Vendor & Third Party Risk USA agenda

Vendor & Third Party Risk USA Agenda

Day Two | June 8

8:00-8:50

Registration and breakfast

8:50-9:00

Chairs opening remarks

Day two moderator: Peter Pernebo, Managing Director, Global Head of Third Party Risk Management Solutions, KY3P®, S&P Global Market Intelligence

9:00-9:45

CYBER SECURITY – PANEL DISCUSSION
Reviewing current cyber threats posed and mitigating these down the supply chain

Handling potential data breaches
Notifying employees
Mitigating risk exposure that arises from data leaks
Knowing when to cut off vendors after multiple cyber breaches
Coordinating outreach to a vendor once an attack occurs
Working with vendors to mitigate cyber risks
Understanding how third and fourth parties are impacted by cyber breaches
Getting responses from fourth parties to understand exposure in a timely manner
Leveraging technology to keep up with the pace of change from attacks
Creating automated responses once a breach occurs
Understanding how vendors protect data from breaches

INTERACT WITH SLIDO

Nate Vanderheyden, Executive Director, US Banks Cyber & Information Security, Morgan Stanley

Andrew Egoroff, Senior Cybersecurity Specialist, ProcessUnity

Mike Jawetz, Director, Solution Architecture, CyberGRX

Madiha Fatima, Executive Director – Operational & Outsourcing Risk, JP Morgan

9:45-10:20

CYBER INSURANCE
Best practices for procuring and managing cyber insurance

Understanding the value of cyber insurance
Leveraging the value of your cyber coverage during data breaches
Implementing continuous monitoring
Knowing your options if cyber insurance is reduced or removed
Evaluating supplier cyber insurance coverages and their limits
Appreciating the contractual interplay between indemnification, insurance, and Limitation of Liability

INTERACT WITH SLIDO

Andrew Moyad, Chief Executive Officer, Shared Assessments

10:20-10:50

Morning refreshment break and networking

10:50-11:25

CYBER
Best practices for a world class third-party cyber risk program

Rapidly identify vulnerabilities or concentration risk across third party vendors
Learn which security issues are most correlated with breach likelihood so you can focus oversight in critical areas
Understand how continuous monitoring techniques can help alert you to risks
Identify strategies to engage with third party vendors that will lead to measurable risk reduction

INTERACT WITH SLIDO

Vanessa Jankowski, Senior Vice President & General Manager, TPRM & CNI, Bitsight

11:25-12:00

AI & TPRM
Implementing AI within third party programs to allow for automation of tasks and increase internal efficiency

Collaborate with vendors to drive a trusted third-party risk management program
Leverage trusted security data to make faster and smarter decisions about their vendors
Proactively engage with third parties who have poor cybersecurity posture to prevent breach

INTERACT WITH SLIDO

Larry Slusser, Vice President Global Head Professional services Delivery, SecurityScorecard

12:00-1:00

Lunch break and networking

A series of informal roundtable discussions, chaired by industry professionals, which are optional and outside of the event structure. Engage with peers on a topical subject of your choice over lunch.

Managing a TPRM program when going through M&A process
Hugo Ramirez, SVP BBVA US Internal Audit responsible for Governance, Transactional & Fraud Risks and TPRM, BBVA
The “contract checklist”: risk vs regulatory expectations
James Mcpherson, Director & Counsel, Credit Agricole
Affiliate reviews – when you vendor isn’t 3rd party
Carolyn Handley, Head of Vendor Due Diligence & Monitoring – NA Investments, Global Investment Center, Aon
Managing reputational risk of third parties
Thomas Brandt, Chief Risk Officer/Director, Office of Planning and Risk, Federal Retirement Thrift Investment Board
Integrating ESG into third party risk practices
Ken Wolckenhauer, VP, Vendor Management, Nordea Bank

1:00-1:45

GLOBAL REGULATIONS – PANEL DISCUSSION
Identifying regulatory expectations on a global level and integrating requirements under a unified framework

Integrating all upcoming regulation into TPRM program
Staying abreast of all changes
Ensuring third parties have appropriate controls to comply with regulations
Interpreting guidance from NY DFS
Reviewing core requirements
Demonstrating compliance
Producing a TPRM program to align with all regulatory bodies
Leveraging internal teams to identify and comply with regulations
Responding to the upcoming inter-agency guidance
Keeping pace and staying compliant with the evolving world of banking
Utilizing fintechs & open banking

INTERACT WITH SLIDO

Donald Mones, VP Compliance, Head of Third Party Risk, Brown Brothers Harriman & Co.

Shamial Afzal, Head of Supplier Management Governance, Legal & General Investment Management

Stuart Hoffman, Governance & Operational Risk Policy Analyst, OCC

Cyril Korenbeusser, Chief Resilience Officer, BNP Paribas CIB

1:45-2:20

What are the prudential regulators saying about fintech partnerships

Background: The historic role of banks as depositors, lenders, and transacting processors
FinTechs as service providers
FinTechs as bank “partners”
- Benefits to banks
- Controversy
- Money transmitter laws
Reviewing where institutions stand now
- Comments from Fed, FDIC, OCC
- Types of products
Reviewing recommendations for future