Develop Strategic & Fortified Operational Frameworks Built On Transparency & Accountability To Deliver
Compliant & Robust Organisational & Operational Resilience & Risk Strategies For Financial Services
08.15 Registration, Informal Networking & GIC Welcome
Fazal Mohammed, Head of Operational Risk Asset Management, Phoenix Group
Cyber & Cloud Security
Hot Topic!
09.20 Embed & Prioritise Cyber & Cloud Security Within Your Operational Resilience Programmes To Enhance The Ability To Withstand Disruption & Keep Pace With Digital Transformation
- How can you demystify increased cyber capabilities and vulnerabilities associated with potential threats to effectively integrate cyber into, and strengthen, operational resilience strategies?
- Explore the evolving landscape of infrastructure and cyber security solutions to best prepare for shifting network requirements of cloud workloads and remote workspaces to build agile and innovative operating models that boost resilience
- What are the biggest challenges in the governance of cyber and cloud capabilities today, and how can FS organisations work proactively to resolve these and build cyber resilient organisational strategies?
- Examine new ways to implement appropriate, holistic disaster recovery architectures which effectively mitigate cloud concentration risk whilst keeping costs down
Wojciech Twarog, Cyber Security Director, CISO, Nationale-Nederlanden
Operational Resilience & Risk Definition
Panel | Q&A
09.40 Align With Regulations, Overcome Challenges & Seize New Opportunities: Strategically Integrate Operational Resilience & Risk Management Frameworks To Establish Streamlined End-To-End Business Services
- Establish and identify the scope of operational resilience and risk for effective and consistent operational resilience strategies that align with regulatory requirements while addressing associated challenges and opportunities
- Develop and enhance existing business continuity and resilience frameworks to integrate resilience strategically and across all aspects of business services to navigate uncertainties and disruptions
- Maintain and improve enterprise resilience to build trust and understand the needs of the your Financial Services organisation and its operational assets while ensuring compliance with regulations
Clive Wratten, Global Head of Operational & Resilience Risk, HSBC Asset Management
Sarah Garrington, Head of Operational Resilience, Royal London
Sam Reason, Head of Operational Resilience & Continuity, Zurich Insurance
Hannah Haigh, Head of Operational Risk & Resilience, TransUnion
Mark Pierson, Head of Incident Management & Physical Security, Nationwide Building Society
Regulatory Response & Frameworks
Critical Updates!
10.00 Develop Robust & Outward-Looking Resilience Frameworks Across Financial Services Which Consolidate Regulator Expectations & Bring Your Strategies In Line With Risk Assessment & Management Compliance
- Evolution over revolution: as disruption is inevitable in an increasingly digitalised world, what frameworks can your organisation put in place to develop strategies which mitigate risks effectively while remaining compliant?
- As regulators’ expectations are ever-increasing, ensure your organisation is conducting comprehensive risk assessments to identify potential threats and vulnerabilities across technologies, cybersecurity, supply chain, and business continuity practices
- Success through clarity and transparency: collaborate with industry peers to garner valuable insights, critical lessons learnt, and provide tangible evidence of compliant and robust resilience strategies
- How can you ensure you are implementing and maturing fully compliant and embedded resilience frameworks that can be regularly benchmarked and assessed for continuous improvement on a multi-year journey?
10.30 Bonus Session – Reserved for Exclusive Conference Partner; 4C Strategies
10.45 Morning Refreshment Break With Informal Networking
11.15 Bonus Session – Reserved for Exclusive Conference Partner; Cutover
Third-Party & Supplier Resilience
Panel Discussion | Q&A
11.30 Create Cohesive Assurance Strategies That Align With Third-Party & Supplier Capabilities For Seamless, Coherent & Secure Operational Resilience
- Deliver water-tight operational resilience strategies built on transparency that ensure rigorous, evidence-based standards, and mitigate risks when outsourcing important business services to strengthen overall operational frameworks
- Ensure effective collaboration, communication, and due diligence with critical third-party, fourth-party and fifth-party vendors and suppliers to maintain resilience across the supply chain and address vulnerabilities
- Benchmark your third-party resilience strategies against regulator expectations for outsourcing to identify areas for improvement and achieve full compliance with SS221
- Coordinate a consistent internal response for monitoring third and fourth-party resilience capabilities to mitigate concentration risk from external dependencies and provide assurance
Rosalyn Aryee, Head of Outsourcing & TPRM & Operational Resilience, Santander Corporate & Investment Banking
Scenario Testing & Disaster Recovery
Invaluable Insights
11.50 Strengthen Testing Practices, Mitigate Disruption & Align With FS Regulations To Anticipate Potential Threats & Scenarios To Maximise, Mature & Formalise Operational Resilience Strategies & Disaster Recovery
- How can you develop and measure the maturity of testing to ensure you’re conducting rigorous, high-quality, and effective tests?
