Third Party Management Services, HR, HSBC

Victor Meyer, Global Head of Customer Experience, Supply Wisdom

Andrew Moyad, Chief Executive Officer, Shared Assessments

UNDERSTANDING AND MITIGATING THIRD PARTY TECHNOLOGY RISK 

11:25 This session will look at how to build a comprehensive approach to understanding and mitigating technology risk

Session details 

  • Common causes and impacts of third-party technology outages

  • Outage trends, what causes outages, severity levels and impacts

  • Approaches to assessing ICT platforms and third technology party suppliers

  • How FSIs deal with the rise In challenges in dealing with  with limited rights to perform audits and inspections or receive standardized reporting.

Ali Moinuddin, Managing Director, Europe, Uptime Institute

CULTURE

12:00 Understanding the need for diversity within teams and vendors and embedding into culture

Session details 

  • Identifying talent
  • Embedding a roadmap into a firm
  • Demonstrating the value of data
  • Retaining and developing talent
  • Articulating importance of managing risk
  • Implementing and applying framework across the organization
  • Changing the culture of an organization
  • Understanding and mitigating risk
  • Implementing a single framework across the organization

Shamial Afzal, Head of Strategic Oversight, Legal & General Investment Management

Chioke Morgan-Brown, Strategic Supplier Oversight Analyst, Legal & General Investment Management

Codee Woo, Strategic Supplier Risk Manager, Legal & General Investment Management


 

12:35 Lunch break and networking

NTH PARTY – PANEL DISCUSSION

1:35 Managing risk across supply chain and monitoring vulnerabilities beyond third parties

Session details 

  • Risk assessments on third and fourth parties
  • Understanding level of risk each level brings to the organization
  • Incorporating publicly available data into assurance
  • Oversight of contractual terms and expectations
  • Willingness of vendors to share information
  • Collecting granular data to monitor supply chain concentration
  • Practical case studies managing 4th through to Nth party

Paul Huggett, Head of Third Party Risk, Business Services, Resilience & Agility,
Nationwide Building Society

Desmond Campbell, VP – Oversight, Third Party Risk and Compliance, Barclays

NAVIGATING THE THIRD-PARTY THREAT LANDSCAPE

2:20 Navigating the Third-Party Threat Landscape

Session details 

  • Prioritizing your vendor inventory for assessment
    Leveraging automation for calculating risk and streamlining the review process
    Expanding third-party risk conversations beyond cybersecurity

Tai Alad, Director, Solutions Engineering, EMEA, CyberGRX

EXIT PLANNING

2:55 Developing exit plans for material suppliers and testing planned and unplanned exits

Session details 

  • Physical and tangible testing through an exit plan
  • Relation and alignment with business continuity plan
  • Maintaining service in the event of supplier failure
  • When is a supplier too big to fail?
    • Alternative suppliers in case of failure
  • Practical testing of real-world scenarios

Rosalyn Aryee, Head of Outsourcing & TPRM and Operational Resilience, Santander

3:30 Afternoon refreshment break and networking

MAPPING SUPPLY CHAIN – PANEL DISCUSSION

4:00 Developing efficient practices to map supply chain and gain enhanced visibility to monitor risks

Session details 

  • Making supply chain manageable
  • Applying criteria to subcontractors
  • Gaining visibility of the supply chain
  • Identifying commonalities and concentration across supply chain
  • Tracking, managing and visualizing supply chain
  • ECB annual outsourcing registration
    • Processes and tools to set up register
  • Managing divergence in data formats

Alex Dorlandt, Head of Supply Chain Risk, Lloyds Banking Group

Shamial Afzal, Head of Strategic Oversight, Legal & General Investment Management

Sandra Hislop, Former Head of Business Governance & Operational Oversight, Northern Trust Asset Management

 

RESILIENCE

4:55 Embedding resilience into TPRM frameworks and assurance practices

Session details 

  • Interaction with operational resilience
  • Embedding supervisory statement requirements
  • Approaches to non-supplier third parties

Sean Titley, Director of Enterprise and Operational Risk, Metro Bank

5:20 Chair’s closing remarks 

5:30 End of Day 1 and drinks reception

8:00 Breakfast and registration 

8:50 Chair’s opening remarks

Day two moderator: Andrew Moyad, Chief Executive Officer, Shared Assessments

EMERGING RISK – PANEL DISCUSSION

9:00 Managing and preparing for response to real world events and emerging risks

Session details 

  • Emergence from Covid-19
  • Impact of Ukraine conflict on supply chains
  • Market events impacting supply chains
  • Real time response to protect the organization
  • Incorporating resiliency into planning
  • Controls for emerging risk whilst allowing business development

