A lot of excellent information was presented. Great resource material to follow up on. - Associate Vice-President, Financial Services
University of Saskatchewan
13th Annual Event!

Operational Risk Canada 2018

Advance Your Knowledge in Operational Risk Practices in the Current Regulatory Environment

October 16-17, 2018 · Optional Workshop: October 15, 2018 · Toronto, Ontario
Day One Program Agenda: Tuesday, October 16, 2018
8:00 - 9:00        Registration and Continental Breakfast
9:00 - 9:10
Welcome and Opening Remarks from the Chair
Andrew Richardson, Principal, Simplified Risk Management Inc and Former Vice-President, Enterprise and Operational Risk Management, Coast Capital Savings
9:10 - 10:00
Stop the Madness: Making Sense of Integrating Operational Risk, Conduct, and Compliance Within the Overarching Enterprise Risk Management Program
Nancy Sullivan, Vice President, Compliance and Enterprise Risk Management, QuadReal Property Group
  • Regulators continually moving toward principle based regulations and accountability models
  • Regulatory requirements, such as OSFI Guideline E-13 and OSFI Guideline E-21 are essentially tools fo the regulator to compel organizations to mitigate risks
  • World-wide regulators expect robust internal control processes regardless of history of risk mitigation or history of compliance
10:0 - 10:15        Networking Break
10:15 - 11:00
Key Risk Indicators - Enhancements in the Monitoring and Measurement of Emerging Operational Risk
Dennis Chaupis, Senior Manager, Risk Advisory, Cyber Risk Services, Deloitte Canada
Heather Kay, Senior Manager, Risk Advisory Services, Deloitte Canada
  • What makes a good KRI
  • Lifecycle is risk reporting
  • The convergence of risk and performance
  • Use case
11:00 - 11:45
Supporting Business Resilience Through Incident Readiness
Bill Dunnion, CISM Director, Calian Cyber Resilience Office

Organizations are no longer measured on whether they fall victim to an attack, rather they will be measured on how they respond to these unfortunate attacks. Organizations must prepare properly in order to perform adequately in the face of the stress and pressure of dealing with a major incident in the heat of the moment.

  • The importance of establishing a baseline
  • What are the key readiness components and how to measure them
  • The importance of aligning physical and virtual emergency management procedures
11:45 - 12:30
Achieving a Robust Governance Framework Through Operational Risk Management
Saad Ali, Director, Governance, Controls and Operational Risk, CIBC
  • Critical elements of a governance framework
  • Regulatory requirements for corporate governance (including OSFI and SOX)
  • How business changes impact the risk assessments
  • Reviewing industry events for risk incidents and assessing impact on the business
  • Creating a risk profile for each line of business to identify areas requiring enhancements
12:30 - 1:30        Luncheon Break
1:30 - 2:30
Transforming Enterprise Stress-Testing Capability
Stéphane Frederic Gagne, Senior Director, Enterprise Stress Testing, RBC
  • Integrate operational risk in enterprise stress-testing and ICAAP
  • Risk Identification as starting point
  • Assess the importance of sensitivity analysis
2:30 - 2:45        Networking Break
2:45 - 3:30
Developments in the OSC’s Whistleblower Program - What You Need to Know
Ashok Menen, Investigation Counsel, Ontario Securities Commission
  • Providing a background and summary of the OSC’s Whistleblower Program including its key features and protections
  • Spotlight particular forms of misconduct that the Office of the Whistleblower has been (and remains) interested in receiving (i.e. cryptocurrency-related matters, corporate disclosure issues, insider trading etc.)
  • Highlight new developments, including legislative amendments impacting operational and compliance risks
  • Explain how an effective internal control environment, which includes a robust internal reporting mechanism, is essential to risk mitigation in the age of whistleblowers
  • Provide an update on the progress the Office of the Whistleblower has made to date
3:30 - 4:15
Third-Party Cyber Risk Management at Sun Life Financial
Greg Davis, Vice-President, Corporate Risk Management, Sun Life Financial
  • Evolution of risk and controls of increasing alliances
  • Risk implications of cloud adoption
  • Strategies to manage third-party cyber risks
  • Cyber insurance, internal controls
  • Use of third-party monitoring
4:15 - 5:00
Leveraging Automated Platforms for Enterprise Cyber Security Response
Julius Azarcon, Global Practice Leader, Governance, Risk and Compliance, Scalar Decisions
  • There are numerous elements impacting corporate risk. Some of these include cyber security risks through exposure from known vulnerabilities, increasing quantity and quality of attacks, scarce and expensive capable human resources, limited budgets, and increasing regulatory compliance fines.
  • If there was ever a time and place to arbitrage automation for humans, this would be it
  • Leveraging structured, consistent automation and orchestration in the investigation and response process to a cyber security incident is the key for prioritizing and acting faster
  • Review the current state and walk through two use-cases that exemplify identification, containment, and response for the inevitable next cyber security incident
Closing Remarks from the Chair
5:00        End of Day One

5:00 - 6:15
Cocktail Reception Hosted by EY

Take advantage of networking opportunities to meet other risk management professionals at our cocktail reception.

Networking Opportunities - Who You Will Meet:
  • Risk Officers
  • Vice-Presidents and Directors of Risk Enterprise Risk
  • Operations Risk
  • Information Security
  • Enterprise Risk Management
  • Information Technology
  • Information Systems
  • Risk
  • Business Continuity
  • Outsourcing
  • New Initiatives and Change Management
  • Internal Audit



Platinum Level Sponsor



Gold-Level Sponsor



Session Sponsor


Operational and compliance risks have become more complex and entwined, increasing the potential for failed processes that govern control breakdowns. Silo mentality is in itself a risk and the operational risk leader is in a unique position to provide their enterprise with a holistic governance approach that brings together the entire risk portfolio. You need mitigate risks with an eye on the big picture. Cybersecurity ranks as the #1 priority for financial institutions today, permeating the breadth of every function across your organization. Many risk leaders without technical skills are overwhelmed by the scale of the potential threat.

Infonex's annual Operational Risk Canada will provide you with strategies to focus your cyber efforts. Canadian financial institutions, once immune to the scandals plaguing out of country, are now in the spotlight for their misconduct and mis-selling. Hear how you can improve conduct, culture, and customer experience; not in isolation, but combined to truly seize a competitive advantage. As big data drives the demand for financial institutions to be like tech companies, your risks under the technology umbrella, increase. You need best practises on how to keep up with the moving target of IT risk. Third-party risk management is an ongoing area of concern and we have thought leaders to address what is emerging on this front, into 2018.

Our Operational Risk Canada agenda provides something for early to advanced learners in ops risk, tokens of wisdom for various stages of OpRisk implementation, as well as focused areas for risk so your entire team will be engaged. As OpRisk Leaders, you have been honing the discipline of enterprise risk as a matter of practice. Your contributions to the strategic risk mitigation of your organization have never been more in focus.

As a leader with risk oversight you are in a constant need to strengthen your systems against dynamic, ever-changing risks. Join us in Toronto and get guidance on your most pressing operational risk challenges. Register today!

Telephone: 1.800.474.4829  |   360 Bay Street, Suite 900, Toronto, ON  M5H 2V6   |   Fax: 1.800.558.6520  |  Contact Us
© 2000-2018 INFONEX Inc.