- Assess the impact of disruptive events on important business services by identifying vulnerabilities and gaps for improvement through mapping and stress testing to challenge assumptions about recoverability
- Enhance resilience capabilities that coordinate with regulatory requirements to develop tailored operational resilience scenarios that account for a range of outcomes, including partial losses
Daryl Mangan, Head of Resilience, Outsourcing, Continuity & Resolution Risk Oversight, NatWest Group
Data Quality & Metrics
12.10 Mapping, Measurement & Security: Tackle Data Privacy & Security Threats By Leveraging Valuable Insights To Deliver Targeted Impact Measurement Methods & Develop Responsive Operational Resilience Strategies
- Maximise data security governance to orchestrate policies around security technologies to protect sensitive data by defining data ownership, establishing high data quality standards, and ensuring compliance with regulations such as GDPR and CCPA
- Harness critical data assets and infrastructure that supplement testing and assessment procedures to develop comprehensive business continuity and disaster recovery plans that effectively adapt to evolving threats and changes in the business environment
- Implement appropriate controls for data access, storage, and transmission with regular audits and clear benchmarks that assess and minimise the risk of data breaches
- Protect sensitive financial data from cyber threats with robust cybersecurity measures that combat potential weaknesses in data infrastructure
Calin Gheorghiu, Director, Cyber Resilience, Standard Chartered Bank
Preparing For The March 2025 Deadline
Panel | Q&A
12.30 The Deadline Is Almost In Sight: Continue To Plan, Prepare & Add The Finishing Touches To Ensure Your Strategies For Operational Resilience Are Fully Compliant Ahead Of The 2025 Deadline
- Is your organisation March 2025 ready? What are the key priorities for the final push before the deadline to achieve full compliance with the operational resilience regulations?
- How is your Financial Services organisation assessing and mitigating potential risks and vulnerabilities in operational processes to enhance resilience ahead of the regulatory deadline?
- What strategies are being implemented to effectively communicate and coordinate across departments to ensure a cohesive and comprehensive approach to meeting the new requirements?
Emma Mansfield, Operational Resilience Director, Lloyds Banking Group
Sarah Ridley, Senior Manager, BCM Resilience Lead, Data & Analytics, London Stock Exchange Group (LSEG)
Hannah Haigh, Head of Operational Risk & Resilience, TransUnion
Ruth Anderson, Director Operational Resilience, Lloyds Banking Group
13.00 Bonus Session – Reserved for Exclusive Conference Partner; Fusion Risk Management
13.15 Lunch & Informal Networking For Speakers, Delegates & Partners
a) AI & Automation
b) Recruitment, Upskilling & Talent
c) Legacy Technology
d) Change Management
14.15 Afternoon Chair’s Opening Remarks
Sudarshan Ratnavelu, Head of Cyber Security, Lloyds Banking Group
Scenario Testing & Disaster Recovery
Double Perspective
14.25 Strengthen Testing Practices, Mitigate Disruption & Align With FS Regulations To Anticipate Potential Threats & Scenarios To Maximise, Mature & Formalise Operational Resilience Strategies & Disaster Recovery
- How can you develop and measure the maturity of testing to ensure you’re conducting rigorous, high-quality, and effective tests?
- Assess the impact of disruptive events on important business services by identifying vulnerabilities and gaps for improvement through mapping and stress testing to challenge assumptions about recoverability
- Enhance resilience capabilities that coordinate with regulatory requirements to develop tailored operational resilience scenarios that account for a range of outcomes, including partial losses
14.25 Perspective One
Sean Miles, Head of Risk & Compliance, Buckinghamshire Building Society
14.45 Perspective Two
Kevin Thorne, Head of Group Operational Resilience Testing & Threat Intelligence, HSBC
Business Continuity - Exercise, Learn, Renew, Repeat
Regulator Perspective
15.05 Hear From The Bank Of England About Their Business Continuity & Testing Frameworks
Tabletop exercises are essential for gauging an organisation’s resilience in advance of an inevitable incident. But the process tends to be protracted, lessons are not always learned, and resilience can become undermined by box-ticking. The Bank of England’s Emerging Threats team has been developing a practical complement to the legacy exercising approach. Participants find it enjoyable, and it quickly uncovers blind spots and other anomalies, and by encouraging a rigorous approach to learning and renewal it can also improve operational resilience.