Desmond Campbell, VP – Oversight, Third Party Risk and Compliance, Barclays

Alex Dorlandt, Head of Supply Chain Risk, Lloyds Banking Group

Sean Titley, Director of Enterprise and Operational Risk, Metro Bank 

Ewen O’BrienSenior Vice President – Cyber Third Party Risk, BlueVoyant

CYBER RISK

9:45 Protecting the organisation from increasing cyber threats and ensuring security across vendor base

Session details 

  • Increased risk of ransomware attacks
  • Protecting the organization from third party cyber breaches
  • Managing the increasing cyber and technology threat
  • Mitigating risk whilst maintaining growth and change
  • Demand for deeper testing

Andrew Moyad, Chief Executive Officer, Shared Assessments

10:20 Morning refreshment break and networking

ESG-PANEL DISCUSSION 

10:50 Progressing ESG agendas within TPRM and ensuring third party compliance

Session details 

  • Supporting vendors on a path to green
  • Collecting publicly available data to conduct due diligence
  • Customizing technology
  • Mitigating greenwashing risk
    • Ensuring third parties are compliant
  • Ensuring diversity in suppliers and supply chain

Anita Barber, Head of Third Party Management Services, HR, HSBC
Joe Bakowski,Director of Procurement, Supplier Risk & Commercial Management, Metro Bank
Owen Standen, Managing Director/ Division Director, Business Services – EMEA, Macquarie Group
Rebecca Goosen, Global Head of Supply Chain Sustainability, Schroders

REPUTATION RISK

11:25 Protecting reputation as increased reliance on vendors intensifies opportunities for repetitional damage

Session details 

  • Managing reputation risk within supply chains
    • Modern slavery, environmental, cyber breaches etc…
  • Implementation of statements
  • Developing data, insights and operating models to back up pledges
  • World Cup implications working with sponsors
    • Reputation risk aligning values with Qatar regime

Sean Miles, Head of Operational Risk, Shawbrook Bank

TRUST-BASED TPRM

12:00 Trust-based TPRM: How to extract greater value from your TPRM program

Session details 

  • Understand enterprise trust and how it relates to third-party risk
  • Hear the latest third-party management trends
  • Get actionable best practices for building a third-party management program based on trust

Matt Moog, General Manager – Third Party Risk Management, OneTrust

12:35 Lunch break and networking

  • 1:35 Where do the best TPRM practitioners come from? Risk or Procurement?

    Session details 

    • Reviewing the background of people involved in TPRM risk
    • Understanding who is best to deal with this responsibility

    Joe Bakowski, Director of Procurement, Supplier Risk & Commercial Management, Metro Bank
    Mike Day, Head of Group IT Procurement Third Party Management Programme, RSA Insurance
    Sean Miles, Head of Operational Risk, Shawbrook Bank

     

  • TECHNOLOGY – PANEL DISCUSSION

    2:10 Reviewing opportunities of technology to advance efficiency and automation within TPRM

    Session details 

    • Leveraging technology for repetitive tasks
    • Demonstrating compliance
    • Data integration and pooling
    • Uses of blockchain
      • Case studies across industries
    • Data analytics tools to integrate systems
    • Understanding uses and benefits of technology in a TPRM context
    • Training and upskilling teams

    Hasintha Gunawickrema, Chief Control Officer, Wealth & Personal Banking, HSBC

    Sandra HislopFormer Head of Business Governance & Operational Oversight, Northern Trust Asset Management

    Mike Day, Head of Group IT Procurement Third Party Management Programme, RSA Insurance

2:55 Morning refreshment break and networking

  • FINTECH

    3:35 Reviewing the treatment of Fintech as a third party to create long term partnerships

    Session details 

    • Managing opportunities and risks of fintech partnerships
    • Aligning with strategic goals
    • Due diligence and monitoring
    • Determining an appropriate level of oversight
    • Aligning cultures for an integrated management of relationship

    Angela Johnson de Wet, Cloud Enabled Business Transformation – Head of Function, Lloyds Banking Group

  • ASSURANCE

    4:10 Developing best practice for supplier assurance and the future of onsite assessments

    Session details 

    • Changes in mindset from Covid limitations
    • Best practice for exit planning and scenario testing
    • Case study under stressed and non-stressed scenarios
    • Defining the scope of supplier audits
    • Segmenting supplier population to determine frequency of assurance
    • Risk proportionate assurance requirements
      • Enhanced diligence for material suppliers

Julie Hoesil – Stewart, Executive Director, Operational Risk Controller, UBS

4:35 Chair’s closing remarks 

4:45 End of Summit