David Porter, Senior Advisor, Emerging Threats Team, Bank of England
Impact Tolerances
15.25 Optimise Operational Resilience & Craft Impact Tolerance Frameworks That Benchmark & Rigorously Assess To Produce Highly-Resilient Financial Services Organisations
- How can your organisation determine the maximum tolerable level of disruption for each important business service to withstand and recover from disruptions while maintaining critical business operations?
- Define tailored and specific metrics and thresholds to indicate when a disruption exceeds acceptable limits and minimise financial loss to build an efficient and sustainable business that can respond quickly to risks
- Embed resilience considerations into day-to-day business operations and decision-making processes with appropriate business continuity plans, incident response procedures, vendor management practices, and IT infrastructure design
- Develop quantifiable impact tolerances that are aligned with business objectives, business stakeholders, and regulatory requirements to determine acceptable levels of disruption
Terry Downing, Head of Operational Resilience, Mastercard
15.45 Bonus Session – Reserved For Exclusive Conference Partner
16.15 Afternoon Refreshment Break With Informal Networking
Business Continuity
16.40 Streamline Your Strategic Organisational Structures With Process-Driven Approaches Which Minimise Disruption & Drive Efficiencies Across All Areas Of The Business
- Two approaches, one shared goal! Deep dive into business continuity’s internal focus and metrics vs. operational resilience’s customer and financial stability lens, how do these two complement each other to ensure market relativity and reactivity?
- How are you ensuring business continuity and operational resilience are represented across the entire organisation from senior management to call handlers to encourage next-level resiliency and engagement?
Sarah Ridley, Senior Manager, BCM Resilience Lead, Data & Analytics, London Stock Exchange Group (LSEG)
Strengthening Resilience Frameworks
17.05 Build Robust Frameworks That Effectively Respond To Regulator Expectations & Provide Tangible Evidence Of Compliant Business Models To Establish Operational & Organisational Resilience
- Provide effective communication and collaboration with internal and external stakeholders to enhance Financial Services’ readiness to navigate potential challenges and disruptions and strengthen resilience in the face of uncertainty
- Establish clear lines of responsibility and accountability for operational resilience and ensure senior management is involved in resilience programmes to regularly review and challenge the effectiveness of operational resilience strategies
- Drive long-term resilience and success whilst supressing regulatory risk with strong frameworks that focus on dynamism to flex in response to instability, threat, and disruption
- Evolving cyber threats, political instability, supply chain disruptions, digital transformation… the list is endless! Are your FS organisation’s resilience frameworks strategically aligned to tackle these challenges?
James Wiley, Operational Resilience VP, Northern Trust
Future Risks, Horizon Scanning & Emerging AI Threats
Panel | Q&A
17.25 Navigate Emerging AI & Tech Developments With Future-Proofed & Sustainable Operational Resilience Strategies That Adapt To Evolving Threat Landscapes & Prepare Financial Services For Future Risks
- How can you harness increased technological capabilities to enable digital transformation, catalyse innovation to provide greater resilience for current technology infrastructures, and minimise threats?
- Separate the hype from reality and uncover how AI will disrupt the world of cybersecurity and resilience strategies to effectively prepare for its evolution
- What’s next? After the March 2025 milestone, how can FS organisations continue to demonstrate compliance with the changing regulatory landscape and embed and operationalise the spirit of new regulations to future-proof organisations?
- Captivate senior leadership and secure buy-in to actively engage and embed a positive risk culture focused on building operational resilience throughout Financial Services
- What are the upcoming opportunities to develop as a resilient organisation while incorporating critical lessons learned from the past and enhance resilience?
Daryl Mangan, Head of Resilience, Outsourcing, Continuity & Resolution Risk Oversight, NatWest Group
Iain LeCouteur, Director of Risk, AXA Insurance Company
Mark Pierson, Head of Incident Management & Physical Security, Nationwide Building Society
17.55 Afternoon Chair’s Closing Remarks & Official Close Of Conference
Sudarshan Ratnavelu, Head of Cyber Security, Lloyds Banking Group